{ "$schema": "http://json-schema.org/draft-04/schema#", "additionalProperties": false, "definitions": { "AWS::ACMPCA::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiPassthrough": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.ApiPassthrough", "markdownDescription": "Specifies X.509 certificate information to be included in the issued certificate. An `APIPassthrough` or `APICSRPassthrough` template variant must be selected, or else this parameter is ignored.", "title": "ApiPassthrough" }, "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the private CA issues the certificate.", "title": "CertificateAuthorityArn", "type": "string" }, "CertificateSigningRequest": { "markdownDescription": "The certificate signing request (CSR) for the certificate.", "title": "CertificateSigningRequest", "type": "string" }, "SigningAlgorithm": { "markdownDescription": "The name of the algorithm that will be used to sign the certificate to be issued.\n\nThis parameter should not be confused with the `SigningAlgorithm` parameter used to sign a CSR in the `CreateCertificateAuthority` action.\n\n> The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.", "title": "SigningAlgorithm", "type": "string" }, "TemplateArn": { "markdownDescription": "Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, AWS Private CA defaults to the `EndEntityCertificate/V1` template. For more information about AWS Private CA templates, see [Using Templates](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html) .", "title": "TemplateArn", "type": "string" }, "Validity": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Validity", "markdownDescription": "The period of time during which the certificate will be valid.", "title": "Validity" }, "ValidityNotBefore": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Validity", "markdownDescription": "Information describing the start of the validity period of the certificate. This parameter sets the \u201cNot Before\" date for the certificate.\n\nBy default, when issuing a certificate, AWS Private CA sets the \"Not Before\" date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The `ValidityNotBefore` parameter can be used to customize the \u201cNot Before\u201d value.\n\nUnlike the `Validity` parameter, the `ValidityNotBefore` parameter is optional.\n\nThe `ValidityNotBefore` value is expressed as an explicit date and time, using the `Validity` type value `ABSOLUTE` .", "title": "ValidityNotBefore" } }, "required": [ "CertificateAuthorityArn", "CertificateSigningRequest", "SigningAlgorithm", "Validity" ], "type": "object" }, "Type": { "enum": [ "AWS::ACMPCA::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ACMPCA::Certificate.ApiPassthrough": { "additionalProperties": false, "properties": { "Extensions": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Extensions", "markdownDescription": "Specifies X.509 extension information for a certificate.", "title": "Extensions" }, "Subject": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Subject", "markdownDescription": "Contains information about the certificate subject. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate.", "title": "Subject" } }, "type": "object" }, "AWS::ACMPCA::Certificate.CustomAttribute": { "additionalProperties": false, "properties": { "ObjectIdentifier": { "markdownDescription": "Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).", "title": "ObjectIdentifier", "type": "string" }, "Value": { "markdownDescription": "Specifies the attribute value of relative distinguished name (RDN).", "title": "Value", "type": "string" } }, "required": [ "ObjectIdentifier", "Value" ], "type": "object" }, "AWS::ACMPCA::Certificate.CustomExtension": { "additionalProperties": false, "properties": { "Critical": { "markdownDescription": "Specifies the critical flag of the X.509 extension.", "title": "Critical", "type": "boolean" }, "ObjectIdentifier": { "markdownDescription": "Specifies the object identifier (OID) of the X.509 extension. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29)", "title": "ObjectIdentifier", "type": "string" }, "Value": { "markdownDescription": "Specifies the base64-encoded value of the X.509 extension.", "title": "Value", "type": "string" } }, "required": [ "ObjectIdentifier", "Value" ], "type": "object" }, "AWS::ACMPCA::Certificate.EdiPartyName": { "additionalProperties": false, "properties": { "NameAssigner": { "markdownDescription": "Specifies the name assigner.", "title": "NameAssigner", "type": "string" }, "PartyName": { "markdownDescription": "Specifies the party name.", "title": "PartyName", "type": "string" } }, "required": [ "NameAssigner", "PartyName" ], "type": "object" }, "AWS::ACMPCA::Certificate.ExtendedKeyUsage": { "additionalProperties": false, "properties": { "ExtendedKeyUsageObjectIdentifier": { "markdownDescription": "Specifies a custom `ExtendedKeyUsage` with an object identifier (OID).", "title": "ExtendedKeyUsageObjectIdentifier", "type": "string" }, "ExtendedKeyUsageType": { "markdownDescription": "Specifies a standard `ExtendedKeyUsage` as defined as in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12) .", "title": "ExtendedKeyUsageType", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::Certificate.Extensions": { "additionalProperties": false, "properties": { "CertificatePolicies": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.PolicyInformation" }, "markdownDescription": "Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier) .\n\nIn an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.", "title": "CertificatePolicies", "type": "array" }, "CustomExtensions": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.CustomExtension" }, "markdownDescription": "Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29)", "title": "CustomExtensions", "type": "array" }, "ExtendedKeyUsage": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.ExtendedKeyUsage" }, "markdownDescription": "Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the `KeyUsage` extension.", "title": "ExtendedKeyUsage", "type": "array" }, "KeyUsage": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.KeyUsage", "markdownDescription": "Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false.", "title": "KeyUsage" }, "SubjectAlternativeNames": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.GeneralName" }, "markdownDescription": "The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.", "title": "SubjectAlternativeNames", "type": "array" } }, "type": "object" }, "AWS::ACMPCA::Certificate.GeneralName": { "additionalProperties": false, "properties": { "DirectoryName": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Subject", "markdownDescription": "Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each entity, but your private CA can issue more than one certificate with the same DN to the same entity.", "title": "DirectoryName" }, "DnsName": { "markdownDescription": "Represents `GeneralName` as a DNS name.", "title": "DnsName", "type": "string" }, "EdiPartyName": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.EdiPartyName", "markdownDescription": "Represents `GeneralName` as an `EdiPartyName` object.", "title": "EdiPartyName" }, "IpAddress": { "markdownDescription": "Represents `GeneralName` as an IPv4 or IPv6 address.", "title": "IpAddress", "type": "string" }, "OtherName": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.OtherName", "markdownDescription": "Represents `GeneralName` using an `OtherName` object.", "title": "OtherName" }, "RegisteredId": { "markdownDescription": "Represents `GeneralName` as an object identifier (OID).", "title": "RegisteredId", "type": "string" }, "Rfc822Name": { "markdownDescription": "Represents `GeneralName` as an [RFC 822](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc822) email address.", "title": "Rfc822Name", "type": "string" }, "UniformResourceIdentifier": { "markdownDescription": "Represents `GeneralName` as a URI.", "title": "UniformResourceIdentifier", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::Certificate.KeyUsage": { "additionalProperties": false, "properties": { "CRLSign": { "markdownDescription": "Key can be used to sign CRLs.", "title": "CRLSign", "type": "boolean" }, "DataEncipherment": { "markdownDescription": "Key can be used to decipher data.", "title": "DataEncipherment", "type": "boolean" }, "DecipherOnly": { "markdownDescription": "Key can be used only to decipher data.", "title": "DecipherOnly", "type": "boolean" }, "DigitalSignature": { "markdownDescription": "Key can be used for digital signing.", "title": "DigitalSignature", "type": "boolean" }, "EncipherOnly": { "markdownDescription": "Key can be used only to encipher data.", "title": "EncipherOnly", "type": "boolean" }, "KeyAgreement": { "markdownDescription": "Key can be used in a key-agreement protocol.", "title": "KeyAgreement", "type": "boolean" }, "KeyCertSign": { "markdownDescription": "Key can be used to sign certificates.", "title": "KeyCertSign", "type": "boolean" }, "KeyEncipherment": { "markdownDescription": "Key can be used to encipher data.", "title": "KeyEncipherment", "type": "boolean" }, "NonRepudiation": { "markdownDescription": "Key can be used for non-repudiation.", "title": "NonRepudiation", "type": "boolean" } }, "type": "object" }, "AWS::ACMPCA::Certificate.OtherName": { "additionalProperties": false, "properties": { "TypeId": { "markdownDescription": "Specifies an OID.", "title": "TypeId", "type": "string" }, "Value": { "markdownDescription": "Specifies an OID value.", "title": "Value", "type": "string" } }, "required": [ "TypeId", "Value" ], "type": "object" }, "AWS::ACMPCA::Certificate.PolicyInformation": { "additionalProperties": false, "properties": { "CertPolicyId": { "markdownDescription": "Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier) .", "title": "CertPolicyId", "type": "string" }, "PolicyQualifiers": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.PolicyQualifierInfo" }, "markdownDescription": "Modifies the given `CertPolicyId` with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier.", "title": "PolicyQualifiers", "type": "array" } }, "required": [ "CertPolicyId" ], "type": "object" }, "AWS::ACMPCA::Certificate.PolicyQualifierInfo": { "additionalProperties": false, "properties": { "PolicyQualifierId": { "markdownDescription": "Identifies the qualifier modifying a `CertPolicyId` .", "title": "PolicyQualifierId", "type": "string" }, "Qualifier": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.Qualifier", "markdownDescription": "Defines the qualifier type. AWS Private CA supports the use of a URI for a CPS qualifier in this field.", "title": "Qualifier" } }, "required": [ "PolicyQualifierId", "Qualifier" ], "type": "object" }, "AWS::ACMPCA::Certificate.Qualifier": { "additionalProperties": false, "properties": { "CpsUri": { "markdownDescription": "Contains a pointer to a certification practice statement (CPS) published by the CA.", "title": "CpsUri", "type": "string" } }, "required": [ "CpsUri" ], "type": "object" }, "AWS::ACMPCA::Certificate.Subject": { "additionalProperties": false, "properties": { "CommonName": { "markdownDescription": "For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit.\n\nNote: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.", "title": "CommonName", "type": "string" }, "Country": { "markdownDescription": "Two-digit code that specifies the country in which the certificate subject located.", "title": "Country", "type": "string" }, "CustomAttributes": { "items": { "$ref": "#/definitions/AWS::ACMPCA::Certificate.CustomAttribute" }, "markdownDescription": "Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST\u2019s definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier) .\n\n> Custom attributes cannot be used in combination with standard attributes.", "title": "CustomAttributes", "type": "array" }, "DistinguishedNameQualifier": { "markdownDescription": "Disambiguating information for the certificate subject.", "title": "DistinguishedNameQualifier", "type": "string" }, "GenerationQualifier": { "markdownDescription": "Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.", "title": "GenerationQualifier", "type": "string" }, "GivenName": { "markdownDescription": "First name.", "title": "GivenName", "type": "string" }, "Initials": { "markdownDescription": "Concatenation that typically contains the first letter of the *GivenName* , the first letter of the middle name if one exists, and the first letter of the *Surname* .", "title": "Initials", "type": "string" }, "Locality": { "markdownDescription": "The locality (such as a city or town) in which the certificate subject is located.", "title": "Locality", "type": "string" }, "Organization": { "markdownDescription": "Legal name of the organization with which the certificate subject is affiliated.", "title": "Organization", "type": "string" }, "OrganizationalUnit": { "markdownDescription": "A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.", "title": "OrganizationalUnit", "type": "string" }, "Pseudonym": { "markdownDescription": "Typically a shortened version of a longer *GivenName* . For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.", "title": "Pseudonym", "type": "string" }, "SerialNumber": { "markdownDescription": "The certificate serial number.", "title": "SerialNumber", "type": "string" }, "State": { "markdownDescription": "State in which the subject of the certificate is located.", "title": "State", "type": "string" }, "Surname": { "markdownDescription": "Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.", "title": "Surname", "type": "string" }, "Title": { "markdownDescription": "A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.", "title": "Title", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::Certificate.Validity": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Specifies whether the `Value` parameter represents days, months, or years.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "A long integer interpreted according to the value of `Type` , below.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CsrExtensions": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.CsrExtensions", "markdownDescription": "Specifies information to be added to the extension section of the certificate signing request (CSR).", "title": "CsrExtensions" }, "KeyAlgorithm": { "markdownDescription": "Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.", "title": "KeyAlgorithm", "type": "string" }, "KeyStorageSecurityStandard": { "markdownDescription": "Specifies a cryptographic key management compliance standard used for handling CA keys.\n\nDefault: FIPS_140_2_LEVEL_3_OR_HIGHER\n\n> Some AWS Regions do not support the default. When creating a CA in these Regions, you must provide `FIPS_140_2_LEVEL_2_OR_HIGHER` as the argument for `KeyStorageSecurityStandard` . Failure to do this results in an `InvalidArgsException` with the message, \"A certificate authority cannot be created in this region with the specified security standard.\"\n> \n> For information about security standard support in various Regions, see [Storage and security compliance of AWS Private CA private keys](https://docs.aws.amazon.com/privateca/latest/userguide/data-protection.html#private-keys) .", "title": "KeyStorageSecurityStandard", "type": "string" }, "RevocationConfiguration": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.RevocationConfiguration", "markdownDescription": "Certificate revocation information used by the [CreateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_CreateCertificateAuthority.html) and [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) actions. Your private certificate authority (CA) can configure Online Certificate Status Protocol (OCSP) support and/or maintain a certificate revocation list (CRL). OCSP returns validation information about certificates as requested by clients, and a CRL contains an updated list of certificates revoked by your CA. For more information, see [RevokeCertificate](https://docs.aws.amazon.com/privateca/latest/APIReference/API_RevokeCertificate.html) in the *AWS Private CA API Reference* and [Setting up a certificate revocation method](https://docs.aws.amazon.com/privateca/latest/userguide/revocation-setup.html) in the *AWS Private CA User Guide* .\n\n> The following requirements apply to revocation configurations.\n> \n> - A configuration disabling CRLs or OCSP must contain only the `Enabled=False` parameter, and will fail if other parameters such as `CustomCname` or `ExpirationInDays` are included.\n> - In a CRL configuration, the `S3BucketName` parameter must conform to the [Amazon S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .\n> - A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in a CNAME.\n> - In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "RevocationConfiguration" }, "SigningAlgorithm": { "markdownDescription": "Name of the algorithm your private CA uses to sign certificate requests.\n\nThis parameter should not be confused with the `SigningAlgorithm` parameter used to sign certificates when they are issued.", "title": "SigningAlgorithm", "type": "string" }, "Subject": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.Subject", "markdownDescription": "Structure that contains X.500 distinguished name information for your private CA.", "title": "Subject" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see [Controlling Access Using IAM Tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "Type of your private CA.", "title": "Type", "type": "string" }, "UsageMode": { "markdownDescription": "Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.\n\nThe default value is GENERAL_PURPOSE.", "title": "UsageMode", "type": "string" } }, "required": [ "KeyAlgorithm", "SigningAlgorithm", "Subject", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::ACMPCA::CertificateAuthority" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.AccessDescription": { "additionalProperties": false, "properties": { "AccessLocation": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.GeneralName", "markdownDescription": "The location of `AccessDescription` information.", "title": "AccessLocation" }, "AccessMethod": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.AccessMethod", "markdownDescription": "The type and format of `AccessDescription` information.", "title": "AccessMethod" } }, "required": [ "AccessLocation", "AccessMethod" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.AccessMethod": { "additionalProperties": false, "properties": { "AccessMethodType": { "markdownDescription": "Specifies the `AccessMethod` .", "title": "AccessMethodType", "type": "string" }, "CustomObjectIdentifier": { "markdownDescription": "An object identifier (OID) specifying the `AccessMethod` . The OID must satisfy the regular expression shown below. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier) .", "title": "CustomObjectIdentifier", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlConfiguration": { "additionalProperties": false, "properties": { "CrlDistributionPointExtensionConfiguration": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration", "markdownDescription": "Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL.", "title": "CrlDistributionPointExtensionConfiguration" }, "CustomCname": { "markdownDescription": "Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "CustomCname", "type": "string" }, "Enabled": { "markdownDescription": "Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation.", "title": "Enabled", "type": "boolean" }, "ExpirationInDays": { "markdownDescription": "Validity period of the CRL in days.", "title": "ExpirationInDays", "type": "number" }, "S3BucketName": { "markdownDescription": "Name of the S3 bucket that contains the CRL. If you do not provide a value for the *CustomCname* argument, the name of your S3 bucket is placed into the *CRL Distribution Points* extension of the issued certificate. You can change the name of your bucket by calling the [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) operation. You must specify a [bucket policy](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies) that allows AWS Private CA to write the CRL to your bucket.\n\n> The `S3BucketName` parameter must conform to the [S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", "title": "S3BucketName", "type": "string" }, "S3ObjectAcl": { "markdownDescription": "Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access.\n\nIf no value is specified, the default is PUBLIC_READ.\n\n*Note:* This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as `BUCKET_OWNER_FULL_CONTROL` , and not doing so results in an error. If you have disabled BPA in S3, then you can specify either `BUCKET_OWNER_FULL_CONTROL` or `PUBLIC_READ` as the value.\n\nFor more information, see [Blocking public access to the S3 bucket](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa) .", "title": "S3ObjectAcl", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CrlDistributionPointExtensionConfiguration": { "additionalProperties": false, "properties": { "OmitExtension": { "markdownDescription": "Configures whether the CRL Distribution Point extension should be populated with the default URL to the CRL. If set to `true` , then the CDP extension will not be present in any certificates issued by that CA unless otherwise specified through CSR or API passthrough.\n\n> Only set this if you have another way to distribute the CRL Distribution Points for certificates issued by your CA, such as the Matter Distributed Compliance Ledger.\n> \n> This configuration cannot be enabled with a custom CNAME set.", "title": "OmitExtension", "type": "boolean" } }, "required": [ "OmitExtension" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CsrExtensions": { "additionalProperties": false, "properties": { "KeyUsage": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.KeyUsage", "markdownDescription": "Indicates the purpose of the certificate and of the key contained in the certificate.", "title": "KeyUsage" }, "SubjectInformationAccess": { "items": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.AccessDescription" }, "markdownDescription": "For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see [Subject Information Access](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2) in RFC 5280.", "title": "SubjectInformationAccess", "type": "array" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.CustomAttribute": { "additionalProperties": false, "properties": { "ObjectIdentifier": { "markdownDescription": "Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN).", "title": "ObjectIdentifier", "type": "string" }, "Value": { "markdownDescription": "Specifies the attribute value of relative distinguished name (RDN).", "title": "Value", "type": "string" } }, "required": [ "ObjectIdentifier", "Value" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.EdiPartyName": { "additionalProperties": false, "properties": { "NameAssigner": { "markdownDescription": "Specifies the name assigner.", "title": "NameAssigner", "type": "string" }, "PartyName": { "markdownDescription": "Specifies the party name.", "title": "PartyName", "type": "string" } }, "required": [ "NameAssigner", "PartyName" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.GeneralName": { "additionalProperties": false, "properties": { "DirectoryName": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.Subject", "markdownDescription": "Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each entity, but your private CA can issue more than one certificate with the same DN to the same entity.", "title": "DirectoryName" }, "DnsName": { "markdownDescription": "Represents `GeneralName` as a DNS name.", "title": "DnsName", "type": "string" }, "EdiPartyName": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.EdiPartyName", "markdownDescription": "Represents `GeneralName` as an `EdiPartyName` object.", "title": "EdiPartyName" }, "IpAddress": { "markdownDescription": "Represents `GeneralName` as an IPv4 or IPv6 address.", "title": "IpAddress", "type": "string" }, "OtherName": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.OtherName", "markdownDescription": "Represents `GeneralName` using an `OtherName` object.", "title": "OtherName" }, "RegisteredId": { "markdownDescription": "Represents `GeneralName` as an object identifier (OID).", "title": "RegisteredId", "type": "string" }, "Rfc822Name": { "markdownDescription": "Represents `GeneralName` as an [RFC 822](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc822) email address.", "title": "Rfc822Name", "type": "string" }, "UniformResourceIdentifier": { "markdownDescription": "Represents `GeneralName` as a URI.", "title": "UniformResourceIdentifier", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.KeyUsage": { "additionalProperties": false, "properties": { "CRLSign": { "markdownDescription": "Key can be used to sign CRLs.", "title": "CRLSign", "type": "boolean" }, "DataEncipherment": { "markdownDescription": "Key can be used to decipher data.", "title": "DataEncipherment", "type": "boolean" }, "DecipherOnly": { "markdownDescription": "Key can be used only to decipher data.", "title": "DecipherOnly", "type": "boolean" }, "DigitalSignature": { "markdownDescription": "Key can be used for digital signing.", "title": "DigitalSignature", "type": "boolean" }, "EncipherOnly": { "markdownDescription": "Key can be used only to encipher data.", "title": "EncipherOnly", "type": "boolean" }, "KeyAgreement": { "markdownDescription": "Key can be used in a key-agreement protocol.", "title": "KeyAgreement", "type": "boolean" }, "KeyCertSign": { "markdownDescription": "Key can be used to sign certificates.", "title": "KeyCertSign", "type": "boolean" }, "KeyEncipherment": { "markdownDescription": "Key can be used to encipher data.", "title": "KeyEncipherment", "type": "boolean" }, "NonRepudiation": { "markdownDescription": "Key can be used for non-repudiation.", "title": "NonRepudiation", "type": "boolean" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OcspConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.", "title": "Enabled", "type": "boolean" }, "OcspCustomCname": { "markdownDescription": "By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.\n\n> The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as \"http://\" or \"https://\".", "title": "OcspCustomCname", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.OtherName": { "additionalProperties": false, "properties": { "TypeId": { "markdownDescription": "Specifies an OID.", "title": "TypeId", "type": "string" }, "Value": { "markdownDescription": "Specifies an OID value.", "title": "Value", "type": "string" } }, "required": [ "TypeId", "Value" ], "type": "object" }, "AWS::ACMPCA::CertificateAuthority.RevocationConfiguration": { "additionalProperties": false, "properties": { "CrlConfiguration": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.CrlConfiguration", "markdownDescription": "Configuration of the certificate revocation list (CRL), if any, maintained by your private CA.", "title": "CrlConfiguration" }, "OcspConfiguration": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.OcspConfiguration", "markdownDescription": "Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA.", "title": "OcspConfiguration" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthority.Subject": { "additionalProperties": false, "properties": { "CommonName": { "markdownDescription": "Fully qualified domain name (FQDN) associated with the certificate subject.", "title": "CommonName", "type": "string" }, "Country": { "markdownDescription": "Two-digit code that specifies the country in which the certificate subject located.", "title": "Country", "type": "string" }, "CustomAttributes": { "items": { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority.CustomAttribute" }, "markdownDescription": "Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST\u2019s definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier) .\n\n> Custom attributes cannot be used in combination with standard attributes.", "title": "CustomAttributes", "type": "array" }, "DistinguishedNameQualifier": { "markdownDescription": "Disambiguating information for the certificate subject.", "title": "DistinguishedNameQualifier", "type": "string" }, "GenerationQualifier": { "markdownDescription": "Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.", "title": "GenerationQualifier", "type": "string" }, "GivenName": { "markdownDescription": "First name.", "title": "GivenName", "type": "string" }, "Initials": { "markdownDescription": "Concatenation that typically contains the first letter of the GivenName, the first letter of the middle name if one exists, and the first letter of the SurName.", "title": "Initials", "type": "string" }, "Locality": { "markdownDescription": "The locality (such as a city or town) in which the certificate subject is located.", "title": "Locality", "type": "string" }, "Organization": { "markdownDescription": "Legal name of the organization with which the certificate subject is affiliated.", "title": "Organization", "type": "string" }, "OrganizationalUnit": { "markdownDescription": "A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.", "title": "OrganizationalUnit", "type": "string" }, "Pseudonym": { "markdownDescription": "Typically a shortened version of a longer GivenName. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.", "title": "Pseudonym", "type": "string" }, "SerialNumber": { "markdownDescription": "The certificate serial number.", "title": "SerialNumber", "type": "string" }, "State": { "markdownDescription": "State in which the subject of the certificate is located.", "title": "State", "type": "string" }, "Surname": { "markdownDescription": "Family name.", "title": "Surname", "type": "string" }, "Title": { "markdownDescription": "A personal title such as Mr.", "title": "Title", "type": "string" } }, "type": "object" }, "AWS::ACMPCA::CertificateAuthorityActivation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Certificate": { "markdownDescription": "The Base64 PEM-encoded certificate authority certificate.", "title": "Certificate", "type": "string" }, "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Name (ARN) of your private CA.", "title": "CertificateAuthorityArn", "type": "string" }, "CertificateChain": { "markdownDescription": "The Base64 PEM-encoded certificate chain that chains up to the root CA certificate that you used to sign your private CA certificate.", "title": "CertificateChain", "type": "string" }, "Status": { "markdownDescription": "Status of your private CA.", "title": "Status", "type": "string" } }, "required": [ "Certificate", "CertificateAuthorityArn" ], "type": "object" }, "Type": { "enum": [ "AWS::ACMPCA::CertificateAuthorityActivation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ACMPCA::Permission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The private CA actions that can be performed by the designated AWS service. Supported actions are `IssueCertificate` , `GetCertificate` , and `ListPermissions` .", "title": "Actions", "type": "array" }, "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Number (ARN) of the private CA from which the permission was issued.", "title": "CertificateAuthorityArn", "type": "string" }, "Principal": { "markdownDescription": "The AWS service or entity that holds the permission. At this time, the only valid principal is `acm.amazonaws.com` .", "title": "Principal", "type": "string" }, "SourceAccount": { "markdownDescription": "The ID of the account that assigned the permission.", "title": "SourceAccount", "type": "string" } }, "required": [ "Actions", "CertificateAuthorityArn", "Principal" ], "type": "object" }, "Type": { "enum": [ "AWS::ACMPCA::Permission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::APS::RuleGroupsNamespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "The rules file used in the namespace.\n\nFor more details about the rules file, see [Creating a rules file](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-ruler-rulesfile.html) in the *Amazon Managed Service for Prometheus User Guide* .", "title": "Data", "type": "string" }, "Name": { "markdownDescription": "The name of the rule groups namespace.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tag keys and values that are associated with the rule groups namespace.", "title": "Tags", "type": "array" }, "Workspace": { "markdownDescription": "The ID of the workspace to add the rule groups namespace.", "title": "Workspace", "type": "string" } }, "required": [ "Data", "Name", "Workspace" ], "type": "object" }, "Type": { "enum": [ "AWS::APS::RuleGroupsNamespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::APS::Scraper": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Alias": { "markdownDescription": "An optional user-assigned scraper alias.", "title": "Alias", "type": "string" }, "Destination": { "$ref": "#/definitions/AWS::APS::Scraper.Destination", "markdownDescription": "The Amazon Managed Service for Prometheus workspace the scraper sends metrics to.", "title": "Destination" }, "ScrapeConfiguration": { "$ref": "#/definitions/AWS::APS::Scraper.ScrapeConfiguration", "markdownDescription": "The configuration in use by the scraper.", "title": "ScrapeConfiguration" }, "Source": { "$ref": "#/definitions/AWS::APS::Scraper.Source", "markdownDescription": "The Amazon EKS cluster from which the scraper collects metrics.", "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) The list of tag keys and values associated with the scraper.", "title": "Tags", "type": "array" } }, "required": [ "Destination", "ScrapeConfiguration", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::APS::Scraper" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::APS::Scraper.AmpConfiguration": { "additionalProperties": false, "properties": { "WorkspaceArn": { "markdownDescription": "ARN of the Amazon Managed Service for Prometheus workspace.", "title": "WorkspaceArn", "type": "string" } }, "required": [ "WorkspaceArn" ], "type": "object" }, "AWS::APS::Scraper.Destination": { "additionalProperties": false, "properties": { "AmpConfiguration": { "$ref": "#/definitions/AWS::APS::Scraper.AmpConfiguration", "markdownDescription": "The Amazon Managed Service for Prometheus workspace to send metrics to.", "title": "AmpConfiguration" } }, "required": [ "AmpConfiguration" ], "type": "object" }, "AWS::APS::Scraper.EksConfiguration": { "additionalProperties": false, "properties": { "ClusterArn": { "markdownDescription": "ARN of the Amazon EKS cluster.", "title": "ClusterArn", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of the security group IDs for the Amazon EKS cluster VPC configuration.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs for the Amazon EKS cluster VPC configuration.", "title": "SubnetIds", "type": "array" } }, "required": [ "ClusterArn", "SubnetIds" ], "type": "object" }, "AWS::APS::Scraper.ScrapeConfiguration": { "additionalProperties": false, "properties": { "ConfigurationBlob": { "markdownDescription": "The base 64 encoded scrape configuration file.", "title": "ConfigurationBlob", "type": "string" } }, "required": [ "ConfigurationBlob" ], "type": "object" }, "AWS::APS::Scraper.Source": { "additionalProperties": false, "properties": { "EksConfiguration": { "$ref": "#/definitions/AWS::APS::Scraper.EksConfiguration", "markdownDescription": "The Amazon EKS cluster from which a scraper collects metrics.", "title": "EksConfiguration" } }, "required": [ "EksConfiguration" ], "type": "object" }, "AWS::APS::Workspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlertManagerDefinition": { "markdownDescription": "The alert manager definition, a YAML configuration for the alert manager in your Amazon Managed Service for Prometheus workspace.\n\nFor details about the alert manager definition, see [Creating an alert manager configuration files](https://docs.aws.amazon.com/prometheus/latest/userguide/AMP-alertmanager-config.html) in the *Amazon Managed Service for Prometheus User Guide* .\n\nThe following example shows part of a CloudFormation YAML file with an embedded alert manager definition (following the `- |-` ).\n\n`Workspace: Type: AWS::APS::Workspace .... Properties: .... AlertManagerDefinition: Fn::Sub: - |- alertmanager_config: | templates: - 'default_template' route: receiver: example-sns receivers: - name: example-sns sns_configs: - topic_arn: 'arn:aws:sns:${AWS::Region}:${AWS::AccountId}:${TopicName}' -`", "title": "AlertManagerDefinition", "type": "string" }, "Alias": { "markdownDescription": "The alias that is assigned to this workspace to help identify it. It does not need to be unique.", "title": "Alias", "type": "string" }, "KmsKeyArn": { "markdownDescription": "(optional) The ARN for a customer managed AWS KMS key to use for encrypting data within your workspace. For more information about using your own key in your workspace, see [Encryption at rest](https://docs.aws.amazon.com/prometheus/latest/userguide/encryption-at-rest-Amazon-Service-Prometheus.html) in the *Amazon Managed Service for Prometheus User Guide* .", "title": "KmsKeyArn", "type": "string" }, "LoggingConfiguration": { "$ref": "#/definitions/AWS::APS::Workspace.LoggingConfiguration", "markdownDescription": "Contains information about the logging configuration for the workspace.", "title": "LoggingConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tag keys and values that are associated with the workspace.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::APS::Workspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::APS::Workspace.LoggingConfiguration": { "additionalProperties": false, "properties": { "LogGroupArn": { "markdownDescription": "The ARN of the CloudWatch log group to which the vended log data will be published. This log group must exist prior to calling this operation.", "title": "LogGroupArn", "type": "string" } }, "type": "object" }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PracticeRunConfiguration": { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration.PracticeRunConfiguration", "markdownDescription": "A practice run configuration for a resource includes the Amazon CloudWatch alarms that you've specified for a practice run, as well as any blocked dates or blocked windows for the practice run. When a resource has a practice run configuration, Route 53 ARC shifts traffic for the resource weekly for practice runs.\n\nPractice runs are required for zonal autoshift. The zonal shifts that Route 53 ARC starts for practice runs help you to ensure that shifting away traffic from an Availability Zone during an autoshift is safe for your application.\n\nYou can update or delete a practice run configuration. Before you delete a practice run configuration, you must disable zonal autoshift for the resource. A practice run configuration is required when zonal autoshift is enabled.", "title": "PracticeRunConfiguration" }, "ResourceIdentifier": { "markdownDescription": "The identifier for the resource that AWS shifts traffic for. The identifier is the Amazon Resource Name (ARN) for the resource.\n\nAt this time, supported resources are Network Load Balancers and Application Load Balancers with cross-zone load balancing turned off.", "title": "ResourceIdentifier", "type": "string" }, "ZonalAutoshiftStatus": { "markdownDescription": "When zonal autoshift is `ENABLED` , you authorize AWS to shift away resource traffic for an application from an Availability Zone during events, on your behalf, to help reduce time to recovery. Traffic is also shifted away for the required weekly practice runs.", "title": "ZonalAutoshiftStatus", "type": "string" } }, "required": [ "ResourceIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::ARCZonalShift::ZonalAutoshiftConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration.ControlCondition": { "additionalProperties": false, "properties": { "AlarmIdentifier": { "markdownDescription": "The Amazon Resource Name (ARN) for an Amazon CloudWatch alarm that you specify as a control condition for a practice run.", "title": "AlarmIdentifier", "type": "string" }, "Type": { "markdownDescription": "The type of alarm specified for a practice run. You can only specify Amazon CloudWatch alarms for practice runs, so the only valid value is `CLOUDWATCH` .", "title": "Type", "type": "string" } }, "required": [ "AlarmIdentifier", "Type" ], "type": "object" }, "AWS::ARCZonalShift::ZonalAutoshiftConfiguration.PracticeRunConfiguration": { "additionalProperties": false, "properties": { "BlockedDates": { "items": { "type": "string" }, "markdownDescription": "An array of one or more dates that you can specify when AWS does not start practice runs for a resource. Dates are in UTC.\n\nSpecify blocked dates in the format `YYYY-MM-DD` , separated by spaces.", "title": "BlockedDates", "type": "array" }, "BlockedWindows": { "items": { "type": "string" }, "markdownDescription": "An array of one or more days and times that you can specify when Route 53 ARC does not start practice runs for a resource. Days and times are in UTC.\n\nSpecify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` .", "title": "BlockedWindows", "type": "array" }, "BlockingAlarms": { "items": { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration.ControlCondition" }, "markdownDescription": "An optional alarm that you can specify that blocks practice runs when the alarm is in an `ALARM` state. When a blocking alarm goes into an `ALARM` state, it prevents practice runs from being started, and ends practice runs that are in progress.", "title": "BlockingAlarms", "type": "array" }, "OutcomeAlarms": { "items": { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration.ControlCondition" }, "markdownDescription": "The alarm that you specify to monitor the health of your application during practice runs. When the outcome alarm goes into an `ALARM` state, the practice run is ended and the outcome is set to `FAILED` .", "title": "OutcomeAlarms", "type": "array" } }, "required": [ "OutcomeAlarms" ], "type": "object" }, "AWS::AccessAnalyzer::Analyzer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AnalyzerConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration", "markdownDescription": "Contains information about the configuration of an unused access analyzer for an AWS organization or account.", "title": "AnalyzerConfiguration" }, "AnalyzerName": { "markdownDescription": "The name of the analyzer.", "title": "AnalyzerName", "type": "string" }, "ArchiveRules": { "items": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.ArchiveRule" }, "markdownDescription": "Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.", "title": "ArchiveRules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the analyzer.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type represents the zone of trust for the analyzer.\n\n*Allowed Values* : ACCOUNT | ORGANIZATION | ACCOUNT_UNUSED_ACCESS | ORGANIZATION_UNUSED_ACCESS", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::AccessAnalyzer::Analyzer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AccessAnalyzer::Analyzer.AnalyzerConfiguration": { "additionalProperties": false, "properties": { "UnusedAccessConfiguration": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration", "markdownDescription": "Specifies the configuration of an unused access analyzer for an AWS organization or account. External access analyzers do not support any configuration.", "title": "UnusedAccessConfiguration" } }, "type": "object" }, "AWS::AccessAnalyzer::Analyzer.ArchiveRule": { "additionalProperties": false, "properties": { "Filter": { "items": { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer.Filter" }, "markdownDescription": "The criteria for the rule.", "title": "Filter", "type": "array" }, "RuleName": { "markdownDescription": "The name of the rule to create.", "title": "RuleName", "type": "string" } }, "required": [ "Filter", "RuleName" ], "type": "object" }, "AWS::AccessAnalyzer::Analyzer.Filter": { "additionalProperties": false, "properties": { "Contains": { "items": { "type": "string" }, "markdownDescription": "A \"contains\" condition to match for the rule.", "title": "Contains", "type": "array" }, "Eq": { "items": { "type": "string" }, "markdownDescription": "An \"equals\" condition to match for the rule.", "title": "Eq", "type": "array" }, "Exists": { "markdownDescription": "An \"exists\" condition to match for the rule.", "title": "Exists", "type": "boolean" }, "Neq": { "items": { "type": "string" }, "markdownDescription": "A \"not equal\" condition to match for the rule.", "title": "Neq", "type": "array" }, "Property": { "markdownDescription": "The property used to define the criteria in the filter for the rule.", "title": "Property", "type": "string" } }, "required": [ "Property" ], "type": "object" }, "AWS::AccessAnalyzer::Analyzer.UnusedAccessConfiguration": { "additionalProperties": false, "properties": { "UnusedAccessAge": { "markdownDescription": "The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 180 days.", "title": "UnusedAccessAge", "type": "number" } }, "type": "object" }, "AWS::AmazonMQ::Broker": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationStrategy": { "markdownDescription": "Optional. The authentication strategy used to secure the broker. The default is `SIMPLE` .", "title": "AuthenticationStrategy", "type": "string" }, "AutoMinorVersionUpgrade": { "markdownDescription": "Enables automatic upgrades to new minor versions for brokers, as new broker engine versions are released and supported by Amazon MQ. Automatic upgrades occur during the scheduled maintenance window of the broker or after a manual broker reboot.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "BrokerName": { "markdownDescription": "The name of the broker. This value must be unique in your AWS account , 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain white spaces, brackets, wildcard characters, or special characters.\n\n> Do not add personally identifiable information (PII) or other confidential or sensitive information in broker names. Broker names are accessible to other AWS services, including C CloudWatch Logs . Broker names are not intended to be used for private or sensitive data.", "title": "BrokerName", "type": "string" }, "Configuration": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.ConfigurationId", "markdownDescription": "A list of information about the configuration. Does not apply to RabbitMQ brokers.", "title": "Configuration" }, "DataReplicationMode": { "markdownDescription": "Defines whether this broker is a part of a data replication pair.", "title": "DataReplicationMode", "type": "string" }, "DataReplicationPrimaryBrokerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the primary broker that is used to replicate data from in a data replication pair, and is applied to the replica broker. Must be set when dataReplicationMode is set to CRDR.", "title": "DataReplicationPrimaryBrokerArn", "type": "string" }, "DeploymentMode": { "markdownDescription": "The deployment mode of the broker. Available values:\n\n- `SINGLE_INSTANCE`\n- `ACTIVE_STANDBY_MULTI_AZ`\n- `CLUSTER_MULTI_AZ`", "title": "DeploymentMode", "type": "string" }, "EncryptionOptions": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.EncryptionOptions", "markdownDescription": "Encryption options for the broker. Does not apply to RabbitMQ brokers.", "title": "EncryptionOptions" }, "EngineType": { "markdownDescription": "The type of broker engine. Currently, Amazon MQ supports `ACTIVEMQ` and `RABBITMQ` .", "title": "EngineType", "type": "string" }, "EngineVersion": { "markdownDescription": "The version of the broker engine. For a list of supported engine versions, see [Engine](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html) in the *Amazon MQ Developer Guide* .", "title": "EngineVersion", "type": "string" }, "HostInstanceType": { "markdownDescription": "The broker's instance type.", "title": "HostInstanceType", "type": "string" }, "LdapServerMetadata": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.LdapServerMetadata", "markdownDescription": "Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker. Does not apply to RabbitMQ brokers.", "title": "LdapServerMetadata" }, "Logs": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.LogList", "markdownDescription": "Enables Amazon CloudWatch logging for brokers.", "title": "Logs" }, "MaintenanceWindowStartTime": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.MaintenanceWindow", "markdownDescription": "The scheduled time period relative to UTC during which Amazon MQ begins to apply pending updates or patches to the broker.", "title": "MaintenanceWindowStartTime" }, "PubliclyAccessible": { "markdownDescription": "Enables connections from applications outside of the VPC that hosts the broker's subnets.", "title": "PubliclyAccessible", "type": "boolean" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The list of rules (1 minimum, 125 maximum) that authorize connections to brokers.", "title": "SecurityGroups", "type": "array" }, "StorageType": { "markdownDescription": "The broker's storage type.", "title": "StorageType", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The list of groups that define which subnets and IP ranges the broker can use from different Availability Zones. If you specify more than one subnet, the subnets must be in different Availability Zones. Amazon MQ will not be able to create VPC endpoints for your broker with multiple subnets in the same Availability Zone. A SINGLE_INSTANCE deployment requires one subnet (for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ deployment (ACTIVEMQ) requires two subnets. A CLUSTER_MULTI_AZ deployment (RABBITMQ) has no subnet requirements when deployed with public accessibility, deployment without public accessibility requires at least one subnet.\n\n> If you specify subnets in a shared VPC for a RabbitMQ broker, the associated VPC to which the specified subnets belong must be owned by your AWS account . Amazon MQ will not be able to create VPC enpoints in VPCs that are not owned by your AWS account .", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.TagsEntry" }, "markdownDescription": "An array of key-value pairs. For more information, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" }, "Users": { "items": { "$ref": "#/definitions/AWS::AmazonMQ::Broker.User" }, "markdownDescription": "The list of broker users (persons or applications) who can access queues and topics. For Amazon MQ for RabbitMQ brokers, one and only one administrative user is accepted and created when a broker is first provisioned. All subsequent RabbitMQ users are created by via the RabbitMQ web console or by using the RabbitMQ management API.", "title": "Users", "type": "array" } }, "required": [ "AutoMinorVersionUpgrade", "BrokerName", "DeploymentMode", "EngineType", "EngineVersion", "HostInstanceType", "PubliclyAccessible", "Users" ], "type": "object" }, "Type": { "enum": [ "AWS::AmazonMQ::Broker" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AmazonMQ::Broker.ConfigurationId": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The unique ID that Amazon MQ generates for the configuration.", "title": "Id", "type": "string" }, "Revision": { "markdownDescription": "The revision number of the configuration.", "title": "Revision", "type": "number" } }, "required": [ "Id", "Revision" ], "type": "object" }, "AWS::AmazonMQ::Broker.EncryptionOptions": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The customer master key (CMK) to use for the A AWS KMS (KMS). This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data.", "title": "KmsKeyId", "type": "string" }, "UseAwsOwnedKey": { "markdownDescription": "Enables the use of an AWS owned CMK using AWS KMS (KMS). Set to `true` by default, if no value is provided, for example, for RabbitMQ brokers.", "title": "UseAwsOwnedKey", "type": "boolean" } }, "required": [ "UseAwsOwnedKey" ], "type": "object" }, "AWS::AmazonMQ::Broker.LdapServerMetadata": { "additionalProperties": false, "properties": { "Hosts": { "items": { "type": "string" }, "markdownDescription": "Specifies the location of the LDAP server such as AWS Directory Service for Microsoft Active Directory . Optional failover server.", "title": "Hosts", "type": "array" }, "RoleBase": { "markdownDescription": "The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, `ou=group` , `ou=corp` , `dc=corp` , `dc=example` , `dc=com` .", "title": "RoleBase", "type": "string" }, "RoleName": { "markdownDescription": "The group name attribute in a role entry whose value is the name of that role. For example, you can specify `cn` for a group entry's common name. If authentication succeeds, then the user is assigned the the value of the `cn` attribute for each role entry that they are a member of.", "title": "RoleName", "type": "string" }, "RoleSearchMatching": { "markdownDescription": "The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the `{0}` placeholder in the search filter. The client's username is substituted into the `{1}` placeholder. For example, if you set this option to `(member=uid={1})` for the user janedoe, the search filter becomes `(member=uid=janedoe)` after string substitution. It matches all role entries that have a member attribute equal to `uid=janedoe` under the subtree selected by the `RoleBases` .", "title": "RoleSearchMatching", "type": "string" }, "RoleSearchSubtree": { "markdownDescription": "The directory search scope for the role. If set to true, scope is to search the entire subtree.", "title": "RoleSearchSubtree", "type": "boolean" }, "ServiceAccountPassword": { "markdownDescription": "Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, `cn=admin` , `dc=corp` , `dc=example` , `dc=com` .", "title": "ServiceAccountPassword", "type": "string" }, "ServiceAccountUsername": { "markdownDescription": "Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, `cn=admin` , `ou=corp` , `dc=corp` , `dc=example` , `dc=com` .", "title": "ServiceAccountUsername", "type": "string" }, "UserBase": { "markdownDescription": "Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to `ou=Users` , `ou=corp` , `dc=corp` , `dc=example` , `dc=com` , the search for user entries is restricted to the subtree beneath `ou=Users` , `ou=corp` , `dc=corp` , `dc=example` , `dc=com` .", "title": "UserBase", "type": "string" }, "UserRoleName": { "markdownDescription": "The name of the LDAP attribute in the user's directory entry for the user's group membership. In some cases, user roles may be identified by the value of an attribute in the user's directory entry. The `UserRoleName` option allows you to provide the name of this attribute.", "title": "UserRoleName", "type": "string" }, "UserSearchMatching": { "markdownDescription": "The LDAP search filter used to find users within the `userBase` . The client's username is substituted into the `{0}` placeholder in the search filter. For example, if this option is set to `(uid={0})` and the received username is `janedoe` , the search filter becomes `(uid=janedoe)` after string substitution. It will result in matching an entry like `uid=janedoe` , `ou=Users` , `ou=corp` , `dc=corp` , `dc=example` , `dc=com` .", "title": "UserSearchMatching", "type": "string" }, "UserSearchSubtree": { "markdownDescription": "The directory search scope for the user. If set to true, scope is to search the entire subtree.", "title": "UserSearchSubtree", "type": "boolean" } }, "required": [ "Hosts", "RoleBase", "RoleSearchMatching", "ServiceAccountPassword", "ServiceAccountUsername", "UserBase", "UserSearchMatching" ], "type": "object" }, "AWS::AmazonMQ::Broker.LogList": { "additionalProperties": false, "properties": { "Audit": { "markdownDescription": "Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers.", "title": "Audit", "type": "boolean" }, "General": { "markdownDescription": "Enables general logging.", "title": "General", "type": "boolean" } }, "type": "object" }, "AWS::AmazonMQ::Broker.MaintenanceWindow": { "additionalProperties": false, "properties": { "DayOfWeek": { "markdownDescription": "The day of the week.", "title": "DayOfWeek", "type": "string" }, "TimeOfDay": { "markdownDescription": "The time, in 24-hour format.", "title": "TimeOfDay", "type": "string" }, "TimeZone": { "markdownDescription": "The time zone, UTC by default, in either the Country/City format, or the UTC offset format.", "title": "TimeZone", "type": "string" } }, "required": [ "DayOfWeek", "TimeOfDay", "TimeZone" ], "type": "object" }, "AWS::AmazonMQ::Broker.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key in a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value in a key-value pair.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AmazonMQ::Broker.User": { "additionalProperties": false, "properties": { "ConsoleAccess": { "markdownDescription": "Enables access to the ActiveMQ web console for the ActiveMQ user. Does not apply to RabbitMQ brokers.", "title": "ConsoleAccess", "type": "boolean" }, "Groups": { "items": { "type": "string" }, "markdownDescription": "The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers.", "title": "Groups", "type": "array" }, "Password": { "markdownDescription": "The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=).", "title": "Password", "type": "string" }, "ReplicationUser": { "markdownDescription": "Defines if this user is intended for CRDR replication purposes.", "title": "ReplicationUser", "type": "boolean" }, "Username": { "markdownDescription": "The username of the broker user. For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using guest as a valid usename. This value must be 2-100 characters long.\n\n> Do not add personally identifiable information (PII) or other confidential or sensitive information in broker usernames. Broker usernames are accessible to other AWS services, including CloudWatch Logs . Broker usernames are not intended to be used for private or sensitive data.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::AmazonMQ::Configuration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationStrategy": { "markdownDescription": "Optional. The authentication strategy associated with the configuration. The default is `SIMPLE` .", "title": "AuthenticationStrategy", "type": "string" }, "Data": { "markdownDescription": "The base64-encoded XML configuration.", "title": "Data", "type": "string" }, "Description": { "markdownDescription": "The description of the configuration.", "title": "Description", "type": "string" }, "EngineType": { "markdownDescription": "The type of broker engine. Note: Currently, Amazon MQ only supports ACTIVEMQ for creating and editing broker configurations.", "title": "EngineType", "type": "string" }, "EngineVersion": { "markdownDescription": "The version of the broker engine. For a list of supported engine versions, see [](https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html)", "title": "EngineVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the configuration. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 1-150 characters long.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AmazonMQ::Configuration.TagsEntry" }, "markdownDescription": "Create tags when creating the configuration.", "title": "Tags", "type": "array" } }, "required": [ "Data", "EngineType", "EngineVersion", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AmazonMQ::Configuration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AmazonMQ::Configuration.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key in a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value in a key-value pair.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AmazonMQ::ConfigurationAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Broker": { "markdownDescription": "The broker to associate with a configuration.", "title": "Broker", "type": "string" }, "Configuration": { "$ref": "#/definitions/AWS::AmazonMQ::ConfigurationAssociation.ConfigurationId", "markdownDescription": "The configuration to associate with a broker.", "title": "Configuration" } }, "required": [ "Broker", "Configuration" ], "type": "object" }, "Type": { "enum": [ "AWS::AmazonMQ::ConfigurationAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AmazonMQ::ConfigurationAssociation.ConfigurationId": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The unique ID that Amazon MQ generates for the configuration.", "title": "Id", "type": "string" }, "Revision": { "markdownDescription": "The revision number of the configuration.", "title": "Revision", "type": "number" } }, "required": [ "Id", "Revision" ], "type": "object" }, "AWS::Amplify::App": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.\n\nUse `AccessToken` for GitHub repositories only. To authorize access to a repository provider such as Bitbucket or CodeCommit, use `OauthToken` .\n\nYou must specify either `AccessToken` or `OauthToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* .", "title": "AccessToken", "type": "string" }, "AutoBranchCreationConfig": { "$ref": "#/definitions/AWS::Amplify::App.AutoBranchCreationConfig", "markdownDescription": "Sets the configuration for your automatic branch creation.", "title": "AutoBranchCreationConfig" }, "BasicAuthConfig": { "$ref": "#/definitions/AWS::Amplify::App.BasicAuthConfig", "markdownDescription": "The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` .", "title": "BasicAuthConfig" }, "BuildSpec": { "markdownDescription": "The build specification (build spec) for an Amplify app.", "title": "BuildSpec", "type": "string" }, "CustomHeaders": { "markdownDescription": "The custom HTTP headers for an Amplify app.", "title": "CustomHeaders", "type": "string" }, "CustomRules": { "items": { "$ref": "#/definitions/AWS::Amplify::App.CustomRule" }, "markdownDescription": "The custom rewrite and redirect rules for an Amplify app.", "title": "CustomRules", "type": "array" }, "Description": { "markdownDescription": "The description of the Amplify app.", "title": "Description", "type": "string" }, "EnableBranchAutoDeletion": { "markdownDescription": "Automatically disconnect a branch in Amplify Hosting when you delete a branch from your Git repository.", "title": "EnableBranchAutoDeletion", "type": "boolean" }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::App.EnvironmentVariable" }, "markdownDescription": "The environment variables for the Amplify app.\n\nFor a list of the environment variables that are accessible to Amplify by default, see [Amplify Environment variables](https://docs.aws.amazon.com/amplify/latest/userguide/amplify-console-environment-variables.html) in the *Amplify Hosting User Guide* .", "title": "EnvironmentVariables", "type": "array" }, "IAMServiceRole": { "markdownDescription": "AWS Identity and Access Management ( IAM ) service role for the Amazon Resource Name (ARN) of the Amplify app.", "title": "IAMServiceRole", "type": "string" }, "Name": { "markdownDescription": "The name of the Amplify app.", "title": "Name", "type": "string" }, "OauthToken": { "markdownDescription": "The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.\n\nUse `OauthToken` for repository providers other than GitHub, such as Bitbucket or CodeCommit. To authorize access to GitHub as your repository provider, use `AccessToken` .\n\nYou must specify either `OauthToken` or `AccessToken` when you create a new app.\n\nExisting Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see [Migrating an existing OAuth app to the Amplify GitHub App](https://docs.aws.amazon.com/amplify/latest/userguide/setting-up-GitHub-access.html#migrating-to-github-app-auth) in the *Amplify User Guide* .", "title": "OauthToken", "type": "string" }, "Platform": { "markdownDescription": "The platform for the Amplify app. For a static app, set the platform type to `WEB` . For a dynamic server-side rendered (SSR) app, set the platform type to `WEB_COMPUTE` . For an app requiring Amplify Hosting's original SSR support only, set the platform type to `WEB_DYNAMIC` .", "title": "Platform", "type": "string" }, "Repository": { "markdownDescription": "The Git repository for the Amplify app.", "title": "Repository", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tag for an Amplify app.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Amplify::App" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Amplify::App.AutoBranchCreationConfig": { "additionalProperties": false, "properties": { "AutoBranchCreationPatterns": { "items": { "type": "string" }, "markdownDescription": "Automated branch creation glob patterns for the Amplify app.", "title": "AutoBranchCreationPatterns", "type": "array" }, "BasicAuthConfig": { "$ref": "#/definitions/AWS::Amplify::App.BasicAuthConfig", "markdownDescription": "Sets password protection for your auto created branch.", "title": "BasicAuthConfig" }, "BuildSpec": { "markdownDescription": "The build specification (build spec) for the autocreated branch.", "title": "BuildSpec", "type": "string" }, "EnableAutoBranchCreation": { "markdownDescription": "Enables automated branch creation for the Amplify app.", "title": "EnableAutoBranchCreation", "type": "boolean" }, "EnableAutoBuild": { "markdownDescription": "Enables auto building for the auto created branch.", "title": "EnableAutoBuild", "type": "boolean" }, "EnablePerformanceMode": { "markdownDescription": "Enables performance mode for the branch.\n\nPerformance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.", "title": "EnablePerformanceMode", "type": "boolean" }, "EnablePullRequestPreview": { "markdownDescription": "Sets whether pull request previews are enabled for each branch that Amplify Hosting automatically creates for your app. Amplify creates previews by deploying your app to a unique URL whenever a pull request is opened for the branch. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch.\n\nTo provide backend support for your preview, Amplify Hosting automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property.\n\nFor more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* .", "title": "EnablePullRequestPreview", "type": "boolean" }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::App.EnvironmentVariable" }, "markdownDescription": "The environment variables for the autocreated branch.", "title": "EnvironmentVariables", "type": "array" }, "Framework": { "markdownDescription": "The framework for the autocreated branch.", "title": "Framework", "type": "string" }, "PullRequestEnvironmentName": { "markdownDescription": "If pull request previews are enabled, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI.\n\nTo enable pull request previews, set the `EnablePullRequestPreview` property to `true` .\n\nIf you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify deletes this environment when the pull request is closed.\n\nFor more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* .", "title": "PullRequestEnvironmentName", "type": "string" }, "Stage": { "markdownDescription": "Stage for the auto created branch.", "title": "Stage", "type": "string" } }, "type": "object" }, "AWS::Amplify::App.BasicAuthConfig": { "additionalProperties": false, "properties": { "EnableBasicAuth": { "markdownDescription": "Enables basic authorization for the Amplify app's branches.", "title": "EnableBasicAuth", "type": "boolean" }, "Password": { "markdownDescription": "The password for basic authorization.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The user name for basic authorization.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::Amplify::App.CustomRule": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "The condition for a URL rewrite or redirect rule, such as a country code.", "title": "Condition", "type": "string" }, "Source": { "markdownDescription": "The source pattern for a URL rewrite or redirect rule.", "title": "Source", "type": "string" }, "Status": { "markdownDescription": "The status code for a URL rewrite or redirect rule.\n\n- **200** - Represents a 200 rewrite rule.\n- **301** - Represents a 301 (moved pemanently) redirect rule. This and all future requests should be directed to the target URL.\n- **302** - Represents a 302 temporary redirect rule.\n- **404** - Represents a 404 redirect rule.\n- **404-200** - Represents a 404 rewrite rule.", "title": "Status", "type": "string" }, "Target": { "markdownDescription": "The target pattern for a URL rewrite or redirect rule.", "title": "Target", "type": "string" } }, "required": [ "Source", "Target" ], "type": "object" }, "AWS::Amplify::App.EnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The environment variable name.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The environment variable value.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::Amplify::Branch": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppId": { "markdownDescription": "The unique ID for an Amplify app.", "title": "AppId", "type": "string" }, "Backend": { "$ref": "#/definitions/AWS::Amplify::Branch.Backend", "markdownDescription": "The backend for a `Branch` of an Amplify app. Use for a backend created from an AWS CloudFormation stack.\n\nThis field is available to Amplify Gen 2 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code.", "title": "Backend" }, "BasicAuthConfig": { "$ref": "#/definitions/AWS::Amplify::Branch.BasicAuthConfig", "markdownDescription": "The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization credentials and provide them in the format `user:password` .", "title": "BasicAuthConfig" }, "BranchName": { "markdownDescription": "The name for the branch.", "title": "BranchName", "type": "string" }, "BuildSpec": { "markdownDescription": "The build specification (build spec) for the branch.", "title": "BuildSpec", "type": "string" }, "Description": { "markdownDescription": "The description for the branch that is part of an Amplify app.", "title": "Description", "type": "string" }, "EnableAutoBuild": { "markdownDescription": "Enables auto building for the branch.", "title": "EnableAutoBuild", "type": "boolean" }, "EnablePerformanceMode": { "markdownDescription": "Enables performance mode for the branch.\n\nPerformance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.", "title": "EnablePerformanceMode", "type": "boolean" }, "EnablePullRequestPreview": { "markdownDescription": "Specifies whether Amplify Hosting creates a preview for each pull request that is made for this branch. If this property is enabled, Amplify deploys your app to a unique preview URL after each pull request is opened. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch.\n\nTo provide backend support for your preview, Amplify automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property.\n\nFor more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* .", "title": "EnablePullRequestPreview", "type": "boolean" }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::Amplify::Branch.EnvironmentVariable" }, "markdownDescription": "The environment variables for the branch.", "title": "EnvironmentVariables", "type": "array" }, "Framework": { "markdownDescription": "The framework for the branch.", "title": "Framework", "type": "string" }, "PullRequestEnvironmentName": { "markdownDescription": "If pull request previews are enabled for this branch, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI and mapped to this branch.\n\nTo enable pull request previews, set the `EnablePullRequestPreview` property to `true` .\n\nIf you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify Hosting deletes this environment when the pull request is closed.\n\nFor more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* .", "title": "PullRequestEnvironmentName", "type": "string" }, "Stage": { "markdownDescription": "Describes the current stage for the branch.", "title": "Stage", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tag for the branch.", "title": "Tags", "type": "array" } }, "required": [ "AppId", "BranchName" ], "type": "object" }, "Type": { "enum": [ "AWS::Amplify::Branch" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Amplify::Branch.Backend": { "additionalProperties": false, "properties": { "StackArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the AWS CloudFormation stack.", "title": "StackArn", "type": "string" } }, "type": "object" }, "AWS::Amplify::Branch.BasicAuthConfig": { "additionalProperties": false, "properties": { "EnableBasicAuth": { "markdownDescription": "Enables basic authorization for the branch.", "title": "EnableBasicAuth", "type": "boolean" }, "Password": { "markdownDescription": "The password for basic authorization.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::Amplify::Branch.EnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The environment variable name.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The environment variable value.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::Amplify::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppId": { "markdownDescription": "The unique ID for an Amplify app.", "title": "AppId", "type": "string" }, "AutoSubDomainCreationPatterns": { "items": { "type": "string" }, "markdownDescription": "Sets the branch patterns for automatic subdomain creation.", "title": "AutoSubDomainCreationPatterns", "type": "array" }, "AutoSubDomainIAMRole": { "markdownDescription": "The required AWS Identity and Access Management (IAMlong) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.", "title": "AutoSubDomainIAMRole", "type": "string" }, "CertificateSettings": { "$ref": "#/definitions/AWS::Amplify::Domain.CertificateSettings", "markdownDescription": "The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you.", "title": "CertificateSettings" }, "DomainName": { "markdownDescription": "The domain name for the domain association.", "title": "DomainName", "type": "string" }, "EnableAutoSubDomain": { "markdownDescription": "Enables the automated creation of subdomains for branches.", "title": "EnableAutoSubDomain", "type": "boolean" }, "SubDomainSettings": { "items": { "$ref": "#/definitions/AWS::Amplify::Domain.SubDomainSetting" }, "markdownDescription": "The setting for the subdomain.", "title": "SubDomainSettings", "type": "array" } }, "required": [ "AppId", "DomainName", "SubDomainSettings" ], "type": "object" }, "Type": { "enum": [ "AWS::Amplify::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Amplify::Domain.Certificate": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for a custom certificate that you have already added to AWS Certificate Manager in your AWS account .\n\nThis field is required only when the certificate type is `CUSTOM` .", "title": "CertificateArn", "type": "string" }, "CertificateType": { "markdownDescription": "The type of SSL/TLS certificate that you want to use.\n\nSpecify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.\n\nSpecify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .", "title": "CertificateType", "type": "string" }, "CertificateVerificationDNSRecord": { "markdownDescription": "The DNS record for certificate verification.", "title": "CertificateVerificationDNSRecord", "type": "string" } }, "type": "object" }, "AWS::Amplify::Domain.CertificateSettings": { "additionalProperties": false, "properties": { "CertificateType": { "markdownDescription": "The certificate type.\n\nSpecify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you.\n\nSpecify `CUSTOM` to use your own certificate that you have already added to AWS Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* .", "title": "CertificateType", "type": "string" }, "CustomCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the custom certificate that you have already added to AWS Certificate Manager in your AWS account .\n\nThis field is required only when the certificate type is `CUSTOM` .", "title": "CustomCertificateArn", "type": "string" } }, "type": "object" }, "AWS::Amplify::Domain.SubDomainSetting": { "additionalProperties": false, "properties": { "BranchName": { "markdownDescription": "The branch name setting for the subdomain.\n\n*Length Constraints:* Minimum length of 1. Maximum length of 255.\n\n*Pattern:* (?s).+", "title": "BranchName", "type": "string" }, "Prefix": { "markdownDescription": "The prefix setting for the subdomain.", "title": "Prefix", "type": "string" } }, "required": [ "BranchName", "Prefix" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppId": { "markdownDescription": "The unique ID of the Amplify app associated with the component.", "title": "AppId", "type": "string" }, "BindingProperties": { "additionalProperties": false, "markdownDescription": "The information to connect a component's properties to data at runtime. You can't specify `tags` as a valid property for `bindingProperties` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentBindingPropertiesValue" } }, "title": "BindingProperties", "type": "object" }, "Children": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentChild" }, "markdownDescription": "A list of the component's `ComponentChild` instances.", "title": "Children", "type": "array" }, "CollectionProperties": { "additionalProperties": false, "markdownDescription": "The data binding configuration for the component's properties. Use this for a collection component. You can't specify `tags` as a valid property for `collectionProperties` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentDataConfiguration" } }, "title": "CollectionProperties", "type": "object" }, "ComponentType": { "markdownDescription": "The type of the component. This can be an Amplify custom UI component or another custom component.", "title": "ComponentType", "type": "string" }, "EnvironmentName": { "markdownDescription": "The name of the backend environment that is a part of the Amplify app.", "title": "EnvironmentName", "type": "string" }, "Events": { "additionalProperties": false, "markdownDescription": "Describes the events that can be raised on the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentEvent" } }, "title": "Events", "type": "object" }, "Name": { "markdownDescription": "The name of the component.", "title": "Name", "type": "string" }, "Overrides": { "markdownDescription": "Describes the component's properties that can be overriden in a customized instance of the component. You can't specify `tags` as a valid property for `overrides` .", "title": "Overrides", "type": "object" }, "Properties": { "additionalProperties": false, "markdownDescription": "Describes the component's properties. You can't specify `tags` as a valid property for `properties` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty" } }, "title": "Properties", "type": "object" }, "SchemaVersion": { "markdownDescription": "The schema version of the component when it was imported.", "title": "SchemaVersion", "type": "string" }, "SourceId": { "markdownDescription": "The unique ID of the component in its original source system, such as Figma.", "title": "SourceId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "One or more key-value pairs to use when tagging the component.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Variants": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentVariant" }, "markdownDescription": "A list of the component's variants. A variant is a unique style configuration of a main component.", "title": "Variants", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AmplifyUIBuilder::Component" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.ActionParameters": { "additionalProperties": false, "properties": { "Anchor": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The HTML anchor link to the location to open. Specify this value for a navigation action.", "title": "Anchor" }, "Fields": { "additionalProperties": false, "markdownDescription": "A dictionary of key-value pairs mapping Amplify Studio properties to fields in a data model. Use when the action performs an operation on an Amplify DataStore model.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty" } }, "title": "Fields", "type": "object" }, "Global": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "Specifies whether the user should be signed out globally. Specify this value for an auth sign out action.", "title": "Global" }, "Id": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The unique ID of the component that the `ActionParameters` apply to.", "title": "Id" }, "Model": { "markdownDescription": "The name of the data model. Use when the action performs an operation on an Amplify DataStore model.", "title": "Model", "type": "string" }, "State": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.MutationActionSetStateParameter", "markdownDescription": "A key-value pair that specifies the state property name and its initial value.", "title": "State" }, "Target": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The element within the same component to modify when the action occurs.", "title": "Target" }, "Type": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The type of navigation action. Valid values are `url` and `anchor` . This value is required for a navigation action.", "title": "Type" }, "Url": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The URL to the location to open. Specify this value for a navigation action.", "title": "Url" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentBindingPropertiesValue": { "additionalProperties": false, "properties": { "BindingProperties": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentBindingPropertiesValueProperties", "markdownDescription": "Describes the properties to customize with data at runtime.", "title": "BindingProperties" }, "DefaultValue": { "markdownDescription": "The default value of the property.", "title": "DefaultValue", "type": "string" }, "Type": { "markdownDescription": "The property type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentBindingPropertiesValueProperties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "An Amazon S3 bucket.", "title": "Bucket", "type": "string" }, "DefaultValue": { "markdownDescription": "The default value to assign to the property.", "title": "DefaultValue", "type": "string" }, "Field": { "markdownDescription": "The field to bind the data to.", "title": "Field", "type": "string" }, "Key": { "markdownDescription": "The storage key for an Amazon S3 bucket.", "title": "Key", "type": "string" }, "Model": { "markdownDescription": "An Amplify DataStore model.", "title": "Model", "type": "string" }, "Predicates": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.Predicate" }, "markdownDescription": "A list of predicates for binding a component's properties to data.", "title": "Predicates", "type": "array" }, "SlotName": { "markdownDescription": "The name of a component slot.", "title": "SlotName", "type": "string" }, "UserAttribute": { "markdownDescription": "An authenticated user attribute.", "title": "UserAttribute", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentChild": { "additionalProperties": false, "properties": { "Children": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentChild" }, "markdownDescription": "The list of `ComponentChild` instances for this component.", "title": "Children", "type": "array" }, "ComponentType": { "markdownDescription": "The type of the child component.", "title": "ComponentType", "type": "string" }, "Events": { "additionalProperties": false, "markdownDescription": "Describes the events that can be raised on the child component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentEvent" } }, "title": "Events", "type": "object" }, "Name": { "markdownDescription": "The name of the child component.", "title": "Name", "type": "string" }, "Properties": { "additionalProperties": false, "markdownDescription": "Describes the properties of the child component. You can't specify `tags` as a valid property for `properties` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty" } }, "title": "Properties", "type": "object" }, "SourceId": { "markdownDescription": "The unique ID of the child component in its original source system, such as Figma.", "title": "SourceId", "type": "string" } }, "required": [ "ComponentType", "Name", "Properties" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentConditionProperty": { "additionalProperties": false, "properties": { "Else": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The value to assign to the property if the condition is not met.", "title": "Else" }, "Field": { "markdownDescription": "The name of a field. Specify this when the property is a data model.", "title": "Field", "type": "string" }, "Operand": { "markdownDescription": "The value of the property to evaluate.", "title": "Operand", "type": "string" }, "OperandType": { "markdownDescription": "The type of the property to evaluate.", "title": "OperandType", "type": "string" }, "Operator": { "markdownDescription": "The operator to use to perform the evaluation, such as `eq` to represent equals.", "title": "Operator", "type": "string" }, "Property": { "markdownDescription": "The name of the conditional property.", "title": "Property", "type": "string" }, "Then": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The value to assign to the property if the condition is met.", "title": "Then" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentDataConfiguration": { "additionalProperties": false, "properties": { "Identifiers": { "items": { "type": "string" }, "markdownDescription": "A list of IDs to use to bind data to a component. Use this property to bind specifically chosen data, rather than data retrieved from a query.", "title": "Identifiers", "type": "array" }, "Model": { "markdownDescription": "The name of the data model to use to bind data to a component.", "title": "Model", "type": "string" }, "Predicate": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.Predicate", "markdownDescription": "Represents the conditional logic to use when binding data to a component. Use this property to retrieve only a subset of the data in a collection.", "title": "Predicate" }, "Sort": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.SortProperty" }, "markdownDescription": "Describes how to sort the component's properties.", "title": "Sort", "type": "array" } }, "required": [ "Model" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentEvent": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to perform when a specific event is raised.", "title": "Action", "type": "string" }, "BindingEvent": { "markdownDescription": "Binds an event to an action on a component. When you specify a `bindingEvent` , the event is called when the action is performed.", "title": "BindingEvent", "type": "string" }, "Parameters": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ActionParameters", "markdownDescription": "Describes information about the action.", "title": "Parameters" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentProperty": { "additionalProperties": false, "properties": { "BindingProperties": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentPropertyBindingProperties", "markdownDescription": "The information to bind the component property to data at runtime.", "title": "BindingProperties" }, "Bindings": { "additionalProperties": false, "markdownDescription": "The information to bind the component property to form data.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.FormBindingElement" } }, "title": "Bindings", "type": "object" }, "CollectionBindingProperties": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentPropertyBindingProperties", "markdownDescription": "The information to bind the component property to data at runtime. Use this for collection components.", "title": "CollectionBindingProperties" }, "ComponentName": { "markdownDescription": "The name of the component that is affected by an event.", "title": "ComponentName", "type": "string" }, "Concat": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty" }, "markdownDescription": "A list of component properties to concatenate to create the value to assign to this component property.", "title": "Concat", "type": "array" }, "Condition": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentConditionProperty", "markdownDescription": "The conditional expression to use to assign a value to the component property.", "title": "Condition" }, "Configured": { "markdownDescription": "Specifies whether the user configured the property in Amplify Studio after importing it.", "title": "Configured", "type": "boolean" }, "DefaultValue": { "markdownDescription": "The default value to assign to the component property.", "title": "DefaultValue", "type": "string" }, "Event": { "markdownDescription": "An event that occurs in your app. Use this for workflow data binding.", "title": "Event", "type": "string" }, "ImportedValue": { "markdownDescription": "The default value assigned to the property when the component is imported into an app.", "title": "ImportedValue", "type": "string" }, "Model": { "markdownDescription": "The data model to use to assign a value to the component property.", "title": "Model", "type": "string" }, "Property": { "markdownDescription": "The name of the component's property that is affected by an event.", "title": "Property", "type": "string" }, "Type": { "markdownDescription": "The component type.", "title": "Type", "type": "string" }, "UserAttribute": { "markdownDescription": "An authenticated user attribute to use to assign a value to the component property.", "title": "UserAttribute", "type": "string" }, "Value": { "markdownDescription": "The value to assign to the component property.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentPropertyBindingProperties": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The data field to bind the property to.", "title": "Field", "type": "string" }, "Property": { "markdownDescription": "The component property to bind to the data field.", "title": "Property", "type": "string" } }, "required": [ "Property" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.ComponentVariant": { "additionalProperties": false, "properties": { "Overrides": { "markdownDescription": "The properties of the component variant that can be overriden when customizing an instance of the component. You can't specify `tags` as a valid property for `overrides` .", "title": "Overrides", "type": "object" }, "VariantValues": { "additionalProperties": true, "markdownDescription": "The combination of variants that comprise this variant.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "VariantValues", "type": "object" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.FormBindingElement": { "additionalProperties": false, "properties": { "Element": { "markdownDescription": "The name of the component to retrieve a value from.", "title": "Element", "type": "string" }, "Property": { "markdownDescription": "The property to retrieve a value from.", "title": "Property", "type": "string" } }, "required": [ "Element", "Property" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.MutationActionSetStateParameter": { "additionalProperties": false, "properties": { "ComponentName": { "markdownDescription": "The name of the component that is being modified.", "title": "ComponentName", "type": "string" }, "Property": { "markdownDescription": "The name of the component property to apply the state configuration to.", "title": "Property", "type": "string" }, "Set": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.ComponentProperty", "markdownDescription": "The state configuration to assign to the property.", "title": "Set" } }, "required": [ "ComponentName", "Property", "Set" ], "type": "object" }, "AWS::AmplifyUIBuilder::Component.Predicate": { "additionalProperties": false, "properties": { "And": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.Predicate" }, "markdownDescription": "A list of predicates to combine logically.", "title": "And", "type": "array" }, "Field": { "markdownDescription": "The field to query.", "title": "Field", "type": "string" }, "Operand": { "markdownDescription": "The value to use when performing the evaluation.", "title": "Operand", "type": "string" }, "OperandType": { "markdownDescription": "The type of value to use when performing the evaluation.", "title": "OperandType", "type": "string" }, "Operator": { "markdownDescription": "The operator to use to perform the evaluation.", "title": "Operator", "type": "string" }, "Or": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component.Predicate" }, "markdownDescription": "A list of predicates to combine logically.", "title": "Or", "type": "array" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Component.SortProperty": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "The direction of the sort, either ascending or descending.", "title": "Direction", "type": "string" }, "Field": { "markdownDescription": "The field to perform the sort on.", "title": "Field", "type": "string" } }, "required": [ "Direction", "Field" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppId": { "markdownDescription": "The unique ID of the Amplify app associated with the form.", "title": "AppId", "type": "string" }, "Cta": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormCTA", "markdownDescription": "The `FormCTA` object that stores the call to action configuration for the form.", "title": "Cta" }, "DataType": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormDataTypeConfig", "markdownDescription": "The type of data source to use to create the form.", "title": "DataType" }, "EnvironmentName": { "markdownDescription": "The name of the backend environment that is a part of the Amplify app.", "title": "EnvironmentName", "type": "string" }, "Fields": { "additionalProperties": false, "markdownDescription": "The configuration information for the form's fields.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldConfig" } }, "title": "Fields", "type": "object" }, "FormActionType": { "markdownDescription": "Specifies whether to perform a create or update action on the form.", "title": "FormActionType", "type": "string" }, "LabelDecorator": { "markdownDescription": "Specifies an icon or decoration to display on the form.", "title": "LabelDecorator", "type": "string" }, "Name": { "markdownDescription": "The name of the form.", "title": "Name", "type": "string" }, "SchemaVersion": { "markdownDescription": "The schema version of the form.", "title": "SchemaVersion", "type": "string" }, "SectionalElements": { "additionalProperties": false, "markdownDescription": "The configuration information for the visual helper elements for the form. These elements are not associated with any data.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.SectionalElement" } }, "title": "SectionalElements", "type": "object" }, "Style": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormStyle", "markdownDescription": "The configuration for the form's style.", "title": "Style" }, "Tags": { "additionalProperties": true, "markdownDescription": "One or more key-value pairs to use when tagging the form data.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::AmplifyUIBuilder::Form" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FieldConfig": { "additionalProperties": false, "properties": { "Excluded": { "markdownDescription": "Specifies whether to hide a field.", "title": "Excluded", "type": "boolean" }, "InputType": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldInputConfig", "markdownDescription": "Describes the configuration for the default input value to display for a field.", "title": "InputType" }, "Label": { "markdownDescription": "The label for the field.", "title": "Label", "type": "string" }, "Position": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldPosition", "markdownDescription": "Specifies the field position.", "title": "Position" }, "Validations": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldValidationConfiguration" }, "markdownDescription": "The validations to perform on the value in the field.", "title": "Validations", "type": "array" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FieldInputConfig": { "additionalProperties": false, "properties": { "DefaultChecked": { "markdownDescription": "Specifies whether a field has a default value.", "title": "DefaultChecked", "type": "boolean" }, "DefaultCountryCode": { "markdownDescription": "The default country code for a phone number.", "title": "DefaultCountryCode", "type": "string" }, "DefaultValue": { "markdownDescription": "The default value for the field.", "title": "DefaultValue", "type": "string" }, "DescriptiveText": { "markdownDescription": "The text to display to describe the field.", "title": "DescriptiveText", "type": "string" }, "FileUploaderConfig": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FileUploaderFieldConfig", "markdownDescription": "The configuration for the file uploader field.", "title": "FileUploaderConfig" }, "IsArray": { "markdownDescription": "Specifies whether to render the field as an array. This property is ignored if the `dataSourceType` for the form is a Data Store.", "title": "IsArray", "type": "boolean" }, "MaxValue": { "markdownDescription": "The maximum value to display for the field.", "title": "MaxValue", "type": "number" }, "MinValue": { "markdownDescription": "The minimum value to display for the field.", "title": "MinValue", "type": "number" }, "Name": { "markdownDescription": "The name of the field.", "title": "Name", "type": "string" }, "Placeholder": { "markdownDescription": "The text to display as a placeholder for the field.", "title": "Placeholder", "type": "string" }, "ReadOnly": { "markdownDescription": "Specifies a read only field.", "title": "ReadOnly", "type": "boolean" }, "Required": { "markdownDescription": "Specifies a field that requires input.", "title": "Required", "type": "boolean" }, "Step": { "markdownDescription": "The stepping increment for a numeric value in a field.", "title": "Step", "type": "number" }, "Type": { "markdownDescription": "The input type for the field.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The value for the field.", "title": "Value", "type": "string" }, "ValueMappings": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.ValueMappings", "markdownDescription": "The information to use to customize the input fields with data at runtime.", "title": "ValueMappings" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FieldPosition": { "additionalProperties": false, "properties": { "Below": { "markdownDescription": "The field position is below the field specified by the string.", "title": "Below", "type": "string" }, "Fixed": { "markdownDescription": "The field position is fixed and doesn't change in relation to other fields.", "title": "Fixed", "type": "string" }, "RightOf": { "markdownDescription": "The field position is to the right of the field specified by the string.", "title": "RightOf", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FieldValidationConfiguration": { "additionalProperties": false, "properties": { "NumValues": { "items": { "type": "number" }, "markdownDescription": "The validation to perform on a number value.", "title": "NumValues", "type": "array" }, "StrValues": { "items": { "type": "string" }, "markdownDescription": "The validation to perform on a string value.", "title": "StrValues", "type": "array" }, "Type": { "markdownDescription": "The validation to perform on an object type. ``", "title": "Type", "type": "string" }, "ValidationMessage": { "markdownDescription": "The validation message to display.", "title": "ValidationMessage", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FileUploaderFieldConfig": { "additionalProperties": false, "properties": { "AcceptedFileTypes": { "items": { "type": "string" }, "markdownDescription": "The file types that are allowed to be uploaded by the file uploader. Provide this information in an array of strings specifying the valid file extensions.", "title": "AcceptedFileTypes", "type": "array" }, "AccessLevel": { "markdownDescription": "The access level to assign to the uploaded files in the Amazon S3 bucket where they are stored. The valid values for this property are `private` , `protected` , or `public` . For detailed information about the permissions associated with each access level, see [File access levels](https://docs.aws.amazon.com/https://docs.amplify.aws/lib/storage/configureaccess/q/platform/js/) in the *Amplify documentation* .", "title": "AccessLevel", "type": "string" }, "IsResumable": { "markdownDescription": "Allows the file upload operation to be paused and resumed. The default value is `false` .\n\nWhen `isResumable` is set to `true` , the file uploader uses a multipart upload to break the files into chunks before upload. The progress of the upload isn't continuous, because the file uploader uploads a chunk at a time.", "title": "IsResumable", "type": "boolean" }, "MaxFileCount": { "markdownDescription": "Specifies the maximum number of files that can be selected to upload. The default value is an unlimited number of files.", "title": "MaxFileCount", "type": "number" }, "MaxSize": { "markdownDescription": "The maximum file size in bytes that the file uploader will accept. The default value is an unlimited file size.", "title": "MaxSize", "type": "number" }, "ShowThumbnails": { "markdownDescription": "Specifies whether to display or hide the image preview after selecting a file for upload. The default value is `true` to display the image preview.", "title": "ShowThumbnails", "type": "boolean" } }, "required": [ "AcceptedFileTypes", "AccessLevel" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormButton": { "additionalProperties": false, "properties": { "Children": { "markdownDescription": "Describes the button's properties.", "title": "Children", "type": "string" }, "Excluded": { "markdownDescription": "Specifies whether the button is visible on the form.", "title": "Excluded", "type": "boolean" }, "Position": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldPosition", "markdownDescription": "The position of the button.", "title": "Position" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormCTA": { "additionalProperties": false, "properties": { "Cancel": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormButton", "markdownDescription": "Displays a cancel button.", "title": "Cancel" }, "Clear": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormButton", "markdownDescription": "Displays a clear button.", "title": "Clear" }, "Position": { "markdownDescription": "The position of the button.", "title": "Position", "type": "string" }, "Submit": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormButton", "markdownDescription": "Displays a submit button.", "title": "Submit" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormDataTypeConfig": { "additionalProperties": false, "properties": { "DataSourceType": { "markdownDescription": "The data source type, either an Amplify DataStore model or a custom data type.", "title": "DataSourceType", "type": "string" }, "DataTypeName": { "markdownDescription": "The unique name of the data type you are using as the data source for the form.", "title": "DataTypeName", "type": "string" } }, "required": [ "DataSourceType", "DataTypeName" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormInputBindingPropertiesValue": { "additionalProperties": false, "properties": { "BindingProperties": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputBindingPropertiesValueProperties", "markdownDescription": "Describes the properties to customize with data at runtime.", "title": "BindingProperties" }, "Type": { "markdownDescription": "The property type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormInputBindingPropertiesValueProperties": { "additionalProperties": false, "properties": { "Model": { "markdownDescription": "An Amplify DataStore model.", "title": "Model", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormInputValueProperty": { "additionalProperties": false, "properties": { "BindingProperties": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputValuePropertyBindingProperties", "markdownDescription": "The information to bind fields to data at runtime.", "title": "BindingProperties" }, "Concat": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputValueProperty" }, "markdownDescription": "A list of form properties to concatenate to create the value to assign to this field property.", "title": "Concat", "type": "array" }, "Value": { "markdownDescription": "The value to assign to the input field.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormInputValuePropertyBindingProperties": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The data field to bind the property to.", "title": "Field", "type": "string" }, "Property": { "markdownDescription": "The form property to bind to the data field.", "title": "Property", "type": "string" } }, "required": [ "Property" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormStyle": { "additionalProperties": false, "properties": { "HorizontalGap": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormStyleConfig", "markdownDescription": "The spacing for the horizontal gap.", "title": "HorizontalGap" }, "OuterPadding": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormStyleConfig", "markdownDescription": "The size of the outer padding for the form.", "title": "OuterPadding" }, "VerticalGap": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormStyleConfig", "markdownDescription": "The spacing for the vertical gap.", "title": "VerticalGap" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.FormStyleConfig": { "additionalProperties": false, "properties": { "TokenReference": { "markdownDescription": "A reference to a design token to use to bind the form's style properties to an existing theme.", "title": "TokenReference", "type": "string" }, "Value": { "markdownDescription": "The value of the style setting.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Form.SectionalElement": { "additionalProperties": false, "properties": { "Excluded": { "markdownDescription": "Excludes a sectional element that was generated by default for a specified data model.", "title": "Excluded", "type": "boolean" }, "Level": { "markdownDescription": "Specifies the size of the font for a `Heading` sectional element. Valid values are `1 | 2 | 3 | 4 | 5 | 6` .", "title": "Level", "type": "number" }, "Orientation": { "markdownDescription": "Specifies the orientation for a `Divider` sectional element. Valid values are `horizontal` or `vertical` .", "title": "Orientation", "type": "string" }, "Position": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FieldPosition", "markdownDescription": "Specifies the position of the text in a field for a `Text` sectional element.", "title": "Position" }, "Text": { "markdownDescription": "The text for a `Text` sectional element.", "title": "Text", "type": "string" }, "Type": { "markdownDescription": "The type of sectional element. Valid values are `Heading` , `Text` , and `Divider` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.ValueMapping": { "additionalProperties": false, "properties": { "DisplayValue": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputValueProperty", "markdownDescription": "The value to display for the complex object.", "title": "DisplayValue" }, "Value": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputValueProperty", "markdownDescription": "The complex object.", "title": "Value" } }, "required": [ "Value" ], "type": "object" }, "AWS::AmplifyUIBuilder::Form.ValueMappings": { "additionalProperties": false, "properties": { "BindingProperties": { "additionalProperties": false, "markdownDescription": "The information to bind fields to data at runtime.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.FormInputBindingPropertiesValue" } }, "title": "BindingProperties", "type": "object" }, "Values": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form.ValueMapping" }, "markdownDescription": "The value and display value pairs.", "title": "Values", "type": "array" } }, "required": [ "Values" ], "type": "object" }, "AWS::AmplifyUIBuilder::Theme": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppId": { "markdownDescription": "The unique ID for the Amplify app associated with the theme.", "title": "AppId", "type": "string" }, "EnvironmentName": { "markdownDescription": "The name of the backend environment that is a part of the Amplify app.", "title": "EnvironmentName", "type": "string" }, "Name": { "markdownDescription": "The name of the theme.", "title": "Name", "type": "string" }, "Overrides": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Theme.ThemeValues" }, "markdownDescription": "Describes the properties that can be overriden to customize a theme.", "title": "Overrides", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "One or more key-value pairs to use when tagging the theme.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Values": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Theme.ThemeValues" }, "markdownDescription": "A list of key-value pairs that defines the properties of the theme.", "title": "Values", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AmplifyUIBuilder::Theme" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AmplifyUIBuilder::Theme.ThemeValue": { "additionalProperties": false, "properties": { "Children": { "items": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Theme.ThemeValues" }, "markdownDescription": "A list of key-value pairs that define the theme's properties.", "title": "Children", "type": "array" }, "Value": { "markdownDescription": "The value of a theme property.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AmplifyUIBuilder::Theme.ThemeValues": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of the property.", "title": "Key", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Theme.ThemeValue", "markdownDescription": "The value of the property.", "title": "Value" } }, "type": "object" }, "AWS::ApiGateway::Account": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CloudWatchRoleArn": { "markdownDescription": "The ARN of an Amazon CloudWatch role for the current Account.", "title": "CloudWatchRoleArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Account" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::ApiKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomerId": { "markdownDescription": "An AWS Marketplace customer identifier, when integrating with the AWS SaaS Marketplace.", "title": "CustomerId", "type": "string" }, "Description": { "markdownDescription": "The description of the ApiKey.", "title": "Description", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether the ApiKey can be used by callers.", "title": "Enabled", "type": "boolean" }, "GenerateDistinctId": { "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) the key identifier is distinct from the created API key value. This parameter is deprecated and should not be used.", "title": "GenerateDistinctId", "type": "boolean" }, "Name": { "markdownDescription": "A name for the API key. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the API key name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, "StageKeys": { "items": { "$ref": "#/definitions/AWS::ApiGateway::ApiKey.StageKey" }, "markdownDescription": "DEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key.", "title": "StageKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with `aws:` . The tag value can be up to 256 characters.", "title": "Tags", "type": "array" }, "Value": { "markdownDescription": "Specifies a value of the API key.", "title": "Value", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::ApiKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::ApiKey.StageKey": { "additionalProperties": false, "properties": { "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "StageName": { "markdownDescription": "The stage name associated with the stage key.", "title": "StageName", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::Authorizer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthType": { "markdownDescription": "Optional customer-defined field, used in OpenAPI imports and exports without functional impact.", "title": "AuthType", "type": "string" }, "AuthorizerCredentials": { "markdownDescription": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.", "title": "AuthorizerCredentials", "type": "string" }, "AuthorizerResultTtlInSeconds": { "markdownDescription": "The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.", "title": "AuthorizerResultTtlInSeconds", "type": "number" }, "AuthorizerUri": { "markdownDescription": "Specifies the authorizer's Uniform Resource Identifier (URI). For `TOKEN` or `REQUEST` authorizers, this must be a well-formed Lambda function URI, for example, `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations` . In general, the URI has this form `arn:aws:apigateway:{region}:lambda:path/{service_api}` , where `{region}` is the same as the region hosting the Lambda function, `path` indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial `/` . For Lambda functions, this is usually of the form `/2015-03-31/functions/[FunctionARN]/invocations` .", "title": "AuthorizerUri", "type": "string" }, "IdentitySource": { "markdownDescription": "The identity source for which authorization is requested. For a `TOKEN` or `COGNITO_USER_POOLS` authorizer, this is required and specifies the request header mapping expression for the custom header holding the authorization token submitted by the client. For example, if the token header name is `Auth` , the header mapping expression is `method.request.header.Auth` . For the `REQUEST` authorizer, this is required when authorization caching is enabled. The value is a comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an `Auth` header, a `Name` query string parameter are defined as identity sources, this value is `method.request.header.Auth, method.request.querystring.Name` . These parameters will be used to derive the authorization caching key and to perform runtime validation of the `REQUEST` authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping expressions of the specified request parameters. When the authorization caching is not enabled, this property is optional.", "title": "IdentitySource", "type": "string" }, "IdentityValidationExpression": { "markdownDescription": "A validation expression for the incoming identity token. For `TOKEN` authorizers, this value is a regular expression. For `COGNITO_USER_POOLS` authorizers, API Gateway will match the `aud` field of the incoming token from the client against the specified regular expression. It will invoke the authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without calling the Lambda function. The validation expression does not apply to the `REQUEST` authorizer.", "title": "IdentityValidationExpression", "type": "string" }, "Name": { "markdownDescription": "The name of the authorizer.", "title": "Name", "type": "string" }, "ProviderARNs": { "items": { "type": "string" }, "markdownDescription": "A list of the Amazon Cognito user pool ARNs for the `COGNITO_USER_POOLS` authorizer. Each element is of this format: `arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}` . For a `TOKEN` or `REQUEST` authorizer, this is not defined.", "title": "ProviderARNs", "type": "array" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "Type": { "markdownDescription": "The authorizer type. Valid values are `TOKEN` for a Lambda function using a single authorization token submitted in a custom header, `REQUEST` for a Lambda function using incoming request parameters, and `COGNITO_USER_POOLS` for using an Amazon Cognito user pool.", "title": "Type", "type": "string" } }, "required": [ "Name", "RestApiId", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Authorizer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::BasePathMapping": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BasePath": { "markdownDescription": "The base path name that callers of the API must provide as part of the URL after the domain name.", "title": "BasePath", "type": "string" }, "DomainName": { "markdownDescription": "The domain name of the BasePathMapping resource to be described.", "title": "DomainName", "type": "string" }, "Id": { "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "Stage": { "markdownDescription": "The name of the associated stage.", "title": "Stage", "type": "string" } }, "required": [ "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::BasePathMapping" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::ClientCertificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the client certificate.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::ClientCertificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::Deployment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeploymentCanarySettings": { "$ref": "#/definitions/AWS::ApiGateway::Deployment.DeploymentCanarySettings", "markdownDescription": "The input configuration for a canary deployment.", "title": "DeploymentCanarySettings" }, "Description": { "markdownDescription": "The description for the Deployment resource to create.", "title": "Description", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "StageDescription": { "$ref": "#/definitions/AWS::ApiGateway::Deployment.StageDescription", "markdownDescription": "The description of the Stage resource for the Deployment resource to create. To specify a stage description, you must also provide a stage name.", "title": "StageDescription" }, "StageName": { "markdownDescription": "The name of the Stage resource for the Deployment resource to create.", "title": "StageName", "type": "string" } }, "required": [ "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Deployment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::Deployment.AccessLogSetting": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-` .", "title": "DestinationArn", "type": "string" }, "Format": { "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least `$context.requestId` .", "title": "Format", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::Deployment.CanarySetting": { "additionalProperties": false, "properties": { "PercentTraffic": { "markdownDescription": "The percent (0-100) of traffic diverted to a canary deployment.", "title": "PercentTraffic", "type": "number" }, "StageVariableOverrides": { "additionalProperties": true, "markdownDescription": "Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "StageVariableOverrides", "type": "object" }, "UseStageCache": { "markdownDescription": "A Boolean flag to indicate whether the canary deployment uses the stage cache or not.", "title": "UseStageCache", "type": "boolean" } }, "type": "object" }, "AWS::ApiGateway::Deployment.DeploymentCanarySettings": { "additionalProperties": false, "properties": { "PercentTraffic": { "markdownDescription": "The percentage (0.0-100.0) of traffic routed to the canary deployment.", "title": "PercentTraffic", "type": "number" }, "StageVariableOverrides": { "additionalProperties": true, "markdownDescription": "A stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "StageVariableOverrides", "type": "object" }, "UseStageCache": { "markdownDescription": "A Boolean flag to indicate whether the canary release deployment uses the stage cache or not.", "title": "UseStageCache", "type": "boolean" } }, "type": "object" }, "AWS::ApiGateway::Deployment.MethodSetting": { "additionalProperties": false, "properties": { "CacheDataEncrypted": { "markdownDescription": "Specifies whether the cached responses are encrypted.", "title": "CacheDataEncrypted", "type": "boolean" }, "CacheTtlInSeconds": { "markdownDescription": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.", "title": "CacheTtlInSeconds", "type": "number" }, "CachingEnabled": { "markdownDescription": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.", "title": "CachingEnabled", "type": "boolean" }, "DataTraceEnabled": { "markdownDescription": "Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs.", "title": "DataTraceEnabled", "type": "boolean" }, "HttpMethod": { "markdownDescription": "The HTTP method.", "title": "HttpMethod", "type": "string" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are `OFF` , `ERROR` , and `INFO` . Choose `ERROR` to write only error-level entries to CloudWatch Logs, or choose `INFO` to include all `ERROR` events as well as extra informational events.", "title": "LoggingLevel", "type": "string" }, "MetricsEnabled": { "markdownDescription": "Specifies whether Amazon CloudWatch metrics are enabled for this method.", "title": "MetricsEnabled", "type": "boolean" }, "ResourcePath": { "markdownDescription": "The resource path for this method. Forward slashes ( `/` ) are encoded as `~1` and the initial slash must include a forward slash. For example, the path value `/resource/subresource` must be encoded as `/~1resource~1subresource` . To specify the root path, use only a slash ( `/` ).", "title": "ResourcePath", "type": "string" }, "ThrottlingBurstLimit": { "markdownDescription": "Specifies the throttling burst limit.", "title": "ThrottlingBurstLimit", "type": "number" }, "ThrottlingRateLimit": { "markdownDescription": "Specifies the throttling rate limit.", "title": "ThrottlingRateLimit", "type": "number" } }, "type": "object" }, "AWS::ApiGateway::Deployment.StageDescription": { "additionalProperties": false, "properties": { "AccessLogSetting": { "$ref": "#/definitions/AWS::ApiGateway::Deployment.AccessLogSetting", "markdownDescription": "Specifies settings for logging access in this stage.", "title": "AccessLogSetting" }, "CacheClusterEnabled": { "markdownDescription": "Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set `CachingEnabled` to `true` for a method.", "title": "CacheClusterEnabled", "type": "boolean" }, "CacheClusterSize": { "markdownDescription": "The size of the stage's cache cluster. For more information, see [cacheClusterSize](https://docs.aws.amazon.com/apigateway/latest/api/API_CreateStage.html#apigw-CreateStage-request-cacheClusterSize) in the *API Gateway API Reference* .", "title": "CacheClusterSize", "type": "string" }, "CacheDataEncrypted": { "markdownDescription": "Indicates whether the cached responses are encrypted.", "title": "CacheDataEncrypted", "type": "boolean" }, "CacheTtlInSeconds": { "markdownDescription": "The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches responses.", "title": "CacheTtlInSeconds", "type": "number" }, "CachingEnabled": { "markdownDescription": "Indicates whether responses are cached and returned for requests. You must enable a cache cluster on the stage to cache responses. For more information, see [Enable API Gateway Caching in a Stage to Enhance API Performance](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html) in the *API Gateway Developer Guide* .", "title": "CachingEnabled", "type": "boolean" }, "CanarySetting": { "$ref": "#/definitions/AWS::ApiGateway::Deployment.CanarySetting", "markdownDescription": "Specifies settings for the canary deployment in this stage.", "title": "CanarySetting" }, "ClientCertificateId": { "markdownDescription": "The identifier of the client certificate that API Gateway uses to call your integration endpoints in the stage.", "title": "ClientCertificateId", "type": "string" }, "DataTraceEnabled": { "markdownDescription": "Indicates whether data trace logging is enabled for methods in the stage. API Gateway pushes these logs to Amazon CloudWatch Logs.", "title": "DataTraceEnabled", "type": "boolean" }, "Description": { "markdownDescription": "A description of the purpose of the stage.", "title": "Description", "type": "string" }, "DocumentationVersion": { "markdownDescription": "The version identifier of the API documentation snapshot.", "title": "DocumentationVersion", "type": "string" }, "LoggingLevel": { "markdownDescription": "The logging level for this method. For valid values, see the `loggingLevel` property of the [MethodSetting](https://docs.aws.amazon.com/apigateway/latest/api/API_MethodSetting.html) resource in the *Amazon API Gateway API Reference* .", "title": "LoggingLevel", "type": "string" }, "MethodSettings": { "items": { "$ref": "#/definitions/AWS::ApiGateway::Deployment.MethodSetting" }, "markdownDescription": "Configures settings for all of the stage's methods.", "title": "MethodSettings", "type": "array" }, "MetricsEnabled": { "markdownDescription": "Indicates whether Amazon CloudWatch metrics are enabled for methods in the stage.", "title": "MetricsEnabled", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of arbitrary tags (key-value pairs) to associate with the stage.", "title": "Tags", "type": "array" }, "ThrottlingBurstLimit": { "markdownDescription": "The target request burst rate limit. This allows more requests through for a period of time than the target rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide* .", "title": "ThrottlingBurstLimit", "type": "number" }, "ThrottlingRateLimit": { "markdownDescription": "The target request steady-state rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide* .", "title": "ThrottlingRateLimit", "type": "number" }, "TracingEnabled": { "markdownDescription": "Specifies whether active tracing with X-ray is enabled for this stage.\n\nFor more information, see [Trace API Gateway API Execution with AWS X-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide* .", "title": "TracingEnabled", "type": "boolean" }, "Variables": { "additionalProperties": true, "markdownDescription": "A map that defines the stage variables. Variable names must consist of alphanumeric characters, and the values must match the following regular expression: `[A-Za-z0-9-._~:/?#&=,]+` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Variables", "type": "object" } }, "type": "object" }, "AWS::ApiGateway::DocumentationPart": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Location": { "$ref": "#/definitions/AWS::ApiGateway::DocumentationPart.Location", "markdownDescription": "The location of the targeted API entity of the to-be-created documentation part.", "title": "Location" }, "Properties": { "markdownDescription": "The new documentation content map of the targeted API entity. Enclosed key-value pairs are API-specific, but only OpenAPI-compliant key-value pairs can be exported and, hence, published.", "title": "Properties", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" } }, "required": [ "Location", "Properties", "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::DocumentationPart" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::DocumentationPart.Location": { "additionalProperties": false, "properties": { "Method": { "markdownDescription": "The HTTP verb of a method. It is a valid field for the API entity types of `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `*` for any method. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other `location` attributes, the child entity's `method` attribute must match that of the parent entity exactly.", "title": "Method", "type": "string" }, "Name": { "markdownDescription": "The name of the targeted API entity. It is a valid and required field for the API entity types of `AUTHORIZER` , `MODEL` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` and `RESPONSE_HEADER` . It is an invalid field for any other entity type.", "title": "Name", "type": "string" }, "Path": { "markdownDescription": "The URL path of the target. It is a valid field for the API entity types of `RESOURCE` , `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `/` for the root resource. When an applicable child entity inherits the content of another entity of the same type with more general specifications of the other `location` attributes, the child entity's `path` attribute must match that of the parent entity as a prefix.", "title": "Path", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP status code of a response. It is a valid field for the API entity types of `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `*` for any status code. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other `location` attributes, the child entity's `statusCode` attribute must match that of the parent entity exactly.", "title": "StatusCode", "type": "string" }, "Type": { "markdownDescription": "The type of API entity to which the documentation content applies. Valid values are `API` , `AUTHORIZER` , `MODEL` , `RESOURCE` , `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . Content inheritance does not apply to any entity of the `API` , `AUTHORIZER` , `METHOD` , `MODEL` , `REQUEST_BODY` , or `RESOURCE` type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::DocumentationVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description about the new documentation snapshot.", "title": "Description", "type": "string" }, "DocumentationVersion": { "markdownDescription": "The version identifier of the to-be-updated documentation version.", "title": "DocumentationVersion", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" } }, "required": [ "DocumentationVersion", "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::DocumentationVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::DomainName": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The reference to an AWS -managed certificate that will be used by edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.", "title": "CertificateArn", "type": "string" }, "DomainName": { "markdownDescription": "The custom domain name as an API host name, for example, `my-api.example.com` .", "title": "DomainName", "type": "string" }, "EndpointConfiguration": { "$ref": "#/definitions/AWS::ApiGateway::DomainName.EndpointConfiguration", "markdownDescription": "The endpoint configuration of this DomainName showing the endpoint types of the domain name.", "title": "EndpointConfiguration" }, "MutualTlsAuthentication": { "$ref": "#/definitions/AWS::ApiGateway::DomainName.MutualTlsAuthentication", "markdownDescription": "The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.", "title": "MutualTlsAuthentication" }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the RegionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", "type": "string" }, "RegionalCertificateArn": { "markdownDescription": "The reference to an AWS -managed certificate that will be used for validating the regional domain name. AWS Certificate Manager is the only supported source.", "title": "RegionalCertificateArn", "type": "string" }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::DomainName" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::DomainName.EndpointConfiguration": { "additionalProperties": false, "properties": { "Types": { "items": { "type": "string" }, "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", "title": "Types", "type": "array" } }, "type": "object" }, "AWS::ApiGateway::DomainName.MutualTlsAuthentication": { "additionalProperties": false, "properties": { "TruststoreUri": { "markdownDescription": "An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example `s3://bucket-name/key-name` . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object.", "title": "TruststoreUri", "type": "string" }, "TruststoreVersion": { "markdownDescription": "The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.", "title": "TruststoreVersion", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::GatewayResponse": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResponseParameters": { "additionalProperties": true, "markdownDescription": "Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseParameters", "type": "object" }, "ResponseTemplates": { "additionalProperties": true, "markdownDescription": "Response templates of the GatewayResponse as a string-to-string map of key-value pairs.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseTemplates", "type": "object" }, "ResponseType": { "markdownDescription": "The response type of the associated GatewayResponse.", "title": "ResponseType", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP status code for this GatewayResponse.", "title": "StatusCode", "type": "string" } }, "required": [ "ResponseType", "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::GatewayResponse" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::Method": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiKeyRequired": { "markdownDescription": "A boolean flag specifying whether a valid ApiKey is required to invoke this method.", "title": "ApiKeyRequired", "type": "boolean" }, "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "A list of authorization scopes configured on the method. The scopes are used with a `COGNITO_USER_POOLS` authorizer to authorize the method invocation. The authorization works by matching the method scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the method scope is configured, the client must provide an access token instead of an identity token for authorization purposes.", "title": "AuthorizationScopes", "type": "array" }, "AuthorizationType": { "markdownDescription": "The method's authorization type. This parameter is required. For valid values, see [Method](https://docs.aws.amazon.com/apigateway/latest/api/API_Method.html) in the *API Gateway API Reference* .\n\n> If you specify the `AuthorizerId` property, specify `CUSTOM` or `COGNITO_USER_POOLS` for this property.", "title": "AuthorizationType", "type": "string" }, "AuthorizerId": { "markdownDescription": "The identifier of an authorizer to use on this method. The method's authorization type must be `CUSTOM` or `COGNITO_USER_POOLS` .", "title": "AuthorizerId", "type": "string" }, "HttpMethod": { "markdownDescription": "The method's HTTP verb.", "title": "HttpMethod", "type": "string" }, "Integration": { "$ref": "#/definitions/AWS::ApiGateway::Method.Integration", "markdownDescription": "Represents an `HTTP` , `HTTP_PROXY` , `AWS` , `AWS_PROXY` , or Mock integration.", "title": "Integration" }, "MethodResponses": { "items": { "$ref": "#/definitions/AWS::ApiGateway::Method.MethodResponse" }, "markdownDescription": "Gets a method response associated with a given HTTP status code.", "title": "MethodResponses", "type": "array" }, "OperationName": { "markdownDescription": "A human-friendly operation identifier for the method. For example, you can assign the `operationName` of `ListPets` for the `GET /pets` method in the `PetStore` example.", "title": "OperationName", "type": "string" }, "RequestModels": { "additionalProperties": true, "markdownDescription": "A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RequestModels", "type": "object" }, "RequestParameters": { "additionalProperties": true, "markdownDescription": "A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A key is a method request parameter name matching the pattern of `method.request.{location}.{name}` , where `location` is `querystring` , `path` , or `header` and `name` is a valid and unique parameter name. The value associated with the key is a Boolean flag indicating whether the parameter is required ( `true` ) or optional ( `false` ). The method request parameter names defined here are available in Integration to be mapped to integration request parameters or templates.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RequestParameters", "type": "object" }, "RequestValidatorId": { "markdownDescription": "The identifier of a RequestValidator for request validation.", "title": "RequestValidatorId", "type": "string" }, "ResourceId": { "markdownDescription": "The Resource identifier for the MethodResponse resource.", "title": "ResourceId", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" } }, "required": [ "HttpMethod", "ResourceId", "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Method" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::Method.Integration": { "additionalProperties": false, "properties": { "CacheKeyParameters": { "items": { "type": "string" }, "markdownDescription": "A list of request parameters whose values API Gateway caches. To be valid values for `cacheKeyParameters` , these parameters must also be specified for Method `requestParameters` .", "title": "CacheKeyParameters", "type": "array" }, "CacheNamespace": { "markdownDescription": "Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the `cacheNamespace` . You can specify the same `cacheNamespace` across resources to return the same cached data for requests to different resources.", "title": "CacheNamespace", "type": "string" }, "ConnectionId": { "markdownDescription": "The ID of the VpcLink used for the integration when `connectionType=VPC_LINK` and undefined, otherwise.", "title": "ConnectionId", "type": "string" }, "ConnectionType": { "markdownDescription": "The type of the network connection to the integration endpoint. The valid value is `INTERNET` for connections through the public routable internet or `VPC_LINK` for private connections between API Gateway and a network load balancer in a VPC. The default value is `INTERNET` .", "title": "ConnectionType", "type": "string" }, "ContentHandling": { "markdownDescription": "Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\nIf this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the `passthroughBehavior` is configured to support payload pass-through.", "title": "ContentHandling", "type": "string" }, "Credentials": { "markdownDescription": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\\*:user/\\*` . To use resource-based permissions on supported AWS services, specify null.", "title": "Credentials", "type": "string" }, "IntegrationHttpMethod": { "markdownDescription": "Specifies the integration's HTTP method type. For the Type property, if you specify `MOCK` , this property is optional. For Lambda integrations, you must set the integration method to `POST` . For all other types, you must specify this property.", "title": "IntegrationHttpMethod", "type": "string" }, "IntegrationResponses": { "items": { "$ref": "#/definitions/AWS::ApiGateway::Method.IntegrationResponse" }, "markdownDescription": "Specifies the integration's responses.", "title": "IntegrationResponses", "type": "array" }, "PassthroughBehavior": { "markdownDescription": "Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in `requestTemplates` . The valid value is one of the following: `WHEN_NO_MATCH` : passes the method request body through the integration request to the back end without transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request. `WHEN_NO_TEMPLATES` : passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 Unsupported Media Type response. `NEVER` : rejects the method request with an HTTP 415 Unsupported Media Type response when either the method request content type does not match any content type associated with the mapping templates defined in the integration request or no mapping template is defined in the integration request.", "title": "PassthroughBehavior", "type": "string" }, "RequestParameters": { "additionalProperties": true, "markdownDescription": "A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of `method.request.{location}.{name}` , where `location` is `querystring` , `path` , or `header` and `name` must be a valid and unique method request parameter name.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RequestParameters", "type": "object" }, "RequestTemplates": { "additionalProperties": true, "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RequestTemplates", "type": "object" }, "TimeoutInMillis": { "markdownDescription": "Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.", "title": "TimeoutInMillis", "type": "number" }, "Type": { "markdownDescription": "Specifies an API method integration type. The valid value is one of the following:\n\nFor the HTTP and HTTP proxy integrations, each integration can specify a protocol ( `http/https` ), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with a `connectionType` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.", "title": "Type", "type": "string" }, "Uri": { "markdownDescription": "Specifies Uniform Resource Identifier (URI) of the integration endpoint.\n\nFor `HTTP` or `HTTP_PROXY` integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification for standard integrations. If `connectionType` is `VPC_LINK` specify the Network Load Balancer DNS name. For `AWS` or `AWS_PROXY` integrations, the URI is of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}` . Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated AWS service (e.g., s3); and {subdomain} is a designated subdomain supported by certain AWS service for fast host-name lookup. action can be used for an AWS service action-based API, using an Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_api refers to the path to an AWS service resource, including the region of the integrated AWS service, if applicable. For example, for integration with the S3 API of GetObject, the uri can be either `arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}` or `arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}`", "title": "Uri", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::Method.IntegrationResponse": { "additionalProperties": false, "properties": { "ContentHandling": { "markdownDescription": "Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\nIf this property is not defined, the response payload will be passed through from the integration response to the method response without modification.", "title": "ContentHandling", "type": "string" }, "ResponseParameters": { "additionalProperties": true, "markdownDescription": "A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of `method.response.header.{name}` , where `name` is a valid and unique header name. The mapped non-static value must match the pattern of `integration.response.header.{name}` or `integration.response.body.{JSON-expression}` , where `name` is a valid and unique response header name and `JSON-expression` is a valid JSON expression without the `$` prefix.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseParameters", "type": "object" }, "ResponseTemplates": { "additionalProperties": true, "markdownDescription": "Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseTemplates", "type": "object" }, "SelectionPattern": { "markdownDescription": "Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the `.+` regex to match error response. However, make sure that the error response does not contain any newline ( `\\n` ) character in such cases. If the back end is an AWS Lambda function, the AWS Lambda function error header is matched. For all other HTTP and AWS back ends, the HTTP status code is matched.", "title": "SelectionPattern", "type": "string" }, "StatusCode": { "markdownDescription": "Specifies the status code that is used to map the integration response to an existing MethodResponse.", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ApiGateway::Method.MethodResponse": { "additionalProperties": false, "properties": { "ResponseModels": { "additionalProperties": true, "markdownDescription": "Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseModels", "type": "object" }, "ResponseParameters": { "additionalProperties": true, "markdownDescription": "A key-value map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header and the value specifies whether the associated method response header is required or not. The expression of the key must match the pattern `method.response.header.{name}` , where `name` is a valid and unique header name. API Gateway passes certain integration response data to the method response headers specified here according to the mapping you prescribe in the API's IntegrationResponse. The integration response data that can be mapped include an integration response header expressed in `integration.response.header.{name}` , a static value enclosed within a pair of single quotes (e.g., `'application/json'` ), or a JSON expression from the back-end response payload in the form of `integration.response.body.{JSON-expression}` , where `JSON-expression` is a valid JSON expression without the `$` prefix.)", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResponseParameters", "type": "object" }, "StatusCode": { "markdownDescription": "The method response's status code.", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ApiGateway::Model": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content-type for the model.", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "The description of the model.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the model. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the model name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "Schema": { "markdownDescription": "The schema for the model. For `application/json` models, this should be JSON schema draft 4 model. Do not include \"\\*/\" characters in the description of any properties because such \"\\*/\" characters may be interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the installation of your API's SDK generated by API Gateway to fail.", "title": "Schema", "type": "object" } }, "required": [ "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Model" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::RequestValidator": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of this RequestValidator", "title": "Name", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "ValidateRequestBody": { "markdownDescription": "A Boolean flag to indicate whether to validate a request body according to the configured Model schema.", "title": "ValidateRequestBody", "type": "boolean" }, "ValidateRequestParameters": { "markdownDescription": "A Boolean flag to indicate whether to validate request parameters ( `true` ) or not ( `false` ).", "title": "ValidateRequestParameters", "type": "boolean" } }, "required": [ "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::RequestValidator" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::Resource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ParentId": { "markdownDescription": "The parent resource's identifier.", "title": "ParentId", "type": "string" }, "PathPart": { "markdownDescription": "The last path segment for this resource.", "title": "PathPart", "type": "string" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" } }, "required": [ "ParentId", "PathPart", "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Resource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::RestApi": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiKeySourceType": { "markdownDescription": "The source of the API key for metering requests according to a usage plan. Valid values are: `HEADER` to read the API key from the `X-API-Key` header of a request. `AUTHORIZER` to read the API key from the `UsageIdentifierKey` from a custom authorizer.", "title": "ApiKeySourceType", "type": "string" }, "BinaryMediaTypes": { "items": { "type": "string" }, "markdownDescription": "The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.", "title": "BinaryMediaTypes", "type": "array" }, "Body": { "markdownDescription": "An OpenAPI specification that defines a set of RESTful APIs in JSON format. For YAML templates, you can also provide the specification in YAML format.", "title": "Body", "type": "object" }, "BodyS3Location": { "$ref": "#/definitions/AWS::ApiGateway::RestApi.S3Location", "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location that points to an OpenAPI file, which defines a set of RESTful APIs in JSON or YAML format.", "title": "BodyS3Location" }, "CloneFrom": { "markdownDescription": "The ID of the RestApi that you want to clone from.", "title": "CloneFrom", "type": "string" }, "Description": { "markdownDescription": "The description of the RestApi.", "title": "Description", "type": "string" }, "DisableExecuteApiEndpoint": { "markdownDescription": "Specifies whether clients can invoke your API by using the default `execute-api` endpoint. By default, clients can invoke your API with the default `https://{api_id}.execute-api.{region}.amazonaws.com` endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint", "title": "DisableExecuteApiEndpoint", "type": "boolean" }, "EndpointConfiguration": { "$ref": "#/definitions/AWS::ApiGateway::RestApi.EndpointConfiguration", "markdownDescription": "A list of the endpoint types of the API. Use this property when creating an API. When importing an existing API, specify the endpoint configuration types using the `Parameters` property.", "title": "EndpointConfiguration" }, "FailOnWarnings": { "markdownDescription": "A query parameter to indicate whether to rollback the API update ( `true` ) or not ( `false` ) when a warning is encountered. The default value is `false` .", "title": "FailOnWarnings", "type": "boolean" }, "MinimumCompressionSize": { "markdownDescription": "A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.", "title": "MinimumCompressionSize", "type": "number" }, "Mode": { "markdownDescription": "This property applies only when you use OpenAPI to define your REST API. The `Mode` determines how API Gateway handles resource updates.\n\nValid values are `overwrite` or `merge` .\n\nFor `overwrite` , the new API definition replaces the existing one. The existing API identifier remains unchanged.\n\nFor `merge` , the new API definition is merged with the existing API.\n\nIf you don't specify this property, a default value is chosen. For REST APIs created before March 29, 2021, the default is `overwrite` . For REST APIs created after March 29, 2021, the new API definition takes precedence, but any container types such as endpoint configurations and binary media types are merged with the existing API.\n\nUse the default mode to define top-level `RestApi` properties in addition to using OpenAPI. Generally, it's preferred to use API Gateway's OpenAPI extensions to model these properties.", "title": "Mode", "type": "string" }, "Name": { "markdownDescription": "The name of the RestApi. A name is required if the REST API is not based on an OpenAPI specification.", "title": "Name", "type": "string" }, "Parameters": { "additionalProperties": true, "markdownDescription": "Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API, set `ignore=documentation` as a `parameters` value, as in the AWS CLI command of `aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Policy": { "markdownDescription": "A policy document that contains the permissions for the `RestApi` resource. To set the ARN for the policy, use the `!Join` intrinsic function with `\"\"` as delimiter and values of `\"execute-api:/\"` and `\"*\"` .", "title": "Policy", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters and must not start with `aws:` . The tag value can be up to 256 characters.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::RestApi" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::RestApi.EndpointConfiguration": { "additionalProperties": false, "properties": { "Types": { "items": { "type": "string" }, "markdownDescription": "A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `\"EDGE\"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` .", "title": "Types", "type": "array" }, "VpcEndpointIds": { "items": { "type": "string" }, "markdownDescription": "A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for `PRIVATE` endpoint type.", "title": "VpcEndpointIds", "type": "array" } }, "type": "object" }, "AWS::ApiGateway::RestApi.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket where the OpenAPI file is stored.", "title": "Bucket", "type": "string" }, "ETag": { "markdownDescription": "The Amazon S3 ETag (a file checksum) of the OpenAPI file. If you don't specify a value, API Gateway skips ETag validation of your OpenAPI file.", "title": "ETag", "type": "string" }, "Key": { "markdownDescription": "The file name of the OpenAPI file (Amazon S3 object name).", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "For versioning-enabled buckets, a specific version of the OpenAPI file.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::Stage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessLogSetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.AccessLogSetting", "markdownDescription": "Access log settings, including the access log format and access log destination ARN.", "title": "AccessLogSetting" }, "CacheClusterEnabled": { "markdownDescription": "Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set `CachingEnabled` to `true` for a method.", "title": "CacheClusterEnabled", "type": "boolean" }, "CacheClusterSize": { "markdownDescription": "The stage's cache capacity in GB. For more information about choosing a cache size, see [Enabling API caching to enhance responsiveness](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html) .", "title": "CacheClusterSize", "type": "string" }, "CanarySetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.CanarySetting", "markdownDescription": "Settings for the canary deployment in this stage.", "title": "CanarySetting" }, "ClientCertificateId": { "markdownDescription": "The identifier of a client certificate for an API stage.", "title": "ClientCertificateId", "type": "string" }, "DeploymentId": { "markdownDescription": "The identifier of the Deployment that the stage points to.", "title": "DeploymentId", "type": "string" }, "Description": { "markdownDescription": "The stage's description.", "title": "Description", "type": "string" }, "DocumentationVersion": { "markdownDescription": "The version of the associated API documentation.", "title": "DocumentationVersion", "type": "string" }, "MethodSettings": { "items": { "$ref": "#/definitions/AWS::ApiGateway::Stage.MethodSetting" }, "markdownDescription": "A map that defines the method settings for a Stage resource. Keys (designated as `/{method_setting_key` below) are method paths defined as `{resource_path}/{http_method}` for an individual method override, or `/\\*/\\*` for overriding all methods in the stage.", "title": "MethodSettings", "type": "array" }, "RestApiId": { "markdownDescription": "The string identifier of the associated RestApi.", "title": "RestApiId", "type": "string" }, "StageName": { "markdownDescription": "The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.", "title": "StageName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "title": "Tags", "type": "array" }, "TracingEnabled": { "markdownDescription": "Specifies whether active tracing with X-ray is enabled for the Stage.", "title": "TracingEnabled", "type": "boolean" }, "Variables": { "additionalProperties": true, "markdownDescription": "A map (string-to-string map) that defines the stage variables, where the variable name is the key and the variable value is the value. Variable names are limited to alphanumeric characters. Values must match the following regular expression: `[A-Za-z0-9-._~:/?#&=,]+` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Variables", "type": "object" } }, "required": [ "RestApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::Stage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::Stage.AccessLogSetting": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-` . This parameter is required to enable access logging.", "title": "DestinationArn", "type": "string" }, "Format": { "markdownDescription": "A single line format of the access logs of data, as specified by selected [$context variables](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference) . The format must include at least `$context.requestId` . This parameter is required to enable access logging.", "title": "Format", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::Stage.CanarySetting": { "additionalProperties": false, "properties": { "DeploymentId": { "markdownDescription": "The ID of the canary deployment.", "title": "DeploymentId", "type": "string" }, "PercentTraffic": { "markdownDescription": "The percent (0-100) of traffic diverted to a canary deployment.", "title": "PercentTraffic", "type": "number" }, "StageVariableOverrides": { "additionalProperties": true, "markdownDescription": "Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "StageVariableOverrides", "type": "object" }, "UseStageCache": { "markdownDescription": "A Boolean flag to indicate whether the canary deployment uses the stage cache or not.", "title": "UseStageCache", "type": "boolean" } }, "type": "object" }, "AWS::ApiGateway::Stage.MethodSetting": { "additionalProperties": false, "properties": { "CacheDataEncrypted": { "markdownDescription": "Specifies whether the cached responses are encrypted.", "title": "CacheDataEncrypted", "type": "boolean" }, "CacheTtlInSeconds": { "markdownDescription": "Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.", "title": "CacheTtlInSeconds", "type": "number" }, "CachingEnabled": { "markdownDescription": "Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.", "title": "CachingEnabled", "type": "boolean" }, "DataTraceEnabled": { "markdownDescription": "Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs.", "title": "DataTraceEnabled", "type": "boolean" }, "HttpMethod": { "markdownDescription": "The HTTP method. To apply settings to multiple resources and methods, specify an asterisk ( `*` ) for the `HttpMethod` and `/*` for the `ResourcePath` . This parameter is required when you specify a `MethodSetting` .", "title": "HttpMethod", "type": "string" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are `OFF` , `ERROR` , and `INFO` . Choose `ERROR` to write only error-level entries to CloudWatch Logs, or choose `INFO` to include all `ERROR` events as well as extra informational events.", "title": "LoggingLevel", "type": "string" }, "MetricsEnabled": { "markdownDescription": "Specifies whether Amazon CloudWatch metrics are enabled for this method.", "title": "MetricsEnabled", "type": "boolean" }, "ResourcePath": { "markdownDescription": "The resource path for this method. Forward slashes ( `/` ) are encoded as `~1` and the initial slash must include a forward slash. For example, the path value `/resource/subresource` must be encoded as `/~1resource~1subresource` . To specify the root path, use only a slash ( `/` ). To apply settings to multiple resources and methods, specify an asterisk ( `*` ) for the `HttpMethod` and `/*` for the `ResourcePath` . This parameter is required when you specify a `MethodSetting` .", "title": "ResourcePath", "type": "string" }, "ThrottlingBurstLimit": { "markdownDescription": "Specifies the throttling burst limit.", "title": "ThrottlingBurstLimit", "type": "number" }, "ThrottlingRateLimit": { "markdownDescription": "Specifies the throttling rate limit.", "title": "ThrottlingRateLimit", "type": "number" } }, "type": "object" }, "AWS::ApiGateway::UsagePlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiStages": { "items": { "$ref": "#/definitions/AWS::ApiGateway::UsagePlan.ApiStage" }, "markdownDescription": "The associated API stages of a usage plan.", "title": "ApiStages", "type": "array" }, "Description": { "markdownDescription": "The description of a usage plan.", "title": "Description", "type": "string" }, "Quota": { "$ref": "#/definitions/AWS::ApiGateway::UsagePlan.QuotaSettings", "markdownDescription": "The target maximum number of permitted requests per a given unit time interval.", "title": "Quota" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "title": "Tags", "type": "array" }, "Throttle": { "$ref": "#/definitions/AWS::ApiGateway::UsagePlan.ThrottleSettings", "markdownDescription": "A map containing method level throttling information for API stage in a usage plan.", "title": "Throttle" }, "UsagePlanName": { "markdownDescription": "The name of a usage plan.", "title": "UsagePlanName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::UsagePlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGateway::UsagePlan.ApiStage": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "API Id of the associated API stage in a usage plan.", "title": "ApiId", "type": "string" }, "Stage": { "markdownDescription": "API stage name of the associated API stage in a usage plan.", "title": "Stage", "type": "string" }, "Throttle": { "additionalProperties": false, "markdownDescription": "Map containing method level throttling information for API stage in a usage plan.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::ApiGateway::UsagePlan.ThrottleSettings" } }, "title": "Throttle", "type": "object" } }, "type": "object" }, "AWS::ApiGateway::UsagePlan.QuotaSettings": { "additionalProperties": false, "properties": { "Limit": { "markdownDescription": "The target maximum number of requests that can be made in a given time period.", "title": "Limit", "type": "number" }, "Offset": { "markdownDescription": "The number of requests subtracted from the given limit in the initial time period.", "title": "Offset", "type": "number" }, "Period": { "markdownDescription": "The time period in which the limit applies. Valid values are \"DAY\", \"WEEK\" or \"MONTH\".", "title": "Period", "type": "string" } }, "type": "object" }, "AWS::ApiGateway::UsagePlan.ThrottleSettings": { "additionalProperties": false, "properties": { "BurstLimit": { "markdownDescription": "The API target request burst rate limit. This allows more requests through for a period of time than the target rate limit.", "title": "BurstLimit", "type": "number" }, "RateLimit": { "markdownDescription": "The API target request rate limit.", "title": "RateLimit", "type": "number" } }, "type": "object" }, "AWS::ApiGateway::UsagePlanKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "KeyId": { "markdownDescription": "The Id of the UsagePlanKey resource.", "title": "KeyId", "type": "string" }, "KeyType": { "markdownDescription": "The type of a UsagePlanKey resource for a plan customer.", "title": "KeyType", "type": "string" }, "UsagePlanId": { "markdownDescription": "The Id of the UsagePlan resource representing the usage plan containing the UsagePlanKey resource representing a plan customer.", "title": "UsagePlanId", "type": "string" } }, "required": [ "KeyId", "KeyType", "UsagePlanId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::UsagePlanKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGateway::VpcLink": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the VPC link.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name used to label and identify the VPC link.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of arbitrary tags (key-value pairs) to associate with the VPC link.", "title": "Tags", "type": "array" }, "TargetArns": { "items": { "type": "string" }, "markdownDescription": "The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same AWS account of the API owner.", "title": "TargetArns", "type": "array" } }, "required": [ "Name", "TargetArns" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGateway::VpcLink" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Api": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiKeySelectionExpression": { "markdownDescription": "An API key selection expression. Supported only for WebSocket APIs. See [API Key Selection Expressions](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-selection-expressions.html#apigateway-websocket-api-apikey-selection-expressions) .", "title": "ApiKeySelectionExpression", "type": "string" }, "BasePath": { "markdownDescription": "Specifies how to interpret the base path of the API during import. Valid values are `ignore` , `prepend` , and `split` . The default value is `ignore` . To learn more, see [Set the OpenAPI basePath Property](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-import-api-basePath.html) . Supported only for HTTP APIs.", "title": "BasePath", "type": "string" }, "Body": { "markdownDescription": "The OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a `Body` or `BodyS3Location` . If you specify a `Body` or `BodyS3Location` , don't specify CloudFormation resources such as `AWS::ApiGatewayV2::Authorizer` or `AWS::ApiGatewayV2::Route` . API Gateway doesn't support the combination of OpenAPI and CloudFormation resources.", "title": "Body", "type": "object" }, "BodyS3Location": { "$ref": "#/definitions/AWS::ApiGatewayV2::Api.BodyS3Location", "markdownDescription": "The S3 location of an OpenAPI definition. Supported only for HTTP APIs. To import an HTTP API, you must specify a `Body` or `BodyS3Location` . If you specify a `Body` or `BodyS3Location` , don't specify CloudFormation resources such as `AWS::ApiGatewayV2::Authorizer` or `AWS::ApiGatewayV2::Route` . API Gateway doesn't support the combination of OpenAPI and CloudFormation resources.", "title": "BodyS3Location" }, "CorsConfiguration": { "$ref": "#/definitions/AWS::ApiGatewayV2::Api.Cors", "markdownDescription": "A CORS configuration. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information.", "title": "CorsConfiguration" }, "CredentialsArn": { "markdownDescription": "This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify `arn:aws:iam::*:user/*` . To use resource-based permissions on supported AWS services, specify `null` . Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs.", "title": "CredentialsArn", "type": "string" }, "Description": { "markdownDescription": "The description of the API.", "title": "Description", "type": "string" }, "DisableExecuteApiEndpoint": { "markdownDescription": "Specifies whether clients can invoke your API by using the default `execute-api` endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.", "title": "DisableExecuteApiEndpoint", "type": "boolean" }, "DisableSchemaValidation": { "markdownDescription": "Avoid validating models when creating a deployment. Supported only for WebSocket APIs.", "title": "DisableSchemaValidation", "type": "boolean" }, "FailOnWarnings": { "markdownDescription": "Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.", "title": "FailOnWarnings", "type": "boolean" }, "Name": { "markdownDescription": "The name of the API. Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "Name", "type": "string" }, "ProtocolType": { "markdownDescription": "The API protocol. Valid values are `WEBSOCKET` or `HTTP` . Required unless you specify an OpenAPI definition for `Body` or `S3BodyLocation` .", "title": "ProtocolType", "type": "string" }, "RouteKey": { "markdownDescription": "This property is part of quick create. If you don't specify a `routeKey` , a default route of `$default` is created. The `$default` route acts as a catch-all for any request made to your API, for a particular stage. The `$default` route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.", "title": "RouteKey", "type": "string" }, "RouteSelectionExpression": { "markdownDescription": "The route selection expression for the API. For HTTP APIs, the `routeSelectionExpression` must be `${request.method} ${request.path}` . If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.", "title": "RouteSelectionExpression", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Target": { "markdownDescription": "This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs.", "title": "Target", "type": "string" }, "Version": { "markdownDescription": "A version identifier for the API.", "title": "Version", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Api" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ApiGatewayV2::Api.BodyS3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The S3 bucket that contains the OpenAPI definition to import. Required if you specify a `BodyS3Location` for an API.", "title": "Bucket", "type": "string" }, "Etag": { "markdownDescription": "The Etag of the S3 object.", "title": "Etag", "type": "string" }, "Key": { "markdownDescription": "The key of the S3 object. Required if you specify a `BodyS3Location` for an API.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "The version of the S3 object.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::Api.Cors": { "additionalProperties": false, "properties": { "AllowCredentials": { "markdownDescription": "Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs.", "title": "AllowCredentials", "type": "boolean" }, "AllowHeaders": { "items": { "type": "string" }, "markdownDescription": "Represents a collection of allowed headers. Supported only for HTTP APIs.", "title": "AllowHeaders", "type": "array" }, "AllowMethods": { "items": { "type": "string" }, "markdownDescription": "Represents a collection of allowed HTTP methods. Supported only for HTTP APIs.", "title": "AllowMethods", "type": "array" }, "AllowOrigins": { "items": { "type": "string" }, "markdownDescription": "Represents a collection of allowed origins. Supported only for HTTP APIs.", "title": "AllowOrigins", "type": "array" }, "ExposeHeaders": { "items": { "type": "string" }, "markdownDescription": "Represents a collection of exposed headers. Supported only for HTTP APIs.", "title": "ExposeHeaders", "type": "array" }, "MaxAge": { "markdownDescription": "The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs.", "title": "MaxAge", "type": "number" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The ID of the API for which to override the configuration of API Gateway-managed resources.", "title": "ApiId", "type": "string" }, "Integration": { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides.IntegrationOverrides", "markdownDescription": "Overrides the integration configuration for an API Gateway-managed integration.", "title": "Integration" }, "Route": { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides.RouteOverrides", "markdownDescription": "Overrides the route configuration for an API Gateway-managed route.", "title": "Route" }, "Stage": { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides.StageOverrides", "markdownDescription": "Overrides the stage configuration for an API Gateway-managed stage.", "title": "Stage" } }, "required": [ "ApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::ApiGatewayManagedOverrides" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides.AccessLogSettings": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs.", "title": "DestinationArn", "type": "string" }, "Format": { "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId.", "title": "Format", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides.IntegrationOverrides": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the integration.", "title": "Description", "type": "string" }, "IntegrationMethod": { "markdownDescription": "Specifies the integration's HTTP method type. For WebSocket APIs, if you use a Lambda integration, you must set the integration method to `POST` .", "title": "IntegrationMethod", "type": "string" }, "PayloadFormatVersion": { "markdownDescription": "Specifies the format of the payload sent to an integration. Required for HTTP APIs. For HTTP APIs, supported values for Lambda proxy integrations are `1.0` and `2.0` . For all other integrations, `1.0` is the only supported value. To learn more, see [Working with AWS Lambda proxy integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html) .", "title": "PayloadFormatVersion", "type": "string" }, "TimeoutInMillis": { "markdownDescription": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.", "title": "TimeoutInMillis", "type": "number" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides.RouteOverrides": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "The authorization scopes supported by this route.", "title": "AuthorizationScopes", "type": "array" }, "AuthorizationType": { "markdownDescription": "The authorization type for the route. To learn more, see [AuthorizationType](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-route.html#cfn-apigatewayv2-route-authorizationtype) .", "title": "AuthorizationType", "type": "string" }, "AuthorizerId": { "markdownDescription": "The identifier of the `Authorizer` resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.", "title": "AuthorizerId", "type": "string" }, "OperationName": { "markdownDescription": "The operation name for the route.", "title": "OperationName", "type": "string" }, "Target": { "markdownDescription": "For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively.", "title": "Target", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides.RouteSettings": { "additionalProperties": false, "properties": { "DataTraceEnabled": { "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", "title": "DataTraceEnabled", "type": "boolean" }, "DetailedMetricsEnabled": { "markdownDescription": "Specifies whether detailed metrics are enabled.", "title": "DetailedMetricsEnabled", "type": "boolean" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", "title": "LoggingLevel", "type": "string" }, "ThrottlingBurstLimit": { "markdownDescription": "Specifies the throttling burst limit.", "title": "ThrottlingBurstLimit", "type": "number" }, "ThrottlingRateLimit": { "markdownDescription": "Specifies the throttling rate limit.", "title": "ThrottlingRateLimit", "type": "number" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiGatewayManagedOverrides.StageOverrides": { "additionalProperties": false, "properties": { "AccessLogSettings": { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides.AccessLogSettings", "markdownDescription": "Settings for logging access in a stage.", "title": "AccessLogSettings" }, "AutoDeploy": { "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `true` .", "title": "AutoDeploy", "type": "boolean" }, "DefaultRouteSettings": { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides.RouteSettings", "markdownDescription": "The default route settings for the stage.", "title": "DefaultRouteSettings" }, "Description": { "markdownDescription": "The description for the API stage.", "title": "Description", "type": "string" }, "RouteSettings": { "markdownDescription": "Route settings for the stage.", "title": "RouteSettings", "type": "object" }, "StageVariables": { "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", "title": "StageVariables", "type": "object" } }, "type": "object" }, "AWS::ApiGatewayV2::ApiMapping": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ApiMappingKey": { "markdownDescription": "The API mapping key.", "title": "ApiMappingKey", "type": "string" }, "DomainName": { "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" }, "Stage": { "markdownDescription": "The API stage.", "title": "Stage", "type": "string" } }, "required": [ "ApiId", "DomainName", "Stage" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::ApiMapping" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Authorizer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "AuthorizerCredentialsArn": { "markdownDescription": "Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null. Supported only for `REQUEST` authorizers.", "title": "AuthorizerCredentialsArn", "type": "string" }, "AuthorizerPayloadFormatVersion": { "markdownDescription": "Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are `1.0` and `2.0` . To learn more, see [Working with AWS Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html) .", "title": "AuthorizerPayloadFormatVersion", "type": "string" }, "AuthorizerResultTtlInSeconds": { "markdownDescription": "The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.", "title": "AuthorizerResultTtlInSeconds", "type": "number" }, "AuthorizerType": { "markdownDescription": "The authorizer type. Specify `REQUEST` for a Lambda function using incoming request parameters. Specify `JWT` to use JSON Web Tokens (supported only for HTTP APIs).", "title": "AuthorizerType", "type": "string" }, "AuthorizerUri": { "markdownDescription": "The authorizer's Uniform Resource Identifier (URI). For `REQUEST` authorizers, this must be a well-formed Lambda function URI, for example, `arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2: *{account_id}* :function: *{lambda_function_name}* /invocations` . In general, the URI has this form: `arn:aws:apigateway: *{region}* :lambda:path/ *{service_api}*` , where *{region}* is the same as the region hosting the Lambda function, path indicates that the remaining substring in the URI should be treated as the path to the resource, including the initial `/` . For Lambda functions, this is usually of the form `/2015-03-31/functions/[FunctionARN]/invocations` .", "title": "AuthorizerUri", "type": "string" }, "EnableSimpleResponses": { "markdownDescription": "Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see [Working with AWS Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html) .", "title": "EnableSimpleResponses", "type": "boolean" }, "IdentitySource": { "items": { "type": "string" }, "markdownDescription": "The identity source for which authorization is requested.\n\nFor a `REQUEST` authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with `$` , for example, `$request.header.Auth` , `$request.querystring.Name` . These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see [Working with AWS Lambda authorizers for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html) .\n\nFor `JWT` , a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example `$request.header.Authorization` .", "title": "IdentitySource", "type": "array" }, "IdentityValidationExpression": { "markdownDescription": "This parameter is not used.", "title": "IdentityValidationExpression", "type": "string" }, "JwtConfiguration": { "$ref": "#/definitions/AWS::ApiGatewayV2::Authorizer.JWTConfiguration", "markdownDescription": "The `JWTConfiguration` property specifies the configuration of a JWT authorizer. Required for the `JWT` authorizer type. Supported only for HTTP APIs.", "title": "JwtConfiguration" }, "Name": { "markdownDescription": "The name of the authorizer.", "title": "Name", "type": "string" } }, "required": [ "ApiId", "AuthorizerType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Authorizer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Authorizer.JWTConfiguration": { "additionalProperties": false, "properties": { "Audience": { "items": { "type": "string" }, "markdownDescription": "A list of the intended recipients of the JWT. A valid JWT must provide an `aud` that matches at least one entry in this list. See [RFC 7519](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc7519#section-4.1.3) . Required for the `JWT` authorizer type. Supported only for HTTP APIs.", "title": "Audience", "type": "array" }, "Issuer": { "markdownDescription": "The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool has the following format: `https://cognito-idp. {region} .amazonaws.com/ {userPoolId}` . Required for the `JWT` authorizer type. Supported only for HTTP APIs.", "title": "Issuer", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "Description": { "markdownDescription": "The description for the deployment resource.", "title": "Description", "type": "string" }, "StageName": { "markdownDescription": "The name of an existing stage to associate with the deployment.", "title": "StageName", "type": "string" } }, "required": [ "ApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Deployment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::DomainName": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The custom domain name for your API in Amazon API Gateway. Uppercase letters are not supported.", "title": "DomainName", "type": "string" }, "DomainNameConfigurations": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::DomainName.DomainNameConfiguration" }, "markdownDescription": "The domain name configurations.", "title": "DomainNameConfigurations", "type": "array" }, "MutualTlsAuthentication": { "$ref": "#/definitions/AWS::ApiGatewayV2::DomainName.MutualTlsAuthentication", "markdownDescription": "The mutual TLS authentication configuration for a custom domain name.", "title": "MutualTlsAuthentication" }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags associated with a domain name.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::DomainName" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::DomainName.DomainNameConfiguration": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "An AWS -managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.", "title": "CertificateArn", "type": "string" }, "CertificateName": { "markdownDescription": "The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name.", "title": "CertificateName", "type": "string" }, "EndpointType": { "markdownDescription": "The endpoint type.", "title": "EndpointType", "type": "string" }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The Amazon resource name (ARN) for the public certificate issued by AWS Certificate Manager . This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn.", "title": "OwnershipVerificationCertificateArn", "type": "string" }, "SecurityPolicy": { "markdownDescription": "The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are `TLS_1_0` and `TLS_1_2` .", "title": "SecurityPolicy", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::DomainName.MutualTlsAuthentication": { "additionalProperties": false, "properties": { "TruststoreUri": { "markdownDescription": "An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, `s3:// bucket-name / key-name` . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object.", "title": "TruststoreUri", "type": "string" }, "TruststoreVersion": { "markdownDescription": "The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.", "title": "TruststoreVersion", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::Integration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ConnectionId": { "markdownDescription": "The ID of the VPC link for a private integration. Supported only for HTTP APIs.", "title": "ConnectionId", "type": "string" }, "ConnectionType": { "markdownDescription": "The type of the network connection to the integration endpoint. Specify `INTERNET` for connections through the public routable internet or `VPC_LINK` for private connections between API Gateway and resources in a VPC. The default value is `INTERNET` .", "title": "ConnectionType", "type": "string" }, "ContentHandlingStrategy": { "markdownDescription": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\n`CONVERT_TO_BINARY` : Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n\n`CONVERT_TO_TEXT` : Converts a response payload from a binary blob to a Base64-encoded string.\n\nIf this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.", "title": "ContentHandlingStrategy", "type": "string" }, "CredentialsArn": { "markdownDescription": "Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::*:user/*` . To use resource-based permissions on supported AWS services, don't specify this parameter.", "title": "CredentialsArn", "type": "string" }, "Description": { "markdownDescription": "The description of the integration.", "title": "Description", "type": "string" }, "IntegrationMethod": { "markdownDescription": "Specifies the integration's HTTP method type. For WebSocket APIs, if you use a Lambda integration, you must set the integration method to `POST` .", "title": "IntegrationMethod", "type": "string" }, "IntegrationSubtype": { "markdownDescription": "Supported only for HTTP API `AWS_PROXY` integrations. Specifies the AWS service action to invoke. To learn more, see [Integration subtype reference](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services-reference.html) .", "title": "IntegrationSubtype", "type": "string" }, "IntegrationType": { "markdownDescription": "The integration type of an integration. One of the following:\n\n`AWS` : for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.\n\n`AWS_PROXY` : for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.\n\n`HTTP` : for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.\n\n`HTTP_PROXY` : for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an `HTTP_PROXY` integration.\n\n`MOCK` : for integrating the route or method request with API Gateway as a \"loopback\" endpoint without invoking any backend. Supported only for WebSocket APIs.", "title": "IntegrationType", "type": "string" }, "IntegrationUri": { "markdownDescription": "For a Lambda integration, specify the URI of a Lambda function.\n\nFor an HTTP integration, specify a fully-qualified URL.\n\nFor an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses `DiscoverInstances` to identify resources. You can use query parameters to target specific resources. To learn more, see [DiscoverInstances](https://docs.aws.amazon.com/cloud-map/latest/api/API_DiscoverInstances.html) . For private integrations, all resources must be owned by the same AWS account .", "title": "IntegrationUri", "type": "string" }, "PassthroughBehavior": { "markdownDescription": "Specifies the pass-through behavior for incoming requests based on the `Content-Type` header in the request, and the available mapping templates specified as the `requestTemplates` property on the `Integration` resource. There are three valid values: `WHEN_NO_MATCH` , `WHEN_NO_TEMPLATES` , and `NEVER` . Supported only for WebSocket APIs.\n\n`WHEN_NO_MATCH` passes the request body for unmapped content types through to the integration backend without transformation.\n\n`NEVER` rejects unmapped content types with an `HTTP 415 Unsupported Media Type` response.\n\n`WHEN_NO_TEMPLATES` allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same `HTTP 415 Unsupported Media Type` response.", "title": "PassthroughBehavior", "type": "string" }, "PayloadFormatVersion": { "markdownDescription": "Specifies the format of the payload sent to an integration. Required for HTTP APIs. For HTTP APIs, supported values for Lambda proxy integrations are `1.0` and `2.0` . For all other integrations, `1.0` is the only supported value. To learn more, see [Working with AWS Lambda proxy integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html) .", "title": "PayloadFormatVersion", "type": "string" }, "RequestParameters": { "markdownDescription": "For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the backend. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The method request parameter value must match the pattern of `method.request. {location} . {name}` , where `{location}` is `querystring` , `path` , or `header` ; and `{name}` must be a valid and unique method request parameter name.\n\nFor HTTP API integrations with a specified `integrationSubtype` , request parameters are a key-value map specifying parameters that are passed to `AWS_PROXY` integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Working with AWS service integrations for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-aws-services.html) .\n\nFor HTTP API integrations without a specified `integrationSubtype` request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern :. where action can be `append` , `overwrite` or `remove` . For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", "title": "RequestParameters", "type": "object" }, "RequestTemplates": { "markdownDescription": "Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.", "title": "RequestTemplates", "type": "object" }, "ResponseParameters": { "markdownDescription": "Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. The value is of type [`ResponseParameterList`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-integration-responseparameterlist.html) . To learn more, see [Transforming API requests and responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html) .", "title": "ResponseParameters", "type": "object" }, "TemplateSelectionExpression": { "markdownDescription": "The template selection expression for the integration. Supported only for WebSocket APIs.", "title": "TemplateSelectionExpression", "type": "string" }, "TimeoutInMillis": { "markdownDescription": "Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.", "title": "TimeoutInMillis", "type": "number" }, "TlsConfig": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.TlsConfig", "markdownDescription": "The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.", "title": "TlsConfig" } }, "required": [ "ApiId", "IntegrationType" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Integration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Integration.ResponseParameter": { "additionalProperties": false, "properties": { "Destination": { "type": "string" }, "Source": { "type": "string" } }, "required": [ "Destination", "Source" ], "type": "object" }, "AWS::ApiGatewayV2::Integration.ResponseParameterList": { "additionalProperties": false, "properties": { "ResponseParameters": { "items": { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration.ResponseParameter" }, "type": "array" } }, "type": "object" }, "AWS::ApiGatewayV2::Integration.TlsConfig": { "additionalProperties": false, "properties": { "ServerNameToVerify": { "markdownDescription": "If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.", "title": "ServerNameToVerify", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::IntegrationResponse": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ContentHandlingStrategy": { "markdownDescription": "Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors:\n\n`CONVERT_TO_BINARY` : Converts a response payload from a Base64-encoded string to the corresponding binary blob.\n\n`CONVERT_TO_TEXT` : Converts a response payload from a binary blob to a Base64-encoded string.\n\nIf this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.", "title": "ContentHandlingStrategy", "type": "string" }, "IntegrationId": { "markdownDescription": "The integration ID.", "title": "IntegrationId", "type": "string" }, "IntegrationResponseKey": { "markdownDescription": "The integration response key.", "title": "IntegrationResponseKey", "type": "string" }, "ResponseParameters": { "markdownDescription": "A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of `method.response.header. *{name}*` , where name is a valid and unique header name. The mapped non-static value must match the pattern of `integration.response.header. *{name}*` or `integration.response.body. *{JSON-expression}*` , where `*{name}*` is a valid and unique response header name and `*{JSON-expression}*` is a valid JSON expression without the `$` prefix.", "title": "ResponseParameters", "type": "object" }, "ResponseTemplates": { "markdownDescription": "The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.", "title": "ResponseTemplates", "type": "object" }, "TemplateSelectionExpression": { "markdownDescription": "The template selection expression for the integration response. Supported only for WebSocket APIs.", "title": "TemplateSelectionExpression", "type": "string" } }, "required": [ "ApiId", "IntegrationId", "IntegrationResponseKey" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::IntegrationResponse" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Model": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ContentType": { "markdownDescription": "The content-type for the model, for example, \"application/json\".", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "The description of the model.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the model.", "title": "Name", "type": "string" }, "Schema": { "markdownDescription": "The schema for the model. For application/json models, this should be JSON schema draft 4 model.", "title": "Schema", "type": "object" } }, "required": [ "ApiId", "Name", "Schema" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Model" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Route": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ApiKeyRequired": { "markdownDescription": "Specifies whether an API key is required for the route. Supported only for WebSocket APIs.", "title": "ApiKeyRequired", "type": "boolean" }, "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "The authorization scopes supported by this route.", "title": "AuthorizationScopes", "type": "array" }, "AuthorizationType": { "markdownDescription": "The authorization type for the route. For WebSocket APIs, valid values are `NONE` for open access, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer. For HTTP APIs, valid values are `NONE` for open access, `JWT` for using JSON Web Tokens, `AWS_IAM` for using AWS IAM permissions, and `CUSTOM` for using a Lambda authorizer.", "title": "AuthorizationType", "type": "string" }, "AuthorizerId": { "markdownDescription": "The identifier of the `Authorizer` resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.", "title": "AuthorizerId", "type": "string" }, "ModelSelectionExpression": { "markdownDescription": "The model selection expression for the route. Supported only for WebSocket APIs.", "title": "ModelSelectionExpression", "type": "string" }, "OperationName": { "markdownDescription": "The operation name for the route.", "title": "OperationName", "type": "string" }, "RequestModels": { "markdownDescription": "The request models for the route. Supported only for WebSocket APIs.", "title": "RequestModels", "type": "object" }, "RequestParameters": { "markdownDescription": "The request parameters for the route. Supported only for WebSocket APIs.", "title": "RequestParameters", "type": "object" }, "RouteKey": { "markdownDescription": "The route key for the route. For HTTP APIs, the route key can be either `$default` , or a combination of an HTTP method and resource path, for example, `GET /pets` .", "title": "RouteKey", "type": "string" }, "RouteResponseSelectionExpression": { "markdownDescription": "The route response selection expression for the route. Supported only for WebSocket APIs.", "title": "RouteResponseSelectionExpression", "type": "string" }, "Target": { "markdownDescription": "The target for the route.", "title": "Target", "type": "string" } }, "required": [ "ApiId", "RouteKey" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Route" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::RouteResponse": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "ModelSelectionExpression": { "markdownDescription": "The model selection expression for the route response. Supported only for WebSocket APIs.", "title": "ModelSelectionExpression", "type": "string" }, "ResponseModels": { "markdownDescription": "The response models for the route response.", "title": "ResponseModels", "type": "object" }, "ResponseParameters": { "additionalProperties": false, "markdownDescription": "The route response parameters.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse.ParameterConstraints" } }, "title": "ResponseParameters", "type": "object" }, "RouteId": { "markdownDescription": "The route ID.", "title": "RouteId", "type": "string" }, "RouteResponseKey": { "markdownDescription": "The route response key.", "title": "RouteResponseKey", "type": "string" } }, "required": [ "ApiId", "RouteId", "RouteResponseKey" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::RouteResponse" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::RouteResponse.ParameterConstraints": { "additionalProperties": false, "properties": { "Required": { "markdownDescription": "Specifies whether the parameter is required.", "title": "Required", "type": "boolean" } }, "required": [ "Required" ], "type": "object" }, "AWS::ApiGatewayV2::Stage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessLogSettings": { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.AccessLogSettings", "markdownDescription": "Settings for logging access in this stage.", "title": "AccessLogSettings" }, "AccessPolicyId": { "markdownDescription": "This parameter is not currently supported.", "title": "AccessPolicyId", "type": "string" }, "ApiId": { "markdownDescription": "The API identifier.", "title": "ApiId", "type": "string" }, "AutoDeploy": { "markdownDescription": "Specifies whether updates to an API automatically trigger a new deployment. The default value is `false` .", "title": "AutoDeploy", "type": "boolean" }, "ClientCertificateId": { "markdownDescription": "The identifier of a client certificate for a `Stage` . Supported only for WebSocket APIs.", "title": "ClientCertificateId", "type": "string" }, "DefaultRouteSettings": { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage.RouteSettings", "markdownDescription": "The default route settings for the stage.", "title": "DefaultRouteSettings" }, "DeploymentId": { "markdownDescription": "The deployment identifier for the API stage. Can't be updated if `autoDeploy` is enabled.", "title": "DeploymentId", "type": "string" }, "Description": { "markdownDescription": "The description for the API stage.", "title": "Description", "type": "string" }, "RouteSettings": { "markdownDescription": "Route settings for the stage.", "title": "RouteSettings", "type": "object" }, "StageName": { "markdownDescription": "The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be `$default` . Maximum length is 128 characters.", "title": "StageName", "type": "string" }, "StageVariables": { "markdownDescription": "A map that defines the stage variables for a `Stage` . Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.", "title": "StageVariables", "type": "object" }, "Tags": { "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "title": "Tags", "type": "object" } }, "required": [ "ApiId", "StageName" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::Stage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApiGatewayV2::Stage.AccessLogSettings": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging.", "title": "DestinationArn", "type": "string" }, "Format": { "markdownDescription": "A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging.", "title": "Format", "type": "string" } }, "type": "object" }, "AWS::ApiGatewayV2::Stage.RouteSettings": { "additionalProperties": false, "properties": { "DataTraceEnabled": { "markdownDescription": "Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", "title": "DataTraceEnabled", "type": "boolean" }, "DetailedMetricsEnabled": { "markdownDescription": "Specifies whether detailed metrics are enabled.", "title": "DetailedMetricsEnabled", "type": "boolean" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.", "title": "LoggingLevel", "type": "string" }, "ThrottlingBurstLimit": { "markdownDescription": "Specifies the throttling burst limit.", "title": "ThrottlingBurstLimit", "type": "number" }, "ThrottlingRateLimit": { "markdownDescription": "Specifies the throttling rate limit.", "title": "ThrottlingRateLimit", "type": "number" } }, "type": "object" }, "AWS::ApiGatewayV2::VpcLink": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the VPC link.", "title": "Name", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group IDs for the VPC link.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs to include in the VPC link.", "title": "SubnetIds", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "The collection of tags. Each tag element is associated with a given resource.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::ApiGatewayV2::VpcLink" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the application.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the application.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AppConfig::Application.Tags" }, "markdownDescription": "Metadata to assign to the application. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::Application.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value can be up to 256 characters.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AppConfig::ConfigurationProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The application ID.", "title": "ApplicationId", "type": "string" }, "Description": { "markdownDescription": "A description of the configuration profile.", "title": "Description", "type": "string" }, "KmsKeyIdentifier": { "markdownDescription": "The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.", "title": "KmsKeyIdentifier", "type": "string" }, "LocationUri": { "markdownDescription": "A URI to locate the configuration. You can specify the following:\n\n- For the AWS AppConfig hosted configuration store and for feature flags, specify `hosted` .\n- For an AWS Systems Manager Parameter Store parameter, specify either the parameter name in the format `ssm-parameter://` or the ARN.\n- For an AWS CodePipeline pipeline, specify the URI in the following format: `codepipeline` ://.\n- For an AWS Secrets Manager secret, specify the URI in the following format: `secretsmanager` ://.\n- For an Amazon S3 object, specify the URI in the following format: `s3:///` . Here is an example: `s3://my-bucket/my-app/us-east-1/my-config.json`\n- For an SSM document, specify either the document name in the format `ssm-document://` or the Amazon Resource Name (ARN).", "title": "LocationUri", "type": "string" }, "Name": { "markdownDescription": "A name for the configuration profile.", "title": "Name", "type": "string" }, "RetrievalRoleArn": { "markdownDescription": "The ARN of an IAM role with permission to access the configuration at the specified `LocationUri` .\n\n> A retrieval role ARN is not required for configurations stored in the AWS AppConfig hosted configuration store. It is required for all other sources that store your configuration.", "title": "RetrievalRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AppConfig::ConfigurationProfile.Tags" }, "markdownDescription": "Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of configurations contained in the profile. AWS AppConfig supports `feature flags` and `freeform` configurations. We recommend you create feature flag configurations to enable or disable new features and freeform configurations to distribute configurations to an application. When calling this API, enter one of the following values for `Type` :\n\n`AWS.AppConfig.FeatureFlags`\n\n`AWS.Freeform`", "title": "Type", "type": "string" }, "Validators": { "items": { "$ref": "#/definitions/AWS::AppConfig::ConfigurationProfile.Validators" }, "markdownDescription": "A list of methods for validating the configuration.", "title": "Validators", "type": "array" } }, "required": [ "ApplicationId", "LocationUri", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::ConfigurationProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::ConfigurationProfile.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value can be up to 256 characters.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AppConfig::ConfigurationProfile.Validators": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "Either the JSON Schema content or the Amazon Resource Name (ARN) of an Lambda function.", "title": "Content", "type": "string" }, "Type": { "markdownDescription": "AWS AppConfig supports validators of type `JSON_SCHEMA` and `LAMBDA`", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::AppConfig::Deployment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The application ID.", "title": "ApplicationId", "type": "string" }, "ConfigurationProfileId": { "markdownDescription": "The configuration profile ID.", "title": "ConfigurationProfileId", "type": "string" }, "ConfigurationVersion": { "markdownDescription": "The configuration version to deploy. If deploying an AWS AppConfig hosted configuration version, you can specify either the version number or version label. For all other configurations, you must specify the version number.", "title": "ConfigurationVersion", "type": "string" }, "DeploymentStrategyId": { "markdownDescription": "The deployment strategy ID.", "title": "DeploymentStrategyId", "type": "string" }, "Description": { "markdownDescription": "A description of the deployment.", "title": "Description", "type": "string" }, "DynamicExtensionParameters": { "items": { "$ref": "#/definitions/AWS::AppConfig::Deployment.DynamicExtensionParameters" }, "markdownDescription": "A map of dynamic extension parameter names to values to pass to associated extensions with `PRE_START_DEPLOYMENT` actions.", "title": "DynamicExtensionParameters", "type": "array" }, "EnvironmentId": { "markdownDescription": "The environment ID.", "title": "EnvironmentId", "type": "string" }, "KmsKeyIdentifier": { "markdownDescription": "The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.", "title": "KmsKeyIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AppConfig::Deployment.Tags" }, "markdownDescription": "Metadata to assign to the deployment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "ApplicationId", "ConfigurationProfileId", "ConfigurationVersion", "DeploymentStrategyId", "EnvironmentId" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::Deployment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::Deployment.DynamicExtensionParameters": { "additionalProperties": false, "properties": { "ExtensionReference": { "markdownDescription": "The ARN or ID of the extension for which you are inserting a dynamic parameter.", "title": "ExtensionReference", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter name.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "The parameter value.", "title": "ParameterValue", "type": "string" } }, "type": "object" }, "AWS::AppConfig::Deployment.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value can be up to 256 characters.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AppConfig::DeploymentStrategy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeploymentDurationInMinutes": { "markdownDescription": "Total amount of time for a deployment to last.", "title": "DeploymentDurationInMinutes", "type": "number" }, "Description": { "markdownDescription": "A description of the deployment strategy.", "title": "Description", "type": "string" }, "FinalBakeTimeInMinutes": { "markdownDescription": "Specifies the amount of time AWS AppConfig monitors for Amazon CloudWatch alarms after the configuration has been deployed to 100% of its targets, before considering the deployment to be complete. If an alarm is triggered during this time, AWS AppConfig rolls back the deployment. You must configure permissions for AWS AppConfig to roll back based on CloudWatch alarms. For more information, see [Configuring permissions for rollback based on Amazon CloudWatch alarms](https://docs.aws.amazon.com/appconfig/latest/userguide/getting-started-with-appconfig-cloudwatch-alarms-permissions.html) in the *AWS AppConfig User Guide* .", "title": "FinalBakeTimeInMinutes", "type": "number" }, "GrowthFactor": { "markdownDescription": "The percentage of targets to receive a deployed configuration during each interval.", "title": "GrowthFactor", "type": "number" }, "GrowthType": { "markdownDescription": "The algorithm used to define how percentage grows over time. AWS AppConfig supports the following growth types:\n\n*Linear* : For this type, AWS AppConfig processes the deployment by dividing the total number of targets by the value specified for `Step percentage` . For example, a linear deployment that uses a `Step percentage` of 10 deploys the configuration to 10 percent of the hosts. After those deployments are complete, the system deploys the configuration to the next 10 percent. This continues until 100% of the targets have successfully received the configuration.\n\n*Exponential* : For this type, AWS AppConfig processes the deployment exponentially using the following formula: `G*(2^N)` . In this formula, `G` is the growth factor specified by the user and `N` is the number of steps until the configuration is deployed to all targets. For example, if you specify a growth factor of 2, then the system rolls out the configuration as follows:\n\n`2*(2^0)`\n\n`2*(2^1)`\n\n`2*(2^2)`\n\nExpressed numerically, the deployment rolls out as follows: 2% of the targets, 4% of the targets, 8% of the targets, and continues until the configuration has been deployed to all targets.", "title": "GrowthType", "type": "string" }, "Name": { "markdownDescription": "A name for the deployment strategy.", "title": "Name", "type": "string" }, "ReplicateTo": { "markdownDescription": "Save the deployment strategy to a Systems Manager (SSM) document.", "title": "ReplicateTo", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy.Tags" }, "markdownDescription": "Assigns metadata to an AWS AppConfig resource. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. You can specify a maximum of 50 tags for a resource.", "title": "Tags", "type": "array" } }, "required": [ "DeploymentDurationInMinutes", "GrowthFactor", "Name", "ReplicateTo" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::DeploymentStrategy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::DeploymentStrategy.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key-value string map. The valid character set is `[a-zA-Z+-=._:/]` . The tag key can be up to 128 characters and must not start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value can be up to 256 characters.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AppConfig::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The application ID.", "title": "ApplicationId", "type": "string" }, "Description": { "markdownDescription": "A description of the environment.", "title": "Description", "type": "string" }, "Monitors": { "items": { "$ref": "#/definitions/AWS::AppConfig::Environment.Monitor" }, "markdownDescription": "Amazon CloudWatch alarms to monitor during the deployment process.", "title": "Monitors", "type": "array" }, "Name": { "markdownDescription": "A name for the environment.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata to assign to the environment. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "ApplicationId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::Environment.Monitor": { "additionalProperties": false, "properties": { "AlarmArn": { "markdownDescription": "Amazon Resource Name (ARN) of the Amazon CloudWatch alarm.", "title": "AlarmArn", "type": "string" }, "AlarmRoleArn": { "markdownDescription": "ARN of an AWS Identity and Access Management (IAM) role for AWS AppConfig to monitor `AlarmArn` .", "title": "AlarmRoleArn", "type": "string" } }, "required": [ "AlarmArn" ], "type": "object" }, "AWS::AppConfig::Extension": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "markdownDescription": "The actions defined in the extension.", "title": "Actions", "type": "object" }, "Description": { "markdownDescription": "Information about the extension.", "title": "Description", "type": "string" }, "LatestVersionNumber": { "markdownDescription": "You can omit this field when you create an extension. When you create a new version, specify the most recent current version number. For example, you create version 3, enter 2 for this field.", "title": "LatestVersionNumber", "type": "number" }, "Name": { "markdownDescription": "A name for the extension. Each extension name in your account must be unique. Extension versions use the same name.", "title": "Name", "type": "string" }, "Parameters": { "additionalProperties": false, "markdownDescription": "The parameters accepted by the extension. You specify parameter values when you associate the extension to an AWS AppConfig resource by using the `CreateExtensionAssociation` API action. For AWS Lambda extension actions, these parameters are included in the Lambda request object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::AppConfig::Extension.Parameter" } }, "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Adds one or more tags for the specified extension. Tags are metadata that help you categorize resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "Actions", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::Extension" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppConfig::Extension.Parameter": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Information about the parameter.", "title": "Description", "type": "string" }, "Dynamic": { "markdownDescription": "Indicates whether this parameter's value can be supplied at the extension's action point instead of during extension association. Dynamic parameters can't be marked `Required` .", "title": "Dynamic", "type": "boolean" }, "Required": { "markdownDescription": "A parameter value must be specified in the extension association.", "title": "Required", "type": "boolean" } }, "required": [ "Required" ], "type": "object" }, "AWS::AppConfig::ExtensionAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExtensionIdentifier": { "markdownDescription": "The name, the ID, or the Amazon Resource Name (ARN) of the extension.", "title": "ExtensionIdentifier", "type": "string" }, "ExtensionVersionNumber": { "markdownDescription": "The version number of the extension. If not specified, AWS AppConfig uses the maximum version of the extension.", "title": "ExtensionVersionNumber", "type": "number" }, "Parameters": { "additionalProperties": true, "markdownDescription": "The parameter names and values defined in the extensions. Extension parameters marked `Required` must be entered for this field.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "ResourceIdentifier": { "markdownDescription": "The ARN of an application, configuration profile, or environment.", "title": "ResourceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Adds one or more tags for the specified extension association. Tags are metadata that help you categorize resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::ExtensionAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppConfig::HostedConfigurationVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The application ID.", "title": "ApplicationId", "type": "string" }, "ConfigurationProfileId": { "markdownDescription": "The configuration profile ID.", "title": "ConfigurationProfileId", "type": "string" }, "Content": { "markdownDescription": "The configuration data, as bytes.\n\n> AWS AppConfig accepts any type of data, including text formats like JSON or TOML, or binary formats like protocol buffers or compressed data.", "title": "Content", "type": "string" }, "ContentType": { "markdownDescription": "A standard MIME type describing the format of the configuration content. For more information, see [Content-Type](https://docs.aws.amazon.com/https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17) .", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "A description of the configuration.", "title": "Description", "type": "string" }, "LatestVersionNumber": { "markdownDescription": "An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.", "title": "LatestVersionNumber", "type": "number" }, "VersionLabel": { "markdownDescription": "A user-defined label for an AWS AppConfig hosted configuration version.", "title": "VersionLabel", "type": "string" } }, "required": [ "ApplicationId", "ConfigurationProfileId", "Content", "ContentType" ], "type": "object" }, "Type": { "enum": [ "AWS::AppConfig::HostedConfigurationVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppFlow::Connector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectorLabel": { "markdownDescription": "The label used for registering the connector.", "title": "ConnectorLabel", "type": "string" }, "ConnectorProvisioningConfig": { "$ref": "#/definitions/AWS::AppFlow::Connector.ConnectorProvisioningConfig", "markdownDescription": "The configuration required for registering the connector.", "title": "ConnectorProvisioningConfig" }, "ConnectorProvisioningType": { "markdownDescription": "The provisioning type used to register the connector.", "title": "ConnectorProvisioningType", "type": "string" }, "Description": { "markdownDescription": "A description about the connector runtime setting.", "title": "Description", "type": "string" } }, "required": [ "ConnectorProvisioningConfig", "ConnectorProvisioningType" ], "type": "object" }, "Type": { "enum": [ "AWS::AppFlow::Connector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppFlow::Connector.ConnectorProvisioningConfig": { "additionalProperties": false, "properties": { "Lambda": { "$ref": "#/definitions/AWS::AppFlow::Connector.LambdaConnectorProvisioningConfig", "markdownDescription": "Contains information about the configuration of the lambda which is being registered as the connector.", "title": "Lambda" } }, "type": "object" }, "AWS::AppFlow::Connector.LambdaConnectorProvisioningConfig": { "additionalProperties": false, "properties": { "LambdaArn": { "markdownDescription": "Lambda ARN of the connector being registered.", "title": "LambdaArn", "type": "string" } }, "required": [ "LambdaArn" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionMode": { "markdownDescription": "Indicates the connection mode and if it is public or private.", "title": "ConnectionMode", "type": "string" }, "ConnectorLabel": { "markdownDescription": "The label for the connector profile being created.", "title": "ConnectorLabel", "type": "string" }, "ConnectorProfileConfig": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorProfileConfig", "markdownDescription": "Defines the connector-specific configuration and credentials.", "title": "ConnectorProfileConfig" }, "ConnectorProfileName": { "markdownDescription": "The name of the connector profile. The name is unique for each `ConnectorProfile` in the AWS account .", "title": "ConnectorProfileName", "type": "string" }, "ConnectorType": { "markdownDescription": "The type of connector, such as Salesforce, Amplitude, and so on.", "title": "ConnectorType", "type": "string" }, "KMSArn": { "markdownDescription": "The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.", "title": "KMSArn", "type": "string" } }, "required": [ "ConnectionMode", "ConnectorProfileName", "ConnectorType" ], "type": "object" }, "Type": { "enum": [ "AWS::AppFlow::ConnectorProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.AmplitudeConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API.", "title": "ApiKey", "type": "string" }, "SecretKey": { "markdownDescription": "The Secret Access Key portion of the credentials.", "title": "SecretKey", "type": "string" } }, "required": [ "ApiKey", "SecretKey" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.ApiKeyCredentials": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "The API key required for API key authentication.", "title": "ApiKey", "type": "string" }, "ApiSecretKey": { "markdownDescription": "The API secret key required for API key authentication.", "title": "ApiSecretKey", "type": "string" } }, "required": [ "ApiKey" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.BasicAuthCredentials": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The password to use to connect to a resource.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The username to use to connect to a resource.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest": { "additionalProperties": false, "properties": { "AuthCode": { "markdownDescription": "The code provided by the connector when it has been authenticated via the connected app.", "title": "AuthCode", "type": "string" }, "RedirectUri": { "markdownDescription": "The URL to which the authentication server redirects the browser after authorization has been granted.", "title": "RedirectUri", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.ConnectorProfileConfig": { "additionalProperties": false, "properties": { "ConnectorProfileCredentials": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required by each connector.", "title": "ConnectorProfileCredentials" }, "ConnectorProfileProperties": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorProfileProperties", "markdownDescription": "The connector-specific properties of the profile configuration.", "title": "ConnectorProfileProperties" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.ConnectorProfileCredentials": { "additionalProperties": false, "properties": { "Amplitude": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.AmplitudeConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Amplitude.", "title": "Amplitude" }, "CustomConnector": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.CustomConnectorProfileCredentials", "markdownDescription": "The connector-specific profile credentials that are required when using the custom connector.", "title": "CustomConnector" }, "Datadog": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.DatadogConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Datadog.", "title": "Datadog" }, "Dynatrace": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.DynatraceConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Dynatrace.", "title": "Dynatrace" }, "GoogleAnalytics": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.GoogleAnalyticsConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Google Analytics.", "title": "GoogleAnalytics" }, "InforNexus": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.InforNexusConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Infor Nexus.", "title": "InforNexus" }, "Marketo": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.MarketoConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Marketo.", "title": "Marketo" }, "Pardot": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.PardotConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Salesforce Pardot.", "title": "Pardot" }, "Redshift": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.RedshiftConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Amazon Redshift.", "title": "Redshift" }, "SAPOData": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SAPODataConnectorProfileCredentials", "markdownDescription": "The connector-specific profile credentials required when using SAPOData.", "title": "SAPOData" }, "Salesforce": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SalesforceConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Salesforce.", "title": "Salesforce" }, "ServiceNow": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ServiceNowConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using ServiceNow.", "title": "ServiceNow" }, "Singular": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SingularConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Singular.", "title": "Singular" }, "Slack": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SlackConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Slack.", "title": "Slack" }, "Snowflake": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SnowflakeConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Snowflake.", "title": "Snowflake" }, "Trendmicro": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.TrendmicroConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Trend Micro.", "title": "Trendmicro" }, "Veeva": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.VeevaConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Veeva.", "title": "Veeva" }, "Zendesk": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ZendeskConnectorProfileCredentials", "markdownDescription": "The connector-specific credentials required when using Zendesk.", "title": "Zendesk" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.ConnectorProfileProperties": { "additionalProperties": false, "properties": { "CustomConnector": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.CustomConnectorProfileProperties", "markdownDescription": "The properties required by the custom connector.", "title": "CustomConnector" }, "Datadog": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.DatadogConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Datadog.", "title": "Datadog" }, "Dynatrace": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.DynatraceConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Dynatrace.", "title": "Dynatrace" }, "InforNexus": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.InforNexusConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Infor Nexus.", "title": "InforNexus" }, "Marketo": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.MarketoConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Marketo.", "title": "Marketo" }, "Pardot": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.PardotConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Salesforce Pardot.", "title": "Pardot" }, "Redshift": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.RedshiftConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Amazon Redshift.", "title": "Redshift" }, "SAPOData": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SAPODataConnectorProfileProperties", "markdownDescription": "The connector-specific profile properties required when using SAPOData.", "title": "SAPOData" }, "Salesforce": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SalesforceConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Salesforce.", "title": "Salesforce" }, "ServiceNow": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ServiceNowConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by serviceNow.", "title": "ServiceNow" }, "Slack": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SlackConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Slack.", "title": "Slack" }, "Snowflake": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.SnowflakeConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Snowflake.", "title": "Snowflake" }, "Veeva": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.VeevaConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Veeva.", "title": "Veeva" }, "Zendesk": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ZendeskConnectorProfileProperties", "markdownDescription": "The connector-specific properties required by Zendesk.", "title": "Zendesk" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.CustomAuthCredentials": { "additionalProperties": false, "properties": { "CredentialsMap": { "additionalProperties": true, "markdownDescription": "A map that holds custom authentication credentials.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "CredentialsMap", "type": "object" }, "CustomAuthenticationType": { "markdownDescription": "The custom authentication type that the connector uses.", "title": "CustomAuthenticationType", "type": "string" } }, "required": [ "CustomAuthenticationType" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.CustomConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiKey": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ApiKeyCredentials", "markdownDescription": "The API keys required for the authentication of the user.", "title": "ApiKey" }, "AuthenticationType": { "markdownDescription": "The authentication type that the custom connector uses for authenticating while creating a connector profile.", "title": "AuthenticationType", "type": "string" }, "Basic": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.BasicAuthCredentials", "markdownDescription": "The basic credentials that are required for the authentication of the user.", "title": "Basic" }, "Custom": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.CustomAuthCredentials", "markdownDescription": "If the connector uses the custom authentication mechanism, this holds the required credentials.", "title": "Custom" }, "Oauth2": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.OAuth2Credentials", "markdownDescription": "The OAuth 2.0 credentials required for the authentication of the user.", "title": "Oauth2" } }, "required": [ "AuthenticationType" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.CustomConnectorProfileProperties": { "additionalProperties": false, "properties": { "OAuth2Properties": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.OAuth2Properties", "markdownDescription": "The OAuth 2.0 properties required for OAuth 2.0 authentication.", "title": "OAuth2Properties" }, "ProfileProperties": { "additionalProperties": true, "markdownDescription": "A map of properties that are required to create a profile for the custom connector.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ProfileProperties", "type": "object" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.DatadogConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API.", "title": "ApiKey", "type": "string" }, "ApplicationKey": { "markdownDescription": "Application keys, in conjunction with your API key, give you full access to Datadog\u2019s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API.", "title": "ApplicationKey", "type": "string" } }, "required": [ "ApiKey", "ApplicationKey" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.DatadogConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Datadog resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.DynatraceConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiToken": { "markdownDescription": "The API tokens used by Dynatrace API to authenticate various API calls.", "title": "ApiToken", "type": "string" } }, "required": [ "ApiToken" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.DynatraceConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Dynatrace resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.GoogleAnalyticsConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Google Analytics resources.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the desired client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack.", "title": "ConnectorOAuthRequest" }, "RefreshToken": { "markdownDescription": "The credentials used to acquire new access tokens. This is required only for OAuth2 access tokens, and is not required for OAuth1 access tokens.", "title": "RefreshToken", "type": "string" } }, "required": [ "ClientId", "ClientSecret" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.InforNexusConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessKeyId": { "markdownDescription": "The Access Key portion of the credentials.", "title": "AccessKeyId", "type": "string" }, "Datakey": { "markdownDescription": "The encryption keys used to encrypt data.", "title": "Datakey", "type": "string" }, "SecretAccessKey": { "markdownDescription": "The secret key used to sign requests.", "title": "SecretAccessKey", "type": "string" }, "UserId": { "markdownDescription": "The identifier for the user.", "title": "UserId", "type": "string" } }, "required": [ "AccessKeyId", "Datakey", "SecretAccessKey", "UserId" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.InforNexusConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Infor Nexus resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.MarketoConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Marketo resources.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the desired client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack.", "title": "ConnectorOAuthRequest" } }, "required": [ "ClientId", "ClientSecret" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.MarketoConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Marketo resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.OAuth2Credentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The access token used to access the connector on your behalf.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the desired client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "OAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "", "title": "OAuthRequest" }, "RefreshToken": { "markdownDescription": "The refresh token used to refresh an expired access token.", "title": "RefreshToken", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.OAuth2Properties": { "additionalProperties": false, "properties": { "OAuth2GrantType": { "markdownDescription": "The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication.", "title": "OAuth2GrantType", "type": "string" }, "TokenUrl": { "markdownDescription": "The token URL required for OAuth 2.0 authentication.", "title": "TokenUrl", "type": "string" }, "TokenUrlCustomProperties": { "additionalProperties": true, "markdownDescription": "Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TokenUrlCustomProperties", "type": "object" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.OAuthCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The access token used to access protected SAPOData resources.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the desired client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "", "title": "ConnectorOAuthRequest" }, "RefreshToken": { "markdownDescription": "The refresh token used to refresh expired access token.", "title": "RefreshToken", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.OAuthProperties": { "additionalProperties": false, "properties": { "AuthCodeUrl": { "markdownDescription": "The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication.", "title": "AuthCodeUrl", "type": "string" }, "OAuthScopes": { "items": { "type": "string" }, "markdownDescription": "The OAuth scopes required for OAuth type authentication.", "title": "OAuthScopes", "type": "array" }, "TokenUrl": { "markdownDescription": "The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token.", "title": "TokenUrl", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.PardotConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Salesforce Pardot resources.", "title": "AccessToken", "type": "string" }, "ClientCredentialsArn": { "markdownDescription": "The secret manager ARN, which contains the client ID and client secret of the connected app.", "title": "ClientCredentialsArn", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "", "title": "ConnectorOAuthRequest" }, "RefreshToken": { "markdownDescription": "The credentials used to acquire new access tokens.", "title": "RefreshToken", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.PardotConnectorProfileProperties": { "additionalProperties": false, "properties": { "BusinessUnitId": { "markdownDescription": "The business unit id of Salesforce Pardot instance.", "title": "BusinessUnitId", "type": "string" }, "InstanceUrl": { "markdownDescription": "The location of the Salesforce Pardot resource.", "title": "InstanceUrl", "type": "string" }, "IsSandboxEnvironment": { "markdownDescription": "Indicates whether the connector profile applies to a sandbox or production environment.", "title": "IsSandboxEnvironment", "type": "boolean" } }, "required": [ "BusinessUnitId" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.RedshiftConnectorProfileCredentials": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The password that corresponds to the user name.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The name of the user.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.RedshiftConnectorProfileProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "A name for the associated Amazon S3 bucket.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The object key for the destination bucket in which Amazon AppFlow places the files.", "title": "BucketPrefix", "type": "string" }, "ClusterIdentifier": { "markdownDescription": "The unique ID that's assigned to an Amazon Redshift cluster.", "title": "ClusterIdentifier", "type": "string" }, "DataApiRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that permits Amazon AppFlow to access your Amazon Redshift database through the Data API. For more information, and for the polices that you attach to this role, see [Allow Amazon AppFlow to access Amazon Redshift databases with the Data API](https://docs.aws.amazon.com/appflow/latest/userguide/security_iam_service-role-policies.html#access-redshift) .", "title": "DataApiRoleArn", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of an Amazon Redshift database.", "title": "DatabaseName", "type": "string" }, "DatabaseUrl": { "markdownDescription": "The JDBC URL of the Amazon Redshift cluster.", "title": "DatabaseUrl", "type": "string" }, "IsRedshiftServerless": { "markdownDescription": "Indicates whether the connector profile defines a connection to an Amazon Redshift Serverless data warehouse.", "title": "IsRedshiftServerless", "type": "boolean" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of IAM role that grants Amazon Redshift read-only access to Amazon S3. For more information, and for the polices that you attach to this role, see [Allow Amazon Redshift to access your Amazon AppFlow data in Amazon S3](https://docs.aws.amazon.com/appflow/latest/userguide/security_iam_service-role-policies.html#redshift-access-s3) .", "title": "RoleArn", "type": "string" }, "WorkgroupName": { "markdownDescription": "The name of an Amazon Redshift workgroup.", "title": "WorkgroupName", "type": "string" } }, "required": [ "BucketName", "RoleArn" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SAPODataConnectorProfileCredentials": { "additionalProperties": false, "properties": { "BasicAuthCredentials": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.BasicAuthCredentials", "markdownDescription": "The SAPOData basic authentication credentials.", "title": "BasicAuthCredentials" }, "OAuthCredentials": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.OAuthCredentials", "markdownDescription": "The SAPOData OAuth type authentication credentials.", "title": "OAuthCredentials" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.SAPODataConnectorProfileProperties": { "additionalProperties": false, "properties": { "ApplicationHostUrl": { "markdownDescription": "The location of the SAPOData resource.", "title": "ApplicationHostUrl", "type": "string" }, "ApplicationServicePath": { "markdownDescription": "The application path to catalog service.", "title": "ApplicationServicePath", "type": "string" }, "ClientNumber": { "markdownDescription": "The client number for the client creating the connection.", "title": "ClientNumber", "type": "string" }, "DisableSSO": { "markdownDescription": "", "title": "DisableSSO", "type": "boolean" }, "LogonLanguage": { "markdownDescription": "The logon language of SAPOData instance.", "title": "LogonLanguage", "type": "string" }, "OAuthProperties": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.OAuthProperties", "markdownDescription": "The SAPOData OAuth properties required for OAuth type authentication.", "title": "OAuthProperties" }, "PortNumber": { "markdownDescription": "The port number of the SAPOData instance.", "title": "PortNumber", "type": "number" }, "PrivateLinkServiceName": { "markdownDescription": "The SAPOData Private Link service name to be used for private data transfers.", "title": "PrivateLinkServiceName", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.SalesforceConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Salesforce resources.", "title": "AccessToken", "type": "string" }, "ClientCredentialsArn": { "markdownDescription": "The secret manager ARN, which contains the client ID and client secret of the connected app.", "title": "ClientCredentialsArn", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack.", "title": "ConnectorOAuthRequest" }, "JwtToken": { "markdownDescription": "A JSON web token (JWT) that authorizes Amazon AppFlow to access your Salesforce records.", "title": "JwtToken", "type": "string" }, "OAuth2GrantType": { "markdownDescription": "Specifies the OAuth 2.0 grant type that Amazon AppFlow uses when it requests an access token from Salesforce. Amazon AppFlow requires an access token each time it attempts to access your Salesforce records.\n\nYou can specify one of the following values:\n\n- **AUTHORIZATION_CODE** - Amazon AppFlow passes an authorization code when it requests the access token from Salesforce. Amazon AppFlow receives the authorization code from Salesforce after you log in to your Salesforce account and authorize Amazon AppFlow to access your records.\n- **CLIENT_CREDENTIALS** - Amazon AppFlow passes client credentials (a client ID and client secret) when it requests the access token from Salesforce. You provide these credentials to Amazon AppFlow when you define the connection to your Salesforce account.\n- **JWT_BEARER** - Amazon AppFlow passes a JSON web token (JWT) when it requests the access token from Salesforce. You provide the JWT to Amazon AppFlow when you define the connection to your Salesforce account. When you use this grant type, you don't need to log in to your Salesforce account to authorize Amazon AppFlow to access your records.", "title": "OAuth2GrantType", "type": "string" }, "RefreshToken": { "markdownDescription": "The credentials used to acquire new access tokens.", "title": "RefreshToken", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.SalesforceConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Salesforce resource.", "title": "InstanceUrl", "type": "string" }, "isSandboxEnvironment": { "markdownDescription": "Indicates whether the connector profile applies to a sandbox or production environment.", "title": "isSandboxEnvironment", "type": "boolean" }, "usePrivateLinkForMetadataAndAuthorization": { "markdownDescription": "If the connection mode for the connector profile is private, this parameter sets whether Amazon AppFlow uses the private network to send metadata and authorization calls to Salesforce. Amazon AppFlow sends private calls through AWS PrivateLink . These calls travel through AWS infrastructure without being exposed to the public internet.\n\nSet either of the following values:\n\n- **true** - Amazon AppFlow sends all calls to Salesforce over the private network.\n\nThese private calls are:\n\n- Calls to get metadata about your Salesforce records. This metadata describes your Salesforce objects and their fields.\n- Calls to get or refresh access tokens that allow Amazon AppFlow to access your Salesforce records.\n- Calls to transfer your Salesforce records as part of a flow run.\n- **false** - The default value. Amazon AppFlow sends some calls to Salesforce privately and other calls over the public internet.\n\nThe public calls are:\n\n- Calls to get metadata about your Salesforce records.\n- Calls to get or refresh access tokens.\n\nThe private calls are:\n\n- Calls to transfer your Salesforce records as part of a flow run.", "title": "usePrivateLinkForMetadataAndAuthorization", "type": "boolean" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.ServiceNowConnectorProfileCredentials": { "additionalProperties": false, "properties": { "OAuth2Credentials": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.OAuth2Credentials", "markdownDescription": "", "title": "OAuth2Credentials" }, "Password": { "markdownDescription": "The password that corresponds to the user name.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The name of the user.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::AppFlow::ConnectorProfile.ServiceNowConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the ServiceNow resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SingularConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API.", "title": "ApiKey", "type": "string" } }, "required": [ "ApiKey" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SlackConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Slack resources.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack.", "title": "ConnectorOAuthRequest" } }, "required": [ "ClientId", "ClientSecret" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SlackConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Slack resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SnowflakeConnectorProfileCredentials": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The password that corresponds to the user name.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The name of the user.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.SnowflakeConnectorProfileProperties": { "additionalProperties": false, "properties": { "AccountName": { "markdownDescription": "The name of the account.", "title": "AccountName", "type": "string" }, "BucketName": { "markdownDescription": "The name of the Amazon S3 bucket associated with Snowflake.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The bucket path that refers to the Amazon S3 bucket associated with Snowflake.", "title": "BucketPrefix", "type": "string" }, "PrivateLinkServiceName": { "markdownDescription": "The Snowflake Private Link service name to be used for private data transfers.", "title": "PrivateLinkServiceName", "type": "string" }, "Region": { "markdownDescription": "The AWS Region of the Snowflake account.", "title": "Region", "type": "string" }, "Stage": { "markdownDescription": "The name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: < Database>< Schema>.", "title": "Stage", "type": "string" }, "Warehouse": { "markdownDescription": "The name of the Snowflake warehouse.", "title": "Warehouse", "type": "string" } }, "required": [ "BucketName", "Stage", "Warehouse" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.TrendmicroConnectorProfileCredentials": { "additionalProperties": false, "properties": { "ApiSecretKey": { "markdownDescription": "The Secret Access Key portion of the credentials.", "title": "ApiSecretKey", "type": "string" } }, "required": [ "ApiSecretKey" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.VeevaConnectorProfileCredentials": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The password that corresponds to the user name.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The name of the user.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.VeevaConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Veeva resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.ZendeskConnectorProfileCredentials": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "The credentials used to access protected Zendesk resources.", "title": "AccessToken", "type": "string" }, "ClientId": { "markdownDescription": "The identifier for the desired client.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret used by the OAuth client to authenticate to the authorization server.", "title": "ClientSecret", "type": "string" }, "ConnectorOAuthRequest": { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile.ConnectorOAuthRequest", "markdownDescription": "Used by select connectors for which the OAuth workflow is supported, such as Salesforce, Google Analytics, Marketo, Zendesk, and Slack.", "title": "ConnectorOAuthRequest" } }, "required": [ "ClientId", "ClientSecret" ], "type": "object" }, "AWS::AppFlow::ConnectorProfile.ZendeskConnectorProfileProperties": { "additionalProperties": false, "properties": { "InstanceUrl": { "markdownDescription": "The location of the Zendesk resource.", "title": "InstanceUrl", "type": "string" } }, "required": [ "InstanceUrl" ], "type": "object" }, "AWS::AppFlow::Flow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A user-entered description of the flow.", "title": "Description", "type": "string" }, "DestinationFlowConfigList": { "items": { "$ref": "#/definitions/AWS::AppFlow::Flow.DestinationFlowConfig" }, "markdownDescription": "The configuration that controls how Amazon AppFlow places data in the destination connector.", "title": "DestinationFlowConfigList", "type": "array" }, "FlowName": { "markdownDescription": "The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.", "title": "FlowName", "type": "string" }, "FlowStatus": { "markdownDescription": "Sets the status of the flow. You can specify one of the following values:\n\n- **Active** - The flow runs based on the trigger settings that you defined. Active scheduled flows run as scheduled, and active event-triggered flows run when the specified change event occurs. However, active on-demand flows run only when you manually start them by using Amazon AppFlow.\n- **Suspended** - You can use this option to deactivate an active flow. Scheduled and event-triggered flows will cease to run until you reactive them. This value only affects scheduled and event-triggered flows. It has no effect for on-demand flows.\n\nIf you omit the FlowStatus parameter, Amazon AppFlow creates the flow with a default status. The default status for on-demand flows is Active. The default status for scheduled and event-triggered flows is Draft, which means they\u2019re not yet active.", "title": "FlowStatus", "type": "string" }, "KMSArn": { "markdownDescription": "The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.", "title": "KMSArn", "type": "string" }, "MetadataCatalogConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.MetadataCatalogConfig", "markdownDescription": "Specifies the configuration that Amazon AppFlow uses when it catalogs your data. When Amazon AppFlow catalogs your data, it stores metadata in a data catalog.", "title": "MetadataCatalogConfig" }, "SourceFlowConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.SourceFlowConfig", "markdownDescription": "Contains information about the configuration of the source connector used in the flow.", "title": "SourceFlowConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for your flow.", "title": "Tags", "type": "array" }, "Tasks": { "items": { "$ref": "#/definitions/AWS::AppFlow::Flow.Task" }, "markdownDescription": "A list of tasks that Amazon AppFlow performs while transferring the data in the flow run.", "title": "Tasks", "type": "array" }, "TriggerConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.TriggerConfig", "markdownDescription": "The trigger settings that determine how and when Amazon AppFlow runs the specified flow.", "title": "TriggerConfig" } }, "required": [ "DestinationFlowConfigList", "FlowName", "SourceFlowConfig", "Tasks", "TriggerConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::AppFlow::Flow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppFlow::Flow.AggregationConfig": { "additionalProperties": false, "properties": { "AggregationType": { "markdownDescription": "Specifies whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated.", "title": "AggregationType", "type": "string" }, "TargetFileSize": { "markdownDescription": "The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. For each file, Amazon AppFlow attempts to achieve the size that you specify. The actual file sizes might differ from this target based on the number and size of the records that each file contains.", "title": "TargetFileSize", "type": "number" } }, "type": "object" }, "AWS::AppFlow::Flow.AmplitudeSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Amplitude flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.ConnectorOperator": { "additionalProperties": false, "properties": { "Amplitude": { "markdownDescription": "The operation to be performed on the provided Amplitude source fields.", "title": "Amplitude", "type": "string" }, "CustomConnector": { "markdownDescription": "Operators supported by the custom connector.", "title": "CustomConnector", "type": "string" }, "Datadog": { "markdownDescription": "The operation to be performed on the provided Datadog source fields.", "title": "Datadog", "type": "string" }, "Dynatrace": { "markdownDescription": "The operation to be performed on the provided Dynatrace source fields.", "title": "Dynatrace", "type": "string" }, "GoogleAnalytics": { "markdownDescription": "The operation to be performed on the provided Google Analytics source fields.", "title": "GoogleAnalytics", "type": "string" }, "InforNexus": { "markdownDescription": "The operation to be performed on the provided Infor Nexus source fields.", "title": "InforNexus", "type": "string" }, "Marketo": { "markdownDescription": "The operation to be performed on the provided Marketo source fields.", "title": "Marketo", "type": "string" }, "Pardot": { "markdownDescription": "The operation to be performed on the provided Salesforce Pardot source fields.", "title": "Pardot", "type": "string" }, "S3": { "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", "title": "S3", "type": "string" }, "SAPOData": { "markdownDescription": "The operation to be performed on the provided SAPOData source fields.", "title": "SAPOData", "type": "string" }, "Salesforce": { "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", "title": "Salesforce", "type": "string" }, "ServiceNow": { "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", "title": "ServiceNow", "type": "string" }, "Singular": { "markdownDescription": "The operation to be performed on the provided Singular source fields.", "title": "Singular", "type": "string" }, "Slack": { "markdownDescription": "The operation to be performed on the provided Slack source fields.", "title": "Slack", "type": "string" }, "Trendmicro": { "markdownDescription": "The operation to be performed on the provided Trend Micro source fields.", "title": "Trendmicro", "type": "string" }, "Veeva": { "markdownDescription": "The operation to be performed on the provided Veeva source fields.", "title": "Veeva", "type": "string" }, "Zendesk": { "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", "title": "Zendesk", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.CustomConnectorDestinationProperties": { "additionalProperties": false, "properties": { "CustomProperties": { "additionalProperties": true, "markdownDescription": "The custom properties that are specific to the connector when it's used as a destination in the flow.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "CustomProperties", "type": "object" }, "EntityName": { "markdownDescription": "The entity specified in the custom connector as a destination in the flow.", "title": "EntityName", "type": "string" }, "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the custom connector as destination.", "title": "ErrorHandlingConfig" }, "IdFieldNames": { "items": { "type": "string" }, "markdownDescription": "The name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert.", "title": "IdFieldNames", "type": "array" }, "WriteOperationType": { "markdownDescription": "Specifies the type of write operation to be performed in the custom connector when it's used as destination.", "title": "WriteOperationType", "type": "string" } }, "required": [ "EntityName" ], "type": "object" }, "AWS::AppFlow::Flow.CustomConnectorSourceProperties": { "additionalProperties": false, "properties": { "CustomProperties": { "additionalProperties": true, "markdownDescription": "Custom properties that are required to use the custom connector as a source.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "CustomProperties", "type": "object" }, "DataTransferApi": { "$ref": "#/definitions/AWS::AppFlow::Flow.DataTransferApi", "markdownDescription": "The API of the connector application that Amazon AppFlow uses to transfer your data.", "title": "DataTransferApi" }, "EntityName": { "markdownDescription": "The entity specified in the custom connector as a source in the flow.", "title": "EntityName", "type": "string" } }, "required": [ "EntityName" ], "type": "object" }, "AWS::AppFlow::Flow.DataTransferApi": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the connector application API.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "You can specify one of the following types:\n\n- **AUTOMATIC** - The default. Optimizes a flow for datasets that fluctuate in size from small to large. For each flow run, Amazon AppFlow chooses to use the SYNC or ASYNC API type based on the amount of data that the run transfers.\n- **SYNC** - A synchronous API. This type of API optimizes a flow for small to medium-sized datasets.\n- **ASYNC** - An asynchronous API. This type of API optimizes a flow for large datasets.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::AppFlow::Flow.DatadogSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Datadog flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.DestinationConnectorProperties": { "additionalProperties": false, "properties": { "CustomConnector": { "$ref": "#/definitions/AWS::AppFlow::Flow.CustomConnectorDestinationProperties", "markdownDescription": "The properties that are required to query the custom Connector.", "title": "CustomConnector" }, "EventBridge": { "$ref": "#/definitions/AWS::AppFlow::Flow.EventBridgeDestinationProperties", "markdownDescription": "The properties required to query Amazon EventBridge.", "title": "EventBridge" }, "LookoutMetrics": { "$ref": "#/definitions/AWS::AppFlow::Flow.LookoutMetricsDestinationProperties", "markdownDescription": "The properties required to query Amazon Lookout for Metrics.", "title": "LookoutMetrics" }, "Marketo": { "$ref": "#/definitions/AWS::AppFlow::Flow.MarketoDestinationProperties", "markdownDescription": "The properties required to query Marketo.", "title": "Marketo" }, "Redshift": { "$ref": "#/definitions/AWS::AppFlow::Flow.RedshiftDestinationProperties", "markdownDescription": "The properties required to query Amazon Redshift.", "title": "Redshift" }, "S3": { "$ref": "#/definitions/AWS::AppFlow::Flow.S3DestinationProperties", "markdownDescription": "The properties required to query Amazon S3.", "title": "S3" }, "SAPOData": { "$ref": "#/definitions/AWS::AppFlow::Flow.SAPODataDestinationProperties", "markdownDescription": "The properties required to query SAPOData.", "title": "SAPOData" }, "Salesforce": { "$ref": "#/definitions/AWS::AppFlow::Flow.SalesforceDestinationProperties", "markdownDescription": "The properties required to query Salesforce.", "title": "Salesforce" }, "Snowflake": { "$ref": "#/definitions/AWS::AppFlow::Flow.SnowflakeDestinationProperties", "markdownDescription": "The properties required to query Snowflake.", "title": "Snowflake" }, "Upsolver": { "$ref": "#/definitions/AWS::AppFlow::Flow.UpsolverDestinationProperties", "markdownDescription": "The properties required to query Upsolver.", "title": "Upsolver" }, "Zendesk": { "$ref": "#/definitions/AWS::AppFlow::Flow.ZendeskDestinationProperties", "markdownDescription": "The properties required to query Zendesk.", "title": "Zendesk" } }, "type": "object" }, "AWS::AppFlow::Flow.DestinationFlowConfig": { "additionalProperties": false, "properties": { "ApiVersion": { "markdownDescription": "The API version that the destination connector uses.", "title": "ApiVersion", "type": "string" }, "ConnectorProfileName": { "markdownDescription": "The name of the connector profile. This name must be unique for each connector profile in the AWS account .", "title": "ConnectorProfileName", "type": "string" }, "ConnectorType": { "markdownDescription": "The type of destination connector, such as Sales force, Amazon S3, and so on.", "title": "ConnectorType", "type": "string" }, "DestinationConnectorProperties": { "$ref": "#/definitions/AWS::AppFlow::Flow.DestinationConnectorProperties", "markdownDescription": "This stores the information that is required to query a particular connector.", "title": "DestinationConnectorProperties" } }, "required": [ "ConnectorType", "DestinationConnectorProperties" ], "type": "object" }, "AWS::AppFlow::Flow.DynatraceSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Dynatrace flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.ErrorHandlingConfig": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Specifies the name of the Amazon S3 bucket.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "Specifies the Amazon S3 bucket prefix.", "title": "BucketPrefix", "type": "string" }, "FailOnFirstError": { "markdownDescription": "Specifies if the flow should fail after the first instance of a failure when attempting to place data in the destination.", "title": "FailOnFirstError", "type": "boolean" } }, "type": "object" }, "AWS::AppFlow::Flow.EventBridgeDestinationProperties": { "additionalProperties": false, "properties": { "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The object specified in the Amplitude flow source.", "title": "ErrorHandlingConfig" }, "Object": { "markdownDescription": "The object specified in the Amazon EventBridge flow destination.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.GlueDataCatalog": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "", "title": "DatabaseName", "type": "string" }, "RoleArn": { "markdownDescription": "", "title": "RoleArn", "type": "string" }, "TablePrefix": { "markdownDescription": "", "title": "TablePrefix", "type": "string" } }, "required": [ "DatabaseName", "RoleArn", "TablePrefix" ], "type": "object" }, "AWS::AppFlow::Flow.GoogleAnalyticsSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Google Analytics flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.IncrementalPullConfig": { "additionalProperties": false, "properties": { "DatetimeTypeFieldName": { "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", "title": "DatetimeTypeFieldName", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.InforNexusSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Infor Nexus flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.LookoutMetricsDestinationProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Amazon Lookout for Metrics flow destination.", "title": "Object", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.MarketoDestinationProperties": { "additionalProperties": false, "properties": { "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "Object": { "markdownDescription": "The object specified in the Marketo flow destination.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.MarketoSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Marketo flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.MetadataCatalogConfig": { "additionalProperties": false, "properties": { "GlueDataCatalog": { "$ref": "#/definitions/AWS::AppFlow::Flow.GlueDataCatalog", "markdownDescription": "Specifies the configuration that Amazon AppFlow uses when it catalogs your data with the AWS Glue Data Catalog .", "title": "GlueDataCatalog" } }, "type": "object" }, "AWS::AppFlow::Flow.PardotSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Salesforce Pardot flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.PrefixConfig": { "additionalProperties": false, "properties": { "PathPrefixHierarchy": { "items": { "type": "string" }, "markdownDescription": "Specifies whether the destination file path includes either or both of the following elements:\n\n- **EXECUTION_ID** - The ID that Amazon AppFlow assigns to the flow run.\n- **SCHEMA_VERSION** - The version number of your data schema. Amazon AppFlow assigns this version number. The version number increases by one when you change any of the following settings in your flow configuration:\n\n- Source-to-destination field mappings\n- Field data types\n- Partition keys", "title": "PathPrefixHierarchy", "type": "array" }, "PrefixFormat": { "markdownDescription": "Determines the level of granularity for the date and time that's included in the prefix.", "title": "PrefixFormat", "type": "string" }, "PrefixType": { "markdownDescription": "Determines the format of the prefix, and whether it applies to the file name, file path, or both.", "title": "PrefixType", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.RedshiftDestinationProperties": { "additionalProperties": false, "properties": { "BucketPrefix": { "markdownDescription": "The object key for the bucket in which Amazon AppFlow places the destination files.", "title": "BucketPrefix", "type": "string" }, "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the Amazon Redshift destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "IntermediateBucketName": { "markdownDescription": "The intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift.", "title": "IntermediateBucketName", "type": "string" }, "Object": { "markdownDescription": "The object specified in the Amazon Redshift flow destination.", "title": "Object", "type": "string" } }, "required": [ "IntermediateBucketName", "Object" ], "type": "object" }, "AWS::AppFlow::Flow.S3DestinationProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Amazon S3 bucket name in which Amazon AppFlow places the transferred data.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The object key for the destination bucket in which Amazon AppFlow places the files.", "title": "BucketPrefix", "type": "string" }, "S3OutputFormatConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.S3OutputFormatConfig", "markdownDescription": "The configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination.", "title": "S3OutputFormatConfig" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::AppFlow::Flow.S3InputFormatConfig": { "additionalProperties": false, "properties": { "S3InputFileType": { "markdownDescription": "The file type that Amazon AppFlow gets from your Amazon S3 bucket.", "title": "S3InputFileType", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.S3OutputFormatConfig": { "additionalProperties": false, "properties": { "AggregationConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.AggregationConfig", "markdownDescription": "The aggregation settings that you can use to customize the output format of your flow data.", "title": "AggregationConfig" }, "FileType": { "markdownDescription": "Indicates the file type that Amazon AppFlow places in the Amazon S3 bucket.", "title": "FileType", "type": "string" }, "PrefixConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.PrefixConfig", "markdownDescription": "Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date.", "title": "PrefixConfig" }, "PreserveSourceDataTyping": { "markdownDescription": "If your file output format is Parquet, use this parameter to set whether Amazon AppFlow preserves the data types in your source data when it writes the output to Amazon S3.\n\n- `true` : Amazon AppFlow preserves the data types when it writes to Amazon S3. For example, an integer or `1` in your source data is still an integer in your output.\n- `false` : Amazon AppFlow converts all of the source data into strings when it writes to Amazon S3. For example, an integer of `1` in your source data becomes the string `\"1\"` in the output.", "title": "PreserveSourceDataTyping", "type": "boolean" } }, "type": "object" }, "AWS::AppFlow::Flow.S3SourceProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", "title": "BucketPrefix", "type": "string" }, "S3InputFormatConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.S3InputFormatConfig", "markdownDescription": "When you use Amazon S3 as the source, the configuration format that you provide the flow input data.", "title": "S3InputFormatConfig" } }, "required": [ "BucketName", "BucketPrefix" ], "type": "object" }, "AWS::AppFlow::Flow.SAPODataDestinationProperties": { "additionalProperties": false, "properties": { "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "IdFieldNames": { "items": { "type": "string" }, "markdownDescription": "A list of field names that can be used as an ID field when performing a write operation.", "title": "IdFieldNames", "type": "array" }, "ObjectPath": { "markdownDescription": "The object path specified in the SAPOData flow destination.", "title": "ObjectPath", "type": "string" }, "SuccessResponseHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.SuccessResponseHandlingConfig", "markdownDescription": "Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data.\n\nFor example, this setting would determine where to write the response from a destination connector upon a successful insert operation.", "title": "SuccessResponseHandlingConfig" }, "WriteOperationType": { "markdownDescription": "The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation.", "title": "WriteOperationType", "type": "string" } }, "required": [ "ObjectPath" ], "type": "object" }, "AWS::AppFlow::Flow.SAPODataPaginationConfig": { "additionalProperties": false, "properties": { "maxPageSize": { "markdownDescription": "", "title": "maxPageSize", "type": "number" } }, "required": [ "maxPageSize" ], "type": "object" }, "AWS::AppFlow::Flow.SAPODataParallelismConfig": { "additionalProperties": false, "properties": { "maxParallelism": { "markdownDescription": "", "title": "maxParallelism", "type": "number" } }, "required": [ "maxParallelism" ], "type": "object" }, "AWS::AppFlow::Flow.SAPODataSourceProperties": { "additionalProperties": false, "properties": { "ObjectPath": { "markdownDescription": "The object path specified in the SAPOData flow source.", "title": "ObjectPath", "type": "string" }, "paginationConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.SAPODataPaginationConfig", "markdownDescription": "", "title": "paginationConfig" }, "parallelismConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.SAPODataParallelismConfig", "markdownDescription": "", "title": "parallelismConfig" } }, "required": [ "ObjectPath" ], "type": "object" }, "AWS::AppFlow::Flow.SalesforceDestinationProperties": { "additionalProperties": false, "properties": { "DataTransferApi": { "markdownDescription": "Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data to Salesforce.\n\n- **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers to Salesforce. If your flow transfers fewer than 1,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.\n\nEach of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900 records, and it might use Bulk API 2.0 on the next day to transfer 1,100 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.\n\nBy choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.\n- **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.\n\nNote that Bulk API 2.0 does not transfer Salesforce compound fields.\n- **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail with a timed out error.", "title": "DataTransferApi", "type": "string" }, "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the Salesforce destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "IdFieldNames": { "items": { "type": "string" }, "markdownDescription": "The name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update or delete.", "title": "IdFieldNames", "type": "array" }, "Object": { "markdownDescription": "The object specified in the Salesforce flow destination.", "title": "Object", "type": "string" }, "WriteOperationType": { "markdownDescription": "This specifies the type of write operation to be performed in Salesforce. When the value is `UPSERT` , then `idFieldNames` is required.", "title": "WriteOperationType", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.SalesforceSourceProperties": { "additionalProperties": false, "properties": { "DataTransferApi": { "markdownDescription": "Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data from Salesforce.\n\n- **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers from Salesforce. If your flow transfers fewer than 1,000,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.\n\nEach of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900,000 records, and it might use Bulk API 2.0 on the next day to transfer 1,100,000 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.\n\nBy choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.\n- **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.\n\nNote that Bulk API 2.0 does not transfer Salesforce compound fields.\n- **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail wituh a timed out error.", "title": "DataTransferApi", "type": "string" }, "EnableDynamicFieldUpdate": { "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", "title": "EnableDynamicFieldUpdate", "type": "boolean" }, "IncludeDeletedRecords": { "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", "title": "IncludeDeletedRecords", "type": "boolean" }, "Object": { "markdownDescription": "The object specified in the Salesforce flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.ScheduledTriggerProperties": { "additionalProperties": false, "properties": { "DataPullMode": { "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", "title": "DataPullMode", "type": "string" }, "FirstExecutionFrom": { "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", "title": "FirstExecutionFrom", "type": "number" }, "FlowErrorDeactivationThreshold": { "markdownDescription": "Defines how many times a scheduled flow fails consecutively before Amazon AppFlow deactivates it.", "title": "FlowErrorDeactivationThreshold", "type": "number" }, "ScheduleEndTime": { "markdownDescription": "The time at which the scheduled flow ends. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-27T13:00:00-07:00` .", "title": "ScheduleEndTime", "type": "number" }, "ScheduleExpression": { "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)` .", "title": "ScheduleExpression", "type": "string" }, "ScheduleOffset": { "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", "title": "ScheduleOffset", "type": "number" }, "ScheduleStartTime": { "markdownDescription": "The time at which the scheduled flow starts. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-26T13:00:00-07:00` .", "title": "ScheduleStartTime", "type": "number" }, "TimeZone": { "markdownDescription": "Specifies the time zone used when referring to the dates and times of a scheduled flow, such as `America/New_York` . This time zone is only a descriptive label. It doesn't affect how Amazon AppFlow interprets the timestamps that you specify to schedule the flow.\n\nIf you want to schedule a flow by using times in a particular time zone, indicate the time zone as a UTC offset in your timestamps. For example, the UTC offsets for the `America/New_York` timezone are `-04:00` EDT and `-05:00 EST` .", "title": "TimeZone", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::AppFlow::Flow.ServiceNowSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the ServiceNow flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.SingularSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Singular flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.SlackSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Slack flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.SnowflakeDestinationProperties": { "additionalProperties": false, "properties": { "BucketPrefix": { "markdownDescription": "The object key for the destination bucket in which Amazon AppFlow places the files.", "title": "BucketPrefix", "type": "string" }, "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the Snowflake destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "IntermediateBucketName": { "markdownDescription": "The intermediate bucket that Amazon AppFlow uses when moving data into Snowflake.", "title": "IntermediateBucketName", "type": "string" }, "Object": { "markdownDescription": "The object specified in the Snowflake flow destination.", "title": "Object", "type": "string" } }, "required": [ "IntermediateBucketName", "Object" ], "type": "object" }, "AWS::AppFlow::Flow.SourceConnectorProperties": { "additionalProperties": false, "properties": { "Amplitude": { "$ref": "#/definitions/AWS::AppFlow::Flow.AmplitudeSourceProperties", "markdownDescription": "Specifies the information that is required for querying Amplitude.", "title": "Amplitude" }, "CustomConnector": { "$ref": "#/definitions/AWS::AppFlow::Flow.CustomConnectorSourceProperties", "markdownDescription": "The properties that are applied when the custom connector is being used as a source.", "title": "CustomConnector" }, "Datadog": { "$ref": "#/definitions/AWS::AppFlow::Flow.DatadogSourceProperties", "markdownDescription": "Specifies the information that is required for querying Datadog.", "title": "Datadog" }, "Dynatrace": { "$ref": "#/definitions/AWS::AppFlow::Flow.DynatraceSourceProperties", "markdownDescription": "Specifies the information that is required for querying Dynatrace.", "title": "Dynatrace" }, "GoogleAnalytics": { "$ref": "#/definitions/AWS::AppFlow::Flow.GoogleAnalyticsSourceProperties", "markdownDescription": "Specifies the information that is required for querying Google Analytics.", "title": "GoogleAnalytics" }, "InforNexus": { "$ref": "#/definitions/AWS::AppFlow::Flow.InforNexusSourceProperties", "markdownDescription": "Specifies the information that is required for querying Infor Nexus.", "title": "InforNexus" }, "Marketo": { "$ref": "#/definitions/AWS::AppFlow::Flow.MarketoSourceProperties", "markdownDescription": "Specifies the information that is required for querying Marketo.", "title": "Marketo" }, "Pardot": { "$ref": "#/definitions/AWS::AppFlow::Flow.PardotSourceProperties", "markdownDescription": "Specifies the information that is required for querying Salesforce Pardot.", "title": "Pardot" }, "S3": { "$ref": "#/definitions/AWS::AppFlow::Flow.S3SourceProperties", "markdownDescription": "Specifies the information that is required for querying Amazon S3.", "title": "S3" }, "SAPOData": { "$ref": "#/definitions/AWS::AppFlow::Flow.SAPODataSourceProperties", "markdownDescription": "The properties that are applied when using SAPOData as a flow source.", "title": "SAPOData" }, "Salesforce": { "$ref": "#/definitions/AWS::AppFlow::Flow.SalesforceSourceProperties", "markdownDescription": "Specifies the information that is required for querying Salesforce.", "title": "Salesforce" }, "ServiceNow": { "$ref": "#/definitions/AWS::AppFlow::Flow.ServiceNowSourceProperties", "markdownDescription": "Specifies the information that is required for querying ServiceNow.", "title": "ServiceNow" }, "Singular": { "$ref": "#/definitions/AWS::AppFlow::Flow.SingularSourceProperties", "markdownDescription": "Specifies the information that is required for querying Singular.", "title": "Singular" }, "Slack": { "$ref": "#/definitions/AWS::AppFlow::Flow.SlackSourceProperties", "markdownDescription": "Specifies the information that is required for querying Slack.", "title": "Slack" }, "Trendmicro": { "$ref": "#/definitions/AWS::AppFlow::Flow.TrendmicroSourceProperties", "markdownDescription": "Specifies the information that is required for querying Trend Micro.", "title": "Trendmicro" }, "Veeva": { "$ref": "#/definitions/AWS::AppFlow::Flow.VeevaSourceProperties", "markdownDescription": "Specifies the information that is required for querying Veeva.", "title": "Veeva" }, "Zendesk": { "$ref": "#/definitions/AWS::AppFlow::Flow.ZendeskSourceProperties", "markdownDescription": "Specifies the information that is required for querying Zendesk.", "title": "Zendesk" } }, "type": "object" }, "AWS::AppFlow::Flow.SourceFlowConfig": { "additionalProperties": false, "properties": { "ApiVersion": { "markdownDescription": "The API version of the connector when it's used as a source in the flow.", "title": "ApiVersion", "type": "string" }, "ConnectorProfileName": { "markdownDescription": "The name of the connector profile. This name must be unique for each connector profile in the AWS account .", "title": "ConnectorProfileName", "type": "string" }, "ConnectorType": { "markdownDescription": "The type of connector, such as Salesforce, Amplitude, and so on.", "title": "ConnectorType", "type": "string" }, "IncrementalPullConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.IncrementalPullConfig", "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", "title": "IncrementalPullConfig" }, "SourceConnectorProperties": { "$ref": "#/definitions/AWS::AppFlow::Flow.SourceConnectorProperties", "markdownDescription": "Specifies the information that is required to query a particular source connector.", "title": "SourceConnectorProperties" } }, "required": [ "ConnectorType", "SourceConnectorProperties" ], "type": "object" }, "AWS::AppFlow::Flow.SuccessResponseHandlingConfig": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the Amazon S3 bucket.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The Amazon S3 bucket prefix.", "title": "BucketPrefix", "type": "string" } }, "type": "object" }, "AWS::AppFlow::Flow.Task": { "additionalProperties": false, "properties": { "ConnectorOperator": { "$ref": "#/definitions/AWS::AppFlow::Flow.ConnectorOperator", "markdownDescription": "The operation to be performed on the provided source fields.", "title": "ConnectorOperator" }, "DestinationField": { "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", "title": "DestinationField", "type": "string" }, "SourceFields": { "items": { "type": "string" }, "markdownDescription": "The source fields to which a particular task is applied.", "title": "SourceFields", "type": "array" }, "TaskProperties": { "items": { "$ref": "#/definitions/AWS::AppFlow::Flow.TaskPropertiesObject" }, "markdownDescription": "A map used to store task-related information. The execution service looks for particular information based on the `TaskType` .", "title": "TaskProperties", "type": "array" }, "TaskType": { "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.\n\n*Allowed values* : `Arithmetic` | `Filter` | `Map` | `Map_all` | `Mask` | `Merge` | `Truncate` | `Validate`", "title": "TaskType", "type": "string" } }, "required": [ "SourceFields", "TaskType" ], "type": "object" }, "AWS::AppFlow::Flow.TaskPropertiesObject": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The task property key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The task property value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AppFlow::Flow.TrendmicroSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Trend Micro flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.TriggerConfig": { "additionalProperties": false, "properties": { "TriggerProperties": { "$ref": "#/definitions/AWS::AppFlow::Flow.ScheduledTriggerProperties", "markdownDescription": "Specifies the configuration details of a schedule-triggered flow as defined by the user. Currently, these settings only apply to the `Scheduled` trigger type.", "title": "TriggerProperties" }, "TriggerType": { "markdownDescription": "Specifies the type of flow trigger. This can be `OnDemand` , `Scheduled` , or `Event` .", "title": "TriggerType", "type": "string" } }, "required": [ "TriggerType" ], "type": "object" }, "AWS::AppFlow::Flow.UpsolverDestinationProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Upsolver Amazon S3 bucket name in which Amazon AppFlow places the transferred data.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The object key for the destination Upsolver Amazon S3 bucket in which Amazon AppFlow places the files.", "title": "BucketPrefix", "type": "string" }, "S3OutputFormatConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.UpsolverS3OutputFormatConfig", "markdownDescription": "The configuration that determines how data is formatted when Upsolver is used as the flow destination.", "title": "S3OutputFormatConfig" } }, "required": [ "BucketName", "S3OutputFormatConfig" ], "type": "object" }, "AWS::AppFlow::Flow.UpsolverS3OutputFormatConfig": { "additionalProperties": false, "properties": { "AggregationConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.AggregationConfig", "markdownDescription": "The aggregation settings that you can use to customize the output format of your flow data.", "title": "AggregationConfig" }, "FileType": { "markdownDescription": "Indicates the file type that Amazon AppFlow places in the Upsolver Amazon S3 bucket.", "title": "FileType", "type": "string" }, "PrefixConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.PrefixConfig", "markdownDescription": "Specifies elements that Amazon AppFlow includes in the file and folder names in the flow destination.", "title": "PrefixConfig" } }, "required": [ "PrefixConfig" ], "type": "object" }, "AWS::AppFlow::Flow.VeevaSourceProperties": { "additionalProperties": false, "properties": { "DocumentType": { "markdownDescription": "The document type specified in the Veeva document extract flow.", "title": "DocumentType", "type": "string" }, "IncludeAllVersions": { "markdownDescription": "Boolean value to include All Versions of files in Veeva document extract flow.", "title": "IncludeAllVersions", "type": "boolean" }, "IncludeRenditions": { "markdownDescription": "Boolean value to include file renditions in Veeva document extract flow.", "title": "IncludeRenditions", "type": "boolean" }, "IncludeSourceFiles": { "markdownDescription": "Boolean value to include source files in Veeva document extract flow.", "title": "IncludeSourceFiles", "type": "boolean" }, "Object": { "markdownDescription": "The object specified in the Veeva flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.ZendeskDestinationProperties": { "additionalProperties": false, "properties": { "ErrorHandlingConfig": { "$ref": "#/definitions/AWS::AppFlow::Flow.ErrorHandlingConfig", "markdownDescription": "The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details.", "title": "ErrorHandlingConfig" }, "IdFieldNames": { "items": { "type": "string" }, "markdownDescription": "A list of field names that can be used as an ID field when performing a write operation.", "title": "IdFieldNames", "type": "array" }, "Object": { "markdownDescription": "The object specified in the Zendesk flow destination.", "title": "Object", "type": "string" }, "WriteOperationType": { "markdownDescription": "The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation.", "title": "WriteOperationType", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppFlow::Flow.ZendeskSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Zendesk flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::AppIntegrations::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationSourceConfig": { "$ref": "#/definitions/AWS::AppIntegrations::Application.ApplicationSourceConfig", "markdownDescription": "The configuration for where the application should be loaded from.", "title": "ApplicationSourceConfig" }, "Description": { "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the application.", "title": "Namespace", "type": "string" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "", "title": "Permissions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "ApplicationSourceConfig", "Description", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppIntegrations::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppIntegrations::Application.ApplicationSourceConfig": { "additionalProperties": false, "properties": { "ExternalUrlConfig": { "$ref": "#/definitions/AWS::AppIntegrations::Application.ExternalUrlConfig", "markdownDescription": "The external URL source for the application.", "title": "ExternalUrlConfig" } }, "required": [ "ExternalUrlConfig" ], "type": "object" }, "AWS::AppIntegrations::Application.ExternalUrlConfig": { "additionalProperties": false, "properties": { "AccessUrl": { "markdownDescription": "The URL to access the application.", "title": "AccessUrl", "type": "string" }, "ApprovedOrigins": { "items": { "type": "string" }, "markdownDescription": "Additional URLs to allow list if different than the access URL.", "title": "ApprovedOrigins", "type": "array" } }, "required": [ "AccessUrl" ], "type": "object" }, "AWS::AppIntegrations::DataIntegration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the DataIntegration.", "title": "Description", "type": "string" }, "FileConfiguration": { "$ref": "#/definitions/AWS::AppIntegrations::DataIntegration.FileConfiguration", "markdownDescription": "The configuration for what files should be pulled from the source.", "title": "FileConfiguration" }, "KmsKey": { "markdownDescription": "The KMS key for the DataIntegration.", "title": "KmsKey", "type": "string" }, "Name": { "markdownDescription": "The name of the DataIntegration.", "title": "Name", "type": "string" }, "ObjectConfiguration": { "markdownDescription": "The configuration for what data should be pulled from the source.", "title": "ObjectConfiguration", "type": "object" }, "ScheduleConfig": { "$ref": "#/definitions/AWS::AppIntegrations::DataIntegration.ScheduleConfig", "markdownDescription": "The name of the data and how often it should be pulled from the source.", "title": "ScheduleConfig" }, "SourceURI": { "markdownDescription": "The URI of the data source.", "title": "SourceURI", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "KmsKey", "Name", "SourceURI" ], "type": "object" }, "Type": { "enum": [ "AWS::AppIntegrations::DataIntegration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppIntegrations::DataIntegration.FileConfiguration": { "additionalProperties": false, "properties": { "Filters": { "markdownDescription": "Restrictions for what files should be pulled from the source.", "title": "Filters", "type": "object" }, "Folders": { "items": { "type": "string" }, "markdownDescription": "Identifiers for the source folders to pull all files from recursively.", "title": "Folders", "type": "array" } }, "required": [ "Folders" ], "type": "object" }, "AWS::AppIntegrations::DataIntegration.ScheduleConfig": { "additionalProperties": false, "properties": { "FirstExecutionFrom": { "markdownDescription": "The start date for objects to import in the first flow run as an Unix/epoch timestamp in milliseconds or in ISO-8601 format.", "title": "FirstExecutionFrom", "type": "string" }, "Object": { "markdownDescription": "The name of the object to pull from the data source.", "title": "Object", "type": "string" }, "ScheduleExpression": { "markdownDescription": "How often the data should be pulled from data source.", "title": "ScheduleExpression", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::AppIntegrations::EventIntegration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The event integration description.", "title": "Description", "type": "string" }, "EventBridgeBus": { "markdownDescription": "The Amazon EventBridge bus for the event integration.", "title": "EventBridgeBus", "type": "string" }, "EventFilter": { "$ref": "#/definitions/AWS::AppIntegrations::EventIntegration.EventFilter", "markdownDescription": "The event integration filter.", "title": "EventFilter" }, "Name": { "markdownDescription": "The name of the event integration.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "EventBridgeBus", "EventFilter", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppIntegrations::EventIntegration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppIntegrations::EventIntegration.EventFilter": { "additionalProperties": false, "properties": { "Source": { "markdownDescription": "The source of the events.", "title": "Source", "type": "string" } }, "required": [ "Source" ], "type": "object" }, "AWS::AppMesh::GatewayRoute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GatewayRouteName": { "markdownDescription": "The name of the gateway route.", "title": "GatewayRouteName", "type": "string" }, "MeshName": { "markdownDescription": "The name of the service mesh that the resource resides in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteSpec", "markdownDescription": "The specifications of the gateway route.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the gateway route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualGatewayName": { "markdownDescription": "The virtual gateway that the gateway route is associated with.", "title": "VirtualGatewayName", "type": "string" } }, "required": [ "MeshName", "Spec", "VirtualGatewayName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::GatewayRoute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteHostnameMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact host name to match on.", "title": "Exact", "type": "string" }, "Suffix": { "markdownDescription": "The specified ending characters of the host name to match on.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteHostnameRewrite": { "additionalProperties": false, "properties": { "DefaultTargetHostname": { "markdownDescription": "The default target host name to write to.", "title": "DefaultTargetHostname", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteMetadataMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact method header to be matched on.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "The specified beginning characters of the method header to be matched on.", "title": "Prefix", "type": "string" }, "Range": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteRangeMatch", "markdownDescription": "An object that represents the range of values to match on.", "title": "Range" }, "Regex": { "markdownDescription": "The regex used to match the method header.", "title": "Regex", "type": "string" }, "Suffix": { "markdownDescription": "The specified ending characters of the method header to match on.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteRangeMatch": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "The end of the range.", "title": "End", "type": "number" }, "Start": { "markdownDescription": "The start of the range.", "title": "Start", "type": "number" } }, "required": [ "End", "Start" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteSpec": { "additionalProperties": false, "properties": { "GrpcRoute": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GrpcGatewayRoute", "markdownDescription": "An object that represents the specification of a gRPC gateway route.", "title": "GrpcRoute" }, "Http2Route": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRoute", "markdownDescription": "An object that represents the specification of an HTTP/2 gateway route.", "title": "Http2Route" }, "HttpRoute": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRoute", "markdownDescription": "An object that represents the specification of an HTTP gateway route.", "title": "HttpRoute" }, "Priority": { "markdownDescription": "The ordering of the gateway routes spec.", "title": "Priority", "type": "number" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteTarget": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port number of the gateway route target.", "title": "Port", "type": "number" }, "VirtualService": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteVirtualService", "markdownDescription": "An object that represents a virtual service gateway route target.", "title": "VirtualService" } }, "required": [ "VirtualService" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GatewayRouteVirtualService": { "additionalProperties": false, "properties": { "VirtualServiceName": { "markdownDescription": "The name of the virtual service that traffic is routed to.", "title": "VirtualServiceName", "type": "string" } }, "required": [ "VirtualServiceName" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GrpcGatewayRoute": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GrpcGatewayRouteAction", "markdownDescription": "An object that represents the action to take if a match is determined.", "title": "Action" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GrpcGatewayRouteMatch", "markdownDescription": "An object that represents the criteria for determining a request match.", "title": "Match" } }, "required": [ "Action", "Match" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GrpcGatewayRouteAction": { "additionalProperties": false, "properties": { "Rewrite": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GrpcGatewayRouteRewrite", "markdownDescription": "The gateway route action to rewrite.", "title": "Rewrite" }, "Target": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteTarget", "markdownDescription": "An object that represents the target that traffic is routed to when a request matches the gateway route.", "title": "Target" } }, "required": [ "Target" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GrpcGatewayRouteMatch": { "additionalProperties": false, "properties": { "Hostname": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteHostnameMatch", "markdownDescription": "The gateway route host name to be matched on.", "title": "Hostname" }, "Metadata": { "items": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GrpcGatewayRouteMetadata" }, "markdownDescription": "The gateway route metadata to be matched on.", "title": "Metadata", "type": "array" }, "Port": { "markdownDescription": "The gateway route port to be matched on.", "title": "Port", "type": "number" }, "ServiceName": { "markdownDescription": "The fully qualified domain name for the service to match from the request.", "title": "ServiceName", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.GrpcGatewayRouteMetadata": { "additionalProperties": false, "properties": { "Invert": { "markdownDescription": "Specify `True` to match anything except the match criteria. The default value is `False` .", "title": "Invert", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteMetadataMatch", "markdownDescription": "The criteria for determining a metadata match.", "title": "Match" }, "Name": { "markdownDescription": "A name for the gateway route metadata.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.GrpcGatewayRouteRewrite": { "additionalProperties": false, "properties": { "Hostname": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteHostnameRewrite", "markdownDescription": "The host name of the gateway route to rewrite.", "title": "Hostname" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRoute": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRouteAction", "markdownDescription": "An object that represents the action to take if a match is determined.", "title": "Action" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRouteMatch", "markdownDescription": "An object that represents the criteria for determining a request match.", "title": "Match" } }, "required": [ "Action", "Match" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRouteAction": { "additionalProperties": false, "properties": { "Rewrite": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRouteRewrite", "markdownDescription": "The gateway route action to rewrite.", "title": "Rewrite" }, "Target": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteTarget", "markdownDescription": "An object that represents the target that traffic is routed to when a request matches the gateway route.", "title": "Target" } }, "required": [ "Target" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRouteHeader": { "additionalProperties": false, "properties": { "Invert": { "markdownDescription": "Specify `True` to match anything except the match criteria. The default value is `False` .", "title": "Invert", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRouteHeaderMatch", "markdownDescription": "An object that represents the method and value to match with the header value sent in a request. Specify one match method.", "title": "Match" }, "Name": { "markdownDescription": "A name for the HTTP header in the gateway route that will be matched on.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRouteHeaderMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The value sent by the client must match the specified value exactly.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "The value sent by the client must begin with the specified characters.", "title": "Prefix", "type": "string" }, "Range": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteRangeMatch", "markdownDescription": "An object that represents the range of values to match on.", "title": "Range" }, "Regex": { "markdownDescription": "The value sent by the client must include the specified characters.", "title": "Regex", "type": "string" }, "Suffix": { "markdownDescription": "The value sent by the client must end with the specified characters.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRouteMatch": { "additionalProperties": false, "properties": { "Headers": { "items": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRouteHeader" }, "markdownDescription": "The client request headers to match on.", "title": "Headers", "type": "array" }, "Hostname": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteHostnameMatch", "markdownDescription": "The host name to match on.", "title": "Hostname" }, "Method": { "markdownDescription": "The method to match on.", "title": "Method", "type": "string" }, "Path": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpPathMatch", "markdownDescription": "The path to match on.", "title": "Path" }, "Port": { "markdownDescription": "The port number to match on.", "title": "Port", "type": "number" }, "Prefix": { "markdownDescription": "Specifies the path to match requests with. This parameter must always start with `/` , which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is `my-service.local` and you want the route to match requests to `my-service.local/metrics` , your prefix should be `/metrics` .", "title": "Prefix", "type": "string" }, "QueryParameters": { "items": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.QueryParameter" }, "markdownDescription": "The query parameter to match on.", "title": "QueryParameters", "type": "array" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRoutePathRewrite": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact path to rewrite.", "title": "Exact", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRoutePrefixRewrite": { "additionalProperties": false, "properties": { "DefaultPrefix": { "markdownDescription": "The default prefix used to replace the incoming route prefix when rewritten.", "title": "DefaultPrefix", "type": "string" }, "Value": { "markdownDescription": "The value used to replace the incoming route prefix when rewritten.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpGatewayRouteRewrite": { "additionalProperties": false, "properties": { "Hostname": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.GatewayRouteHostnameRewrite", "markdownDescription": "The host name to rewrite.", "title": "Hostname" }, "Path": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRoutePathRewrite", "markdownDescription": "The path to rewrite.", "title": "Path" }, "Prefix": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpGatewayRoutePrefixRewrite", "markdownDescription": "The specified beginning characters to rewrite.", "title": "Prefix" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpPathMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact path to match on.", "title": "Exact", "type": "string" }, "Regex": { "markdownDescription": "The regex used to match the path.", "title": "Regex", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.HttpQueryParameterMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact query parameter to match on.", "title": "Exact", "type": "string" } }, "type": "object" }, "AWS::AppMesh::GatewayRoute.QueryParameter": { "additionalProperties": false, "properties": { "Match": { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute.HttpQueryParameterMatch", "markdownDescription": "The query parameter to match on.", "title": "Match" }, "Name": { "markdownDescription": "A name for the query parameter that will be matched on.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::Mesh": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name to use for the service mesh.", "title": "MeshName", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::Mesh.MeshSpec", "markdownDescription": "The service mesh specification to apply.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the service mesh to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::Mesh" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppMesh::Mesh.EgressFilter": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The egress filter type. By default, the type is `DROP_ALL` , which allows egress only from virtual nodes to other defined resources in the service mesh (and any traffic to `*.amazonaws.com` for AWS API calls). You can set the egress filter type to `ALLOW_ALL` to allow egress to any endpoint inside or outside of the service mesh.\n\n> If you specify any backends on a virtual node when using `ALLOW_ALL` , you must specifiy all egress for that virtual node as backends. Otherwise, `ALLOW_ALL` will no longer work for that virtual node.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppMesh::Mesh.MeshServiceDiscovery": { "additionalProperties": false, "properties": { "IpPreference": { "markdownDescription": "The IP version to use to control traffic within the mesh.", "title": "IpPreference", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Mesh.MeshSpec": { "additionalProperties": false, "properties": { "EgressFilter": { "$ref": "#/definitions/AWS::AppMesh::Mesh.EgressFilter", "markdownDescription": "The egress filter rules for the service mesh.", "title": "EgressFilter" }, "ServiceDiscovery": { "$ref": "#/definitions/AWS::AppMesh::Mesh.MeshServiceDiscovery", "markdownDescription": "An object that represents the service discovery information for a service mesh.", "title": "ServiceDiscovery" } }, "type": "object" }, "AWS::AppMesh::Route": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name of the service mesh to create the route in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "RouteName": { "markdownDescription": "The name to use for the route.", "title": "RouteName", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::Route.RouteSpec", "markdownDescription": "The route specification to apply.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualRouterName": { "markdownDescription": "The name of the virtual router in which to create the route. If the virtual router is in a shared mesh, then you must be the owner of the virtual router resource.", "title": "VirtualRouterName", "type": "string" } }, "required": [ "MeshName", "Spec", "VirtualRouterName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::Route" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::Route.Duration": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "A unit of time.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "A number of time units.", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::AppMesh::Route.GrpcRetryPolicy": { "additionalProperties": false, "properties": { "GrpcRetryEvents": { "items": { "type": "string" }, "markdownDescription": "Specify at least one of the valid values.", "title": "GrpcRetryEvents", "type": "array" }, "HttpRetryEvents": { "items": { "type": "string" }, "markdownDescription": "Specify at least one of the following values.\n\n- *server-error* \u2013 HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511\n- *gateway-error* \u2013 HTTP status codes 502, 503, and 504\n- *client-error* \u2013 HTTP status code 409\n- *stream-error* \u2013 Retry on refused stream", "title": "HttpRetryEvents", "type": "array" }, "MaxRetries": { "markdownDescription": "The maximum number of retry attempts.", "title": "MaxRetries", "type": "number" }, "PerRetryTimeout": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "The timeout for each retry attempt.", "title": "PerRetryTimeout" }, "TcpRetryEvents": { "items": { "type": "string" }, "markdownDescription": "Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.", "title": "TcpRetryEvents", "type": "array" } }, "required": [ "MaxRetries", "PerRetryTimeout" ], "type": "object" }, "AWS::AppMesh::Route.GrpcRoute": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRouteAction", "markdownDescription": "An object that represents the action to take if a match is determined.", "title": "Action" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRouteMatch", "markdownDescription": "An object that represents the criteria for determining a request match.", "title": "Match" }, "RetryPolicy": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRetryPolicy", "markdownDescription": "An object that represents a retry policy.", "title": "RetryPolicy" }, "Timeout": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "Timeout" } }, "required": [ "Action", "Match" ], "type": "object" }, "AWS::AppMesh::Route.GrpcRouteAction": { "additionalProperties": false, "properties": { "WeightedTargets": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.WeightedTarget" }, "markdownDescription": "An object that represents the targets that traffic is routed to when a request matches the route.", "title": "WeightedTargets", "type": "array" } }, "required": [ "WeightedTargets" ], "type": "object" }, "AWS::AppMesh::Route.GrpcRouteMatch": { "additionalProperties": false, "properties": { "Metadata": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRouteMetadata" }, "markdownDescription": "An object that represents the data to match from the request.", "title": "Metadata", "type": "array" }, "MethodName": { "markdownDescription": "The method name to match from the request. If you specify a name, you must also specify a `serviceName` .", "title": "MethodName", "type": "string" }, "Port": { "markdownDescription": "The port number to match on.", "title": "Port", "type": "number" }, "ServiceName": { "markdownDescription": "The fully qualified domain name for the service to match from the request.", "title": "ServiceName", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.GrpcRouteMetadata": { "additionalProperties": false, "properties": { "Invert": { "markdownDescription": "Specify `True` to match anything except the match criteria. The default value is `False` .", "title": "Invert", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRouteMetadataMatchMethod", "markdownDescription": "An object that represents the data to match from the request.", "title": "Match" }, "Name": { "markdownDescription": "The name of the route.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::Route.GrpcRouteMetadataMatchMethod": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The value sent by the client must match the specified value exactly.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "The value sent by the client must begin with the specified characters.", "title": "Prefix", "type": "string" }, "Range": { "$ref": "#/definitions/AWS::AppMesh::Route.MatchRange", "markdownDescription": "An object that represents the range of values to match on.", "title": "Range" }, "Regex": { "markdownDescription": "The value sent by the client must include the specified characters.", "title": "Regex", "type": "string" }, "Suffix": { "markdownDescription": "The value sent by the client must end with the specified characters.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.GrpcTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" }, "PerRequest": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.", "title": "PerRequest" } }, "type": "object" }, "AWS::AppMesh::Route.HeaderMatchMethod": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The value sent by the client must match the specified value exactly.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "The value sent by the client must begin with the specified characters.", "title": "Prefix", "type": "string" }, "Range": { "$ref": "#/definitions/AWS::AppMesh::Route.MatchRange", "markdownDescription": "An object that represents the range of values to match on.", "title": "Range" }, "Regex": { "markdownDescription": "The value sent by the client must include the specified characters.", "title": "Regex", "type": "string" }, "Suffix": { "markdownDescription": "The value sent by the client must end with the specified characters.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.HttpPathMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact path to match on.", "title": "Exact", "type": "string" }, "Regex": { "markdownDescription": "The regex used to match the path.", "title": "Regex", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.HttpQueryParameterMatch": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "The exact query parameter to match on.", "title": "Exact", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.HttpRetryPolicy": { "additionalProperties": false, "properties": { "HttpRetryEvents": { "items": { "type": "string" }, "markdownDescription": "Specify at least one of the following values.\n\n- *server-error* \u2013 HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511\n- *gateway-error* \u2013 HTTP status codes 502, 503, and 504\n- *client-error* \u2013 HTTP status code 409\n- *stream-error* \u2013 Retry on refused stream", "title": "HttpRetryEvents", "type": "array" }, "MaxRetries": { "markdownDescription": "The maximum number of retry attempts.", "title": "MaxRetries", "type": "number" }, "PerRetryTimeout": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "The timeout for each retry attempt.", "title": "PerRetryTimeout" }, "TcpRetryEvents": { "items": { "type": "string" }, "markdownDescription": "Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.", "title": "TcpRetryEvents", "type": "array" } }, "required": [ "MaxRetries", "PerRetryTimeout" ], "type": "object" }, "AWS::AppMesh::Route.HttpRoute": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRouteAction", "markdownDescription": "An object that represents the action to take if a match is determined.", "title": "Action" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRouteMatch", "markdownDescription": "An object that represents the criteria for determining a request match.", "title": "Match" }, "RetryPolicy": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRetryPolicy", "markdownDescription": "An object that represents a retry policy.", "title": "RetryPolicy" }, "Timeout": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "Timeout" } }, "required": [ "Action", "Match" ], "type": "object" }, "AWS::AppMesh::Route.HttpRouteAction": { "additionalProperties": false, "properties": { "WeightedTargets": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.WeightedTarget" }, "markdownDescription": "An object that represents the targets that traffic is routed to when a request matches the route.", "title": "WeightedTargets", "type": "array" } }, "required": [ "WeightedTargets" ], "type": "object" }, "AWS::AppMesh::Route.HttpRouteHeader": { "additionalProperties": false, "properties": { "Invert": { "markdownDescription": "Specify `True` to match anything except the match criteria. The default value is `False` .", "title": "Invert", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.HeaderMatchMethod", "markdownDescription": "The `HeaderMatchMethod` object.", "title": "Match" }, "Name": { "markdownDescription": "A name for the HTTP header in the client request that will be matched on.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::Route.HttpRouteMatch": { "additionalProperties": false, "properties": { "Headers": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRouteHeader" }, "markdownDescription": "The client request headers to match on.", "title": "Headers", "type": "array" }, "Method": { "markdownDescription": "The client request method to match on. Specify only one.", "title": "Method", "type": "string" }, "Path": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpPathMatch", "markdownDescription": "The client request path to match on.", "title": "Path" }, "Port": { "markdownDescription": "The port number to match on.", "title": "Port", "type": "number" }, "Prefix": { "markdownDescription": "Specifies the path to match requests with. This parameter must always start with `/` , which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is `my-service.local` and you want the route to match requests to `my-service.local/metrics` , your prefix should be `/metrics` .", "title": "Prefix", "type": "string" }, "QueryParameters": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.QueryParameter" }, "markdownDescription": "The client request query parameters to match on.", "title": "QueryParameters", "type": "array" }, "Scheme": { "markdownDescription": "The client request scheme to match on. Specify only one. Applicable only for HTTP2 routes.", "title": "Scheme", "type": "string" } }, "type": "object" }, "AWS::AppMesh::Route.HttpTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" }, "PerRequest": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.", "title": "PerRequest" } }, "type": "object" }, "AWS::AppMesh::Route.MatchRange": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "The end of the range.", "title": "End", "type": "number" }, "Start": { "markdownDescription": "The start of the range.", "title": "Start", "type": "number" } }, "required": [ "End", "Start" ], "type": "object" }, "AWS::AppMesh::Route.QueryParameter": { "additionalProperties": false, "properties": { "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpQueryParameterMatch", "markdownDescription": "The query parameter to match on.", "title": "Match" }, "Name": { "markdownDescription": "A name for the query parameter that will be matched on.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::AppMesh::Route.RouteSpec": { "additionalProperties": false, "properties": { "GrpcRoute": { "$ref": "#/definitions/AWS::AppMesh::Route.GrpcRoute", "markdownDescription": "An object that represents the specification of a gRPC route.", "title": "GrpcRoute" }, "Http2Route": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRoute", "markdownDescription": "An object that represents the specification of an HTTP/2 route.", "title": "Http2Route" }, "HttpRoute": { "$ref": "#/definitions/AWS::AppMesh::Route.HttpRoute", "markdownDescription": "An object that represents the specification of an HTTP route.", "title": "HttpRoute" }, "Priority": { "markdownDescription": "The priority for the route. Routes are matched based on the specified value, where 0 is the highest priority.", "title": "Priority", "type": "number" }, "TcpRoute": { "$ref": "#/definitions/AWS::AppMesh::Route.TcpRoute", "markdownDescription": "An object that represents the specification of a TCP route.", "title": "TcpRoute" } }, "type": "object" }, "AWS::AppMesh::Route.TcpRoute": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::AppMesh::Route.TcpRouteAction", "markdownDescription": "The action to take if a match is determined.", "title": "Action" }, "Match": { "$ref": "#/definitions/AWS::AppMesh::Route.TcpRouteMatch", "markdownDescription": "An object that represents the criteria for determining a request match.", "title": "Match" }, "Timeout": { "$ref": "#/definitions/AWS::AppMesh::Route.TcpTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "Timeout" } }, "required": [ "Action" ], "type": "object" }, "AWS::AppMesh::Route.TcpRouteAction": { "additionalProperties": false, "properties": { "WeightedTargets": { "items": { "$ref": "#/definitions/AWS::AppMesh::Route.WeightedTarget" }, "markdownDescription": "An object that represents the targets that traffic is routed to when a request matches the route.", "title": "WeightedTargets", "type": "array" } }, "required": [ "WeightedTargets" ], "type": "object" }, "AWS::AppMesh::Route.TcpRouteMatch": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port number to match on.", "title": "Port", "type": "number" } }, "type": "object" }, "AWS::AppMesh::Route.TcpTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::Route.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" } }, "type": "object" }, "AWS::AppMesh::Route.WeightedTarget": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The targeted port of the weighted object.", "title": "Port", "type": "number" }, "VirtualNode": { "markdownDescription": "The virtual node to associate with the weighted target.", "title": "VirtualNode", "type": "string" }, "Weight": { "markdownDescription": "The relative weight of the weighted target.", "title": "Weight", "type": "number" } }, "required": [ "VirtualNode", "Weight" ], "type": "object" }, "AWS::AppMesh::VirtualGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name of the service mesh that the virtual gateway resides in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewaySpec", "markdownDescription": "The specifications of the virtual gateway.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualGatewayName": { "markdownDescription": "The name of the virtual gateway.", "title": "VirtualGatewayName", "type": "string" } }, "required": [ "MeshName", "Spec" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::VirtualGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.JsonFormatRef": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The specified key for the JSON.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The specified value for the JSON.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.LoggingFormat": { "additionalProperties": false, "properties": { "Json": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.JsonFormatRef" }, "markdownDescription": "The logging format for JSON.", "title": "Json", "type": "array" }, "Text": { "markdownDescription": "The logging format for text.", "title": "Text", "type": "string" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.SubjectAlternativeNameMatchers": { "additionalProperties": false, "properties": { "Exact": { "items": { "type": "string" }, "markdownDescription": "The values sent must match the specified values exactly.", "title": "Exact", "type": "array" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.SubjectAlternativeNames": { "additionalProperties": false, "properties": { "Match": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.SubjectAlternativeNameMatchers", "markdownDescription": "An object that represents the criteria for determining a SANs match.", "title": "Match" } }, "required": [ "Match" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayAccessLog": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayFileAccessLog", "markdownDescription": "The file object to send virtual gateway access logs to.", "title": "File" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayBackendDefaults": { "additionalProperties": false, "properties": { "ClientPolicy": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayClientPolicy", "markdownDescription": "A reference to an object that represents a client policy.", "title": "ClientPolicy" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayClientPolicy": { "additionalProperties": false, "properties": { "TLS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayClientPolicyTls", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) client policy.", "title": "TLS" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayClientPolicyTls": { "additionalProperties": false, "properties": { "Certificate": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayClientTlsCertificate", "markdownDescription": "A reference to an object that represents a virtual gateway's client's Transport Layer Security (TLS) certificate.", "title": "Certificate" }, "Enforce": { "markdownDescription": "Whether the policy is enforced. The default is `True` , if a value isn't specified.", "title": "Enforce", "type": "boolean" }, "Ports": { "items": { "type": "number" }, "markdownDescription": "One or more ports that the policy is enforced for.", "title": "Ports", "type": "array" }, "Validation": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContext", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) validation context.", "title": "Validation" } }, "required": [ "Validation" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayClientTlsCertificate": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsFileCertificate", "markdownDescription": "An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) .", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsSdsCertificate", "markdownDescription": "A reference to an object that represents a virtual gateway's client's Secret Discovery Service certificate.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayConnectionPool": { "additionalProperties": false, "properties": { "GRPC": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayGrpcConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "GRPC" }, "HTTP": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayHttpConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "HTTP" }, "HTTP2": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayHttp2ConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "HTTP2" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayFileAccessLog": { "additionalProperties": false, "properties": { "Format": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.LoggingFormat", "markdownDescription": "The specified format for the virtual gateway access logs. It can be either `json_format` or `text_format` .", "title": "Format" }, "Path": { "markdownDescription": "The file path to write access logs to. You can use `/dev/stdout` to send access logs to standard out and configure your Envoy container to use a log driver, such as `awslogs` , to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.", "title": "Path", "type": "string" } }, "required": [ "Path" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayGrpcConnectionPool": { "additionalProperties": false, "properties": { "MaxRequests": { "markdownDescription": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.", "title": "MaxRequests", "type": "number" } }, "required": [ "MaxRequests" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayHealthCheckPolicy": { "additionalProperties": false, "properties": { "HealthyThreshold": { "markdownDescription": "The number of consecutive successful health checks that must occur before declaring the listener healthy.", "title": "HealthyThreshold", "type": "number" }, "IntervalMillis": { "markdownDescription": "The time period in milliseconds between each health check execution.", "title": "IntervalMillis", "type": "number" }, "Path": { "markdownDescription": "The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.", "title": "Path", "type": "string" }, "Port": { "markdownDescription": "The destination port for the health check request. This port must match the port defined in the `PortMapping` for the listener.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol for the health check request. If you specify `grpc` , then your service must conform to the [GRPC Health Checking Protocol](https://docs.aws.amazon.com/https://github.com/grpc/grpc/blob/master/doc/health-checking.md) .", "title": "Protocol", "type": "string" }, "TimeoutMillis": { "markdownDescription": "The amount of time to wait when receiving a response from the health check, in milliseconds.", "title": "TimeoutMillis", "type": "number" }, "UnhealthyThreshold": { "markdownDescription": "The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.", "title": "UnhealthyThreshold", "type": "number" } }, "required": [ "HealthyThreshold", "IntervalMillis", "Protocol", "TimeoutMillis", "UnhealthyThreshold" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayHttp2ConnectionPool": { "additionalProperties": false, "properties": { "MaxRequests": { "markdownDescription": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.", "title": "MaxRequests", "type": "number" } }, "required": [ "MaxRequests" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayHttpConnectionPool": { "additionalProperties": false, "properties": { "MaxConnections": { "markdownDescription": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.", "title": "MaxConnections", "type": "number" }, "MaxPendingRequests": { "markdownDescription": "Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster.", "title": "MaxPendingRequests", "type": "number" } }, "required": [ "MaxConnections" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListener": { "additionalProperties": false, "properties": { "ConnectionPool": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayConnectionPool", "markdownDescription": "The connection pool information for the listener.", "title": "ConnectionPool" }, "HealthCheck": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayHealthCheckPolicy", "markdownDescription": "The health check information for the listener.", "title": "HealthCheck" }, "PortMapping": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayPortMapping", "markdownDescription": "The port mapping information for the listener.", "title": "PortMapping" }, "TLS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTls", "markdownDescription": "A reference to an object that represents the Transport Layer Security (TLS) properties for the listener.", "title": "TLS" } }, "required": [ "PortMapping" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTls": { "additionalProperties": false, "properties": { "Certificate": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsCertificate", "markdownDescription": "An object that represents a Transport Layer Security (TLS) certificate.", "title": "Certificate" }, "Mode": { "markdownDescription": "Specify one of the following modes.\n\n- ** STRICT \u2013 Listener only accepts connections with TLS enabled.\n- ** PERMISSIVE \u2013 Listener accepts connections with or without TLS enabled.\n- ** DISABLED \u2013 Listener only accepts connections without TLS.", "title": "Mode", "type": "string" }, "Validation": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsValidationContext", "markdownDescription": "A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context.", "title": "Validation" } }, "required": [ "Certificate", "Mode" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsAcmCertificate": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .", "title": "CertificateArn", "type": "string" } }, "required": [ "CertificateArn" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsCertificate": { "additionalProperties": false, "properties": { "ACM": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsAcmCertificate", "markdownDescription": "A reference to an object that represents an AWS Certificate Manager certificate.", "title": "ACM" }, "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsFileCertificate", "markdownDescription": "A reference to an object that represents a local file certificate.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsSdsCertificate", "markdownDescription": "A reference to an object that represents a virtual gateway's listener's Secret Discovery Service certificate.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsFileCertificate": { "additionalProperties": false, "properties": { "CertificateChain": { "markdownDescription": "The certificate chain for the certificate.", "title": "CertificateChain", "type": "string" }, "PrivateKey": { "markdownDescription": "The private key for a certificate stored on the file system of the mesh endpoint that the proxy is running on.", "title": "PrivateKey", "type": "string" } }, "required": [ "CertificateChain", "PrivateKey" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsSdsCertificate": { "additionalProperties": false, "properties": { "SecretName": { "markdownDescription": "A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.", "title": "SecretName", "type": "string" } }, "required": [ "SecretName" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsValidationContext": { "additionalProperties": false, "properties": { "SubjectAlternativeNames": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.SubjectAlternativeNames", "markdownDescription": "A reference to an object that represents the SANs for a virtual gateway listener's Transport Layer Security (TLS) validation context.", "title": "SubjectAlternativeNames" }, "Trust": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsValidationContextTrust", "markdownDescription": "A reference to where to retrieve the trust chain when validating a peer\u2019s Transport Layer Security (TLS) certificate.", "title": "Trust" } }, "required": [ "Trust" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayListenerTlsValidationContextTrust": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextFileTrust", "markdownDescription": "An object that represents a Transport Layer Security (TLS) validation context trust for a local file.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextSdsTrust", "markdownDescription": "A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayLogging": { "additionalProperties": false, "properties": { "AccessLog": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayAccessLog", "markdownDescription": "The access log configuration.", "title": "AccessLog" } }, "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayPortMapping": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port used for the port mapping. Specify one protocol.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol used for the port mapping.", "title": "Protocol", "type": "string" } }, "required": [ "Port", "Protocol" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewaySpec": { "additionalProperties": false, "properties": { "BackendDefaults": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayBackendDefaults", "markdownDescription": "A reference to an object that represents the defaults for backends.", "title": "BackendDefaults" }, "Listeners": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayListener" }, "markdownDescription": "The listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener.", "title": "Listeners", "type": "array" }, "Logging": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayLogging", "markdownDescription": "An object that represents logging information.", "title": "Logging" } }, "required": [ "Listeners" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContext": { "additionalProperties": false, "properties": { "SubjectAlternativeNames": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.SubjectAlternativeNames", "markdownDescription": "A reference to an object that represents the SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.", "title": "SubjectAlternativeNames" }, "Trust": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextTrust", "markdownDescription": "A reference to where to retrieve the trust chain when validating a peer\u2019s Transport Layer Security (TLS) certificate.", "title": "Trust" } }, "required": [ "Trust" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextAcmTrust": { "additionalProperties": false, "properties": { "CertificateAuthorityArns": { "items": { "type": "string" }, "markdownDescription": "One or more ACM Amazon Resource Name (ARN)s.", "title": "CertificateAuthorityArns", "type": "array" } }, "required": [ "CertificateAuthorityArns" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextFileTrust": { "additionalProperties": false, "properties": { "CertificateChain": { "markdownDescription": "The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.", "title": "CertificateChain", "type": "string" } }, "required": [ "CertificateChain" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextSdsTrust": { "additionalProperties": false, "properties": { "SecretName": { "markdownDescription": "A reference to an object that represents the name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SecretName", "type": "string" } }, "required": [ "SecretName" ], "type": "object" }, "AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextTrust": { "additionalProperties": false, "properties": { "ACM": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextAcmTrust", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.", "title": "ACM" }, "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextFileTrust", "markdownDescription": "An object that represents a Transport Layer Security (TLS) validation context trust for a local file.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway.VirtualGatewayTlsValidationContextSdsTrust", "markdownDescription": "A reference to an object that represents a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name of the service mesh to create the virtual node in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeSpec", "markdownDescription": "The virtual node specification to apply.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the virtual node to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualNodeName": { "markdownDescription": "The name to use for the virtual node.", "title": "VirtualNodeName", "type": "string" } }, "required": [ "MeshName", "Spec" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::VirtualNode" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::VirtualNode.AccessLog": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.FileAccessLog", "markdownDescription": "The file object to send virtual node access logs to.", "title": "File" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.AwsCloudMapInstanceAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AppMesh::VirtualNode.AwsCloudMapServiceDiscovery": { "additionalProperties": false, "properties": { "Attributes": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.AwsCloudMapInstanceAttribute" }, "markdownDescription": "A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.", "title": "Attributes", "type": "array" }, "IpPreference": { "markdownDescription": "The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.", "title": "IpPreference", "type": "string" }, "NamespaceName": { "markdownDescription": "The HTTP name of the AWS Cloud Map namespace to use.", "title": "NamespaceName", "type": "string" }, "ServiceName": { "markdownDescription": "The name of the AWS Cloud Map service to use.", "title": "ServiceName", "type": "string" } }, "required": [ "NamespaceName", "ServiceName" ], "type": "object" }, "AWS::AppMesh::VirtualNode.Backend": { "additionalProperties": false, "properties": { "VirtualService": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualServiceBackend", "markdownDescription": "Specifies a virtual service to use as a backend.", "title": "VirtualService" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.BackendDefaults": { "additionalProperties": false, "properties": { "ClientPolicy": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ClientPolicy", "markdownDescription": "A reference to an object that represents a client policy.", "title": "ClientPolicy" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.ClientPolicy": { "additionalProperties": false, "properties": { "TLS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ClientPolicyTls", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) client policy.", "title": "TLS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.ClientPolicyTls": { "additionalProperties": false, "properties": { "Certificate": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ClientTlsCertificate", "markdownDescription": "A reference to an object that represents a client's TLS certificate.", "title": "Certificate" }, "Enforce": { "markdownDescription": "Whether the policy is enforced. The default is `True` , if a value isn't specified.", "title": "Enforce", "type": "boolean" }, "Ports": { "items": { "type": "number" }, "markdownDescription": "One or more ports that the policy is enforced for.", "title": "Ports", "type": "array" }, "Validation": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContext", "markdownDescription": "A reference to an object that represents a TLS validation context.", "title": "Validation" } }, "required": [ "Validation" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ClientTlsCertificate": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsFileCertificate", "markdownDescription": "An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html) .", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsSdsCertificate", "markdownDescription": "A reference to an object that represents a client's TLS Secret Discovery Service certificate.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.DnsServiceDiscovery": { "additionalProperties": false, "properties": { "Hostname": { "markdownDescription": "Specifies the DNS service discovery hostname for the virtual node.", "title": "Hostname", "type": "string" }, "IpPreference": { "markdownDescription": "The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.", "title": "IpPreference", "type": "string" }, "ResponseType": { "markdownDescription": "Specifies the DNS response type for the virtual node.", "title": "ResponseType", "type": "string" } }, "required": [ "Hostname" ], "type": "object" }, "AWS::AppMesh::VirtualNode.Duration": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "A unit of time.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "A number of time units.", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::AppMesh::VirtualNode.FileAccessLog": { "additionalProperties": false, "properties": { "Format": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.LoggingFormat", "markdownDescription": "The specified format for the logs. The format is either `json_format` or `text_format` .", "title": "Format" }, "Path": { "markdownDescription": "The file path to write access logs to. You can use `/dev/stdout` to send access logs to standard out and configure your Envoy container to use a log driver, such as `awslogs` , to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.\n\n> The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.", "title": "Path", "type": "string" } }, "required": [ "Path" ], "type": "object" }, "AWS::AppMesh::VirtualNode.GrpcTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" }, "PerRequest": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.", "title": "PerRequest" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.HealthCheck": { "additionalProperties": false, "properties": { "HealthyThreshold": { "markdownDescription": "The number of consecutive successful health checks that must occur before declaring listener healthy.", "title": "HealthyThreshold", "type": "number" }, "IntervalMillis": { "markdownDescription": "The time period in milliseconds between each health check execution.", "title": "IntervalMillis", "type": "number" }, "Path": { "markdownDescription": "The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.", "title": "Path", "type": "string" }, "Port": { "markdownDescription": "The destination port for the health check request. This port must match the port defined in the `PortMapping` for the listener.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol for the health check request. If you specify `grpc` , then your service must conform to the [GRPC Health Checking Protocol](https://docs.aws.amazon.com/https://github.com/grpc/grpc/blob/master/doc/health-checking.md) .", "title": "Protocol", "type": "string" }, "TimeoutMillis": { "markdownDescription": "The amount of time to wait when receiving a response from the health check, in milliseconds.", "title": "TimeoutMillis", "type": "number" }, "UnhealthyThreshold": { "markdownDescription": "The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.", "title": "UnhealthyThreshold", "type": "number" } }, "required": [ "HealthyThreshold", "IntervalMillis", "Protocol", "TimeoutMillis", "UnhealthyThreshold" ], "type": "object" }, "AWS::AppMesh::VirtualNode.HttpTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" }, "PerRequest": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.", "title": "PerRequest" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.JsonFormatRef": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The specified key for the JSON.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The specified value for the JSON.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::AppMesh::VirtualNode.Listener": { "additionalProperties": false, "properties": { "ConnectionPool": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeConnectionPool", "markdownDescription": "The connection pool information for the listener.", "title": "ConnectionPool" }, "HealthCheck": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.HealthCheck", "markdownDescription": "The health check information for the listener.", "title": "HealthCheck" }, "OutlierDetection": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.OutlierDetection", "markdownDescription": "The outlier detection information for the listener.", "title": "OutlierDetection" }, "PortMapping": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.PortMapping", "markdownDescription": "The port mapping information for the listener.", "title": "PortMapping" }, "TLS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTls", "markdownDescription": "A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.", "title": "TLS" }, "Timeout": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTimeout", "markdownDescription": "An object that represents timeouts for different protocols.", "title": "Timeout" } }, "required": [ "PortMapping" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTimeout": { "additionalProperties": false, "properties": { "GRPC": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.GrpcTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "GRPC" }, "HTTP": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.HttpTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "HTTP" }, "HTTP2": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.HttpTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "HTTP2" }, "TCP": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TcpTimeout", "markdownDescription": "An object that represents types of timeouts.", "title": "TCP" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTls": { "additionalProperties": false, "properties": { "Certificate": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsCertificate", "markdownDescription": "A reference to an object that represents a listener's Transport Layer Security (TLS) certificate.", "title": "Certificate" }, "Mode": { "markdownDescription": "Specify one of the following modes.\n\n- ** STRICT \u2013 Listener only accepts connections with TLS enabled.\n- ** PERMISSIVE \u2013 Listener accepts connections with or without TLS enabled.\n- ** DISABLED \u2013 Listener only accepts connections without TLS.", "title": "Mode", "type": "string" }, "Validation": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsValidationContext", "markdownDescription": "A reference to an object that represents a listener's Transport Layer Security (TLS) validation context.", "title": "Validation" } }, "required": [ "Certificate", "Mode" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsAcmCertificate": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see [Transport Layer Security (TLS)](https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites) .", "title": "CertificateArn", "type": "string" } }, "required": [ "CertificateArn" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsCertificate": { "additionalProperties": false, "properties": { "ACM": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsAcmCertificate", "markdownDescription": "A reference to an object that represents an AWS Certificate Manager certificate.", "title": "ACM" }, "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsFileCertificate", "markdownDescription": "A reference to an object that represents a local file certificate.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsSdsCertificate", "markdownDescription": "A reference to an object that represents a listener's Secret Discovery Service certificate.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsFileCertificate": { "additionalProperties": false, "properties": { "CertificateChain": { "markdownDescription": "The certificate chain for the certificate.", "title": "CertificateChain", "type": "string" }, "PrivateKey": { "markdownDescription": "The private key for a certificate stored on the file system of the virtual node that the proxy is running on.", "title": "PrivateKey", "type": "string" } }, "required": [ "CertificateChain", "PrivateKey" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsSdsCertificate": { "additionalProperties": false, "properties": { "SecretName": { "markdownDescription": "A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.", "title": "SecretName", "type": "string" } }, "required": [ "SecretName" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsValidationContext": { "additionalProperties": false, "properties": { "SubjectAlternativeNames": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.SubjectAlternativeNames", "markdownDescription": "A reference to an object that represents the SANs for a listener's Transport Layer Security (TLS) validation context.", "title": "SubjectAlternativeNames" }, "Trust": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ListenerTlsValidationContextTrust", "markdownDescription": "A reference to where to retrieve the trust chain when validating a peer\u2019s Transport Layer Security (TLS) certificate.", "title": "Trust" } }, "required": [ "Trust" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ListenerTlsValidationContextTrust": { "additionalProperties": false, "properties": { "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextFileTrust", "markdownDescription": "An object that represents a Transport Layer Security (TLS) validation context trust for a local file.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextSdsTrust", "markdownDescription": "A reference to an object that represents a listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.Logging": { "additionalProperties": false, "properties": { "AccessLog": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.AccessLog", "markdownDescription": "The access log configuration for a virtual node.", "title": "AccessLog" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.LoggingFormat": { "additionalProperties": false, "properties": { "Json": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.JsonFormatRef" }, "markdownDescription": "The logging format for JSON.", "title": "Json", "type": "array" }, "Text": { "markdownDescription": "The logging format for text.", "title": "Text", "type": "string" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.OutlierDetection": { "additionalProperties": false, "properties": { "BaseEjectionDuration": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "The base amount of time for which a host is ejected.", "title": "BaseEjectionDuration" }, "Interval": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "The time interval between ejection sweep analysis.", "title": "Interval" }, "MaxEjectionPercent": { "markdownDescription": "Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value.", "title": "MaxEjectionPercent", "type": "number" }, "MaxServerErrors": { "markdownDescription": "Number of consecutive `5xx` errors required for ejection.", "title": "MaxServerErrors", "type": "number" } }, "required": [ "BaseEjectionDuration", "Interval", "MaxEjectionPercent", "MaxServerErrors" ], "type": "object" }, "AWS::AppMesh::VirtualNode.PortMapping": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port used for the port mapping.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol used for the port mapping. Specify `http` , `http2` , `grpc` , or `tcp` .", "title": "Protocol", "type": "string" } }, "required": [ "Port", "Protocol" ], "type": "object" }, "AWS::AppMesh::VirtualNode.ServiceDiscovery": { "additionalProperties": false, "properties": { "AWSCloudMap": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.AwsCloudMapServiceDiscovery", "markdownDescription": "Specifies any AWS Cloud Map information for the virtual node.", "title": "AWSCloudMap" }, "DNS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.DnsServiceDiscovery", "markdownDescription": "Specifies the DNS information for the virtual node.", "title": "DNS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.SubjectAlternativeNameMatchers": { "additionalProperties": false, "properties": { "Exact": { "items": { "type": "string" }, "markdownDescription": "The values sent must match the specified values exactly.", "title": "Exact", "type": "array" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.SubjectAlternativeNames": { "additionalProperties": false, "properties": { "Match": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.SubjectAlternativeNameMatchers", "markdownDescription": "An object that represents the criteria for determining a SANs match.", "title": "Match" } }, "required": [ "Match" ], "type": "object" }, "AWS::AppMesh::VirtualNode.TcpTimeout": { "additionalProperties": false, "properties": { "Idle": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Duration", "markdownDescription": "An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.", "title": "Idle" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.TlsValidationContext": { "additionalProperties": false, "properties": { "SubjectAlternativeNames": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.SubjectAlternativeNames", "markdownDescription": "A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the *terminating* mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the *originating* mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.", "title": "SubjectAlternativeNames" }, "Trust": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextTrust", "markdownDescription": "A reference to where to retrieve the trust chain when validating a peer\u2019s Transport Layer Security (TLS) certificate.", "title": "Trust" } }, "required": [ "Trust" ], "type": "object" }, "AWS::AppMesh::VirtualNode.TlsValidationContextAcmTrust": { "additionalProperties": false, "properties": { "CertificateAuthorityArns": { "items": { "type": "string" }, "markdownDescription": "One or more ACM Amazon Resource Name (ARN)s.", "title": "CertificateAuthorityArns", "type": "array" } }, "required": [ "CertificateAuthorityArns" ], "type": "object" }, "AWS::AppMesh::VirtualNode.TlsValidationContextFileTrust": { "additionalProperties": false, "properties": { "CertificateChain": { "markdownDescription": "The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.", "title": "CertificateChain", "type": "string" } }, "required": [ "CertificateChain" ], "type": "object" }, "AWS::AppMesh::VirtualNode.TlsValidationContextSdsTrust": { "additionalProperties": false, "properties": { "SecretName": { "markdownDescription": "A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SecretName", "type": "string" } }, "required": [ "SecretName" ], "type": "object" }, "AWS::AppMesh::VirtualNode.TlsValidationContextTrust": { "additionalProperties": false, "properties": { "ACM": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextAcmTrust", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certificate Manager certificate.", "title": "ACM" }, "File": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextFileTrust", "markdownDescription": "An object that represents a Transport Layer Security (TLS) validation context trust for a local file.", "title": "File" }, "SDS": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.TlsValidationContextSdsTrust", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.", "title": "SDS" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeConnectionPool": { "additionalProperties": false, "properties": { "GRPC": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeGrpcConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "GRPC" }, "HTTP": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeHttpConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "HTTP" }, "HTTP2": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeHttp2ConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "HTTP2" }, "TCP": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.VirtualNodeTcpConnectionPool", "markdownDescription": "An object that represents a type of connection pool.", "title": "TCP" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeGrpcConnectionPool": { "additionalProperties": false, "properties": { "MaxRequests": { "markdownDescription": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.", "title": "MaxRequests", "type": "number" } }, "required": [ "MaxRequests" ], "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeHttp2ConnectionPool": { "additionalProperties": false, "properties": { "MaxRequests": { "markdownDescription": "Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.", "title": "MaxRequests", "type": "number" } }, "required": [ "MaxRequests" ], "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeHttpConnectionPool": { "additionalProperties": false, "properties": { "MaxConnections": { "markdownDescription": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.", "title": "MaxConnections", "type": "number" }, "MaxPendingRequests": { "markdownDescription": "Number of overflowing requests after `max_connections` Envoy will queue to upstream cluster.", "title": "MaxPendingRequests", "type": "number" } }, "required": [ "MaxConnections" ], "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeSpec": { "additionalProperties": false, "properties": { "BackendDefaults": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.BackendDefaults", "markdownDescription": "A reference to an object that represents the defaults for backends.", "title": "BackendDefaults" }, "Backends": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Backend" }, "markdownDescription": "The backends that the virtual node is expected to send outbound traffic to.\n\n> App Mesh doesn't validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn't already exist.", "title": "Backends", "type": "array" }, "Listeners": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Listener" }, "markdownDescription": "The listener that the virtual node is expected to receive inbound traffic from. You can specify one listener.", "title": "Listeners", "type": "array" }, "Logging": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.Logging", "markdownDescription": "The inbound and outbound access logging information for the virtual node.", "title": "Logging" }, "ServiceDiscovery": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ServiceDiscovery", "markdownDescription": "The service discovery information for the virtual node. If your virtual node does not expect ingress traffic, you can omit this parameter. If you specify a `listener` , then you must specify service discovery information.", "title": "ServiceDiscovery" } }, "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualNodeTcpConnectionPool": { "additionalProperties": false, "properties": { "MaxConnections": { "markdownDescription": "Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.", "title": "MaxConnections", "type": "number" } }, "required": [ "MaxConnections" ], "type": "object" }, "AWS::AppMesh::VirtualNode.VirtualServiceBackend": { "additionalProperties": false, "properties": { "ClientPolicy": { "$ref": "#/definitions/AWS::AppMesh::VirtualNode.ClientPolicy", "markdownDescription": "A reference to an object that represents the client policy for a backend.", "title": "ClientPolicy" }, "VirtualServiceName": { "markdownDescription": "The name of the virtual service that is acting as a virtual node backend.\n\n> App Mesh doesn't validate the existence of those virtual services specified in backends. This is to prevent a cyclic dependency between virtual nodes and virtual services creation. Make sure the virtual service name is correct. The virtual service can be created afterwards if it doesn't already exist.", "title": "VirtualServiceName", "type": "string" } }, "required": [ "VirtualServiceName" ], "type": "object" }, "AWS::AppMesh::VirtualRouter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name of the service mesh to create the virtual router in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::VirtualRouter.VirtualRouterSpec", "markdownDescription": "The virtual router specification to apply.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the virtual router to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualRouterName": { "markdownDescription": "The name to use for the virtual router.", "title": "VirtualRouterName", "type": "string" } }, "required": [ "MeshName", "Spec" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::VirtualRouter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::VirtualRouter.PortMapping": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port used for the port mapping.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol used for the port mapping. Specify one protocol.", "title": "Protocol", "type": "string" } }, "required": [ "Port", "Protocol" ], "type": "object" }, "AWS::AppMesh::VirtualRouter.VirtualRouterListener": { "additionalProperties": false, "properties": { "PortMapping": { "$ref": "#/definitions/AWS::AppMesh::VirtualRouter.PortMapping", "markdownDescription": "The port mapping information for the listener.", "title": "PortMapping" } }, "required": [ "PortMapping" ], "type": "object" }, "AWS::AppMesh::VirtualRouter.VirtualRouterSpec": { "additionalProperties": false, "properties": { "Listeners": { "items": { "$ref": "#/definitions/AWS::AppMesh::VirtualRouter.VirtualRouterListener" }, "markdownDescription": "The listeners that the virtual router is expected to receive inbound traffic from.", "title": "Listeners", "type": "array" } }, "required": [ "Listeners" ], "type": "object" }, "AWS::AppMesh::VirtualService": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MeshName": { "markdownDescription": "The name of the service mesh to create the virtual service in.", "title": "MeshName", "type": "string" }, "MeshOwner": { "markdownDescription": "The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see [Working with shared meshes](https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html) .", "title": "MeshOwner", "type": "string" }, "Spec": { "$ref": "#/definitions/AWS::AppMesh::VirtualService.VirtualServiceSpec", "markdownDescription": "The virtual service specification to apply.", "title": "Spec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you can apply to the virtual service to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "VirtualServiceName": { "markdownDescription": "The name to use for the virtual service.", "title": "VirtualServiceName", "type": "string" } }, "required": [ "MeshName", "Spec", "VirtualServiceName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppMesh::VirtualService" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppMesh::VirtualService.VirtualNodeServiceProvider": { "additionalProperties": false, "properties": { "VirtualNodeName": { "markdownDescription": "The name of the virtual node that is acting as a service provider.", "title": "VirtualNodeName", "type": "string" } }, "required": [ "VirtualNodeName" ], "type": "object" }, "AWS::AppMesh::VirtualService.VirtualRouterServiceProvider": { "additionalProperties": false, "properties": { "VirtualRouterName": { "markdownDescription": "The name of the virtual router that is acting as a service provider.", "title": "VirtualRouterName", "type": "string" } }, "required": [ "VirtualRouterName" ], "type": "object" }, "AWS::AppMesh::VirtualService.VirtualServiceProvider": { "additionalProperties": false, "properties": { "VirtualNode": { "$ref": "#/definitions/AWS::AppMesh::VirtualService.VirtualNodeServiceProvider", "markdownDescription": "The virtual node associated with a virtual service.", "title": "VirtualNode" }, "VirtualRouter": { "$ref": "#/definitions/AWS::AppMesh::VirtualService.VirtualRouterServiceProvider", "markdownDescription": "The virtual router associated with a virtual service.", "title": "VirtualRouter" } }, "type": "object" }, "AWS::AppMesh::VirtualService.VirtualServiceSpec": { "additionalProperties": false, "properties": { "Provider": { "$ref": "#/definitions/AWS::AppMesh::VirtualService.VirtualServiceProvider", "markdownDescription": "The App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router.", "title": "Provider" } }, "type": "object" }, "AWS::AppRunner::AutoScalingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingConfigurationName": { "markdownDescription": "The customer-provided auto scaling configuration name. It can be used in multiple revisions of a configuration.", "title": "AutoScalingConfigurationName", "type": "string" }, "MaxConcurrency": { "markdownDescription": "The maximum number of concurrent requests that an instance processes. If the number of concurrent requests exceeds this limit, App Runner scales the service up.", "title": "MaxConcurrency", "type": "number" }, "MaxSize": { "markdownDescription": "The maximum number of instances that a service scales up to. At most `MaxSize` instances actively serve traffic for your service.", "title": "MaxSize", "type": "number" }, "MinSize": { "markdownDescription": "The minimum number of instances that App Runner provisions for a service. The service always has at least `MinSize` provisioned instances. Some of them actively serve traffic. The rest of them (provisioned and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset.\n\nApp Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code.", "title": "MinSize", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of metadata items that you can associate with your auto scaling configuration resource. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppRunner::AutoScalingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppRunner::ObservabilityConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ObservabilityConfigurationName": { "markdownDescription": "A name for the observability configuration. When you use it for the first time in an AWS Region , App Runner creates revision number `1` of this name. When you use the same name in subsequent calls, App Runner creates incremental revisions of the configuration.\n\n> The name `DefaultConfiguration` is reserved. You can't use it to create a new observability configuration, and you can't create a revision of it.\n> \n> When you want to use your own observability configuration for your App Runner service, *create a configuration with a different name* , and then provide it when you create or update your service. \n\nIf you don't specify a name, AWS CloudFormation generates a name for your observability configuration.", "title": "ObservabilityConfigurationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of metadata items that you can associate with your observability configuration resource. A tag is a key-value pair.", "title": "Tags", "type": "array" }, "TraceConfiguration": { "$ref": "#/definitions/AWS::AppRunner::ObservabilityConfiguration.TraceConfiguration", "markdownDescription": "The configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing.", "title": "TraceConfiguration" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppRunner::ObservabilityConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppRunner::ObservabilityConfiguration.TraceConfiguration": { "additionalProperties": false, "properties": { "Vendor": { "markdownDescription": "The implementation provider chosen for tracing App Runner services.", "title": "Vendor", "type": "string" } }, "required": [ "Vendor" ], "type": "object" }, "AWS::AppRunner::Service": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an App Runner automatic scaling configuration resource that you want to associate with your service. If not provided, App Runner associates the latest revision of a default auto scaling configuration.\n\nSpecify an ARN with a name and a revision number to associate that revision. For example: `arn:aws:apprunner:us-east-1:123456789012:autoscalingconfiguration/high-availability/3`\n\nSpecify just the name to associate the latest revision. For example: `arn:aws:apprunner:us-east-1:123456789012:autoscalingconfiguration/high-availability`", "title": "AutoScalingConfigurationArn", "type": "string" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.EncryptionConfiguration", "markdownDescription": "An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an AWS managed key .", "title": "EncryptionConfiguration" }, "HealthCheckConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.HealthCheckConfiguration", "markdownDescription": "The settings for the health check that AWS App Runner performs to monitor the health of the App Runner service.", "title": "HealthCheckConfiguration" }, "InstanceConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.InstanceConfiguration", "markdownDescription": "The runtime configuration of instances (scaling units) of your service.", "title": "InstanceConfiguration" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.NetworkConfiguration", "markdownDescription": "Configuration settings related to network traffic of the web application that the App Runner service runs.", "title": "NetworkConfiguration" }, "ObservabilityConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.ServiceObservabilityConfiguration", "markdownDescription": "The observability configuration of your service.", "title": "ObservabilityConfiguration" }, "ServiceName": { "markdownDescription": "A name for the App Runner service. It must be unique across all the running App Runner services in your AWS account in the AWS Region .\n\nIf you don't specify a name, AWS CloudFormation generates a name for your service.", "title": "ServiceName", "type": "string" }, "SourceConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.SourceConfiguration", "markdownDescription": "The source to deploy to the App Runner service. It can be a code or an image repository.", "title": "SourceConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional list of metadata items that you can associate with the App Runner service resource. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "required": [ "SourceConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::AppRunner::Service" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppRunner::Service.AuthenticationConfiguration": { "additionalProperties": false, "properties": { "AccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants the App Runner service access to a source repository. It's required for ECR image repositories (but not for ECR Public repositories).", "title": "AccessRoleArn", "type": "string" }, "ConnectionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the App Runner connection that enables the App Runner service to connect to a source repository. It's required for GitHub code repositories.", "title": "ConnectionArn", "type": "string" } }, "type": "object" }, "AWS::AppRunner::Service.CodeConfiguration": { "additionalProperties": false, "properties": { "CodeConfigurationValues": { "$ref": "#/definitions/AWS::AppRunner::Service.CodeConfigurationValues", "markdownDescription": "The basic configuration for building and running the App Runner service. Use it to quickly launch an App Runner service without providing a `apprunner.yaml` file in the source code repository (or ignoring the file if it exists).", "title": "CodeConfigurationValues" }, "ConfigurationSource": { "markdownDescription": "The source of the App Runner configuration. Values are interpreted as follows:\n\n- `REPOSITORY` \u2013 App Runner reads configuration values from the `apprunner.yaml` file in the source code repository and ignores `CodeConfigurationValues` .\n- `API` \u2013 App Runner uses configuration values provided in `CodeConfigurationValues` and ignores the `apprunner.yaml` file in the source code repository.", "title": "ConfigurationSource", "type": "string" } }, "required": [ "ConfigurationSource" ], "type": "object" }, "AWS::AppRunner::Service.CodeConfigurationValues": { "additionalProperties": false, "properties": { "BuildCommand": { "markdownDescription": "The command App Runner runs to build your application.", "title": "BuildCommand", "type": "string" }, "Port": { "markdownDescription": "The port that your application listens to in the container.\n\nDefault: `8080`", "title": "Port", "type": "string" }, "Runtime": { "markdownDescription": "A runtime environment type for building and running an App Runner service. It represents a programming language runtime.", "title": "Runtime", "type": "string" }, "RuntimeEnvironmentSecrets": { "items": { "$ref": "#/definitions/AWS::AppRunner::Service.KeyValuePair" }, "markdownDescription": "An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n\n> - If the AWS Systems Manager Parameter Store parameter exists in the same AWS Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified.\n> - Currently, cross account referencing of AWS Systems Manager Parameter Store parameter is not supported.", "title": "RuntimeEnvironmentSecrets", "type": "array" }, "RuntimeEnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::AppRunner::Service.KeyValuePair" }, "markdownDescription": "The environment variables that are available to your running AWS App Runner service. An array of key-value pairs.", "title": "RuntimeEnvironmentVariables", "type": "array" }, "StartCommand": { "markdownDescription": "The command App Runner runs to start your application.", "title": "StartCommand", "type": "string" } }, "required": [ "Runtime" ], "type": "object" }, "AWS::AppRunner::Service.CodeRepository": { "additionalProperties": false, "properties": { "CodeConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.CodeConfiguration", "markdownDescription": "Configuration for building and running the service from a source code repository.\n\n> `CodeConfiguration` is required only for `CreateService` request.", "title": "CodeConfiguration" }, "RepositoryUrl": { "markdownDescription": "The location of the repository that contains the source code.", "title": "RepositoryUrl", "type": "string" }, "SourceCodeVersion": { "$ref": "#/definitions/AWS::AppRunner::Service.SourceCodeVersion", "markdownDescription": "The version that should be used within the source code repository.", "title": "SourceCodeVersion" }, "SourceDirectory": { "markdownDescription": "The path of the directory that stores source code and configuration files. The build and start commands also execute from here. The path is absolute from root and, if not specified, defaults to the repository root.", "title": "SourceDirectory", "type": "string" } }, "required": [ "RepositoryUrl", "SourceCodeVersion" ], "type": "object" }, "AWS::AppRunner::Service.EgressConfiguration": { "additionalProperties": false, "properties": { "EgressType": { "markdownDescription": "The type of egress configuration.\n\nSet to `DEFAULT` for access to resources hosted on public networks.\n\nSet to `VPC` to associate your service to a custom VPC specified by `VpcConnectorArn` .", "title": "EgressType", "type": "string" }, "VpcConnectorArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to associate with your App Runner service. Only valid when `EgressType = VPC` .", "title": "VpcConnectorArn", "type": "string" } }, "required": [ "EgressType" ], "type": "object" }, "AWS::AppRunner::Service.EncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKey": { "markdownDescription": "The ARN of the KMS key that's used for encryption.", "title": "KmsKey", "type": "string" } }, "required": [ "KmsKey" ], "type": "object" }, "AWS::AppRunner::Service.HealthCheckConfiguration": { "additionalProperties": false, "properties": { "HealthyThreshold": { "markdownDescription": "The number of consecutive checks that must succeed before App Runner decides that the service is healthy.\n\nDefault: `1`", "title": "HealthyThreshold", "type": "number" }, "Interval": { "markdownDescription": "The time interval, in seconds, between health checks.\n\nDefault: `5`", "title": "Interval", "type": "number" }, "Path": { "markdownDescription": "The URL that health check requests are sent to.\n\n`Path` is only applicable when you set `Protocol` to `HTTP` .\n\nDefault: `\"/\"`", "title": "Path", "type": "string" }, "Protocol": { "markdownDescription": "The IP protocol that App Runner uses to perform health checks for your service.\n\nIf you set `Protocol` to `HTTP` , App Runner sends health check requests to the HTTP path specified by `Path` .\n\nDefault: `TCP`", "title": "Protocol", "type": "string" }, "Timeout": { "markdownDescription": "The time, in seconds, to wait for a health check response before deciding it failed.\n\nDefault: `2`", "title": "Timeout", "type": "number" }, "UnhealthyThreshold": { "markdownDescription": "The number of consecutive checks that must fail before App Runner decides that the service is unhealthy.\n\nDefault: `5`", "title": "UnhealthyThreshold", "type": "number" } }, "type": "object" }, "AWS::AppRunner::Service.ImageConfiguration": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The port that your application listens to in the container.\n\nDefault: `8080`", "title": "Port", "type": "string" }, "RuntimeEnvironmentSecrets": { "items": { "$ref": "#/definitions/AWS::AppRunner::Service.KeyValuePair" }, "markdownDescription": "An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n\n> - If the AWS Systems Manager Parameter Store parameter exists in the same AWS Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified.\n> - Currently, cross account referencing of AWS Systems Manager Parameter Store parameter is not supported.", "title": "RuntimeEnvironmentSecrets", "type": "array" }, "RuntimeEnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::AppRunner::Service.KeyValuePair" }, "markdownDescription": "Environment variables that are available to your running App Runner service. An array of key-value pairs.", "title": "RuntimeEnvironmentVariables", "type": "array" }, "StartCommand": { "markdownDescription": "An optional command that App Runner runs to start the application in the source image. If specified, this command overrides the Docker image\u2019s default start command.", "title": "StartCommand", "type": "string" } }, "type": "object" }, "AWS::AppRunner::Service.ImageRepository": { "additionalProperties": false, "properties": { "ImageConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.ImageConfiguration", "markdownDescription": "Configuration for running the identified image.", "title": "ImageConfiguration" }, "ImageIdentifier": { "markdownDescription": "The identifier of an image.\n\nFor an image in Amazon Elastic Container Registry (Amazon ECR), this is an image name. For the image name format, see [Pulling an image](https://docs.aws.amazon.com/AmazonECR/latest/userguide/docker-pull-ecr-image.html) in the *Amazon ECR User Guide* .", "title": "ImageIdentifier", "type": "string" }, "ImageRepositoryType": { "markdownDescription": "The type of the image repository. This reflects the repository provider and whether the repository is private or public.", "title": "ImageRepositoryType", "type": "string" } }, "required": [ "ImageIdentifier", "ImageRepositoryType" ], "type": "object" }, "AWS::AppRunner::Service.IngressConfiguration": { "additionalProperties": false, "properties": { "IsPubliclyAccessible": { "markdownDescription": "Specifies whether your App Runner service is publicly accessible. To make the service publicly accessible set it to `True` . To make the service privately accessible, from only within an Amazon VPC set it to `False` .", "title": "IsPubliclyAccessible", "type": "boolean" } }, "required": [ "IsPubliclyAccessible" ], "type": "object" }, "AWS::AppRunner::Service.InstanceConfiguration": { "additionalProperties": false, "properties": { "Cpu": { "markdownDescription": "The number of CPU units reserved for each instance of your App Runner service.\n\nDefault: `1 vCPU`", "title": "Cpu", "type": "string" }, "InstanceRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that provides permissions to your App Runner service. These are permissions that your code needs when it calls any AWS APIs.", "title": "InstanceRoleArn", "type": "string" }, "Memory": { "markdownDescription": "The amount of memory, in MB or GB, reserved for each instance of your App Runner service.\n\nDefault: `2 GB`", "title": "Memory", "type": "string" } }, "type": "object" }, "AWS::AppRunner::Service.KeyValuePair": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The key name string to map to a value.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value string to which the key name is mapped.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::AppRunner::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { "EgressConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.EgressConfiguration", "markdownDescription": "Network configuration settings for outbound message traffic.", "title": "EgressConfiguration" }, "IngressConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.IngressConfiguration", "markdownDescription": "Network configuration settings for inbound message traffic.", "title": "IngressConfiguration" }, "IpAddressType": { "markdownDescription": "App Runner provides you with the option to choose between *Internet Protocol version 4 (IPv4)* and *dual stack* (IPv4 and IPv6) for your incoming public network configuration. This is an optional parameter. If you do not specify an `IpAddressType` , it defaults to select IPv4.\n\n> Currently, App Runner supports dual stack for only Public endpoint. Only IPv4 is supported for Private endpoint. If you update a service that's using dual-stack Public endpoint to a Private endpoint, your App Runner service will default to support only IPv4 for Private endpoint and fail to receive traffic originating from IPv6 endpoint.", "title": "IpAddressType", "type": "string" } }, "type": "object" }, "AWS::AppRunner::Service.ServiceObservabilityConfiguration": { "additionalProperties": false, "properties": { "ObservabilityConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the observability configuration that is associated with the service. Specified only when `ObservabilityEnabled` is `true` .\n\nSpecify an ARN with a name and a revision number to associate that revision. For example: `arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing/3`\n\nSpecify just the name to associate the latest revision. For example: `arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing`", "title": "ObservabilityConfigurationArn", "type": "string" }, "ObservabilityEnabled": { "markdownDescription": "When `true` , an observability configuration resource is associated with the service, and an `ObservabilityConfigurationArn` is specified.", "title": "ObservabilityEnabled", "type": "boolean" } }, "required": [ "ObservabilityEnabled" ], "type": "object" }, "AWS::AppRunner::Service.SourceCodeVersion": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of version identifier.\n\nFor a git-based repository, branches represent versions.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "A source code version.\n\nFor a git-based repository, a branch name maps to a specific version. App Runner uses the most recent commit to the branch.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::AppRunner::Service.SourceConfiguration": { "additionalProperties": false, "properties": { "AuthenticationConfiguration": { "$ref": "#/definitions/AWS::AppRunner::Service.AuthenticationConfiguration", "markdownDescription": "Describes the resources that are needed to authenticate access to some source repositories.", "title": "AuthenticationConfiguration" }, "AutoDeploymentsEnabled": { "markdownDescription": "If `true` , continuous integration from the source repository is enabled for the App Runner service. Each repository change (including any source code commit or new image version) starts a deployment.\n\nDefault: App Runner sets to `false` for a source image that uses an ECR Public repository or an ECR repository that's in an AWS account other than the one that the service is in. App Runner sets to `true` in all other cases (which currently include a source code repository or a source image using a same-account ECR repository).", "title": "AutoDeploymentsEnabled", "type": "boolean" }, "CodeRepository": { "$ref": "#/definitions/AWS::AppRunner::Service.CodeRepository", "markdownDescription": "The description of a source code repository.\n\nYou must provide either this member or `ImageRepository` (but not both).", "title": "CodeRepository" }, "ImageRepository": { "$ref": "#/definitions/AWS::AppRunner::Service.ImageRepository", "markdownDescription": "The description of a source image repository.\n\nYou must provide either this member or `CodeRepository` (but not both).", "title": "ImageRepository" } }, "type": "object" }, "AWS::AppRunner::VpcConnector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of IDs of security groups that App Runner should use for access to AWS resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.\n\n> App Runner currently only provides support for IPv4.", "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.\n\n> A `VpcConnector` is immutable, so you cannot update its tags. To change the tags, replace the resource. To replace a `VpcConnector` , you must provide a new combination of security groups.", "title": "Tags", "type": "array" }, "VpcConnectorName": { "markdownDescription": "A name for the VPC connector.\n\nIf you don't specify a name, AWS CloudFormation generates a name for your VPC connector.", "title": "VpcConnectorName", "type": "string" } }, "required": [ "Subnets" ], "type": "object" }, "Type": { "enum": [ "AWS::AppRunner::VpcConnector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppRunner::VpcIngressConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IngressVpcConfiguration": { "$ref": "#/definitions/AWS::AppRunner::VpcIngressConnection.IngressVpcConfiguration", "markdownDescription": "Specifications for the customer\u2019s Amazon VPC and the related AWS PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource.", "title": "IngressVpcConfiguration" }, "ServiceArn": { "markdownDescription": "The Amazon Resource Name (ARN) for this App Runner service that is used to create the VPC Ingress Connection resource.", "title": "ServiceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional list of metadata items that you can associate with the VPC Ingress Connection resource. A tag is a key-value pair.", "title": "Tags", "type": "array" }, "VpcIngressConnectionName": { "markdownDescription": "The customer-provided VPC Ingress Connection name.", "title": "VpcIngressConnectionName", "type": "string" } }, "required": [ "IngressVpcConfiguration", "ServiceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::AppRunner::VpcIngressConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppRunner::VpcIngressConnection.IngressVpcConfiguration": { "additionalProperties": false, "properties": { "VpcEndpointId": { "markdownDescription": "The ID of the VPC endpoint that your App Runner service connects to.", "title": "VpcEndpointId", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC that is used for the VPC endpoint.", "title": "VpcId", "type": "string" } }, "required": [ "VpcEndpointId", "VpcId" ], "type": "object" }, "AWS::AppStream::AppBlock": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the app block.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the app block.", "title": "DisplayName", "type": "string" }, "Name": { "markdownDescription": "The name of the app block.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`", "title": "Name", "type": "string" }, "PackagingType": { "markdownDescription": "The packaging type of the app block.", "title": "PackagingType", "type": "string" }, "PostSetupScriptDetails": { "$ref": "#/definitions/AWS::AppStream::AppBlock.ScriptDetails", "markdownDescription": "The post setup script details of the app block.", "title": "PostSetupScriptDetails" }, "SetupScriptDetails": { "$ref": "#/definitions/AWS::AppStream::AppBlock.ScriptDetails", "markdownDescription": "The setup script details of the app block.", "title": "SetupScriptDetails" }, "SourceS3Location": { "$ref": "#/definitions/AWS::AppStream::AppBlock.S3Location", "markdownDescription": "The source S3 location of the app block.", "title": "SourceS3Location" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags of the app block.", "title": "Tags", "type": "array" } }, "required": [ "Name", "SourceS3Location" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::AppBlock" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::AppBlock.S3Location": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The S3 bucket of the app block.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The S3 key of the S3 object of the virtual hard disk.\n\nThis is required when it's used by `SetupScriptDetails` and `PostSetupScriptDetails` .", "title": "S3Key", "type": "string" } }, "required": [ "S3Bucket" ], "type": "object" }, "AWS::AppStream::AppBlock.ScriptDetails": { "additionalProperties": false, "properties": { "ExecutableParameters": { "markdownDescription": "The parameters used in the run path for the script.", "title": "ExecutableParameters", "type": "string" }, "ExecutablePath": { "markdownDescription": "The run path for the script.", "title": "ExecutablePath", "type": "string" }, "ScriptS3Location": { "$ref": "#/definitions/AWS::AppStream::AppBlock.S3Location", "markdownDescription": "The S3 object location of the script.", "title": "ScriptS3Location" }, "TimeoutInSeconds": { "markdownDescription": "The run timeout, in seconds, for the script.", "title": "TimeoutInSeconds", "type": "number" } }, "required": [ "ExecutablePath", "ScriptS3Location", "TimeoutInSeconds" ], "type": "object" }, "AWS::AppStream::AppBlockBuilder": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessEndpoints": { "items": { "$ref": "#/definitions/AWS::AppStream::AppBlockBuilder.AccessEndpoint" }, "markdownDescription": "The access endpoints of the app block builder.", "title": "AccessEndpoints", "type": "array" }, "AppBlockArns": { "items": { "type": "string" }, "markdownDescription": "The ARN of the app block.\n\n*Maximum* : `1`", "title": "AppBlockArns", "type": "array" }, "Description": { "markdownDescription": "The description of the app block builder.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the app block builder.", "title": "DisplayName", "type": "string" }, "EnableDefaultInternetAccess": { "markdownDescription": "Indicates whether default internet access is enabled for the app block builder.", "title": "EnableDefaultInternetAccess", "type": "boolean" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that is applied to the app block builder.", "title": "IamRoleArn", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type of the app block builder.", "title": "InstanceType", "type": "string" }, "Name": { "markdownDescription": "The name of the app block builder.", "title": "Name", "type": "string" }, "Platform": { "markdownDescription": "The platform of the app block builder.\n\n*Allowed values* : `WINDOWS_SERVER_2019`", "title": "Platform", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags of the app block builder.", "title": "Tags", "type": "array" }, "VpcConfig": { "$ref": "#/definitions/AWS::AppStream::AppBlockBuilder.VpcConfig", "markdownDescription": "The VPC configuration for the app block builder.", "title": "VpcConfig" } }, "required": [ "InstanceType", "Name", "Platform", "VpcConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::AppBlockBuilder" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::AppBlockBuilder.AccessEndpoint": { "additionalProperties": false, "properties": { "EndpointType": { "markdownDescription": "The type of interface endpoint.", "title": "EndpointType", "type": "string" }, "VpceId": { "markdownDescription": "The identifier (ID) of the VPC in which the interface endpoint is used.", "title": "VpceId", "type": "string" } }, "required": [ "EndpointType", "VpceId" ], "type": "object" }, "AWS::AppStream::AppBlockBuilder.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the security groups for the fleet or image builder.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. Fleet instances use one or more subnets. Image builder instances use one subnet.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::AppStream::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppBlockArn": { "markdownDescription": "The app block ARN with which the application should be associated.", "title": "AppBlockArn", "type": "string" }, "AttributesToDelete": { "items": { "type": "string" }, "markdownDescription": "A list of attributes to delete from an application.", "title": "AttributesToDelete", "type": "array" }, "Description": { "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the application. This name is visible to users in the application catalog.", "title": "DisplayName", "type": "string" }, "IconS3Location": { "$ref": "#/definitions/AWS::AppStream::Application.S3Location", "markdownDescription": "The icon S3 location of the application.", "title": "IconS3Location" }, "InstanceFamilies": { "items": { "type": "string" }, "markdownDescription": "The instance families the application supports.\n\n*Allowed Values* : `GENERAL_PURPOSE` | `GRAPHICS_G4`", "title": "InstanceFamilies", "type": "array" }, "LaunchParameters": { "markdownDescription": "The launch parameters of the application.", "title": "LaunchParameters", "type": "string" }, "LaunchPath": { "markdownDescription": "The launch path of the application.", "title": "LaunchPath", "type": "string" }, "Name": { "markdownDescription": "The name of the application. This name is visible to users when a name is not specified in the DisplayName property.\n\n*Pattern* : `^[a-zA-Z0-9][a-zA-Z0-9_.-]{0,100}$`", "title": "Name", "type": "string" }, "Platforms": { "items": { "type": "string" }, "markdownDescription": "The platforms the application supports.\n\n*Allowed Values* : `WINDOWS_SERVER_2019` | `AMAZON_LINUX2`", "title": "Platforms", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags of the application.", "title": "Tags", "type": "array" }, "WorkingDirectory": { "markdownDescription": "The working directory of the application.", "title": "WorkingDirectory", "type": "string" } }, "required": [ "AppBlockArn", "IconS3Location", "InstanceFamilies", "LaunchPath", "Name", "Platforms" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::Application.S3Location": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The S3 bucket of the S3 object.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The S3 key of the S3 object.", "title": "S3Key", "type": "string" } }, "required": [ "S3Bucket", "S3Key" ], "type": "object" }, "AWS::AppStream::ApplicationEntitlementAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationIdentifier": { "markdownDescription": "The identifier of the application.", "title": "ApplicationIdentifier", "type": "string" }, "EntitlementName": { "markdownDescription": "The name of the entitlement.", "title": "EntitlementName", "type": "string" }, "StackName": { "markdownDescription": "The name of the stack.", "title": "StackName", "type": "string" } }, "required": [ "ApplicationIdentifier", "EntitlementName", "StackName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::ApplicationEntitlementAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::ApplicationFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationArn": { "markdownDescription": "The ARN of the application.", "title": "ApplicationArn", "type": "string" }, "FleetName": { "markdownDescription": "The name of the fleet.", "title": "FleetName", "type": "string" } }, "required": [ "ApplicationArn", "FleetName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::ApplicationFleetAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::DirectoryConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateBasedAuthProperties": { "$ref": "#/definitions/AWS::AppStream::DirectoryConfig.CertificateBasedAuthProperties", "markdownDescription": "The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances.", "title": "CertificateBasedAuthProperties" }, "DirectoryName": { "markdownDescription": "The fully qualified name of the directory (for example, corp.example.com).", "title": "DirectoryName", "type": "string" }, "OrganizationalUnitDistinguishedNames": { "items": { "type": "string" }, "markdownDescription": "The distinguished names of the organizational units for computer accounts.", "title": "OrganizationalUnitDistinguishedNames", "type": "array" }, "ServiceAccountCredentials": { "$ref": "#/definitions/AWS::AppStream::DirectoryConfig.ServiceAccountCredentials", "markdownDescription": "The credentials for the service account used by the streaming instance to connect to the directory. Do not use this parameter directly. Use `ServiceAccountCredentials` as an input parameter with `noEcho` as shown in the [Parameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html) . For best practices information, see [Do Not Embed Credentials in Your Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) .", "title": "ServiceAccountCredentials" } }, "required": [ "DirectoryName", "OrganizationalUnitDistinguishedNames", "ServiceAccountCredentials" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::DirectoryConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::DirectoryConfig.CertificateBasedAuthProperties": { "additionalProperties": false, "properties": { "CertificateAuthorityArn": { "markdownDescription": "The ARN of the AWS Certificate Manager Private CA resource.", "title": "CertificateAuthorityArn", "type": "string" }, "Status": { "markdownDescription": "The status of the certificate-based authentication properties. Fallback is turned on by default when certificate-based authentication is *Enabled* . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. *Enabled_no_directory_login_fallback* enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::AppStream::DirectoryConfig.ServiceAccountCredentials": { "additionalProperties": false, "properties": { "AccountName": { "markdownDescription": "The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.", "title": "AccountName", "type": "string" }, "AccountPassword": { "markdownDescription": "The password for the account.", "title": "AccountPassword", "type": "string" } }, "required": [ "AccountName", "AccountPassword" ], "type": "object" }, "AWS::AppStream::Entitlement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppVisibility": { "markdownDescription": "Specifies whether to entitle all apps or only selected apps.", "title": "AppVisibility", "type": "string" }, "Attributes": { "items": { "$ref": "#/definitions/AWS::AppStream::Entitlement.Attribute" }, "markdownDescription": "The attributes of the entitlement.", "title": "Attributes", "type": "array" }, "Description": { "markdownDescription": "The description of the entitlement.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the entitlement.", "title": "Name", "type": "string" }, "StackName": { "markdownDescription": "The name of the stack.", "title": "StackName", "type": "string" } }, "required": [ "AppVisibility", "Attributes", "Name", "StackName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::Entitlement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::Entitlement.Attribute": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A supported AWS IAM SAML PrincipalTag attribute that is matched to a value when a user identity federates to an AppStream 2.0 SAML application.\n\nThe following are supported values:\n\n- roles\n- department\n- organization\n- groups\n- title\n- costCenter\n- userType", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "A value that is matched to a supported SAML attribute name when a user identity federates to an AppStream 2.0 SAML application.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::AppStream::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComputeCapacity": { "$ref": "#/definitions/AWS::AppStream::Fleet.ComputeCapacity", "markdownDescription": "The desired capacity for the fleet. This is not allowed for Elastic fleets.", "title": "ComputeCapacity" }, "Description": { "markdownDescription": "The description to display.", "title": "Description", "type": "string" }, "DisconnectTimeoutInSeconds": { "markdownDescription": "The amount of time that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.\n\nSpecify a value between 60 and 36000.", "title": "DisconnectTimeoutInSeconds", "type": "number" }, "DisplayName": { "markdownDescription": "The fleet name to display.", "title": "DisplayName", "type": "string" }, "DomainJoinInfo": { "$ref": "#/definitions/AWS::AppStream::Fleet.DomainJoinInfo", "markdownDescription": "The name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain. This is not allowed for Elastic fleets.", "title": "DomainJoinInfo" }, "EnableDefaultInternetAccess": { "markdownDescription": "Enables or disables default internet access for the fleet.", "title": "EnableDefaultInternetAccess", "type": "boolean" }, "FleetType": { "markdownDescription": "The fleet type.\n\n- **ALWAYS_ON** - Provides users with instant-on access to their apps. You are charged for all running instances in your fleet, even if no users are streaming apps.\n- **ON_DEMAND** - Provide users with access to applications after they connect, which takes one to two minutes. You are charged for instance streaming when users are connected and a small hourly fee for instances that are not streaming apps.\n- **ELASTIC** - The pool of streaming instances is managed by Amazon AppStream 2.0. When a user selects their application or desktop to launch, they will start streaming after the app block has been downloaded and mounted to a streaming instance.\n\n*Allowed Values* : `ALWAYS_ON` | `ELASTIC` | `ON_DEMAND`", "title": "FleetType", "type": "string" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that is applied to the fleet. To assume a role, the fleet instance calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* .", "title": "IamRoleArn", "type": "string" }, "IdleDisconnectTimeoutInSeconds": { "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the `DisconnectTimeoutInSeconds` time interval begins. Users are notified before they are disconnected due to inactivity. If they try to reconnect to the streaming session before the time interval specified in `DisconnectTimeoutInSeconds` elapses, they are connected to their previous session. Users are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be idle after the time interval in `IdleDisconnectTimeoutInSeconds` elapses, they are disconnected.\n\nTo prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000.\n\nIf you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.", "title": "IdleDisconnectTimeoutInSeconds", "type": "number" }, "ImageArn": { "markdownDescription": "The ARN of the public, private, or shared image to use.", "title": "ImageArn", "type": "string" }, "ImageName": { "markdownDescription": "The name of the image used to create the fleet.", "title": "ImageName", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type to use when launching fleet instances. The following instance types are available for non-Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge\n\nThe following instance types are available for Elastic fleets:\n\n- stream.standard.small\n- stream.standard.medium", "title": "InstanceType", "type": "string" }, "MaxConcurrentSessions": { "markdownDescription": "The maximum number of concurrent sessions that can be run on an Elastic fleet. This setting is required for Elastic fleets, but is not used for other fleet types.", "title": "MaxConcurrentSessions", "type": "number" }, "MaxSessionsPerInstance": { "markdownDescription": "Max number of user sessions on an instance. This is applicable only for multi-session fleets.", "title": "MaxSessionsPerInstance", "type": "number" }, "MaxUserDurationInSeconds": { "markdownDescription": "The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.\n\nSpecify a value between 600 and 432000.", "title": "MaxUserDurationInSeconds", "type": "number" }, "Name": { "markdownDescription": "A unique name for the fleet.", "title": "Name", "type": "string" }, "Platform": { "markdownDescription": "The platform of the fleet. Platform is a required setting for Elastic fleets, and is not used for other fleet types.", "title": "Platform", "type": "string" }, "SessionScriptS3Location": { "$ref": "#/definitions/AWS::AppStream::Fleet.S3Location", "markdownDescription": "The S3 location of the session scripts configuration zip file. This only applies to Elastic fleets.", "title": "SessionScriptS3Location" }, "StreamView": { "markdownDescription": "The AppStream 2.0 view that is displayed to your users when they stream from the fleet. When `APP` is specified, only the windows of applications opened by users display. When `DESKTOP` is specified, the standard desktop that is provided by the operating system displays.\n\nThe default value is `APP` .", "title": "StreamView", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs.", "title": "Tags", "type": "array" }, "UsbDeviceFilterStrings": { "items": { "type": "string" }, "markdownDescription": "The USB device filter strings that specify which USB devices a user can redirect to the fleet streaming session, when using the Windows native client. This is allowed but not required for Elastic fleets.", "title": "UsbDeviceFilterStrings", "type": "array" }, "VpcConfig": { "$ref": "#/definitions/AWS::AppStream::Fleet.VpcConfig", "markdownDescription": "The VPC configuration for the fleet. This is required for Elastic fleets, but not required for other fleet types.", "title": "VpcConfig" } }, "required": [ "InstanceType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::Fleet.ComputeCapacity": { "additionalProperties": false, "properties": { "DesiredInstances": { "markdownDescription": "The desired number of streaming instances.", "title": "DesiredInstances", "type": "number" }, "DesiredSessions": { "markdownDescription": "The desired capacity in terms of number of user sessions, for the multi-session fleet. This is not allowed for single-session fleets.\n\nWhen you create a fleet, you must set define either the DesiredSessions or DesiredInstances attribute, based on the type of fleet you create. You can\u2019t define both attributes or leave both attributes blank.", "title": "DesiredSessions", "type": "number" } }, "type": "object" }, "AWS::AppStream::Fleet.DomainJoinInfo": { "additionalProperties": false, "properties": { "DirectoryName": { "markdownDescription": "The fully qualified name of the directory (for example, corp.example.com).", "title": "DirectoryName", "type": "string" }, "OrganizationalUnitDistinguishedName": { "markdownDescription": "The distinguished name of the organizational unit for computer accounts.", "title": "OrganizationalUnitDistinguishedName", "type": "string" } }, "type": "object" }, "AWS::AppStream::Fleet.S3Location": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The S3 bucket of the S3 object.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The S3 key of the S3 object.", "title": "S3Key", "type": "string" } }, "required": [ "S3Bucket", "S3Key" ], "type": "object" }, "AWS::AppStream::Fleet.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the security groups for the fleet.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the subnets to which a network interface is attached from the fleet instance. Fleet instances can use one or two subnets.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::AppStream::ImageBuilder": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessEndpoints": { "items": { "$ref": "#/definitions/AWS::AppStream::ImageBuilder.AccessEndpoint" }, "markdownDescription": "The list of virtual private cloud (VPC) interface endpoint objects. Administrators can connect to the image builder only through the specified endpoints.", "title": "AccessEndpoints", "type": "array" }, "AppstreamAgentVersion": { "markdownDescription": "The version of the AppStream 2.0 agent to use for this image builder. To use the latest version of the AppStream 2.0 agent, specify [LATEST].", "title": "AppstreamAgentVersion", "type": "string" }, "Description": { "markdownDescription": "The description to display.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The image builder name to display.", "title": "DisplayName", "type": "string" }, "DomainJoinInfo": { "$ref": "#/definitions/AWS::AppStream::ImageBuilder.DomainJoinInfo", "markdownDescription": "The name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain.", "title": "DomainJoinInfo" }, "EnableDefaultInternetAccess": { "markdownDescription": "Enables or disables default internet access for the image builder.", "title": "EnableDefaultInternetAccess", "type": "boolean" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS Security Token Service `AssumeRole` API operation and passes the ARN of the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates the *appstream_machine_role* credential profile on the instance.\n\nFor more information, see [Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances](https://docs.aws.amazon.com/appstream2/latest/developerguide/using-iam-roles-to-grant-permissions-to-applications-scripts-streaming-instances.html) in the *Amazon AppStream 2.0 Administration Guide* .", "title": "IamRoleArn", "type": "string" }, "ImageArn": { "markdownDescription": "The ARN of the public, private, or shared image to use.", "title": "ImageArn", "type": "string" }, "ImageName": { "markdownDescription": "The name of the image used to create the image builder.", "title": "ImageName", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type to use when launching the image builder. The following instance types are available:\n\n- stream.standard.small\n- stream.standard.medium\n- stream.standard.large\n- stream.compute.large\n- stream.compute.xlarge\n- stream.compute.2xlarge\n- stream.compute.4xlarge\n- stream.compute.8xlarge\n- stream.memory.large\n- stream.memory.xlarge\n- stream.memory.2xlarge\n- stream.memory.4xlarge\n- stream.memory.8xlarge\n- stream.memory.z1d.large\n- stream.memory.z1d.xlarge\n- stream.memory.z1d.2xlarge\n- stream.memory.z1d.3xlarge\n- stream.memory.z1d.6xlarge\n- stream.memory.z1d.12xlarge\n- stream.graphics-design.large\n- stream.graphics-design.xlarge\n- stream.graphics-design.2xlarge\n- stream.graphics-design.4xlarge\n- stream.graphics-desktop.2xlarge\n- stream.graphics.g4dn.xlarge\n- stream.graphics.g4dn.2xlarge\n- stream.graphics.g4dn.4xlarge\n- stream.graphics.g4dn.8xlarge\n- stream.graphics.g4dn.12xlarge\n- stream.graphics.g4dn.16xlarge\n- stream.graphics-pro.4xlarge\n- stream.graphics-pro.8xlarge\n- stream.graphics-pro.16xlarge", "title": "InstanceType", "type": "string" }, "Name": { "markdownDescription": "A unique name for the image builder.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs.", "title": "Tags", "type": "array" }, "VpcConfig": { "$ref": "#/definitions/AWS::AppStream::ImageBuilder.VpcConfig", "markdownDescription": "The VPC configuration for the image builder. You can specify only one subnet.", "title": "VpcConfig" } }, "required": [ "InstanceType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::ImageBuilder" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::ImageBuilder.AccessEndpoint": { "additionalProperties": false, "properties": { "EndpointType": { "markdownDescription": "The type of interface endpoint.", "title": "EndpointType", "type": "string" }, "VpceId": { "markdownDescription": "The identifier (ID) of the VPC in which the interface endpoint is used.", "title": "VpceId", "type": "string" } }, "required": [ "EndpointType", "VpceId" ], "type": "object" }, "AWS::AppStream::ImageBuilder.DomainJoinInfo": { "additionalProperties": false, "properties": { "DirectoryName": { "markdownDescription": "The fully qualified name of the directory (for example, corp.example.com).", "title": "DirectoryName", "type": "string" }, "OrganizationalUnitDistinguishedName": { "markdownDescription": "The distinguished name of the organizational unit for computer accounts.", "title": "OrganizationalUnitDistinguishedName", "type": "string" } }, "type": "object" }, "AWS::AppStream::ImageBuilder.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the security groups for the image builder.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The identifier of the subnet to which a network interface is attached from the image builder instance. An image builder instance can use one subnet.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::AppStream::Stack": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessEndpoints": { "items": { "$ref": "#/definitions/AWS::AppStream::Stack.AccessEndpoint" }, "markdownDescription": "The list of virtual private cloud (VPC) interface endpoint objects. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.", "title": "AccessEndpoints", "type": "array" }, "ApplicationSettings": { "$ref": "#/definitions/AWS::AppStream::Stack.ApplicationSettings", "markdownDescription": "The persistent application settings for users of the stack. When these settings are enabled, changes that users make to applications and Windows settings are automatically saved after each session and applied to the next session.", "title": "ApplicationSettings" }, "AttributesToDelete": { "items": { "type": "string" }, "markdownDescription": "The stack attributes to delete.", "title": "AttributesToDelete", "type": "array" }, "DeleteStorageConnectors": { "markdownDescription": "*This parameter has been deprecated.*\n\nDeletes the storage connectors currently enabled for the stack.", "title": "DeleteStorageConnectors", "type": "boolean" }, "Description": { "markdownDescription": "The description to display.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The stack name to display.", "title": "DisplayName", "type": "string" }, "EmbedHostDomains": { "items": { "type": "string" }, "markdownDescription": "The domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.", "title": "EmbedHostDomains", "type": "array" }, "FeedbackURL": { "markdownDescription": "The URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed.", "title": "FeedbackURL", "type": "string" }, "Name": { "markdownDescription": "The name of the stack.", "title": "Name", "type": "string" }, "RedirectURL": { "markdownDescription": "The URL that users are redirected to after their streaming session ends.", "title": "RedirectURL", "type": "string" }, "StorageConnectors": { "items": { "$ref": "#/definitions/AWS::AppStream::Stack.StorageConnector" }, "markdownDescription": "The storage connectors to enable.", "title": "StorageConnectors", "type": "array" }, "StreamingExperienceSettings": { "$ref": "#/definitions/AWS::AppStream::Stack.StreamingExperienceSettings", "markdownDescription": "The streaming protocol that you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.", "title": "StreamingExperienceSettings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs.", "title": "Tags", "type": "array" }, "UserSettings": { "items": { "$ref": "#/definitions/AWS::AppStream::Stack.UserSetting" }, "markdownDescription": "The actions that are enabled or disabled for users during their streaming sessions. By default, these actions are enabled.", "title": "UserSettings", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppStream::Stack" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppStream::Stack.AccessEndpoint": { "additionalProperties": false, "properties": { "EndpointType": { "markdownDescription": "The type of interface endpoint.", "title": "EndpointType", "type": "string" }, "VpceId": { "markdownDescription": "The identifier (ID) of the VPC in which the interface endpoint is used.", "title": "VpceId", "type": "string" } }, "required": [ "EndpointType", "VpceId" ], "type": "object" }, "AWS::AppStream::Stack.ApplicationSettings": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables or disables persistent application settings for users during their streaming sessions.", "title": "Enabled", "type": "boolean" }, "SettingsGroup": { "markdownDescription": "The path prefix for the S3 bucket where users\u2019 persistent application settings are stored. You can allow the same persistent application settings to be used across multiple stacks by specifying the same settings group for each stack.", "title": "SettingsGroup", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::AppStream::Stack.StorageConnector": { "additionalProperties": false, "properties": { "ConnectorType": { "markdownDescription": "The type of storage connector.", "title": "ConnectorType", "type": "string" }, "Domains": { "items": { "type": "string" }, "markdownDescription": "The names of the domains for the account.", "title": "Domains", "type": "array" }, "ResourceIdentifier": { "markdownDescription": "The ARN of the storage connector.", "title": "ResourceIdentifier", "type": "string" } }, "required": [ "ConnectorType" ], "type": "object" }, "AWS::AppStream::Stack.StreamingExperienceSettings": { "additionalProperties": false, "properties": { "PreferredProtocol": { "markdownDescription": "The preferred protocol that you want to use while streaming your application.", "title": "PreferredProtocol", "type": "string" } }, "type": "object" }, "AWS::AppStream::Stack.UserSetting": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that is enabled or disabled.", "title": "Action", "type": "string" }, "MaximumLength": { "markdownDescription": "Specifies the number of characters that can be copied by end users from the local device to the remote session, and to the local device from the remote session.\n\nThis can be specified only for the `CLIPBOARD_COPY_FROM_LOCAL_DEVICE` and `CLIPBOARD_COPY_TO_LOCAL_DEVICE` actions.\n\nThis defaults to 20,971,520 (20 MB) when unspecified and the permission is `ENABLED` . This can't be specified when the permission is `DISABLED` .\n\nThe value can be between 1 and 20,971,520 (20 MB).", "title": "MaximumLength", "type": "number" }, "Permission": { "markdownDescription": "Indicates whether the action is enabled or disabled.", "title": "Permission", "type": "string" } }, "required": [ "Action", "Permission" ], "type": "object" }, "AWS::AppStream::StackFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FleetName": { "markdownDescription": "The name of the fleet.\n\nTo associate a fleet with a stack, you must specify a dependency on the fleet resource. For more information, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", "title": "FleetName", "type": "string" }, "StackName": { "markdownDescription": "The name of the stack.\n\nTo associate a fleet with a stack, you must specify a dependency on the stack resource. For more information, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", "title": "StackName", "type": "string" } }, "required": [ "FleetName", "StackName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::StackFleetAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::StackUserAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationType": { "markdownDescription": "The authentication type for the user who is associated with the stack. You must specify USERPOOL.", "title": "AuthenticationType", "type": "string" }, "SendEmailNotification": { "markdownDescription": "Specifies whether a welcome email is sent to a user after the user is created in the user pool.", "title": "SendEmailNotification", "type": "boolean" }, "StackName": { "markdownDescription": "The name of the stack that is associated with the user.", "title": "StackName", "type": "string" }, "UserName": { "markdownDescription": "The email address of the user who is associated with the stack.\n\n> Users' email addresses are case-sensitive.", "title": "UserName", "type": "string" } }, "required": [ "AuthenticationType", "StackName", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::StackUserAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppStream::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationType": { "markdownDescription": "The authentication type for the user. You must specify USERPOOL.", "title": "AuthenticationType", "type": "string" }, "FirstName": { "markdownDescription": "The first name, or given name, of the user.", "title": "FirstName", "type": "string" }, "LastName": { "markdownDescription": "The last name, or surname, of the user.", "title": "LastName", "type": "string" }, "MessageAction": { "markdownDescription": "The action to take for the welcome email that is sent to a user after the user is created in the user pool. If you specify SUPPRESS, no email is sent. If you specify RESEND, do not specify the first name or last name of the user. If the value is null, the email is sent.\n\n> The temporary password in the welcome email is valid for only 7 days. If users don\u2019t set their passwords within 7 days, you must send them a new welcome email.", "title": "MessageAction", "type": "string" }, "UserName": { "markdownDescription": "The email address of the user.\n\nUsers' email addresses are case-sensitive. During login, if they specify an email address that doesn't use the same capitalization as the email address specified when their user pool account was created, a \"user does not exist\" error message displays.", "title": "UserName", "type": "string" } }, "required": [ "AuthenticationType", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppStream::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::ApiCache": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiCachingBehavior": { "markdownDescription": "Caching behavior.\n\n- *FULL_REQUEST_CACHING* : All requests are fully cached.\n- *PER_RESOLVER_CACHING* : Individual resolvers that you specify are cached.", "title": "ApiCachingBehavior", "type": "string" }, "ApiId": { "markdownDescription": "The GraphQL API ID.", "title": "ApiId", "type": "string" }, "AtRestEncryptionEnabled": { "markdownDescription": "At-rest encryption flag for cache. You cannot update this setting after creation.", "title": "AtRestEncryptionEnabled", "type": "boolean" }, "HealthMetricsConfig": { "markdownDescription": "Controls how cache health metrics will be emitted to CloudWatch. Cache health metrics include:\n\n- *NetworkBandwidthOutAllowanceExceeded* : The network packets dropped because the throughput exceeded the aggregated bandwidth limit. This is useful for diagnosing bottlenecks in a cache configuration.\n- *EngineCPUUtilization* : The CPU utilization (percentage) allocated to the Redis process. This is useful for diagnosing bottlenecks in a cache configuration.\n\nMetrics will be recorded by API ID. You can set the value to `ENABLED` or `DISABLED` .", "title": "HealthMetricsConfig", "type": "string" }, "TransitEncryptionEnabled": { "markdownDescription": "Transit encryption flag when connecting to cache. You cannot update this setting after creation.", "title": "TransitEncryptionEnabled", "type": "boolean" }, "Ttl": { "markdownDescription": "TTL in seconds for cache entries.\n\nValid values are 1\u20133,600 seconds.", "title": "Ttl", "type": "number" }, "Type": { "markdownDescription": "The cache instance type. Valid values are\n\n- `SMALL`\n- `MEDIUM`\n- `LARGE`\n- `XLARGE`\n- `LARGE_2X`\n- `LARGE_4X`\n- `LARGE_8X` (not available in all regions)\n- `LARGE_12X`\n\nHistorically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.\n\nThe following legacy instance types are available, but their use is discouraged:\n\n- *T2_SMALL* : A t2.small instance type.\n- *T2_MEDIUM* : A t2.medium instance type.\n- *R4_LARGE* : A r4.large instance type.\n- *R4_XLARGE* : A r4.xlarge instance type.\n- *R4_2XLARGE* : A r4.2xlarge instance type.\n- *R4_4XLARGE* : A r4.4xlarge instance type.\n- *R4_8XLARGE* : A r4.8xlarge instance type.", "title": "Type", "type": "string" } }, "required": [ "ApiCachingBehavior", "ApiId", "Ttl", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::ApiCache" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::ApiKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "Unique AWS AppSync GraphQL API ID for this API key.", "title": "ApiId", "type": "string" }, "ApiKeyId": { "type": "string" }, "Description": { "markdownDescription": "Unique description of your API key.", "title": "Description", "type": "string" }, "Expires": { "markdownDescription": "The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.", "title": "Expires", "type": "number" } }, "required": [ "ApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::ApiKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::DataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "Unique AWS AppSync GraphQL API identifier where this data source will be created.", "title": "ApiId", "type": "string" }, "Description": { "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, "DynamoDBConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.DynamoDBConfig", "markdownDescription": "AWS Region and TableName for an Amazon DynamoDB table in your account.", "title": "DynamoDBConfig" }, "ElasticsearchConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.ElasticsearchConfig", "markdownDescription": "AWS Region and Endpoints for an Amazon OpenSearch Service domain in your account.\n\nAs of September 2021, Amazon Elasticsearch Service is Amazon OpenSearch Service . This property is deprecated. For new data sources, use *OpenSearchServiceConfig* to specify an OpenSearch Service data source.", "title": "ElasticsearchConfig" }, "EventBridgeConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.EventBridgeConfig", "markdownDescription": "An EventBridge configuration that contains a valid ARN of an event bus.", "title": "EventBridgeConfig" }, "HttpConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.HttpConfig", "markdownDescription": "Endpoints for an HTTP data source.", "title": "HttpConfig" }, "LambdaConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.LambdaConfig", "markdownDescription": "An ARN of a Lambda function in valid ARN format. This can be the ARN of a Lambda function that exists in the current account or in another account.", "title": "LambdaConfig" }, "MetricsConfig": { "markdownDescription": "Enables or disables enhanced data source metrics for specified data sources. Note that `MetricsConfig` won't be used unless the `dataSourceLevelMetricsBehavior` value is set to `PER_DATA_SOURCE_METRICS` . If the `dataSourceLevelMetricsBehavior` is set to `FULL_REQUEST_DATA_SOURCE_METRICS` instead, `MetricsConfig` will be ignored. However, you can still set its value.\n\n`MetricsConfig` can be `ENABLED` or `DISABLED` .", "title": "MetricsConfig", "type": "string" }, "Name": { "markdownDescription": "Friendly name for you to identify your AppSync data source after creation.", "title": "Name", "type": "string" }, "OpenSearchServiceConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.OpenSearchServiceConfig", "markdownDescription": "AWS Region and Endpoints for an Amazon OpenSearch Service domain in your account.", "title": "OpenSearchServiceConfig" }, "RelationalDatabaseConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.RelationalDatabaseConfig", "markdownDescription": "Relational Database configuration of the relational database data source.", "title": "RelationalDatabaseConfig" }, "ServiceRoleArn": { "markdownDescription": "The AWS Identity and Access Management service role ARN for the data source. The system assumes this role when accessing the data source.\n\nRequired if `Type` is specified as `AWS_LAMBDA` , `AMAZON_DYNAMODB` , `AMAZON_ELASTICSEARCH` , `AMAZON_EVENTBRIDGE` , or `AMAZON_OPENSEARCH_SERVICE` .", "title": "ServiceRoleArn", "type": "string" }, "Type": { "markdownDescription": "The type of the data source.\n\n- *AWS_LAMBDA* : The data source is an AWS Lambda function.\n- *AMAZON_DYNAMODB* : The data source is an Amazon DynamoDB table.\n- *AMAZON_ELASTICSEARCH* : The data source is an Amazon OpenSearch Service domain.\n- *AMAZON_EVENTBRIDGE* : The data source is an Amazon EventBridge event bus.\n- *AMAZON_OPENSEARCH_SERVICE* : The data source is an Amazon OpenSearch Service domain.\n- *NONE* : There is no data source. This type is used when you wish to invoke a GraphQL operation without connecting to a data source, such as performing data transformation with resolvers or triggering a subscription to be invoked from a mutation.\n- *HTTP* : The data source is an HTTP endpoint.\n- *RELATIONAL_DATABASE* : The data source is a relational database.", "title": "Type", "type": "string" } }, "required": [ "ApiId", "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::DataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::DataSource.AuthorizationConfig": { "additionalProperties": false, "properties": { "AuthorizationType": { "markdownDescription": "The authorization type that the HTTP endpoint requires.\n\n- *AWS_IAM* : The authorization type is Signature Version 4 (SigV4).", "title": "AuthorizationType", "type": "string" }, "AwsIamConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.AwsIamConfig", "markdownDescription": "The AWS Identity and Access Management settings.", "title": "AwsIamConfig" } }, "required": [ "AuthorizationType" ], "type": "object" }, "AWS::AppSync::DataSource.AwsIamConfig": { "additionalProperties": false, "properties": { "SigningRegion": { "markdownDescription": "The signing Region for AWS Identity and Access Management authorization.", "title": "SigningRegion", "type": "string" }, "SigningServiceName": { "markdownDescription": "The signing service name for AWS Identity and Access Management authorization.", "title": "SigningServiceName", "type": "string" } }, "type": "object" }, "AWS::AppSync::DataSource.DeltaSyncConfig": { "additionalProperties": false, "properties": { "BaseTableTTL": { "markdownDescription": "The number of minutes that an Item is stored in the data source.", "title": "BaseTableTTL", "type": "string" }, "DeltaSyncTableName": { "markdownDescription": "The Delta Sync table name.", "title": "DeltaSyncTableName", "type": "string" }, "DeltaSyncTableTTL": { "markdownDescription": "The number of minutes that a Delta Sync log entry is stored in the Delta Sync table.", "title": "DeltaSyncTableTTL", "type": "string" } }, "required": [ "BaseTableTTL", "DeltaSyncTableName", "DeltaSyncTableTTL" ], "type": "object" }, "AWS::AppSync::DataSource.DynamoDBConfig": { "additionalProperties": false, "properties": { "AwsRegion": { "markdownDescription": "The AWS Region.", "title": "AwsRegion", "type": "string" }, "DeltaSyncConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.DeltaSyncConfig", "markdownDescription": "The `DeltaSyncConfig` for a versioned datasource.", "title": "DeltaSyncConfig" }, "TableName": { "markdownDescription": "The table name.", "title": "TableName", "type": "string" }, "UseCallerCredentials": { "markdownDescription": "Set to `TRUE` to use AWS Identity and Access Management with this data source.", "title": "UseCallerCredentials", "type": "boolean" }, "Versioned": { "markdownDescription": "Set to TRUE to use Conflict Detection and Resolution with this data source.", "title": "Versioned", "type": "boolean" } }, "required": [ "AwsRegion", "TableName" ], "type": "object" }, "AWS::AppSync::DataSource.ElasticsearchConfig": { "additionalProperties": false, "properties": { "AwsRegion": { "markdownDescription": "The AWS Region.", "title": "AwsRegion", "type": "string" }, "Endpoint": { "markdownDescription": "The endpoint.", "title": "Endpoint", "type": "string" } }, "required": [ "AwsRegion", "Endpoint" ], "type": "object" }, "AWS::AppSync::DataSource.EventBridgeConfig": { "additionalProperties": false, "properties": { "EventBusArn": { "markdownDescription": "The event bus pipeline's ARN. For more information about event buses, see [EventBridge event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-bus.html) .", "title": "EventBusArn", "type": "string" } }, "required": [ "EventBusArn" ], "type": "object" }, "AWS::AppSync::DataSource.HttpConfig": { "additionalProperties": false, "properties": { "AuthorizationConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.AuthorizationConfig", "markdownDescription": "The authorization configuration.", "title": "AuthorizationConfig" }, "Endpoint": { "markdownDescription": "The endpoint.", "title": "Endpoint", "type": "string" } }, "required": [ "Endpoint" ], "type": "object" }, "AWS::AppSync::DataSource.LambdaConfig": { "additionalProperties": false, "properties": { "LambdaFunctionArn": { "markdownDescription": "The ARN for the Lambda function.", "title": "LambdaFunctionArn", "type": "string" } }, "required": [ "LambdaFunctionArn" ], "type": "object" }, "AWS::AppSync::DataSource.OpenSearchServiceConfig": { "additionalProperties": false, "properties": { "AwsRegion": { "markdownDescription": "The AWS Region.", "title": "AwsRegion", "type": "string" }, "Endpoint": { "markdownDescription": "The endpoint.", "title": "Endpoint", "type": "string" } }, "required": [ "AwsRegion", "Endpoint" ], "type": "object" }, "AWS::AppSync::DataSource.RdsHttpEndpointConfig": { "additionalProperties": false, "properties": { "AwsRegion": { "markdownDescription": "AWS Region for RDS HTTP endpoint.", "title": "AwsRegion", "type": "string" }, "AwsSecretStoreArn": { "markdownDescription": "The ARN for database credentials stored in AWS Secrets Manager .", "title": "AwsSecretStoreArn", "type": "string" }, "DatabaseName": { "markdownDescription": "Logical database name.", "title": "DatabaseName", "type": "string" }, "DbClusterIdentifier": { "markdownDescription": "Amazon RDS cluster Amazon Resource Name (ARN).", "title": "DbClusterIdentifier", "type": "string" }, "Schema": { "markdownDescription": "Logical schema name.", "title": "Schema", "type": "string" } }, "required": [ "AwsRegion", "AwsSecretStoreArn", "DbClusterIdentifier" ], "type": "object" }, "AWS::AppSync::DataSource.RelationalDatabaseConfig": { "additionalProperties": false, "properties": { "RdsHttpEndpointConfig": { "$ref": "#/definitions/AWS::AppSync::DataSource.RdsHttpEndpointConfig", "markdownDescription": "Information about the Amazon RDS resource.", "title": "RdsHttpEndpointConfig" }, "RelationalDatabaseSourceType": { "markdownDescription": "The type of relational data source.", "title": "RelationalDatabaseSourceType", "type": "string" } }, "required": [ "RelationalDatabaseSourceType" ], "type": "object" }, "AWS::AppSync::DomainName": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the certificate. This will be an AWS Certificate Manager certificate.", "title": "CertificateArn", "type": "string" }, "Description": { "markdownDescription": "The decription for your domain name.", "title": "Description", "type": "string" }, "DomainName": { "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" } }, "required": [ "CertificateArn", "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::DomainName" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::DomainNameApiAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The API ID.", "title": "ApiId", "type": "string" }, "DomainName": { "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" } }, "required": [ "ApiId", "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::DomainNameApiAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::FunctionConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The AWS AppSync GraphQL API that you want to attach using this function.", "title": "ApiId", "type": "string" }, "Code": { "markdownDescription": "The `resolver` code that contains the request and response functions. When code is used, the `runtime` is required. The runtime value must be `APPSYNC_JS` .", "title": "Code", "type": "string" }, "CodeS3Location": { "markdownDescription": "The Amazon S3 endpoint.", "title": "CodeS3Location", "type": "string" }, "DataSourceName": { "markdownDescription": "The name of data source this function will attach.", "title": "DataSourceName", "type": "string" }, "Description": { "markdownDescription": "The `Function` description.", "title": "Description", "type": "string" }, "FunctionVersion": { "markdownDescription": "The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.", "title": "FunctionVersion", "type": "string" }, "MaxBatchSize": { "markdownDescription": "The maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a `BatchInvoke` operation.", "title": "MaxBatchSize", "type": "number" }, "Name": { "markdownDescription": "The name of the function.", "title": "Name", "type": "string" }, "RequestMappingTemplate": { "markdownDescription": "The `Function` request mapping template. Functions support only the 2018-05-29 version of the request mapping template.", "title": "RequestMappingTemplate", "type": "string" }, "RequestMappingTemplateS3Location": { "markdownDescription": "Describes a Sync configuration for a resolver.\n\nContains information on which Conflict Detection, as well as Resolution strategy, should be performed when the resolver is invoked.", "title": "RequestMappingTemplateS3Location", "type": "string" }, "ResponseMappingTemplate": { "markdownDescription": "The `Function` response mapping template.", "title": "ResponseMappingTemplate", "type": "string" }, "ResponseMappingTemplateS3Location": { "markdownDescription": "The location of a response mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template.", "title": "ResponseMappingTemplateS3Location", "type": "string" }, "Runtime": { "$ref": "#/definitions/AWS::AppSync::FunctionConfiguration.AppSyncRuntime", "markdownDescription": "Describes a runtime used by an AWS AppSync resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified.", "title": "Runtime" }, "SyncConfig": { "$ref": "#/definitions/AWS::AppSync::FunctionConfiguration.SyncConfig", "markdownDescription": "Describes a Sync configuration for a resolver.\n\nSpecifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked.", "title": "SyncConfig" } }, "required": [ "ApiId", "DataSourceName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::FunctionConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::FunctionConfiguration.AppSyncRuntime": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The `name` of the runtime to use. Currently, the only allowed value is `APPSYNC_JS` .", "title": "Name", "type": "string" }, "RuntimeVersion": { "markdownDescription": "The `version` of the runtime to use. Currently, the only allowed version is `1.0.0` .", "title": "RuntimeVersion", "type": "string" } }, "required": [ "Name", "RuntimeVersion" ], "type": "object" }, "AWS::AppSync::FunctionConfiguration.LambdaConflictHandlerConfig": { "additionalProperties": false, "properties": { "LambdaConflictHandlerArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.", "title": "LambdaConflictHandlerArn", "type": "string" } }, "type": "object" }, "AWS::AppSync::FunctionConfiguration.SyncConfig": { "additionalProperties": false, "properties": { "ConflictDetection": { "markdownDescription": "The Conflict Detection strategy to use.\n\n- *VERSION* : Detect conflicts based on object versions for this resolver.\n- *NONE* : Do not detect conflicts when invoking this resolver.", "title": "ConflictDetection", "type": "string" }, "ConflictHandler": { "markdownDescription": "The Conflict Resolution strategy to perform in the event of a conflict.\n\n- *OPTIMISTIC_CONCURRENCY* : Resolve conflicts by rejecting mutations when versions don't match the latest version at the server.\n- *AUTOMERGE* : Resolve conflicts with the Automerge conflict resolution strategy.\n- *LAMBDA* : Resolve conflicts with an AWS Lambda function supplied in the `LambdaConflictHandlerConfig` .", "title": "ConflictHandler", "type": "string" }, "LambdaConflictHandlerConfig": { "$ref": "#/definitions/AWS::AppSync::FunctionConfiguration.LambdaConflictHandlerConfig", "markdownDescription": "The `LambdaConflictHandlerConfig` when configuring `LAMBDA` as the Conflict Handler.", "title": "LambdaConflictHandlerConfig" } }, "required": [ "ConflictDetection" ], "type": "object" }, "AWS::AppSync::GraphQLApi": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalAuthenticationProviders": { "items": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.AdditionalAuthenticationProvider" }, "markdownDescription": "A list of additional authentication providers for the `GraphqlApi` API.", "title": "AdditionalAuthenticationProviders", "type": "array" }, "ApiType": { "markdownDescription": "The value that indicates whether the GraphQL API is a standard API ( `GRAPHQL` ) or merged API ( `MERGED` ).\n\n*WARNING* : If the `ApiType` has not been defined, *explicitly* setting it to `GRAPHQL` in a template/stack update will result in an API replacement and new DNS values.\n\nThe following values are valid:\n\n`GRAPHQL | MERGED`", "title": "ApiType", "type": "string" }, "AuthenticationType": { "markdownDescription": "Security configuration for your GraphQL API. For allowed values (such as `API_KEY` , `AWS_IAM` , `AMAZON_COGNITO_USER_POOLS` , `OPENID_CONNECT` , or `AWS_LAMBDA` ), see [Security](https://docs.aws.amazon.com/appsync/latest/devguide/security.html) in the *AWS AppSync Developer Guide* .", "title": "AuthenticationType", "type": "string" }, "EnhancedMetricsConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.EnhancedMetricsConfig", "markdownDescription": "Enables and controls the enhanced metrics feature. Enhanced metrics emit granular data on API usage and performance such as AppSync request and error counts, latency, and cache hits/misses. All enhanced metric data is sent to your CloudWatch account, and you can configure the types of data that will be sent.\n\nEnhanced metrics can be configured at the resolver, data source, and operation levels. For more information, see [Monitoring and logging](https://docs.aws.amazon.com//appsync/latest/devguide/monitoring.html#cw-metrics) in the *AWS AppSync User Guide* .", "title": "EnhancedMetricsConfig" }, "EnvironmentVariables": { "markdownDescription": "A map containing the list of resources with their properties and environment variables. For more information, see [Environmental variables](https://docs.aws.amazon.com/appsync/latest/devguide/environmental-variables.html) .\n\n*Pattern* : `^[A-Za-z]+\\\\w*$\\\\`\n\n*Minimum* : 2\n\n*Maximum* : 64", "title": "EnvironmentVariables", "type": "object" }, "IntrospectionConfig": { "markdownDescription": "Sets the value of the GraphQL API to enable ( `ENABLED` ) or disable ( `DISABLED` ) introspection. If no value is provided, the introspection configuration will be set to `ENABLED` by default. This field will produce an error if the operation attempts to use the introspection feature while this field is disabled.\n\nFor more information about introspection, see [GraphQL introspection](https://docs.aws.amazon.com/https://graphql.org/learn/introspection/) .", "title": "IntrospectionConfig", "type": "string" }, "LambdaAuthorizerConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.LambdaAuthorizerConfig", "markdownDescription": "A `LambdaAuthorizerConfig` holds configuration on how to authorize AWS AppSync API access when using the `AWS_LAMBDA` authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time.", "title": "LambdaAuthorizerConfig" }, "LogConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.LogConfig", "markdownDescription": "The Amazon CloudWatch Logs configuration.", "title": "LogConfig" }, "MergedApiExecutionRoleArn": { "markdownDescription": "The AWS Identity and Access Management service role ARN for a merged API. The AppSync service assumes this role on behalf of the Merged API to validate access to source APIs at runtime and to prompt the `AUTO_MERGE` to update the merged API endpoint with the source API changes automatically.", "title": "MergedApiExecutionRoleArn", "type": "string" }, "Name": { "markdownDescription": "The API name.", "title": "Name", "type": "string" }, "OpenIDConnectConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.OpenIDConnectConfig", "markdownDescription": "The OpenID Connect configuration.", "title": "OpenIDConnectConfig" }, "OwnerContact": { "markdownDescription": "The owner contact information for an API resource.\n\nThis field accepts any string input with a length of 0 - 256 characters.", "title": "OwnerContact", "type": "string" }, "QueryDepthLimit": { "markdownDescription": "The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in the body of query. The default value is `0` (or unspecified), which indicates there's no depth limit. If you set a limit, it can be between `1` and `75` nested levels. This field will produce a limit error if the operation falls out of bounds. Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.", "title": "QueryDepthLimit", "type": "number" }, "ResolverCountLimit": { "markdownDescription": "The maximum number of resolvers that can be invoked in a single request. The default value is `0` (or unspecified), which will set the limit to `10000` . When specified, the limit value can be between `1` and `10000` . This field will produce a limit error if the operation falls out of bounds.", "title": "ResolverCountLimit", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key-value pairs) for this GraphQL API.", "title": "Tags", "type": "array" }, "UserPoolConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.UserPoolConfig", "markdownDescription": "Optional authorization configuration for using Amazon Cognito user pools with your GraphQL endpoint.", "title": "UserPoolConfig" }, "Visibility": { "markdownDescription": "Sets the scope of the GraphQL API to public ( `GLOBAL` ) or private ( `PRIVATE` ). By default, the scope is set to `Global` if no value is provided.\n\n*WARNING* : If `Visibility` has not been defined, *explicitly* setting it to `GLOBAL` in a template/stack update will result in an API replacement and new DNS values.", "title": "Visibility", "type": "string" }, "XrayEnabled": { "markdownDescription": "A flag indicating whether to use AWS X-Ray tracing for this `GraphqlApi` .", "title": "XrayEnabled", "type": "boolean" } }, "required": [ "AuthenticationType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::GraphQLApi" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::GraphQLApi.AdditionalAuthenticationProvider": { "additionalProperties": false, "properties": { "AuthenticationType": { "markdownDescription": "The authentication type for API key, AWS Identity and Access Management , OIDC, Amazon Cognito user pools , or AWS Lambda .\n\nValid Values: `API_KEY` | `AWS_IAM` | `OPENID_CONNECT` | `AMAZON_COGNITO_USER_POOLS` | `AWS_LAMBDA`", "title": "AuthenticationType", "type": "string" }, "LambdaAuthorizerConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.LambdaAuthorizerConfig", "markdownDescription": "Configuration for AWS Lambda function authorization.", "title": "LambdaAuthorizerConfig" }, "OpenIDConnectConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.OpenIDConnectConfig", "markdownDescription": "The OIDC configuration.", "title": "OpenIDConnectConfig" }, "UserPoolConfig": { "$ref": "#/definitions/AWS::AppSync::GraphQLApi.CognitoUserPoolConfig", "markdownDescription": "The Amazon Cognito user pool configuration.", "title": "UserPoolConfig" } }, "required": [ "AuthenticationType" ], "type": "object" }, "AWS::AppSync::GraphQLApi.CognitoUserPoolConfig": { "additionalProperties": false, "properties": { "AppIdClientRegex": { "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", "title": "AppIdClientRegex", "type": "string" }, "AwsRegion": { "markdownDescription": "The AWS Region in which the user pool was created.", "title": "AwsRegion", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID.", "title": "UserPoolId", "type": "string" } }, "type": "object" }, "AWS::AppSync::GraphQLApi.EnhancedMetricsConfig": { "additionalProperties": false, "properties": { "DataSourceLevelMetricsBehavior": { "markdownDescription": "Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:\n\n- *Requests* : The number of invocations that occured during a request.\n- *Latency* : The time to complete a data source invocation.\n- *Errors* : The number of errors that occurred during a data source invocation.\n\nThese metrics can be emitted to CloudWatch per data source or for all data sources in the request. Metrics will be recorded by API ID and data source name. `dataSourceLevelMetricsBehavior` accepts one of these values at a time:\n\n- `FULL_REQUEST_DATA_SOURCE_METRICS` : Records and emits metric data for all data sources in the request.\n- `PER_DATA_SOURCE_METRICS` : Records and emits metric data for data sources that have the `MetricsConfig` value set to `ENABLED` .", "title": "DataSourceLevelMetricsBehavior", "type": "string" }, "OperationLevelMetricsConfig": { "markdownDescription": "Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:\n\n- *Requests* : The number of times a specified GraphQL operation was called.\n- *GraphQL errors* : The number of GraphQL errors that occurred during a specified GraphQL operation.\n\nMetrics will be recorded by API ID and operation name. You can set the value to `ENABLED` or `DISABLED` .", "title": "OperationLevelMetricsConfig", "type": "string" }, "ResolverLevelMetricsBehavior": { "markdownDescription": "Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:\n\n- *GraphQL errors* : The number of GraphQL errors that occurred.\n- *Requests* : The number of invocations that occurred during a request.\n- *Latency* : The time to complete a resolver invocation.\n- *Cache hits* : The number of cache hits during a request.\n- *Cache misses* : The number of cache misses during a request.\n\nThese metrics can be emitted to CloudWatch per resolver or for all resolvers in the request. Metrics will be recorded by API ID and resolver name. `resolverLevelMetricsBehavior` accepts one of these values at a time:\n\n- `FULL_REQUEST_RESOLVER_METRICS` : Records and emits metric data for all resolvers in the request.\n- `PER_RESOLVER_METRICS` : Records and emits metric data for resolvers that have the `MetricsConfig` value set to `ENABLED` .", "title": "ResolverLevelMetricsBehavior", "type": "string" } }, "required": [ "DataSourceLevelMetricsBehavior", "OperationLevelMetricsConfig", "ResolverLevelMetricsBehavior" ], "type": "object" }, "AWS::AppSync::GraphQLApi.LambdaAuthorizerConfig": { "additionalProperties": false, "properties": { "AuthorizerResultTtlInSeconds": { "markdownDescription": "The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you don't specify a value for `authorizerResultTtlInSeconds` , the default value is used. The maximum value is one hour (3600 seconds). The Lambda function can override this by returning a `ttlOverride` key in its response.", "title": "AuthorizerResultTtlInSeconds", "type": "number" }, "AuthorizerUri": { "markdownDescription": "The ARN of the Lambda function to be called for authorization. This may be a standard Lambda ARN, a version ARN ( `.../v3` ) or alias ARN.\n\n*Note* : This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To do so with the AWS CLI , run the following:\n\n`aws lambda add-permission --function-name \"arn:aws:lambda:us-east-2:111122223333:function:my-function\" --statement-id \"appsync\" --principal appsync.amazonaws.com --action lambda:InvokeFunction`", "title": "AuthorizerUri", "type": "string" }, "IdentityValidationExpression": { "markdownDescription": "A regular expression for validation of tokens before the Lambda function is called.", "title": "IdentityValidationExpression", "type": "string" } }, "type": "object" }, "AWS::AppSync::GraphQLApi.LogConfig": { "additionalProperties": false, "properties": { "CloudWatchLogsRoleArn": { "markdownDescription": "The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account.", "title": "CloudWatchLogsRoleArn", "type": "string" }, "ExcludeVerboseContent": { "markdownDescription": "Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.", "title": "ExcludeVerboseContent", "type": "boolean" }, "FieldLogLevel": { "markdownDescription": "The field logging level. Values can be NONE, ERROR, or ALL.\n\n- *NONE* : No field-level logs are captured.\n- *ERROR* : Logs the following information only for the fields that are in error:\n\n- The error section in the server response.\n- Field-level errors.\n- The generated request/response functions that got resolved for error fields.\n- *ALL* : The following information is logged for all fields in the query:\n\n- Field-level tracing information.\n- The generated request/response functions that got resolved for each field.", "title": "FieldLogLevel", "type": "string" } }, "type": "object" }, "AWS::AppSync::GraphQLApi.OpenIDConnectConfig": { "additionalProperties": false, "properties": { "AuthTTL": { "markdownDescription": "The number of milliseconds that a token is valid after being authenticated.", "title": "AuthTTL", "type": "number" }, "ClientId": { "markdownDescription": "The client identifier of the Relying party at the OpenID identity provider. This identifier is typically obtained when the Relying party is registered with the OpenID identity provider. You can specify a regular expression so that AWS AppSync can validate against multiple client identifiers at a time.", "title": "ClientId", "type": "string" }, "IatTTL": { "markdownDescription": "The number of milliseconds that a token is valid after it's issued to a user.", "title": "IatTTL", "type": "number" }, "Issuer": { "markdownDescription": "The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of `iss` in the ID token.", "title": "Issuer", "type": "string" } }, "type": "object" }, "AWS::AppSync::GraphQLApi.UserPoolConfig": { "additionalProperties": false, "properties": { "AppIdClientRegex": { "markdownDescription": "A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.", "title": "AppIdClientRegex", "type": "string" }, "AwsRegion": { "markdownDescription": "The AWS Region in which the user pool was created.", "title": "AwsRegion", "type": "string" }, "DefaultAction": { "markdownDescription": "The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.\n\nWhen specifying Amazon Cognito user pools as the default authentication, you must set the value for `DefaultAction` to `ALLOW` if specifying `AdditionalAuthenticationProviders` .", "title": "DefaultAction", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID.", "title": "UserPoolId", "type": "string" } }, "type": "object" }, "AWS::AppSync::GraphQLSchema": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The AWS AppSync GraphQL API identifier to which you want to apply this schema.", "title": "ApiId", "type": "string" }, "Definition": { "markdownDescription": "The text representation of a GraphQL schema in SDL format.\n\nFor more information about using the `Ref` function, see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref) .", "title": "Definition", "type": "string" }, "DefinitionS3Location": { "markdownDescription": "The location of a GraphQL schema file in an Amazon S3 bucket. Use this if you want to provision with the schema living in Amazon S3 rather than embedding it in your CloudFormation template.", "title": "DefinitionS3Location", "type": "string" } }, "required": [ "ApiId" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::GraphQLSchema" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::Resolver": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiId": { "markdownDescription": "The AWS AppSync GraphQL API to which you want to attach this resolver.", "title": "ApiId", "type": "string" }, "CachingConfig": { "$ref": "#/definitions/AWS::AppSync::Resolver.CachingConfig", "markdownDescription": "The caching configuration for the resolver.", "title": "CachingConfig" }, "Code": { "markdownDescription": "The `resolver` code that contains the request and response functions. When code is used, the `runtime` is required. The runtime value must be `APPSYNC_JS` .", "title": "Code", "type": "string" }, "CodeS3Location": { "markdownDescription": "The Amazon S3 endpoint.", "title": "CodeS3Location", "type": "string" }, "DataSourceName": { "markdownDescription": "The resolver data source name.", "title": "DataSourceName", "type": "string" }, "FieldName": { "markdownDescription": "The GraphQL field on a type that invokes the resolver.", "title": "FieldName", "type": "string" }, "Kind": { "markdownDescription": "The resolver type.\n\n- *UNIT* : A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.\n- *PIPELINE* : A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of `Function` objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against multiple data sources.", "title": "Kind", "type": "string" }, "MaxBatchSize": { "markdownDescription": "The maximum number of resolver request inputs that will be sent to a single AWS Lambda function in a `BatchInvoke` operation.", "title": "MaxBatchSize", "type": "number" }, "MetricsConfig": { "markdownDescription": "Enables or disables enhanced resolver metrics for specified resolvers. Note that `MetricsConfig` won't be used unless the `resolverLevelMetricsBehavior` value is set to `PER_RESOLVER_METRICS` . If the `resolverLevelMetricsBehavior` is set to `FULL_REQUEST_RESOLVER_METRICS` instead, `MetricsConfig` will be ignored. However, you can still set its value.", "title": "MetricsConfig", "type": "string" }, "PipelineConfig": { "$ref": "#/definitions/AWS::AppSync::Resolver.PipelineConfig", "markdownDescription": "Functions linked with the pipeline resolver.", "title": "PipelineConfig" }, "RequestMappingTemplate": { "markdownDescription": "The request mapping template.\n\nRequest mapping templates are optional when using a Lambda data source. For all other data sources, a request mapping template is required.", "title": "RequestMappingTemplate", "type": "string" }, "RequestMappingTemplateS3Location": { "markdownDescription": "The location of a request mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template.", "title": "RequestMappingTemplateS3Location", "type": "string" }, "ResponseMappingTemplate": { "markdownDescription": "The response mapping template.", "title": "ResponseMappingTemplate", "type": "string" }, "ResponseMappingTemplateS3Location": { "markdownDescription": "The location of a response mapping template in an Amazon S3 bucket. Use this if you want to provision with a template file in Amazon S3 rather than embedding it in your CloudFormation template.", "title": "ResponseMappingTemplateS3Location", "type": "string" }, "Runtime": { "$ref": "#/definitions/AWS::AppSync::Resolver.AppSyncRuntime", "markdownDescription": "Describes a runtime used by an AWS AppSync resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified.", "title": "Runtime" }, "SyncConfig": { "$ref": "#/definitions/AWS::AppSync::Resolver.SyncConfig", "markdownDescription": "The `SyncConfig` for a resolver attached to a versioned data source.", "title": "SyncConfig" }, "TypeName": { "markdownDescription": "The GraphQL type that invokes this resolver.", "title": "TypeName", "type": "string" } }, "required": [ "ApiId", "FieldName", "TypeName" ], "type": "object" }, "Type": { "enum": [ "AWS::AppSync::Resolver" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AppSync::Resolver.AppSyncRuntime": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The `name` of the runtime to use. Currently, the only allowed value is `APPSYNC_JS` .", "title": "Name", "type": "string" }, "RuntimeVersion": { "markdownDescription": "The `version` of the runtime to use. Currently, the only allowed version is `1.0.0` .", "title": "RuntimeVersion", "type": "string" } }, "required": [ "Name", "RuntimeVersion" ], "type": "object" }, "AWS::AppSync::Resolver.CachingConfig": { "additionalProperties": false, "properties": { "CachingKeys": { "items": { "type": "string" }, "markdownDescription": "The caching keys for a resolver that has caching activated.\n\nValid values are entries from the `$context.arguments` , `$context.source` , and `$context.identity` maps.", "title": "CachingKeys", "type": "array" }, "Ttl": { "markdownDescription": "The TTL in seconds for a resolver that has caching activated.\n\nValid values are 1\u20133,600 seconds.", "title": "Ttl", "type": "number" } }, "required": [ "Ttl" ], "type": "object" }, "AWS::AppSync::Resolver.LambdaConflictHandlerConfig": { "additionalProperties": false, "properties": { "LambdaConflictHandlerArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.", "title": "LambdaConflictHandlerArn", "type": "string" } }, "type": "object" }, "AWS::AppSync::Resolver.PipelineConfig": { "additionalProperties": false, "properties": { "Functions": { "items": { "type": "string" }, "markdownDescription": "A list of `Function` objects.", "title": "Functions", "type": "array" } }, "type": "object" }, "AWS::AppSync::Resolver.SyncConfig": { "additionalProperties": false, "properties": { "ConflictDetection": { "markdownDescription": "The Conflict Detection strategy to use.\n\n- *VERSION* : Detect conflicts based on object versions for this resolver.\n- *NONE* : Do not detect conflicts when invoking this resolver.", "title": "ConflictDetection", "type": "string" }, "ConflictHandler": { "markdownDescription": "The Conflict Resolution strategy to perform in the event of a conflict.\n\n- *OPTIMISTIC_CONCURRENCY* : Resolve conflicts by rejecting mutations when versions don't match the latest version at the server.\n- *AUTOMERGE* : Resolve conflicts with the Automerge conflict resolution strategy.\n- *LAMBDA* : Resolve conflicts with an AWS Lambda function supplied in the `LambdaConflictHandlerConfig` .", "title": "ConflictHandler", "type": "string" }, "LambdaConflictHandlerConfig": { "$ref": "#/definitions/AWS::AppSync::Resolver.LambdaConflictHandlerConfig", "markdownDescription": "The `LambdaConflictHandlerConfig` when configuring `LAMBDA` as the Conflict Handler.", "title": "LambdaConflictHandlerConfig" } }, "required": [ "ConflictDetection" ], "type": "object" }, "AWS::AppSync::SourceApiAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description field of the association configuration.", "title": "Description", "type": "string" }, "MergedApiIdentifier": { "markdownDescription": "The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs from other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.", "title": "MergedApiIdentifier", "type": "string" }, "SourceApiAssociationConfig": { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation.SourceApiAssociationConfig", "markdownDescription": "The `SourceApiAssociationConfig` object data.", "title": "SourceApiAssociationConfig" }, "SourceApiIdentifier": { "markdownDescription": "The identifier of the AppSync Source API. This is generated by the AppSync service. In most cases, source APIs (especially in your account) only require the API ID value or ARN of the source API. However, source APIs from other accounts (cross-account use cases) strictly require the full resource ARN of the source API.", "title": "SourceApiIdentifier", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::AppSync::SourceApiAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AppSync::SourceApiAssociation.SourceApiAssociationConfig": { "additionalProperties": false, "properties": { "MergeType": { "markdownDescription": "The property that indicates which merging option is enabled in the source API association.\n\nValid merge types are `MANUAL_MERGE` (default) and `AUTO_MERGE` . Manual merges are the default behavior and require the user to trigger any changes from the source APIs to the merged API manually. Auto merges subscribe the merged API to the changes performed on the source APIs so that any change in the source APIs are also made to the merged API. Auto merges use `MergedApiExecutionRoleArn` to perform merge operations.\n\nThe following values are valid:\n\n`MANUAL_MERGE | AUTO_MERGE`", "title": "MergeType", "type": "string" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalableTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand.", "title": "MinCapacity", "type": "number" }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", "type": "string" }, "RoleARN": { "markdownDescription": "Specify the Amazon Resource Name (ARN) of an Identity and Access Management (IAM) role that allows Application Auto Scaling to modify the scalable target on your behalf. This can be either an IAM service role that Application Auto Scaling can assume to make calls to other AWS resources on your behalf, or a service-linked role for the specified service. For more information, see [How Application Auto Scaling works with IAM](https://docs.aws.amazon.com/autoscaling/application/userguide/security_iam_service-with-iam.html) in the *Application Auto Scaling User Guide* .\n\nTo automatically create a service-linked role (recommended), specify the full ARN of the service-linked role in your stack template. To find the exact ARN of the service-linked role for your AWS or custom resource, see the [Service-linked roles](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html) topic in the *Application Auto Scaling User Guide* . Look for the ARN in the table at the bottom of the page.", "title": "RoleARN", "type": "string" }, "ScalableDimension": { "markdownDescription": "The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", "title": "ScalableDimension", "type": "string" }, "ScheduledActions": { "items": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction" }, "markdownDescription": "The scheduled actions for the scalable target. Duplicates aren't allowed.", "title": "ScheduledActions", "type": "array" }, "ServiceNamespace": { "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", "title": "ServiceNamespace", "type": "string" }, "SuspendedState": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState", "markdownDescription": "An embedded object that contains attributes and attribute values that are used to suspend and resume automatic scaling. Setting the value of an attribute to `true` suspends the specified scaling activities. Setting it to `false` (default) resumes the specified scaling activities.\n\n*Suspension Outcomes*\n\n- For `DynamicScalingInSuspended` , while a suspension is in effect, all scale-in activities that are triggered by a scaling policy are suspended.\n- For `DynamicScalingOutSuspended` , while a suspension is in effect, all scale-out activities that are triggered by a scaling policy are suspended.\n- For `ScheduledScalingSuspended` , while a suspension is in effect, all scaling activities that involve scheduled actions are suspended.", "title": "SuspendedState" } }, "required": [ "MaxCapacity", "MinCapacity", "ResourceId", "ScalableDimension", "ServiceNamespace" ], "type": "object" }, "Type": { "enum": [ "AWS::ApplicationAutoScaling::ScalableTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The maximum capacity.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum capacity.", "title": "MinCapacity", "type": "number" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalableTarget.ScheduledAction": { "additionalProperties": false, "properties": { "EndTime": { "markdownDescription": "The date and time that the action is scheduled to end, in UTC.", "title": "EndTime", "type": "string" }, "ScalableTargetAction": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget.ScalableTargetAction", "markdownDescription": "The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.", "title": "ScalableTargetAction" }, "Schedule": { "markdownDescription": "The schedule for this action. The following formats are supported:\n\n- At expressions - \" `at( *yyyy* - *mm* - *dd* T *hh* : *mm* : *ss* )` \"\n- Rate expressions - \" `rate( *value* *unit* )` \"\n- Cron expressions - \" `cron( *fields* )` \"\n\nAt expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.\n\nAt and cron expressions use Universal Coordinated Time (UTC) by default.\n\nThe cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].\n\nFor rate expressions, *value* is a positive integer and *unit* is `minute` | `minutes` | `hour` | `hours` | `day` | `days` .", "title": "Schedule", "type": "string" }, "ScheduledActionName": { "markdownDescription": "The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.", "title": "ScheduledActionName", "type": "string" }, "StartTime": { "markdownDescription": "The date and time that the action is scheduled to begin, in UTC.", "title": "StartTime", "type": "string" }, "Timezone": { "markdownDescription": "The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.", "title": "Timezone", "type": "string" } }, "required": [ "Schedule", "ScheduledActionName" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalableTarget.SuspendedState": { "additionalProperties": false, "properties": { "DynamicScalingInSuspended": { "markdownDescription": "Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is `false` .", "title": "DynamicScalingInSuspended", "type": "boolean" }, "DynamicScalingOutSuspended": { "markdownDescription": "Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to `true` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is `false` .", "title": "DynamicScalingOutSuspended", "type": "boolean" }, "ScheduledScalingSuspended": { "markdownDescription": "Whether scheduled scaling is suspended. Set the value to `true` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is `false` .", "title": "ScheduledScalingSuspended", "type": "boolean" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyName": { "markdownDescription": "The name of the scaling policy.\n\nUpdates to the name of a target tracking scaling policy are not supported, unless you also update the metric used for scaling. To change only a target tracking scaling policy's name, first delete the policy by removing the existing `AWS::ApplicationAutoScaling::ScalingPolicy` resource from the template and updating the stack. Then, recreate the resource with the same settings and a different name.", "title": "PolicyName", "type": "string" }, "PolicyType": { "markdownDescription": "The scaling policy type.\n\nThe following policy types are supported:\n\n`TargetTrackingScaling` \u2014Not supported for Amazon EMR\n\n`StepScaling` \u2014Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK, Amazon ElastiCache, or Neptune.", "title": "PolicyType", "type": "string" }, "ResourceId": { "markdownDescription": "The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.\n\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/my-cluster/my-service` .\n- Spot Fleet - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- EMR cluster - The resource type is `instancegroup` and the unique identifier is the cluster ID and instance group ID. Example: `instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0` .\n- AppStream 2.0 fleet - The resource type is `fleet` and the unique identifier is the fleet name. Example: `fleet/sample-fleet` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the table name. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the index name. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .\n- SageMaker endpoint variant - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- Custom resources are not supported with a resource type. This parameter must specify the `OutputValue` from the CloudFormation template stack used to access the resources. The unique identifier is defined by the service provider. More information is available in our [GitHub repository](https://docs.aws.amazon.com/https://github.com/aws/aws-auto-scaling-custom-resource) .\n- Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE` .\n- Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the endpoint ARN. Example: `arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE` .\n- Lambda provisioned concurrency - The resource type is `function` and the unique identifier is the function name with a function version or alias name suffix that is not `$LATEST` . Example: `function:my-function:prod` or `function:my-function:1` .\n- Amazon Keyspaces table - The resource type is `table` and the unique identifier is the table name. Example: `keyspace/mykeyspace/table/mytable` .\n- Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example: `arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5` .\n- Amazon ElastiCache replication group - The resource type is `replication-group` and the unique identifier is the replication group name. Example: `replication-group/mycluster` .\n- Neptune cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:mycluster` .\n- SageMaker serverless endpoint - The resource type is `variant` and the unique identifier is the resource ID. Example: `endpoint/my-end-point/variant/KMeansClustering` .\n- SageMaker inference component - The resource type is `inference-component` and the unique identifier is the resource ID. Example: `inference-component/my-inference-component` .\n- Pool of WorkSpaces - The resource type is `workspacespool` and the unique identifier is the pool ID. Example: `workspacespool/wspool-123456` .", "title": "ResourceId", "type": "string" }, "ScalableDimension": { "markdownDescription": "The scalable dimension. This string consists of the service namespace, resource type, and scaling property.\n\n- `ecs:service:DesiredCount` - The task count of an ECS service.\n- `elasticmapreduce:instancegroup:InstanceCount` - The instance count of an EMR Instance Group.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet.\n- `appstream:fleet:DesiredCapacity` - The capacity of an AppStream 2.0 fleet.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.\n- `sagemaker:variant:DesiredInstanceCount` - The number of EC2 instances for a SageMaker model endpoint variant.\n- `custom-resource:ResourceType:Property` - The scalable dimension for a custom resource provided by your own application or service.\n- `comprehend:document-classifier-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend document classification endpoint.\n- `comprehend:entity-recognizer-endpoint:DesiredInferenceUnits` - The number of inference units for an Amazon Comprehend entity recognizer endpoint.\n- `lambda:function:ProvisionedConcurrency` - The provisioned concurrency for a Lambda function.\n- `cassandra:table:ReadCapacityUnits` - The provisioned read capacity for an Amazon Keyspaces table.\n- `cassandra:table:WriteCapacityUnits` - The provisioned write capacity for an Amazon Keyspaces table.\n- `kafka:broker-storage:VolumeSize` - The provisioned volume size (in GiB) for brokers in an Amazon MSK cluster.\n- `elasticache:replication-group:NodeGroups` - The number of node groups for an Amazon ElastiCache replication group.\n- `elasticache:replication-group:Replicas` - The number of replicas per node group for an Amazon ElastiCache replication group.\n- `neptune:cluster:ReadReplicaCount` - The count of read replicas in an Amazon Neptune DB cluster.\n- `sagemaker:variant:DesiredProvisionedConcurrency` - The provisioned concurrency for a SageMaker serverless endpoint.\n- `sagemaker:inference-component:DesiredCopyCount` - The number of copies across an endpoint for a SageMaker inference component.\n- `workspaces:workspacespool:DesiredUserSessions` - The number of user sessions for the WorkSpaces in the pool.", "title": "ScalableDimension", "type": "string" }, "ScalingTargetId": { "markdownDescription": "The CloudFormation-generated ID of an Application Auto Scaling scalable target. For more information about the ID, see the Return Value section of the `AWS::ApplicationAutoScaling::ScalableTarget` resource.\n\n> You must specify either the `ScalingTargetId` property, or the `ResourceId` , `ScalableDimension` , and `ServiceNamespace` properties, but not both.", "title": "ScalingTargetId", "type": "string" }, "ServiceNamespace": { "markdownDescription": "The namespace of the AWS service that provides the resource, or a `custom-resource` .", "title": "ServiceNamespace", "type": "string" }, "StepScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.StepScalingPolicyConfiguration", "markdownDescription": "A step scaling policy.", "title": "StepScalingPolicyConfiguration" }, "TargetTrackingScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingScalingPolicyConfiguration", "markdownDescription": "A target tracking scaling policy.", "title": "TargetTrackingScalingPolicyConfiguration" } }, "required": [ "PolicyName", "PolicyType" ], "type": "object" }, "Type": { "enum": [ "AWS::ApplicationAutoScaling::ScalingPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.CustomizedMetricSpecification": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.MetricDimension" }, "markdownDescription": "The dimensions of the metric.\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that's returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", "title": "MetricName", "type": "string" }, "Metrics": { "items": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery" }, "markdownDescription": "The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.", "title": "Metrics", "type": "array" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", "type": "string" }, "Unit": { "markdownDescription": "The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", "title": "Unit", "type": "string" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.MetricDimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the dimension.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.PredefinedMetricSpecification": { "additionalProperties": false, "properties": { "PredefinedMetricType": { "markdownDescription": "The metric type. The `ALBRequestCountPerTarget` metric type applies only to Spot fleet requests and ECS services.", "title": "PredefinedMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is `ALBRequestCountPerTarget` and there is a target group attached to the Spot Fleet or ECS service.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedMetricType" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { "MetricIntervalLowerBound": { "markdownDescription": "The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity.\n\nYou must specify at least one upper or lower bound.", "title": "MetricIntervalLowerBound", "type": "number" }, "MetricIntervalUpperBound": { "markdownDescription": "The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.\n\nYou must specify at least one upper or lower bound.", "title": "MetricIntervalUpperBound", "type": "number" }, "ScalingAdjustment": { "markdownDescription": "The amount by which to scale. The adjustment is based on the value that you specified in the `AdjustmentType` property (either an absolute number or a percentage). A positive value adds to the current capacity and a negative number subtracts from the current capacity.", "title": "ScalingAdjustment", "type": "number" } }, "required": [ "ScalingAdjustment" ], "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.StepScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "AdjustmentType": { "markdownDescription": "Specifies whether the `ScalingAdjustment` value in the `StepAdjustment` property is an absolute number or a percentage of the current capacity.", "title": "AdjustmentType", "type": "string" }, "Cooldown": { "markdownDescription": "The amount of time, in seconds, to wait for a previous scaling activity to take effect. If not specified, the default value is 300. For more information, see [Cooldown period](https://docs.aws.amazon.com/autoscaling/application/userguide/step-scaling-policy-overview.html#step-scaling-cooldown) in the *Application Auto Scaling User Guide* .", "title": "Cooldown", "type": "number" }, "MetricAggregationType": { "markdownDescription": "The aggregation type for the CloudWatch metrics. Valid values are `Minimum` , `Maximum` , and `Average` . If the aggregation type is null, the value is treated as `Average` .", "title": "MetricAggregationType", "type": "string" }, "MinAdjustmentMagnitude": { "markdownDescription": "The minimum value to scale by when the adjustment type is `PercentChangeInCapacity` . For example, suppose that you create a step scaling policy to scale out an Amazon ECS service by 25 percent and you specify a `MinAdjustmentMagnitude` of 2. If the service has 4 tasks and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a `MinAdjustmentMagnitude` of 2, Application Auto Scaling scales out the service by 2 tasks.", "title": "MinAdjustmentMagnitude", "type": "number" }, "StepAdjustments": { "items": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.StepAdjustment" }, "markdownDescription": "A set of adjustments that enable you to scale based on the size of the alarm breach.\n\nAt least one step adjustment is required if you are adding a new step scaling policy configuration.", "title": "StepAdjustments", "type": "array" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetric": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDimension" }, "markdownDescription": "The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* .\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric. For more information, see the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* .", "title": "Namespace", "type": "string" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDataQuery": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", "title": "Expression", "type": "string" }, "Id": { "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", "title": "Id", "type": "string" }, "Label": { "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", "title": "Label", "type": "string" }, "MetricStat": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricStat", "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", "title": "MetricStat" }, "ReturnData": { "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", "title": "ReturnData", "type": "boolean" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricDimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the dimension.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetricStat": { "additionalProperties": false, "properties": { "Metric": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingMetric", "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", "title": "Metric" }, "Stat": { "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metric for scaling is `Average` .", "title": "Stat", "type": "string" }, "Unit": { "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", "title": "Unit", "type": "string" } }, "type": "object" }, "AWS::ApplicationAutoScaling::ScalingPolicy.TargetTrackingScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "CustomizedMetricSpecification": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.CustomizedMetricSpecification", "markdownDescription": "A customized metric. You can specify either a predefined metric or a customized metric.", "title": "CustomizedMetricSpecification" }, "DisableScaleIn": { "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. If the value is `true` , scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable target. The default value is `false` .", "title": "DisableScaleIn", "type": "boolean" }, "PredefinedMetricSpecification": { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy.PredefinedMetricSpecification", "markdownDescription": "A predefined metric. You can specify either a predefined metric or a customized metric.", "title": "PredefinedMetricSpecification" }, "ScaleInCooldown": { "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide* .", "title": "ScaleInCooldown", "type": "number" }, "ScaleOutCooldown": { "markdownDescription": "The amount of time, in seconds, to wait for a previous scale-out activity to take effect. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide* .", "title": "ScaleOutCooldown", "type": "number" }, "TargetValue": { "markdownDescription": "The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::ApplicationInsights::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttachMissingPermission": { "markdownDescription": "If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing.", "title": "AttachMissingPermission", "type": "boolean" }, "AutoConfigurationEnabled": { "markdownDescription": "If set to `true` , the application components will be configured with the monitoring configuration recommended by Application Insights.", "title": "AutoConfigurationEnabled", "type": "boolean" }, "CWEMonitorEnabled": { "markdownDescription": "Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as `instance terminated` , `failed deployment` , and others.", "title": "CWEMonitorEnabled", "type": "boolean" }, "ComponentMonitoringSettings": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.ComponentMonitoringSetting" }, "markdownDescription": "The monitoring settings of the components.", "title": "ComponentMonitoringSettings", "type": "array" }, "CustomComponents": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.CustomComponent" }, "markdownDescription": "Describes a custom component by grouping similar standalone instances to monitor.", "title": "CustomComponents", "type": "array" }, "GroupingType": { "markdownDescription": "Application Insights can create applications based on a resource group or on an account. To create an account-based application using all of the resources in the account, set this parameter to `ACCOUNT_BASED` .", "title": "GroupingType", "type": "string" }, "LogPatternSets": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.LogPatternSet" }, "markdownDescription": "The log pattern sets.", "title": "LogPatternSets", "type": "array" }, "OpsCenterEnabled": { "markdownDescription": "Indicates whether Application Insights will create OpsItems for any problem that is detected by Application Insights for an application.", "title": "OpsCenterEnabled", "type": "boolean" }, "OpsItemSNSTopicArn": { "markdownDescription": "The SNS topic provided to Application Insights that is associated with the created OpsItems to receive SNS notifications for opsItem updates.", "title": "OpsItemSNSTopicArn", "type": "string" }, "ResourceGroupName": { "markdownDescription": "The name of the resource group used for the application.", "title": "ResourceGroupName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of `Tags` .", "title": "Tags", "type": "array" } }, "required": [ "ResourceGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::ApplicationInsights::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ApplicationInsights::Application.Alarm": { "additionalProperties": false, "properties": { "AlarmName": { "markdownDescription": "The name of the CloudWatch alarm to be monitored for the component.", "title": "AlarmName", "type": "string" }, "Severity": { "markdownDescription": "Indicates the degree of outage when the alarm goes off.", "title": "Severity", "type": "string" } }, "required": [ "AlarmName" ], "type": "object" }, "AWS::ApplicationInsights::Application.AlarmMetric": { "additionalProperties": false, "properties": { "AlarmMetricName": { "markdownDescription": "The name of the metric to be monitored for the component. For metrics supported by Application Insights, see [Logs and metrics supported by Amazon CloudWatch Application Insights](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/appinsights-logs-and-metrics.html) .", "title": "AlarmMetricName", "type": "string" } }, "required": [ "AlarmMetricName" ], "type": "object" }, "AWS::ApplicationInsights::Application.ComponentConfiguration": { "additionalProperties": false, "properties": { "ConfigurationDetails": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.ConfigurationDetails", "markdownDescription": "The configuration settings.", "title": "ConfigurationDetails" }, "SubComponentTypeConfigurations": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.SubComponentTypeConfiguration" }, "markdownDescription": "Sub-component configurations of the component.", "title": "SubComponentTypeConfigurations", "type": "array" } }, "type": "object" }, "AWS::ApplicationInsights::Application.ComponentMonitoringSetting": { "additionalProperties": false, "properties": { "ComponentARN": { "markdownDescription": "The ARN of the component.", "title": "ComponentARN", "type": "string" }, "ComponentConfigurationMode": { "markdownDescription": "Component monitoring can be configured in one of the following three modes:\n\n- `DEFAULT` : The component will be configured with the recommended default monitoring settings of the selected `Tier` .\n- `CUSTOM` : The component will be configured with the customized monitoring settings that are specified in `CustomComponentConfiguration` . If used, `CustomComponentConfiguration` must be provided.\n- `DEFAULT_WITH_OVERWRITE` : The component will be configured with the recommended default monitoring settings of the selected `Tier` , and merged with customized overwrite settings that are specified in `DefaultOverwriteComponentConfiguration` . If used, `DefaultOverwriteComponentConfiguration` must be provided.", "title": "ComponentConfigurationMode", "type": "string" }, "ComponentName": { "markdownDescription": "The name of the component.", "title": "ComponentName", "type": "string" }, "CustomComponentConfiguration": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.ComponentConfiguration", "markdownDescription": "Customized monitoring settings. Required if CUSTOM mode is configured in `ComponentConfigurationMode` .", "title": "CustomComponentConfiguration" }, "DefaultOverwriteComponentConfiguration": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.ComponentConfiguration", "markdownDescription": "Customized overwrite monitoring settings. Required if CUSTOM mode is configured in `ComponentConfigurationMode` .", "title": "DefaultOverwriteComponentConfiguration" }, "Tier": { "markdownDescription": "The tier of the application component. Supported tiers include `DOT_NET_CORE` , `DOT_NET_WORKER` , `DOT_NET_WEB` , `SQL_SERVER` , `SQL_SERVER_ALWAYSON_AVAILABILITY_GROUP` , `SQL_SERVER_FAILOVER_CLUSTER_INSTANCE` , `MYSQL` , `POSTGRESQL` , `JAVA_JMX` , `ORACLE` , `SAP_HANA_MULTI_NODE` , `SAP_HANA_SINGLE_NODE` , `SAP_HANA_HIGH_AVAILABILITY` , `SHAREPOINT` . `ACTIVE_DIRECTORY` , and `DEFAULT` .", "title": "Tier", "type": "string" } }, "required": [ "ComponentConfigurationMode", "Tier" ], "type": "object" }, "AWS::ApplicationInsights::Application.ConfigurationDetails": { "additionalProperties": false, "properties": { "AlarmMetrics": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.AlarmMetric" }, "markdownDescription": "A list of metrics to monitor for the component. All component types can use `AlarmMetrics` .", "title": "AlarmMetrics", "type": "array" }, "Alarms": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.Alarm" }, "markdownDescription": "A list of alarms to monitor for the component. All component types can use `Alarm` .", "title": "Alarms", "type": "array" }, "HAClusterPrometheusExporter": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.HAClusterPrometheusExporter", "markdownDescription": "The HA cluster Prometheus Exporter settings.", "title": "HAClusterPrometheusExporter" }, "HANAPrometheusExporter": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.HANAPrometheusExporter", "markdownDescription": "The HANA DB Prometheus Exporter settings.", "title": "HANAPrometheusExporter" }, "JMXPrometheusExporter": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.JMXPrometheusExporter", "markdownDescription": "A list of Java metrics to monitor for the component.", "title": "JMXPrometheusExporter" }, "Logs": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.Log" }, "markdownDescription": "A list of logs to monitor for the component. Only Amazon EC2 instances can use `Logs` .", "title": "Logs", "type": "array" }, "NetWeaverPrometheusExporter": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.NetWeaverPrometheusExporter", "markdownDescription": "", "title": "NetWeaverPrometheusExporter" }, "Processes": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.Process" }, "markdownDescription": "", "title": "Processes", "type": "array" }, "SQLServerPrometheusExporter": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.SQLServerPrometheusExporter", "markdownDescription": "", "title": "SQLServerPrometheusExporter" }, "WindowsEvents": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.WindowsEvent" }, "markdownDescription": "A list of Windows Events to monitor for the component. Only Amazon EC2 instances running on Windows can use `WindowsEvents` .", "title": "WindowsEvents", "type": "array" } }, "type": "object" }, "AWS::ApplicationInsights::Application.CustomComponent": { "additionalProperties": false, "properties": { "ComponentName": { "markdownDescription": "The name of the component.", "title": "ComponentName", "type": "string" }, "ResourceList": { "items": { "type": "string" }, "markdownDescription": "The list of resource ARNs that belong to the component.", "title": "ResourceList", "type": "array" } }, "required": [ "ComponentName", "ResourceList" ], "type": "object" }, "AWS::ApplicationInsights::Application.HAClusterPrometheusExporter": { "additionalProperties": false, "properties": { "PrometheusPort": { "markdownDescription": "The target port to which Prometheus sends metrics. If not specified, the default port 9668 is used.", "title": "PrometheusPort", "type": "string" } }, "type": "object" }, "AWS::ApplicationInsights::Application.HANAPrometheusExporter": { "additionalProperties": false, "properties": { "AgreeToInstallHANADBClient": { "markdownDescription": "Designates whether you agree to install the HANA DB client.", "title": "AgreeToInstallHANADBClient", "type": "boolean" }, "HANAPort": { "markdownDescription": "The HANA database port by which the exporter will query HANA metrics.", "title": "HANAPort", "type": "string" }, "HANASID": { "markdownDescription": "The three-character SAP system ID (SID) of the SAP HANA system.", "title": "HANASID", "type": "string" }, "HANASecretName": { "markdownDescription": "The AWS Secrets Manager secret that stores HANA monitoring user credentials. The HANA Prometheus exporter uses these credentials to connect to the database and query HANA metrics.", "title": "HANASecretName", "type": "string" }, "PrometheusPort": { "markdownDescription": "The target port to which Prometheus sends metrics. If not specified, the default port 9668 is used.", "title": "PrometheusPort", "type": "string" } }, "required": [ "AgreeToInstallHANADBClient", "HANAPort", "HANASID", "HANASecretName" ], "type": "object" }, "AWS::ApplicationInsights::Application.JMXPrometheusExporter": { "additionalProperties": false, "properties": { "HostPort": { "markdownDescription": "The host and port to connect to through remote JMX. Only one of `jmxURL` and `hostPort` can be specified.", "title": "HostPort", "type": "string" }, "JMXURL": { "markdownDescription": "The complete JMX URL to connect to.", "title": "JMXURL", "type": "string" }, "PrometheusPort": { "markdownDescription": "The target port to send Prometheus metrics to. If not specified, the default port `9404` is used.", "title": "PrometheusPort", "type": "string" } }, "type": "object" }, "AWS::ApplicationInsights::Application.Log": { "additionalProperties": false, "properties": { "Encoding": { "markdownDescription": "The type of encoding of the logs to be monitored. The specified encoding should be included in the list of CloudWatch agent supported encodings. If not provided, CloudWatch Application Insights uses the default encoding type for the log type:\n\n- `APPLICATION/DEFAULT` : utf-8 encoding\n- `SQL_SERVER` : utf-16 encoding\n- `IIS` : ascii encoding", "title": "Encoding", "type": "string" }, "LogGroupName": { "markdownDescription": "The CloudWatch log group name to be associated with the monitored log.", "title": "LogGroupName", "type": "string" }, "LogPath": { "markdownDescription": "The path of the logs to be monitored. The log path must be an absolute Windows or Linux system file path. For more information, see [CloudWatch Agent Configuration File: Logs Section](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html#CloudWatch-Agent-Configuration-File-Logssection) .", "title": "LogPath", "type": "string" }, "LogType": { "markdownDescription": "The log type decides the log patterns against which Application Insights analyzes the log. The log type is selected from the following: `SQL_SERVER` , `MYSQL` , `MYSQL_SLOW_QUERY` , `POSTGRESQL` , `ORACLE_ALERT` , `ORACLE_LISTENER` , `IIS` , `APPLICATION` , `WINDOWS_EVENTS` , `WINDOWS_EVENTS_ACTIVE_DIRECTORY` , `WINDOWS_EVENTS_DNS` , `WINDOWS_EVENTS_IIS` , `WINDOWS_EVENTS_SHAREPOINT` , `SQL_SERVER_ALWAYSON_AVAILABILITY_GROUP` , `SQL_SERVER_FAILOVER_CLUSTER_INSTANCE` , `STEP_FUNCTION` , `API_GATEWAY_ACCESS` , `API_GATEWAY_EXECUTION` , `SAP_HANA_LOGS` , `SAP_HANA_TRACE` , `SAP_HANA_HIGH_AVAILABILITY` , and `DEFAULT` .", "title": "LogType", "type": "string" }, "PatternSet": { "markdownDescription": "The log pattern set.", "title": "PatternSet", "type": "string" } }, "required": [ "LogType" ], "type": "object" }, "AWS::ApplicationInsights::Application.LogPattern": { "additionalProperties": false, "properties": { "Pattern": { "markdownDescription": "A regular expression that defines the log pattern. A log pattern can contain up to 50 characters, and it cannot be empty.", "title": "Pattern", "type": "string" }, "PatternName": { "markdownDescription": "The name of the log pattern. A log pattern name can contain up to 50 characters, and it cannot be empty. The characters can be Unicode letters, digits, or one of the following symbols: period, dash, underscore.", "title": "PatternName", "type": "string" }, "Rank": { "markdownDescription": "The rank of the log pattern.", "title": "Rank", "type": "number" } }, "required": [ "Pattern", "PatternName", "Rank" ], "type": "object" }, "AWS::ApplicationInsights::Application.LogPatternSet": { "additionalProperties": false, "properties": { "LogPatterns": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.LogPattern" }, "markdownDescription": "A list of objects that define the log patterns that belong to `LogPatternSet` .", "title": "LogPatterns", "type": "array" }, "PatternSetName": { "markdownDescription": "The name of the log pattern. A log pattern name can contain up to 30 characters, and it cannot be empty. The characters can be Unicode letters, digits, or one of the following symbols: period, dash, underscore.", "title": "PatternSetName", "type": "string" } }, "required": [ "LogPatterns", "PatternSetName" ], "type": "object" }, "AWS::ApplicationInsights::Application.NetWeaverPrometheusExporter": { "additionalProperties": false, "properties": { "InstanceNumbers": { "items": { "type": "string" }, "markdownDescription": "", "title": "InstanceNumbers", "type": "array" }, "PrometheusPort": { "markdownDescription": "", "title": "PrometheusPort", "type": "string" }, "SAPSID": { "markdownDescription": "", "title": "SAPSID", "type": "string" } }, "required": [ "InstanceNumbers", "SAPSID" ], "type": "object" }, "AWS::ApplicationInsights::Application.Process": { "additionalProperties": false, "properties": { "AlarmMetrics": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.AlarmMetric" }, "markdownDescription": "", "title": "AlarmMetrics", "type": "array" }, "ProcessName": { "markdownDescription": "", "title": "ProcessName", "type": "string" } }, "required": [ "AlarmMetrics", "ProcessName" ], "type": "object" }, "AWS::ApplicationInsights::Application.SQLServerPrometheusExporter": { "additionalProperties": false, "properties": { "PrometheusPort": { "markdownDescription": "", "title": "PrometheusPort", "type": "string" }, "SQLSecretName": { "markdownDescription": "", "title": "SQLSecretName", "type": "string" } }, "required": [ "PrometheusPort", "SQLSecretName" ], "type": "object" }, "AWS::ApplicationInsights::Application.SubComponentConfigurationDetails": { "additionalProperties": false, "properties": { "AlarmMetrics": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.AlarmMetric" }, "markdownDescription": "A list of metrics to monitor for the component. All component types can use `AlarmMetrics` .", "title": "AlarmMetrics", "type": "array" }, "Logs": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.Log" }, "markdownDescription": "A list of logs to monitor for the component. Only Amazon EC2 instances can use `Logs` .", "title": "Logs", "type": "array" }, "Processes": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.Process" }, "markdownDescription": "", "title": "Processes", "type": "array" }, "WindowsEvents": { "items": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.WindowsEvent" }, "markdownDescription": "A list of Windows Events to monitor for the component. Only Amazon EC2 instances running on Windows can use `WindowsEvents` .", "title": "WindowsEvents", "type": "array" } }, "type": "object" }, "AWS::ApplicationInsights::Application.SubComponentTypeConfiguration": { "additionalProperties": false, "properties": { "SubComponentConfigurationDetails": { "$ref": "#/definitions/AWS::ApplicationInsights::Application.SubComponentConfigurationDetails", "markdownDescription": "The configuration settings of the sub-components.", "title": "SubComponentConfigurationDetails" }, "SubComponentType": { "markdownDescription": "The sub-component type.", "title": "SubComponentType", "type": "string" } }, "required": [ "SubComponentConfigurationDetails", "SubComponentType" ], "type": "object" }, "AWS::ApplicationInsights::Application.WindowsEvent": { "additionalProperties": false, "properties": { "EventLevels": { "items": { "type": "string" }, "markdownDescription": "The levels of event to log. You must specify each level to log. Possible values include `INFORMATION` , `WARNING` , `ERROR` , `CRITICAL` , and `VERBOSE` . This field is required for each type of Windows Event to log.", "title": "EventLevels", "type": "array" }, "EventName": { "markdownDescription": "The type of Windows Events to log, equivalent to the Windows Event log channel name. For example, System, Security, CustomEventName, and so on. This field is required for each type of Windows event to log.", "title": "EventName", "type": "string" }, "LogGroupName": { "markdownDescription": "The CloudWatch log group name to be associated with the monitored log.", "title": "LogGroupName", "type": "string" }, "PatternSet": { "markdownDescription": "The log pattern set.", "title": "PatternSet", "type": "string" } }, "required": [ "EventLevels", "EventName", "LogGroupName" ], "type": "object" }, "AWS::Athena::CapacityReservation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityAssignmentConfiguration": { "$ref": "#/definitions/AWS::Athena::CapacityReservation.CapacityAssignmentConfiguration", "markdownDescription": "Assigns Athena workgroups (and hence their queries) to capacity reservations. A capacity reservation can have only one capacity assignment configuration, but the capacity assignment configuration can be made up of multiple individual assignments. Each assignment specifies how Athena queries can consume capacity from the capacity reservation that their workgroup is mapped to.", "title": "CapacityAssignmentConfiguration" }, "Name": { "markdownDescription": "The name of the capacity reservation.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the capacity reservation.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "TargetDpus": { "markdownDescription": "The number of data processing units requested.", "title": "TargetDpus", "type": "number" } }, "required": [ "Name", "TargetDpus" ], "type": "object" }, "Type": { "enum": [ "AWS::Athena::CapacityReservation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Athena::CapacityReservation.CapacityAssignment": { "additionalProperties": false, "properties": { "WorkgroupNames": { "items": { "type": "string" }, "markdownDescription": "The list of workgroup names for the capacity assignment.", "title": "WorkgroupNames", "type": "array" } }, "required": [ "WorkgroupNames" ], "type": "object" }, "AWS::Athena::CapacityReservation.CapacityAssignmentConfiguration": { "additionalProperties": false, "properties": { "CapacityAssignments": { "items": { "$ref": "#/definitions/AWS::Athena::CapacityReservation.CapacityAssignment" }, "markdownDescription": "The list of assignments that make up the capacity assignment configuration.", "title": "CapacityAssignments", "type": "array" } }, "required": [ "CapacityAssignments" ], "type": "object" }, "AWS::Athena::DataCatalog": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the data catalog.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the data catalog. The catalog name must be unique for the AWS account and can use a maximum of 128 alphanumeric, underscore, at sign, or hyphen characters.", "title": "Name", "type": "string" }, "Parameters": { "additionalProperties": true, "markdownDescription": "Specifies the Lambda function or functions to use for the data catalog. The mapping used depends on the catalog type.\n\n- The `HIVE` data catalog type uses the following syntax. The `metadata-function` parameter is required. `The sdk-version` parameter is optional and defaults to the currently supported version.\n\n`metadata-function= *lambda_arn* , sdk-version= *version_number*`\n- The `LAMBDA` data catalog type uses one of the following sets of required parameters, but not both.\n\n- When one Lambda function processes metadata and another Lambda function reads data, the following syntax is used. Both parameters are required.\n\n`metadata-function= *lambda_arn* , record-function= *lambda_arn*`\n- A composite Lambda function that processes both metadata and data uses the following syntax.\n\n`function= *lambda_arn*`\n- The `GLUE` type takes a catalog ID parameter and is required. The `*catalog_id*` is the account ID of the AWS account to which the Glue catalog belongs.\n\n`catalog-id= *catalog_id*`\n\n- The `GLUE` data catalog type also applies to the default `AwsDataCatalog` that already exists in your account, of which you can have only one and cannot modify.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags (key-value pairs) to associate with this resource.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of data catalog: `LAMBDA` for a federated catalog, `GLUE` for AWS Glue Catalog, or `HIVE` for an external hive metastore.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Athena::DataCatalog" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Athena::NamedQuery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "The database to which the query belongs.", "title": "Database", "type": "string" }, "Description": { "markdownDescription": "The query description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The query name.", "title": "Name", "type": "string" }, "QueryString": { "markdownDescription": "The SQL statements that make up the query.", "title": "QueryString", "type": "string" }, "WorkGroup": { "markdownDescription": "The name of the workgroup that contains the named query.", "title": "WorkGroup", "type": "string" } }, "required": [ "Database", "QueryString" ], "type": "object" }, "Type": { "enum": [ "AWS::Athena::NamedQuery" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Athena::PreparedStatement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the prepared statement.", "title": "Description", "type": "string" }, "QueryStatement": { "markdownDescription": "The query string for the prepared statement.", "title": "QueryStatement", "type": "string" }, "StatementName": { "markdownDescription": "The name of the prepared statement.", "title": "StatementName", "type": "string" }, "WorkGroup": { "markdownDescription": "The workgroup to which the prepared statement belongs.", "title": "WorkGroup", "type": "string" } }, "required": [ "QueryStatement", "StatementName", "WorkGroup" ], "type": "object" }, "Type": { "enum": [ "AWS::Athena::PreparedStatement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Athena::WorkGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The workgroup description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The workgroup name.", "title": "Name", "type": "string" }, "RecursiveDeleteOption": { "markdownDescription": "The option to delete a workgroup and its contents even if the workgroup contains any named queries. The default is false.", "title": "RecursiveDeleteOption", "type": "boolean" }, "State": { "markdownDescription": "The state of the workgroup: ENABLED or DISABLED.", "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags (key-value pairs) to associate with this resource.", "title": "Tags", "type": "array" }, "WorkGroupConfiguration": { "$ref": "#/definitions/AWS::Athena::WorkGroup.WorkGroupConfiguration", "markdownDescription": "The configuration of the workgroup, which includes the location in Amazon S3 where query results are stored, the encryption option, if any, used for query results, whether Amazon CloudWatch Metrics are enabled for the workgroup, and the limit for the amount of bytes scanned (cutoff) per query, if it is specified. The `EnforceWorkGroupConfiguration` option determines whether workgroup settings override client-side query settings.", "title": "WorkGroupConfiguration" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Athena::WorkGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Athena::WorkGroup.AclConfiguration": { "additionalProperties": false, "properties": { "S3AclOption": { "markdownDescription": "The Amazon S3 canned ACL that Athena should specify when storing query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . If a query runs in a workgroup and the workgroup overrides client-side settings, then the Amazon S3 canned ACL specified in the workgroup's settings is used for all queries that run in the workgroup. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .", "title": "S3AclOption", "type": "string" } }, "required": [ "S3AclOption" ], "type": "object" }, "AWS::Athena::WorkGroup.CustomerContentEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKey": { "markdownDescription": "The customer managed KMS key that is used to encrypt the user's data stores in Athena.", "title": "KmsKey", "type": "string" } }, "required": [ "KmsKey" ], "type": "object" }, "AWS::Athena::WorkGroup.EncryptionConfiguration": { "additionalProperties": false, "properties": { "EncryptionOption": { "markdownDescription": "Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys ( `SSE_S3` ), server-side encryption with KMS-managed keys ( `SSE_KMS` ), or client-side encryption with KMS-managed keys ( `CSE_KMS` ) is used.\n\nIf a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup.", "title": "EncryptionOption", "type": "string" }, "KmsKey": { "markdownDescription": "For `SSE_KMS` and `CSE_KMS` , this is the KMS key ARN or ID.", "title": "KmsKey", "type": "string" } }, "required": [ "EncryptionOption" ], "type": "object" }, "AWS::Athena::WorkGroup.EngineVersion": { "additionalProperties": false, "properties": { "EffectiveEngineVersion": { "markdownDescription": "Read only. The engine version on which the query runs. If the user requests a valid engine version other than Auto, the effective engine version is the same as the engine version that the user requested. If the user requests Auto, the effective engine version is chosen by Athena. When a request to update the engine version is made by a `CreateWorkGroup` or `UpdateWorkGroup` operation, the `EffectiveEngineVersion` field is ignored.", "title": "EffectiveEngineVersion", "type": "string" }, "SelectedEngineVersion": { "markdownDescription": "The engine version requested by the user. Possible values are determined by the output of `ListEngineVersions` , including AUTO. The default is AUTO.", "title": "SelectedEngineVersion", "type": "string" } }, "type": "object" }, "AWS::Athena::WorkGroup.ResultConfiguration": { "additionalProperties": false, "properties": { "AclConfiguration": { "$ref": "#/definitions/AWS::Athena::WorkGroup.AclConfiguration", "markdownDescription": "Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . This is a client-side setting. If workgroup settings override client-side settings, then the query uses the ACL configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` .", "title": "AclConfiguration" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::Athena::WorkGroup.EncryptionConfiguration", "markdownDescription": "If query results are encrypted in Amazon S3, indicates the encryption option used (for example, `SSE_KMS` or `CSE_KMS` ) and key information. This is a client-side setting. If workgroup settings override client-side settings, then the query uses the encryption configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` and [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) .", "title": "EncryptionConfiguration" }, "ExpectedBucketOwner": { "markdownDescription": "The account ID that you expect to be the owner of the Amazon S3 bucket specified by `ResultConfiguration:OutputLocation` . If set, Athena uses the value for `ExpectedBucketOwner` when it makes Amazon S3 calls to your specified output location. If the `ExpectedBucketOwner` account ID does not match the actual owner of the Amazon S3 bucket, the call fails with a permissions error.\n\nThis is a client-side setting. If workgroup settings override client-side settings, then the query uses the `ExpectedBucketOwner` setting that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` .", "title": "ExpectedBucketOwner", "type": "string" }, "OutputLocation": { "markdownDescription": "The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/` . To run a query, you must specify the query results location using either a client-side setting for individual queries or a location specified by the workgroup. If workgroup settings override client-side settings, then the query uses the location specified for the workgroup. If no query location is set, Athena issues an error. For more information, see [Working with Query Results, Output Files, and Query History](https://docs.aws.amazon.com/athena/latest/ug/querying.html) and `EnforceWorkGroupConfiguration` .", "title": "OutputLocation", "type": "string" } }, "type": "object" }, "AWS::Athena::WorkGroup.WorkGroupConfiguration": { "additionalProperties": false, "properties": { "AdditionalConfiguration": { "markdownDescription": "Specifies a user defined JSON string that is passed to the session engine.", "title": "AdditionalConfiguration", "type": "string" }, "BytesScannedCutoffPerQuery": { "markdownDescription": "The upper limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. No default is defined.\n\n> This property currently supports integer types. Support for long values is planned.", "title": "BytesScannedCutoffPerQuery", "type": "number" }, "CustomerContentEncryptionConfiguration": { "$ref": "#/definitions/AWS::Athena::WorkGroup.CustomerContentEncryptionConfiguration", "markdownDescription": "Specifies the KMS key that is used to encrypt the user's data stores in Athena. This setting does not apply to Athena SQL workgroups.", "title": "CustomerContentEncryptionConfiguration" }, "EnforceWorkGroupConfiguration": { "markdownDescription": "If set to \"true\", the settings for the workgroup override client-side settings. If set to \"false\", client-side settings are used. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) .", "title": "EnforceWorkGroupConfiguration", "type": "boolean" }, "EngineVersion": { "$ref": "#/definitions/AWS::Athena::WorkGroup.EngineVersion", "markdownDescription": "The engine version that all queries running on the workgroup use.", "title": "EngineVersion" }, "ExecutionRole": { "markdownDescription": "Role used to access user resources in an Athena for Apache Spark session. This property applies only to Spark-enabled workgroups in Athena.", "title": "ExecutionRole", "type": "string" }, "PublishCloudWatchMetricsEnabled": { "markdownDescription": "Indicates that the Amazon CloudWatch metrics are enabled for the workgroup.", "title": "PublishCloudWatchMetricsEnabled", "type": "boolean" }, "RequesterPaysEnabled": { "markdownDescription": "If set to `true` , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to `false` , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is `false` . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service Developer Guide* .", "title": "RequesterPaysEnabled", "type": "boolean" }, "ResultConfiguration": { "$ref": "#/definitions/AWS::Athena::WorkGroup.ResultConfiguration", "markdownDescription": "Specifies the location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. For more information, see [Working with Query Results, Output Files, and Query History](https://docs.aws.amazon.com/athena/latest/ug/querying.html) .", "title": "ResultConfiguration" } }, "type": "object" }, "AWS::AuditManager::Assessment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssessmentReportsDestination": { "$ref": "#/definitions/AWS::AuditManager::Assessment.AssessmentReportsDestination", "markdownDescription": "The destination that evidence reports are stored in for the assessment.", "title": "AssessmentReportsDestination" }, "AwsAccount": { "$ref": "#/definitions/AWS::AuditManager::Assessment.AWSAccount", "markdownDescription": "The AWS account that's associated with the assessment.", "title": "AwsAccount" }, "Delegations": { "items": { "$ref": "#/definitions/AWS::AuditManager::Assessment.Delegation" }, "markdownDescription": "The delegations that are associated with the assessment.", "title": "Delegations", "type": "array" }, "Description": { "markdownDescription": "The description of the assessment.", "title": "Description", "type": "string" }, "FrameworkId": { "markdownDescription": "The unique identifier for the framework.", "title": "FrameworkId", "type": "string" }, "Name": { "markdownDescription": "The name of the assessment.", "title": "Name", "type": "string" }, "Roles": { "items": { "$ref": "#/definitions/AWS::AuditManager::Assessment.Role" }, "markdownDescription": "The roles that are associated with the assessment.", "title": "Roles", "type": "array" }, "Scope": { "$ref": "#/definitions/AWS::AuditManager::Assessment.Scope", "markdownDescription": "The wrapper of AWS accounts and services that are in scope for the assessment.", "title": "Scope" }, "Status": { "markdownDescription": "The overall status of the assessment.\n\nWhen you create a new assessment, the initial `Status` value is always `ACTIVE` . When you create an assessment, even if you specify the value as `INACTIVE` , the value overrides to `ACTIVE` .\n\nAfter you create an assessment, you can change the value of the `Status` property at any time. For example, when you want to stop collecting evidence for your assessment, you can change the assessment status to `INACTIVE` .", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that are associated with the assessment.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::AuditManager::Assessment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::AuditManager::Assessment.AWSAccount": { "additionalProperties": false, "properties": { "EmailAddress": { "markdownDescription": "The email address that's associated with the AWS account .", "title": "EmailAddress", "type": "string" }, "Id": { "markdownDescription": "The identifier for the AWS account .", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the AWS account .", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::AuditManager::Assessment.AWSService": { "additionalProperties": false, "properties": { "ServiceName": { "markdownDescription": "The name of the AWS service .", "title": "ServiceName", "type": "string" } }, "type": "object" }, "AWS::AuditManager::Assessment.AssessmentReportsDestination": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The destination bucket where Audit Manager stores assessment reports.", "title": "Destination", "type": "string" }, "DestinationType": { "markdownDescription": "The destination type, such as Amazon S3.", "title": "DestinationType", "type": "string" } }, "type": "object" }, "AWS::AuditManager::Assessment.Delegation": { "additionalProperties": false, "properties": { "AssessmentId": { "markdownDescription": "The identifier for the assessment that's associated with the delegation.", "title": "AssessmentId", "type": "string" }, "AssessmentName": { "markdownDescription": "The name of the assessment that's associated with the delegation.", "title": "AssessmentName", "type": "string" }, "Comment": { "markdownDescription": "The comment that's related to the delegation.", "title": "Comment", "type": "string" }, "ControlSetId": { "markdownDescription": "The identifier for the control set that's associated with the delegation.", "title": "ControlSetId", "type": "string" }, "CreatedBy": { "markdownDescription": "The user or role that created the delegation.\n\n*Minimum* : `1`\n\n*Maximum* : `100`\n\n*Pattern* : `^[a-zA-Z0-9-_()\\\\[\\\\]\\\\s]+$`", "title": "CreatedBy", "type": "string" }, "CreationTime": { "markdownDescription": "Specifies when the delegation was created.", "title": "CreationTime", "type": "number" }, "Id": { "markdownDescription": "The unique identifier for the delegation.", "title": "Id", "type": "string" }, "LastUpdated": { "markdownDescription": "Specifies when the delegation was last updated.", "title": "LastUpdated", "type": "number" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role.", "title": "RoleArn", "type": "string" }, "RoleType": { "markdownDescription": "The type of customer persona.\n\n> In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` .\n> \n> In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` .\n> \n> In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` .", "title": "RoleType", "type": "string" }, "Status": { "markdownDescription": "The status of the delegation.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::AuditManager::Assessment.Role": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role.", "title": "RoleArn", "type": "string" }, "RoleType": { "markdownDescription": "The type of customer persona.\n\n> In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` .\n> \n> In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` .\n> \n> In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` .", "title": "RoleType", "type": "string" } }, "type": "object" }, "AWS::AuditManager::Assessment.Scope": { "additionalProperties": false, "properties": { "AwsAccounts": { "items": { "$ref": "#/definitions/AWS::AuditManager::Assessment.AWSAccount" }, "markdownDescription": "The AWS accounts that are included in the scope of the assessment.", "title": "AwsAccounts", "type": "array" }, "AwsServices": { "items": { "$ref": "#/definitions/AWS::AuditManager::Assessment.AWSService" }, "markdownDescription": "The AWS services that are included in the scope of the assessment.\n\n> This API parameter is no longer supported. If you use this parameter to specify one or more AWS services , Audit Manager ignores this input. Instead, the value for `awsServices` will show as empty.", "title": "AwsServices", "type": "array" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "CreationPolicy": { "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingGroupName": { "markdownDescription": "The name of the Auto Scaling group. This name must be unique per Region per account.\n\nThe name can contain any ASCII character 33 to 126 including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use a colon (:) in the name.", "title": "AutoScalingGroupName", "type": "string" }, "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of Availability Zones where instances in the Auto Scaling group can be created. Used for launching into the default VPC subnet in each Availability Zone when not using the `VPCZoneIdentifier` property, or for attaching a network interface when an existing network interface ID is specified in a launch template.", "title": "AvailabilityZones", "type": "array" }, "CapacityRebalance": { "markdownDescription": "Indicates whether Capacity Rebalancing is enabled. Otherwise, Capacity Rebalancing is disabled. When you turn on Capacity Rebalancing, Amazon EC2 Auto Scaling attempts to launch a Spot Instance whenever Amazon EC2 notifies that a Spot Instance is at an elevated risk of interruption. After launching a new instance, it then terminates an old instance. For more information, see [Use Capacity Rebalancing to handle Amazon EC2 Spot Interruptions](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-capacity-rebalancing.html) in the in the *Amazon EC2 Auto Scaling User Guide* .", "title": "CapacityRebalance", "type": "boolean" }, "Context": { "markdownDescription": "Reserved.", "title": "Context", "type": "string" }, "Cooldown": { "markdownDescription": "*Only needed if you use simple scaling policies.*\n\nThe amount of time, in seconds, between one scaling activity ending and another one starting due to simple scaling policies. For more information, see [Scaling cooldowns for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scaling-cooldowns.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nDefault: `300` seconds", "title": "Cooldown", "type": "string" }, "DefaultInstanceWarmup": { "markdownDescription": "The amount of time, in seconds, until a new instance is considered to have finished initializing and resource consumption to become stable after it enters the `InService` state.\n\nDuring an instance refresh, Amazon EC2 Auto Scaling waits for the warm-up period after it replaces an instance before it moves on to replacing the next instance. Amazon EC2 Auto Scaling also waits for the warm-up period before aggregating the metrics for new instances with existing instances in the Amazon CloudWatch metrics that are used for scaling, resulting in more reliable usage data. For more information, see [Set the default instance warmup for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-default-instance-warmup.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\n> To manage various warm-up settings at the group level, we recommend that you set the default instance warmup, *even if it is set to 0 seconds* . To remove a value that you previously set, include the property but specify `-1` for the value. However, we strongly recommend keeping the default instance warmup enabled by specifying a value of `0` or other nominal value. \n\nDefault: None", "title": "DefaultInstanceWarmup", "type": "number" }, "DesiredCapacity": { "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group at the time of its creation and the capacity it attempts to maintain. It can scale beyond this capacity if you configure automatic scaling.\n\nThe number must be greater than or equal to the minimum size of the group and less than or equal to the maximum size of the group. If you do not specify a desired capacity when creating the stack, the default is the minimum size of the group.\n\nCloudFormation marks the Auto Scaling group as successful (by setting its status to CREATE_COMPLETE) when the desired capacity is reached. However, if a maximum Spot price is set in the launch template or launch configuration that you specified, then desired capacity is not used as a criteria for success. Whether your request is fulfilled depends on Spot Instance capacity and your maximum price.", "title": "DesiredCapacity", "type": "string" }, "DesiredCapacityType": { "markdownDescription": "The unit of measurement for the value specified for desired capacity. Amazon EC2 Auto Scaling supports `DesiredCapacityType` for attribute-based instance type selection only. For more information, see [Create a mixed instances group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-mixed-instances-group-attribute-based-instance-type-selection.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nBy default, Amazon EC2 Auto Scaling specifies `units` , which translates into number of instances.\n\nValid values: `units` | `vcpu` | `memory-mib`", "title": "DesiredCapacityType", "type": "string" }, "HealthCheckGracePeriod": { "markdownDescription": "The amount of time, in seconds, that Amazon EC2 Auto Scaling waits before checking the health status of an EC2 instance that has come into service and marking it unhealthy due to a failed health check. This is useful if your instances do not immediately pass their health checks after they enter the `InService` state. For more information, see [Set the health check grace period for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/health-check-grace-period.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nDefault: `0` seconds", "title": "HealthCheckGracePeriod", "type": "number" }, "HealthCheckType": { "markdownDescription": "A comma-separated value string of one or more health check types.\n\nThe valid values are `EC2` , `ELB` , and `VPC_LATTICE` . `EC2` is the default health check and cannot be disabled. For more information, see [Health checks for instances in an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-health-checks.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nOnly specify `EC2` if you must clear a value that was previously set.", "title": "HealthCheckType", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the instance used to base the launch configuration on. For more information, see [Create an Auto Scaling group using an EC2 instance](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-from-instance.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nIf you specify `LaunchTemplate` , `MixedInstancesPolicy` , or `LaunchConfigurationName` , don't specify `InstanceId` .", "title": "InstanceId", "type": "string" }, "InstanceMaintenancePolicy": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy", "markdownDescription": "An instance maintenance policy. For more information, see [Set instance maintenance policy](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "InstanceMaintenancePolicy" }, "LaunchConfigurationName": { "markdownDescription": "The name of the launch configuration to use to launch instances.\n\nRequired only if you don't specify `LaunchTemplate` , `MixedInstancesPolicy` , or `InstanceId` .", "title": "LaunchConfigurationName", "type": "string" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification", "markdownDescription": "Information used to specify the launch template and version to use to launch instances. You can alternatively associate a launch template to the Auto Scaling group by specifying a `MixedInstancesPolicy` . For more information about creating launch templates, see [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nIf you omit this property, you must specify `MixedInstancesPolicy` , `LaunchConfigurationName` , or `InstanceId` .", "title": "LaunchTemplate" }, "LifecycleHookSpecificationList": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LifecycleHookSpecification" }, "markdownDescription": "One or more lifecycle hooks to add to the Auto Scaling group before instances are launched.", "title": "LifecycleHookSpecificationList", "type": "array" }, "LoadBalancerNames": { "items": { "type": "string" }, "markdownDescription": "A list of Classic Load Balancers associated with this Auto Scaling group. For Application Load Balancers, Network Load Balancers, and Gateway Load Balancers, specify the `TargetGroupARNs` property instead.", "title": "LoadBalancerNames", "type": "array" }, "MaxInstanceLifetime": { "markdownDescription": "The maximum amount of time, in seconds, that an instance can be in service. The default is null. If specified, the value must be either 0 or a number equal to or greater than 86,400 seconds (1 day). For more information, see [Replace Auto Scaling instances based on maximum instance lifetime](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-max-instance-lifetime.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "MaxInstanceLifetime", "type": "number" }, "MaxSize": { "markdownDescription": "The maximum size of the group.\n\n> With a mixed instances policy that uses instance weighting, Amazon EC2 Auto Scaling may need to go above `MaxSize` to meet your capacity requirements. In this event, Amazon EC2 Auto Scaling will never go above `MaxSize` by more than your largest instance weight (weights that define how many units each instance contributes to the desired capacity of the group).", "title": "MaxSize", "type": "string" }, "MetricsCollection": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.MetricsCollection" }, "markdownDescription": "Enables the monitoring of group metrics of an Auto Scaling group. By default, these metrics are disabled.", "title": "MetricsCollection", "type": "array" }, "MinSize": { "markdownDescription": "The minimum size of the group.", "title": "MinSize", "type": "string" }, "MixedInstancesPolicy": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.MixedInstancesPolicy", "markdownDescription": "An embedded object that specifies a mixed instances policy.\n\nThe policy includes properties that not only define the distribution of On-Demand Instances and Spot Instances, the maximum price to pay for Spot Instances (optional), and how the Auto Scaling group allocates instance types to fulfill On-Demand and Spot capacities, but also the properties that specify the instance configuration information\u2014the launch template and instance types. The policy can also include a weight for each instance type and different launch templates for individual instance types.\n\nFor more information, see [Auto Scaling groups with multiple instance types and purchase options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "MixedInstancesPolicy" }, "NewInstancesProtectedFromScaleIn": { "markdownDescription": "Indicates whether newly launched instances are protected from termination by Amazon EC2 Auto Scaling when scaling in. For more information about preventing instances from terminating on scale in, see [Use instance scale-in protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "NewInstancesProtectedFromScaleIn", "type": "boolean" }, "NotificationConfigurations": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.NotificationConfiguration" }, "markdownDescription": "Configures an Auto Scaling group to send notifications when specified events take place.", "title": "NotificationConfigurations", "type": "array" }, "PlacementGroup": { "markdownDescription": "The name of the placement group into which to launch your instances. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> A *cluster* placement group is a logical grouping of instances within a single Availability Zone. You cannot specify multiple Availability Zones and a cluster placement group.", "title": "PlacementGroup", "type": "string" }, "ServiceLinkedRoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the service-linked role that the Auto Scaling group uses to call other AWS service on your behalf. By default, Amazon EC2 Auto Scaling uses a service-linked role named `AWSServiceRoleForAutoScaling` , which it creates if it does not exist. For more information, see [Service-linked roles](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-service-linked-role.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "ServiceLinkedRoleARN", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TagProperty" }, "markdownDescription": "One or more tags. You can tag your Auto Scaling group and propagate the tags to the Amazon EC2 instances it launches. Tags are not propagated to Amazon EBS volumes. To add tags to Amazon EBS volumes, specify the tags in a launch template but use caution. If the launch template specifies an instance tag with a key that is also specified for the Auto Scaling group, Amazon EC2 Auto Scaling overrides the value of that instance tag with the value specified by the Auto Scaling group. For more information, see [Tag Auto Scaling groups and instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-tagging.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "Tags", "type": "array" }, "TargetGroupARNs": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARN) of the Elastic Load Balancing target groups to associate with the Auto Scaling group. Instances are registered as targets with the target groups. The target groups receive incoming traffic and route requests to one or more registered targets. For more information, see [Use Elastic Load Balancing to distribute traffic across the instances in your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "TargetGroupARNs", "type": "array" }, "TerminationPolicies": { "items": { "type": "string" }, "markdownDescription": "A policy or a list of policies that are used to select the instance to terminate. These policies are executed in the order that you list them. For more information, see [Configure termination policies for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-termination-policies.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nValid values: `Default` | `AllocationStrategy` | `ClosestToNextInstanceHour` | `NewestInstance` | `OldestInstance` | `OldestLaunchConfiguration` | `OldestLaunchTemplate` | `arn:aws:lambda:region:account-id:function:my-function:my-alias`", "title": "TerminationPolicies", "type": "array" }, "VPCZoneIdentifier": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs for a virtual private cloud (VPC) where instances in the Auto Scaling group can be created.\n\nIf this resource specifies public subnets and is also in a VPC that is defined in the same stack template, you must use the [DependsOn attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the [VPC-gateway attachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-vpc-gateway-attachment.html) .\n\n> When you update `VPCZoneIdentifier` , this retains the same Auto Scaling group and replaces old instances with new ones, according to the specified subnets. You can optionally specify how CloudFormation handles these updates by using an [UpdatePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html) . \n\nRequired to launch instances into a nondefault VPC. If you specify `VPCZoneIdentifier` with `AvailabilityZones` , the subnets that you specify for this property must reside in those Availability Zones.", "title": "VPCZoneIdentifier", "type": "array" } }, "required": [ "MaxSize", "MinSize" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::AutoScalingGroup" ], "type": "string" }, "UpdatePolicy": { "type": "object" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.AcceleratorCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum value.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum value.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The memory maximum in MiB.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The memory minimum in MiB.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum value in Mbps.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum value in Mbps.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.InstanceMaintenancePolicy": { "additionalProperties": false, "properties": { "MaxHealthyPercentage": { "markdownDescription": "Specifies the upper threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the maximum percentage of the group that can be in service and healthy, or pending, to support your workload when replacing instances. Value range is 100 to 200. To clear a previously set value, specify a value of `-1` .\n\nBoth `MinHealthyPercentage` and `MaxHealthyPercentage` must be specified, and the difference between them cannot be greater than 100. A large range increases the number of instances that can be replaced at the same time.", "title": "MaxHealthyPercentage", "type": "number" }, "MinHealthyPercentage": { "markdownDescription": "Specifies the lower threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the minimum percentage of the group to keep in service, healthy, and ready to use to support your workload when replacing instances. Value range is 0 to 100. To clear a previously set value, specify a value of `-1` .", "title": "MinHealthyPercentage", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.InstanceRequirements": { "additionalProperties": false, "properties": { "AcceleratorCount": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AcceleratorCountRequest", "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) for an instance type.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", "title": "AcceleratorCount" }, "AcceleratorManufacturers": { "items": { "type": "string" }, "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", "title": "AcceleratorManufacturers", "type": "array" }, "AcceleratorNames": { "items": { "type": "string" }, "markdownDescription": "Lists the accelerators that must be on an instance type.\n\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n\nDefault: Any accelerator", "title": "AcceleratorNames", "type": "array" }, "AcceleratorTotalMemoryMiB": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.AcceleratorTotalMemoryMiBRequest", "markdownDescription": "The minimum and maximum total memory size for the accelerators on an instance type, in MiB.\n\nDefault: No minimum or maximum limits", "title": "AcceleratorTotalMemoryMiB" }, "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "Lists the accelerator types that must be on an instance type.\n\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", "title": "AcceleratorTypes", "type": "array" }, "AllowedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` , Amazon EC2 Auto Scaling will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 Auto Scaling will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", "title": "AllowedInstanceTypes", "type": "array" }, "BareMetal": { "markdownDescription": "Indicates whether bare metal instance types are included, excluded, or required.\n\nDefault: `excluded`", "title": "BareMetal", "type": "string" }, "BaselineEbsBandwidthMbps": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.BaselineEbsBandwidthMbpsRequest", "markdownDescription": "The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nDefault: `excluded`", "title": "BurstablePerformance", "type": "string" }, "CpuManufacturers": { "items": { "type": "string" }, "markdownDescription": "Lists which specific CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n> Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", "title": "CpuManufacturers", "type": "array" }, "ExcludedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` , you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 Auto Scaling will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", "title": "ExcludedInstanceTypes", "type": "array" }, "InstanceGenerations": { "items": { "type": "string" }, "markdownDescription": "Indicates whether current or previous generation instance types are included.\n\n- For current generation instance types, specify `current` . The current generation includes EC2 instance types currently recommended for use. This typically includes the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide for Linux Instances* .\n- For previous generation instance types, specify `previous` .\n\nDefault: Any current or previous generation", "title": "InstanceGenerations", "type": "array" }, "LocalStorage": { "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, see [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nDefault: `included`", "title": "LocalStorage", "type": "string" }, "LocalStorageTypes": { "items": { "type": "string" }, "markdownDescription": "Indicates the type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: Any local storage type", "title": "LocalStorageTypes", "type": "array" }, "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage.\n\nIf you set `DesiredCapacityType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", "type": "number" }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.MemoryGiBPerVCpuRequest", "markdownDescription": "The minimum and maximum amount of memory per vCPU for an instance type, in GiB.\n\nDefault: No minimum or maximum limits", "title": "MemoryGiBPerVCpu" }, "MemoryMiB": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.MemoryMiBRequest", "markdownDescription": "The minimum and maximum instance memory size for an instance type, in MiB.", "title": "MemoryMiB" }, "NetworkBandwidthGbps": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.NetworkBandwidthGbpsRequest", "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", "title": "NetworkBandwidthGbps" }, "NetworkInterfaceCount": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.NetworkInterfaceCountRequest", "markdownDescription": "The minimum and maximum number of network interfaces for an instance type.\n\nDefault: No minimum or maximum limits", "title": "NetworkInterfaceCount" }, "OnDemandMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nIf you set `DesiredCapacityType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per instance price.\n\nDefault: `20`", "title": "OnDemandMaxPricePercentageOverLowestPrice", "type": "number" }, "RequireHibernateSupport": { "markdownDescription": "Indicates whether instance types must provide On-Demand Instance hibernation support.\n\nDefault: `false`", "title": "RequireHibernateSupport", "type": "boolean" }, "SpotMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage.\n\nIf you set `DesiredCapacityType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", "title": "SpotMaxPricePercentageOverLowestPrice", "type": "number" }, "TotalLocalStorageGB": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.TotalLocalStorageGBRequest", "markdownDescription": "The minimum and maximum total local storage size for an instance type, in GB.\n\nDefault: No minimum or maximum limits", "title": "TotalLocalStorageGB" }, "VCpuCount": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest", "markdownDescription": "The minimum and maximum number of vCPUs for an instance type.", "title": "VCpuCount" } }, "required": [ "MemoryMiB", "VCpuCount" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.InstancesDistribution": { "additionalProperties": false, "properties": { "OnDemandAllocationStrategy": { "markdownDescription": "The allocation strategy to apply to your On-Demand Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify.\n\nThe following lists the valid values:\n\n- **lowest-price** - Uses price to determine which instance types are the highest priority, launching the lowest priced instance types within an Availability Zone first. This is the default value for Auto Scaling groups that specify `InstanceRequirements` .\n- **prioritized** - You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling launches your highest priority instance types first. If all your On-Demand capacity cannot be fulfilled using your highest priority instance type, then Amazon EC2 Auto Scaling launches the remaining capacity using the second priority instance type, and so on. This is the default value for Auto Scaling groups that don't specify `InstanceRequirements` and cannot be used for groups that do.", "title": "OnDemandAllocationStrategy", "type": "string" }, "OnDemandBaseCapacity": { "markdownDescription": "The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is launched first as your group scales.\n\nThis number has the same unit of measurement as the group's desired capacity. If you change the default unit of measurement (number of instances) by specifying weighted capacity values in your launch template overrides list, or by changing the default desired capacity type setting of the group, you must specify this number using the same unit of measurement.\n\nDefault: 0\n\n> An update to this setting means a gradual replacement of instances to adjust the current On-Demand Instance levels. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones.", "title": "OnDemandBaseCapacity", "type": "number" }, "OnDemandPercentageAboveBaseCapacity": { "markdownDescription": "Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond `OnDemandBaseCapacity` . Expressed as a number (for example, 20 specifies 20% On-Demand Instances, 80% Spot Instances). If set to 100, only On-Demand Instances are used.\n\nDefault: 100\n\n> An update to this setting means a gradual replacement of instances to adjust the current On-Demand and Spot Instance levels for your additional capacity higher than the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones.", "title": "OnDemandPercentageAboveBaseCapacity", "type": "number" }, "SpotAllocationStrategy": { "markdownDescription": "The allocation strategy to apply to your Spot Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify.\n\nThe following lists the valid values:\n\n- **capacity-optimized** - Requests Spot Instances using pools that are optimally chosen based on the available Spot capacity. This strategy has the lowest risk of interruption. To give certain instance types a higher chance of launching first, use `capacity-optimized-prioritized` .\n- **capacity-optimized-prioritized** - You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling honors the instance type priorities on a best effort basis but optimizes for capacity first. Note that if the On-Demand allocation strategy is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity. This is not a valid value for Auto Scaling groups that specify `InstanceRequirements` .\n- **lowest-price** - Requests Spot Instances using the lowest priced pools within an Availability Zone, across the number of Spot pools that you specify for the `SpotInstancePools` property. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. This is the default value, but it might lead to high interruption rates because this strategy only considers instance price and not available capacity.\n- **price-capacity-optimized (recommended)** - The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price.", "title": "SpotAllocationStrategy", "type": "string" }, "SpotInstancePools": { "markdownDescription": "The number of Spot Instance pools across which to allocate your Spot Instances. The Spot pools are determined from the different instance types in the overrides. Valid only when the `SpotAllocationStrategy` is `lowest-price` . Value must be in the range of 1\u201320.\n\nDefault: 2", "title": "SpotInstancePools", "type": "number" }, "SpotMaxPrice": { "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. If your maximum price is lower than the Spot price for the instance types that you selected, your Spot Instances are not launched. We do not recommend specifying a maximum price because it can lead to increased interruptions. When Spot Instances launch, you pay the current Spot price. To remove a maximum price that you previously set, include the property but specify an empty string (\"\") for the value.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify one. \n\nValid Range: Minimum value of 0.001", "title": "SpotMaxPrice", "type": "string" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.LaunchTemplate": { "additionalProperties": false, "properties": { "LaunchTemplateSpecification": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification", "markdownDescription": "The launch template.", "title": "LaunchTemplateSpecification" }, "Overrides": { "items": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LaunchTemplateOverrides" }, "markdownDescription": "Any properties that you specify override the same properties in the launch template.", "title": "Overrides", "type": "array" } }, "required": [ "LaunchTemplateSpecification" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.LaunchTemplateOverrides": { "additionalProperties": false, "properties": { "InstanceRequirements": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.InstanceRequirements", "markdownDescription": "The instance requirements. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types.\n\nYou can specify up to four separate sets of instance requirements per Auto Scaling group. This is useful for provisioning instances from different Amazon Machine Images (AMIs) in the same Auto Scaling group. To do this, create the AMIs and create a new launch template for each AMI. Then, create a compatible set of instance requirements for each launch template.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", "title": "InstanceRequirements" }, "InstanceType": { "markdownDescription": "The instance type, such as `m3.xlarge` . You must specify an instance type that is supported in your requested Region and Availability Zones. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nYou can specify up to 40 instance types per Auto Scaling group.", "title": "InstanceType", "type": "string" }, "LaunchTemplateSpecification": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification", "markdownDescription": "Provides a launch template for the specified instance type or set of instance requirements. For example, some instance types might require a launch template with a different AMI. If not provided, Amazon EC2 Auto Scaling uses the launch template that's specified in the `LaunchTemplate` definition. For more information, see [Specifying a different launch template for an instance type](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-launch-template-overrides.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nYou can specify up to 20 launch templates per Auto Scaling group. The launch templates specified in the overrides and in the `LaunchTemplate` definition count towards this limit.", "title": "LaunchTemplateSpecification" }, "WeightedCapacity": { "markdownDescription": "If you provide a list of instance types to use, you can specify the number of capacity units provided by each instance type in terms of virtual CPUs, memory, storage, throughput, or other relative performance characteristic. When a Spot or On-Demand Instance is launched, the capacity units count toward the desired capacity. Amazon EC2 Auto Scaling launches instances until the desired capacity is totally fulfilled, even if this results in an overage. For example, if there are two units remaining to fulfill capacity, and Amazon EC2 Auto Scaling can only launch an instance with a `WeightedCapacity` of five units, the instance is launched, and the desired capacity is exceeded by three units. For more information, see [Configure instance weighting for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-instance-weighting.html) in the *Amazon EC2 Auto Scaling User Guide* . Value must be in the range of 1-999.\n\nIf you specify a value for `WeightedCapacity` for one instance type, you must specify a value for `WeightedCapacity` for all of them.\n\n> Every Auto Scaling group has three size parameters ( `DesiredCapacity` , `MaxSize` , and `MinSize` ). Usually, you set these sizes based on a specific number of instances. However, if you configure a mixed instances policy that defines weights for the instance types, you must specify these sizes with the same units that you use for weighting instances.", "title": "WeightedCapacity", "type": "string" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateID` or the `LaunchTemplateName` , but not both.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateID` , but not both.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) .\n\n> For an example of using the `Fn::GetAtt` function, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples) section of the `AWS::AutoScaling::AutoScalingGroup` resource.", "title": "Version", "type": "string" } }, "required": [ "Version" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.LifecycleHookSpecification": { "additionalProperties": false, "properties": { "DefaultResult": { "markdownDescription": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The default value is `ABANDON` .\n\nValid values: `CONTINUE` | `ABANDON`", "title": "DefaultResult", "type": "string" }, "HeartbeatTimeout": { "markdownDescription": "The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from `30` to `7200` seconds. The default value is `3600` seconds (1 hour).", "title": "HeartbeatTimeout", "type": "number" }, "LifecycleHookName": { "markdownDescription": "The name of the lifecycle hook.", "title": "LifecycleHookName", "type": "string" }, "LifecycleTransition": { "markdownDescription": "The lifecycle transition. For Auto Scaling groups, there are two major lifecycle transitions.\n\n- To create a lifecycle hook for scale-out events, specify `autoscaling:EC2_INSTANCE_LAUNCHING` .\n- To create a lifecycle hook for scale-in events, specify `autoscaling:EC2_INSTANCE_TERMINATING` .", "title": "LifecycleTransition", "type": "string" }, "NotificationMetadata": { "markdownDescription": "Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target.", "title": "NotificationMetadata", "type": "string" }, "NotificationTargetARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling sends notifications to when an instance is in a wait state for the lifecycle hook. You can specify an Amazon SNS topic or an Amazon SQS queue.", "title": "NotificationTargetARN", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target. For information about creating this role, see [Prepare to add a lifecycle hook to your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/prepare-for-lifecycle-notifications.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nValid only if the notification target is an Amazon SNS topic or an Amazon SQS queue.", "title": "RoleARN", "type": "string" } }, "required": [ "LifecycleHookName", "LifecycleTransition" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.MemoryGiBPerVCpuRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The memory maximum in GiB.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The memory minimum in GiB.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.MemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The memory maximum in MiB.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The memory minimum in MiB.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.MetricsCollection": { "additionalProperties": false, "properties": { "Granularity": { "markdownDescription": "The frequency at which Amazon EC2 Auto Scaling sends aggregated data to CloudWatch. The only valid value is `1Minute` .", "title": "Granularity", "type": "string" }, "Metrics": { "items": { "type": "string" }, "markdownDescription": "Identifies the metrics to enable.\n\nYou can specify one or more of the following metrics:\n\n- `GroupMinSize`\n- `GroupMaxSize`\n- `GroupDesiredCapacity`\n- `GroupInServiceInstances`\n- `GroupPendingInstances`\n- `GroupStandbyInstances`\n- `GroupTerminatingInstances`\n- `GroupTotalInstances`\n- `GroupInServiceCapacity`\n- `GroupPendingCapacity`\n- `GroupStandbyCapacity`\n- `GroupTerminatingCapacity`\n- `GroupTotalCapacity`\n- `WarmPoolDesiredCapacity`\n- `WarmPoolWarmedCapacity`\n- `WarmPoolPendingCapacity`\n- `WarmPoolTerminatingCapacity`\n- `WarmPoolTotalCapacity`\n- `GroupAndWarmPoolDesiredCapacity`\n- `GroupAndWarmPoolTotalCapacity`\n\nIf you specify `Granularity` and don't specify any metrics, all metrics are enabled.\n\nFor more information, see [Amazon CloudWatch metrics for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-metrics.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "Metrics", "type": "array" } }, "required": [ "Granularity" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.MixedInstancesPolicy": { "additionalProperties": false, "properties": { "InstancesDistribution": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.InstancesDistribution", "markdownDescription": "The instances distribution.", "title": "InstancesDistribution" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup.LaunchTemplate", "markdownDescription": "One or more launch templates and the instance types (overrides) that are used to launch EC2 instances to fulfill On-Demand and Spot capacities.", "title": "LaunchTemplate" } }, "required": [ "LaunchTemplate" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.NetworkBandwidthGbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of network bandwidth, in gigabits per second (Gbps).", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of network bandwidth, in gigabits per second (Gbps).", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of network interfaces.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of network interfaces.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.NotificationConfiguration": { "additionalProperties": false, "properties": { "NotificationTypes": { "items": { "type": "string" }, "markdownDescription": "A list of event types that send a notification. Event types can include any of the following types.\n\n*Allowed values* :\n\n- `autoscaling:EC2_INSTANCE_LAUNCH`\n- `autoscaling:EC2_INSTANCE_LAUNCH_ERROR`\n- `autoscaling:EC2_INSTANCE_TERMINATE`\n- `autoscaling:EC2_INSTANCE_TERMINATE_ERROR`\n- `autoscaling:TEST_NOTIFICATION`", "title": "NotificationTypes", "type": "array" }, "TopicARN": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", "title": "TopicARN", "type": "array" } }, "required": [ "TopicARN" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.TagProperty": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "PropagateAtLaunch": { "markdownDescription": "Set to `true` if you want CloudFormation to copy the tag to EC2 instances that are launched as part of the Auto Scaling group. Set to `false` if you want the tag attached only to the Auto Scaling group and not copied to any instances launched as part of the Auto Scaling group.", "title": "PropagateAtLaunch", "type": "boolean" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "PropagateAtLaunch", "Value" ], "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.TotalLocalStorageGBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The storage maximum in GB.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The storage minimum in GB.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::AutoScalingGroup.VCpuCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of vCPUs.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of vCPUs.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::AutoScaling::LaunchConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociatePublicIpAddress": { "markdownDescription": "Specifies whether to assign a public IPv4 address to the group's instances. If the instance is launched into a default subnet, the default is to assign a public IPv4 address, unless you disabled the option to assign a public IPv4 address on the subnet. If the instance is launched into a nondefault subnet, the default is not to assign a public IPv4 address, unless you enabled the option to assign a public IPv4 address on the subnet.\n\nIf you specify `true` , each instance in the Auto Scaling group receives a unique public IPv4 address. For more information, see [Provide network connectivity for your Auto Scaling instances using Amazon VPC](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-in-vpc.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nIf you specify this property, you must specify at least one subnet for `VPCZoneIdentifier` when you create your group.", "title": "AssociatePublicIpAddress", "type": "boolean" }, "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::AutoScaling::LaunchConfiguration.BlockDeviceMapping" }, "markdownDescription": "The block device mapping entries that define the block devices to attach to the instances at launch. By default, the block devices specified in the block device mapping for the AMI are used. For more information, see [Block device mappings](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "BlockDeviceMappings", "type": "array" }, "ClassicLinkVPCId": { "markdownDescription": "Available for backward compatibility.", "title": "ClassicLinkVPCId", "type": "string" }, "ClassicLinkVPCSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "Available for backward compatibility.", "title": "ClassicLinkVPCSecurityGroups", "type": "array" }, "EbsOptimized": { "markdownDescription": "Specifies whether the launch configuration is optimized for EBS I/O ( `true` ) or not ( `false` ). The optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization is not available with all instance types. Additional fees are incurred when you enable EBS optimization for an instance type that is not EBS-optimized by default. For more information, see [Amazon EBS-optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nThe default value is `false` .", "title": "EbsOptimized", "type": "boolean" }, "IamInstanceProfile": { "markdownDescription": "The name or the Amazon Resource Name (ARN) of the instance profile associated with the IAM role for the instance. The instance profile contains the IAM role. For more information, see [IAM role for applications that run on Amazon EC2 instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/us-iam-role.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "IamInstanceProfile", "type": "string" }, "ImageId": { "markdownDescription": "The ID of the Amazon Machine Image (AMI) that was assigned during registration. For more information, see [Find a Linux AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nIf you specify `InstanceId` , an `ImageId` is not required.", "title": "ImageId", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the Amazon EC2 instance to use to create the launch configuration. When you use an instance to create a launch configuration, all properties are derived from the instance with the exception of `BlockDeviceMapping` and `AssociatePublicIpAddress` . You can override any properties from the instance by specifying them in the launch configuration.", "title": "InstanceId", "type": "string" }, "InstanceMonitoring": { "markdownDescription": "Controls whether instances in this group are launched with detailed ( `true` ) or basic ( `false` ) monitoring.\n\nThe default value is `true` (enabled).\n\n> When detailed monitoring is enabled, Amazon CloudWatch generates metrics every minute and your account is charged a fee. When you disable detailed monitoring, CloudWatch generates metrics every 5 minutes. For more information, see [Configure monitoring for Auto Scaling instances](https://docs.aws.amazon.com/autoscaling/latest/userguide/enable-as-instance-metrics.html) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "InstanceMonitoring", "type": "boolean" }, "InstanceType": { "markdownDescription": "Specifies the instance type of the EC2 instance. For information about available instance types, see [Available instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#AvailableInstanceTypes) in the *Amazon EC2 User Guide for Linux Instances* .\n\nIf you specify `InstanceId` , an `InstanceType` is not required.", "title": "InstanceType", "type": "string" }, "KernelId": { "markdownDescription": "The ID of the kernel associated with the AMI.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "KernelId", "type": "string" }, "KeyName": { "markdownDescription": "The name of the key pair. For more information, see [Amazon EC2 key pairs and Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "KeyName", "type": "string" }, "LaunchConfigurationName": { "markdownDescription": "The name of the launch configuration. This name must be unique per Region per account.", "title": "LaunchConfigurationName", "type": "string" }, "MetadataOptions": { "$ref": "#/definitions/AWS::AutoScaling::LaunchConfiguration.MetadataOptions", "markdownDescription": "The metadata options for the instances. For more information, see [Configure the instance metadata options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-config.html#launch-configurations-imds) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "MetadataOptions" }, "PlacementTenancy": { "markdownDescription": "The tenancy of the instance, either `default` or `dedicated` . An instance with `dedicated` tenancy runs on isolated, single-tenant hardware and can only be launched into a VPC. To launch dedicated instances into a shared tenancy VPC (a VPC with the instance placement tenancy attribute set to `default` ), you must set the value of this property to `dedicated` .\n\nIf you specify `PlacementTenancy` , you must specify at least one subnet for `VPCZoneIdentifier` when you create your group.\n\nValid values: `default` | `dedicated`", "title": "PlacementTenancy", "type": "string" }, "RamDiskId": { "markdownDescription": "The ID of the RAM disk to select.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedKernels.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "RamDiskId", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list that contains the security groups to assign to the instances in the Auto Scaling group. The list can contain both the IDs of existing security groups and references to [SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nFor more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", "title": "SecurityGroups", "type": "array" }, "SpotPrice": { "markdownDescription": "The maximum hourly price to be paid for any Spot Instance launched to fulfill the request. Spot Instances are launched when the price you specify exceeds the current Spot price. For more information, see [Request Spot Instances for fault-tolerant and flexible applications](https://docs.aws.amazon.com/autoscaling/ec2/userguide/launch-template-spot-instances.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nValid Range: Minimum value of 0.001\n\n> When you change your maximum price by creating a new launch configuration, running instances will continue to run as long as the maximum price for those running instances is higher than the current Spot price.", "title": "SpotPrice", "type": "string" }, "UserData": { "markdownDescription": "The Base64-encoded user data to make available to the launched EC2 instances. For more information, see [Instance metadata and user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "UserData", "type": "string" } }, "required": [ "ImageId", "InstanceType" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::LaunchConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::LaunchConfiguration.BlockDevice": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Indicates whether the volume is deleted on instance termination. For Amazon EC2 Auto Scaling, the default value is `true` .", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Specifies whether the volume should be encrypted. Encrypted EBS volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Requirements for Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html) in the *Amazon EBS User Guide* . If your AMI uses encrypted volumes, you can also only launch it on supported instance types.\n\n> If you are creating a volume from a snapshot, you cannot create an unencrypted volume from an encrypted snapshot. Also, you cannot specify a KMS key ID when using a launch configuration.\n> \n> If you enable encryption by default, the EBS volumes that you create are always encrypted, either using the AWS managed KMS key or a customer-managed KMS key, regardless of whether the snapshot was encrypted.\n> \n> For more information, see [Use AWS KMS keys to encrypt Amazon EBS volumes](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-data-protection.html#encryption) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of input/output (I/O) operations per second (IOPS) to provision for the volume. For `gp3` and `io1` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n\nFor `io1` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\n`Iops` is supported when the volume type is `gp3` or `io1` and required only when the volume type is `io1` . (Not used with `standard` , `gp2` , `st1` , or `sc1` volumes.)", "title": "Iops", "type": "number" }, "SnapshotId": { "markdownDescription": "The snapshot ID of the volume to use.\n\nYou must specify either a `VolumeSize` or a `SnapshotId` .", "title": "SnapshotId", "type": "string" }, "Throughput": { "markdownDescription": "The throughput (MiBps) to provision for a `gp3` volume.", "title": "Throughput", "type": "number" }, "VolumeSize": { "markdownDescription": "The volume size, in GiBs. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\nYou must specify either a `SnapshotId` or a `VolumeSize` . If you specify both `SnapshotId` and `VolumeSize` , the volume size must be equal or greater than the size of the snapshot.", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .\n\nValid values: `standard` | `io1` | `gp2` | `st1` | `sc1` | `gp3`", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::AutoScaling::LaunchConfiguration.BlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device name assigned to the volume (for example, `/dev/sdh` or `xvdh` ). For more information, see [Device naming on Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> To define a block device mapping, set the device name and exactly one of the following properties: `Ebs` , `NoDevice` , or `VirtualName` .", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::AutoScaling::LaunchConfiguration.BlockDevice", "markdownDescription": "Information to attach an EBS volume to an instance at launch.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "Setting this value to `true` prevents a volume that is included in the block device mapping of the AMI from being mapped to the specified device name at launch.\n\nIf `NoDevice` is `true` for the root device, instances might fail the EC2 health check. In that case, Amazon EC2 Auto Scaling launches replacement instances.", "title": "NoDevice", "type": "boolean" }, "VirtualName": { "markdownDescription": "The name of the instance store volume (virtual device) to attach to an instance at launch. The name must be in the form ephemeral *X* where *X* is a number starting from zero (0), for example, `ephemeral0` .", "title": "VirtualName", "type": "string" } }, "required": [ "DeviceName" ], "type": "object" }, "AWS::AutoScaling::LaunchConfiguration.MetadataOptions": { "additionalProperties": false, "properties": { "HttpEndpoint": { "markdownDescription": "This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", "title": "HttpEndpoint", "type": "string" }, "HttpPutResponseHopLimit": { "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: 1", "title": "HttpPutResponseHopLimit", "type": "number" }, "HttpTokens": { "markdownDescription": "The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is `optional` .\n\nIf the state is `optional` , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.\n\nIf the state is `required` , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.", "title": "HttpTokens", "type": "string" } }, "type": "object" }, "AWS::AutoScaling::LifecycleHook": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingGroupName": { "markdownDescription": "The name of the Auto Scaling group.", "title": "AutoScalingGroupName", "type": "string" }, "DefaultResult": { "markdownDescription": "The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The default value is `ABANDON` .\n\nValid values: `CONTINUE` | `ABANDON`", "title": "DefaultResult", "type": "string" }, "HeartbeatTimeout": { "markdownDescription": "The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from `30` to `7200` seconds. The default value is `3600` seconds (1 hour).", "title": "HeartbeatTimeout", "type": "number" }, "LifecycleHookName": { "markdownDescription": "The name of the lifecycle hook.", "title": "LifecycleHookName", "type": "string" }, "LifecycleTransition": { "markdownDescription": "The lifecycle transition. For Auto Scaling groups, there are two major lifecycle transitions.\n\n- To create a lifecycle hook for scale-out events, specify `autoscaling:EC2_INSTANCE_LAUNCHING` .\n- To create a lifecycle hook for scale-in events, specify `autoscaling:EC2_INSTANCE_TERMINATING` .", "title": "LifecycleTransition", "type": "string" }, "NotificationMetadata": { "markdownDescription": "Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target.", "title": "NotificationMetadata", "type": "string" }, "NotificationTargetARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling sends notifications to when an instance is in a wait state for the lifecycle hook. You can specify an Amazon SNS topic or an Amazon SQS queue.", "title": "NotificationTargetARN", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target. For information about creating this role, see [Prepare to add a lifecycle hook to your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/prepare-for-lifecycle-notifications.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nValid only if the notification target is an Amazon SNS topic or an Amazon SQS queue.", "title": "RoleARN", "type": "string" } }, "required": [ "AutoScalingGroupName", "LifecycleTransition" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::LifecycleHook" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdjustmentType": { "markdownDescription": "Specifies how the scaling adjustment is interpreted (for example, an absolute number or a percentage). The valid values are `ChangeInCapacity` , `ExactCapacity` , and `PercentChangeInCapacity` .\n\nRequired if the policy type is `StepScaling` or `SimpleScaling` . For more information, see [Scaling adjustment types](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-adjustment) in the *Amazon EC2 Auto Scaling User Guide* .", "title": "AdjustmentType", "type": "string" }, "AutoScalingGroupName": { "markdownDescription": "The name of the Auto Scaling group.", "title": "AutoScalingGroupName", "type": "string" }, "Cooldown": { "markdownDescription": "A cooldown period, in seconds, that applies to a specific simple scaling policy. When a cooldown period is specified here, it overrides the default cooldown.\n\nValid only if the policy type is `SimpleScaling` . For more information, see [Scaling cooldowns for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scaling-cooldowns.html) in the *Amazon EC2 Auto Scaling User Guide* .\n\nDefault: None", "title": "Cooldown", "type": "string" }, "EstimatedInstanceWarmup": { "markdownDescription": "*Not needed if the default instance warmup is defined for the group.*\n\nThe estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. This warm-up period applies to instances launched due to a specific target tracking or step scaling policy. When a warm-up period is specified here, it overrides the default instance warmup.\n\nValid only if the policy type is `TargetTrackingScaling` or `StepScaling` .\n\n> The default is to use the value for the default instance warmup defined for the group. If default instance warmup is null, then `EstimatedInstanceWarmup` falls back to the value of default cooldown.", "title": "EstimatedInstanceWarmup", "type": "number" }, "MetricAggregationType": { "markdownDescription": "The aggregation type for the CloudWatch metrics. The valid values are `Minimum` , `Maximum` , and `Average` . If the aggregation type is null, the value is treated as `Average` .\n\nValid only if the policy type is `StepScaling` .", "title": "MetricAggregationType", "type": "string" }, "MinAdjustmentMagnitude": { "markdownDescription": "The minimum value to scale by when the adjustment type is `PercentChangeInCapacity` . For example, suppose that you create a step scaling policy to scale out an Auto Scaling group by 25 percent and you specify a `MinAdjustmentMagnitude` of 2. If the group has 4 instances and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a `MinAdjustmentMagnitude` of 2, Amazon EC2 Auto Scaling scales out the group by 2 instances.\n\nValid only if the policy type is `StepScaling` or `SimpleScaling` . For more information, see [Scaling adjustment types](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html#as-scaling-adjustment) in the *Amazon EC2 Auto Scaling User Guide* .\n\n> Some Auto Scaling groups use instance weights. In this case, set the `MinAdjustmentMagnitude` to a value that is at least as large as your largest instance weight.", "title": "MinAdjustmentMagnitude", "type": "number" }, "PolicyType": { "markdownDescription": "One of the following policy types:\n\n- `TargetTrackingScaling`\n- `StepScaling`\n- `SimpleScaling` (default)\n- `PredictiveScaling`", "title": "PolicyType", "type": "string" }, "PredictiveScalingConfiguration": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingConfiguration", "markdownDescription": "A predictive scaling policy. Provides support for predefined and custom metrics.\n\nPredefined metrics include CPU utilization, network in/out, and the Application Load Balancer request count.\n\nRequired if the policy type is `PredictiveScaling` .", "title": "PredictiveScalingConfiguration" }, "ScalingAdjustment": { "markdownDescription": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a non-negative value.\n\nRequired if the policy type is `SimpleScaling` . (Not used with any other policy type.)", "title": "ScalingAdjustment", "type": "number" }, "StepAdjustments": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.StepAdjustment" }, "markdownDescription": "A set of adjustments that enable you to scale based on the size of the alarm breach.\n\nRequired if the policy type is `StepScaling` . (Not used with any other policy type.)", "title": "StepAdjustments", "type": "array" }, "TargetTrackingConfiguration": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.TargetTrackingConfiguration", "markdownDescription": "A target tracking scaling policy. Provides support for predefined or custom metrics.\n\nThe following predefined metrics are available:\n\n- `ASGAverageCPUUtilization`\n- `ASGAverageNetworkIn`\n- `ASGAverageNetworkOut`\n- `ALBRequestCountPerTarget`\n\nIf you specify `ALBRequestCountPerTarget` for the metric, you must specify the `ResourceLabel` property with the `PredefinedMetricSpecification` .\n\nRequired if the policy type is `TargetTrackingScaling` .", "title": "TargetTrackingConfiguration" } }, "required": [ "AutoScalingGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::ScalingPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.CustomizedMetricSpecification": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricDimension" }, "markdownDescription": "The dimensions of the metric.\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", "type": "string" }, "Unit": { "markdownDescription": "The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", "title": "Unit", "type": "string" } }, "required": [ "MetricName", "Namespace", "Statistic" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.Metric": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricDimension" }, "markdownDescription": "The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* .\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric. For more information, see the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* .", "title": "Namespace", "type": "string" } }, "required": [ "MetricName", "Namespace" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.MetricDataQuery": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", "title": "Expression", "type": "string" }, "Id": { "markdownDescription": "A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter.", "title": "Id", "type": "string" }, "Label": { "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.", "title": "Label", "type": "string" }, "MetricStat": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricStat", "markdownDescription": "Information about the metric data to return.\n\nConditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both.", "title": "MetricStat" }, "ReturnData": { "markdownDescription": "Indicates whether to return the timestamps and raw data values of this metric.\n\nIf you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification.\n\nIf you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ).", "title": "ReturnData", "type": "boolean" } }, "required": [ "Id" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.MetricDimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the dimension.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.MetricStat": { "additionalProperties": false, "properties": { "Metric": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.Metric", "markdownDescription": "The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", "title": "Metric" }, "Stat": { "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .\n\nThe most commonly used metrics for predictive scaling are `Average` and `Sum` .", "title": "Stat", "type": "string" }, "Unit": { "markdownDescription": "The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", "title": "Unit", "type": "string" } }, "required": [ "Metric", "Stat" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredefinedMetricSpecification": { "additionalProperties": false, "properties": { "PredefinedMetricType": { "markdownDescription": "The metric type. The following predefined metrics are available:\n\n- `ASGAverageCPUUtilization` - Average CPU utilization of the Auto Scaling group.\n- `ASGAverageNetworkIn` - Average number of bytes received on all network interfaces by the Auto Scaling group.\n- `ASGAverageNetworkOut` - Average number of bytes sent out on all network interfaces by the Auto Scaling group.\n- `ALBRequestCountPerTarget` - Average Application Load Balancer request count per target for your Auto Scaling group.", "title": "PredefinedMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedMetricType" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingConfiguration": { "additionalProperties": false, "properties": { "MaxCapacityBreachBehavior": { "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Defaults to `HonorMaxCapacity` if not specified.\n\nThe following are possible values:\n\n- `HonorMaxCapacity` - Amazon EC2 Auto Scaling can't increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity.\n- `IncreaseMaxCapacity` - Amazon EC2 Auto Scaling can increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity. The upper limit is determined by the forecasted capacity and the value for `MaxCapacityBuffer` .\n\n> Use caution when allowing the maximum capacity to be automatically increased. This can lead to more instances being launched than intended if the increased maximum capacity is not monitored and managed. The increased maximum capacity then becomes the new normal maximum capacity for the Auto Scaling group until you manually update it. The maximum capacity does not automatically decrease back to the original maximum.", "title": "MaxCapacityBreachBehavior", "type": "string" }, "MaxCapacityBuffer": { "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nIf set to 0, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity.\n\nRequired if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise.", "title": "MaxCapacityBuffer", "type": "number" }, "MetricSpecifications": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification" }, "markdownDescription": "This structure includes the metrics and target utilization to use for predictive scaling.\n\nThis is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric.", "title": "MetricSpecifications", "type": "array" }, "Mode": { "markdownDescription": "The predictive scaling mode. Defaults to `ForecastOnly` if not specified.", "title": "Mode", "type": "string" }, "SchedulingBufferTime": { "markdownDescription": "The amount of time, in seconds, by which the instance launch time can be advanced. For example, the forecast says to add capacity at 10:00 AM, and you choose to pre-launch instances by 5 minutes. In that case, the instances will be launched at 9:55 AM. The intention is to give resources time to be provisioned. It can take a few minutes to launch an EC2 instance. The actual amount of time required depends on several factors, such as the size of the instance and whether there are startup scripts to complete.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified.", "title": "SchedulingBufferTime", "type": "number" } }, "required": [ "MetricSpecifications" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric": { "additionalProperties": false, "properties": { "MetricDataQueries": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricDataQuery" }, "markdownDescription": "One or more metric data queries to provide the data points for a capacity metric. Use multiple metric data queries only if you are performing a math expression on returned data.", "title": "MetricDataQueries", "type": "array" } }, "required": [ "MetricDataQueries" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric": { "additionalProperties": false, "properties": { "MetricDataQueries": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricDataQuery" }, "markdownDescription": "One or more metric data queries to provide the data points for a load metric. Use multiple metric data queries only if you are performing a math expression on returned data.", "title": "MetricDataQueries", "type": "array" } }, "required": [ "MetricDataQueries" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric": { "additionalProperties": false, "properties": { "MetricDataQueries": { "items": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.MetricDataQuery" }, "markdownDescription": "One or more metric data queries to provide the data points for a scaling metric. Use multiple metric data queries only if you are performing a math expression on returned data.", "title": "MetricDataQueries", "type": "array" } }, "required": [ "MetricDataQueries" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingMetricSpecification": { "additionalProperties": false, "properties": { "CustomizedCapacityMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedCapacityMetric", "markdownDescription": "The customized capacity metric specification.", "title": "CustomizedCapacityMetricSpecification" }, "CustomizedLoadMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedLoadMetric", "markdownDescription": "The customized load metric specification.", "title": "CustomizedLoadMetricSpecification" }, "CustomizedScalingMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingCustomizedScalingMetric", "markdownDescription": "The customized scaling metric specification.", "title": "CustomizedScalingMetricSpecification" }, "PredefinedLoadMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric", "markdownDescription": "The predefined load metric specification.", "title": "PredefinedLoadMetricSpecification" }, "PredefinedMetricPairSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair", "markdownDescription": "The predefined metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use.", "title": "PredefinedMetricPairSpecification" }, "PredefinedScalingMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric", "markdownDescription": "The predefined scaling metric specification.", "title": "PredefinedScalingMetricSpecification" }, "TargetValue": { "markdownDescription": "Specifies the target utilization.\n\n> Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedLoadMetric": { "additionalProperties": false, "properties": { "PredefinedMetricType": { "markdownDescription": "The metric type.", "title": "PredefinedMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedMetricType" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedMetricPair": { "additionalProperties": false, "properties": { "PredefinedMetricType": { "markdownDescription": "Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization` , the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric.", "title": "PredefinedMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the total and average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedMetricType" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.PredictiveScalingPredefinedScalingMetric": { "additionalProperties": false, "properties": { "PredefinedMetricType": { "markdownDescription": "The metric type.", "title": "PredefinedMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:\n\n`app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` .\n\nWhere:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedMetricType" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.StepAdjustment": { "additionalProperties": false, "properties": { "MetricIntervalLowerBound": { "markdownDescription": "The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity.", "title": "MetricIntervalLowerBound", "type": "number" }, "MetricIntervalUpperBound": { "markdownDescription": "The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.\n\nThe upper bound must be greater than the lower bound.", "title": "MetricIntervalUpperBound", "type": "number" }, "ScalingAdjustment": { "markdownDescription": "The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a non-negative value.", "title": "ScalingAdjustment", "type": "number" } }, "required": [ "ScalingAdjustment" ], "type": "object" }, "AWS::AutoScaling::ScalingPolicy.TargetTrackingConfiguration": { "additionalProperties": false, "properties": { "CustomizedMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.CustomizedMetricSpecification", "markdownDescription": "A customized metric. You must specify either a predefined metric or a customized metric.", "title": "CustomizedMetricSpecification" }, "DisableScaleIn": { "markdownDescription": "Indicates whether scaling in by the target tracking scaling policy is disabled. If scaling in is disabled, the target tracking scaling policy doesn't remove instances from the Auto Scaling group. Otherwise, the target tracking scaling policy can remove instances from the Auto Scaling group. The default is `false` .", "title": "DisableScaleIn", "type": "boolean" }, "PredefinedMetricSpecification": { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy.PredefinedMetricSpecification", "markdownDescription": "A predefined metric. You must specify either a predefined metric or a customized metric.", "title": "PredefinedMetricSpecification" }, "TargetValue": { "markdownDescription": "The target value for the metric.\n\n> Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::AutoScaling::ScheduledAction": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingGroupName": { "markdownDescription": "The name of the Auto Scaling group.", "title": "AutoScalingGroupName", "type": "string" }, "DesiredCapacity": { "markdownDescription": "The desired capacity is the initial capacity of the Auto Scaling group after the scheduled action runs and the capacity it attempts to maintain. It can scale beyond this capacity if you add more scaling conditions.\n\n> You must specify at least one of the following properties: `MaxSize` , `MinSize` , or `DesiredCapacity` .", "title": "DesiredCapacity", "type": "number" }, "EndTime": { "markdownDescription": "The date and time for the recurring schedule to end, in UTC. For example, `\"2021-06-01T00:00:00Z\"` .", "title": "EndTime", "type": "string" }, "MaxSize": { "markdownDescription": "The maximum size of the Auto Scaling group.", "title": "MaxSize", "type": "number" }, "MinSize": { "markdownDescription": "The minimum size of the Auto Scaling group.", "title": "MinSize", "type": "number" }, "Recurrence": { "markdownDescription": "The recurring schedule for this action. This format consists of five fields separated by white spaces: [Minute] [Hour] [Day_of_Month] [Month_of_Year] [Day_of_Week]. The value must be in quotes (for example, `\"30 0 1 1,6,12 *\"` ). For more information about this format, see [Crontab](https://docs.aws.amazon.com/http://crontab.org) .\n\nWhen `StartTime` and `EndTime` are specified with `Recurrence` , they form the boundaries of when the recurring action starts and stops.\n\nCron expressions use Universal Coordinated Time (UTC) by default.", "title": "Recurrence", "type": "string" }, "StartTime": { "markdownDescription": "The date and time for this action to start, in YYYY-MM-DDThh:mm:ssZ format in UTC/GMT only and in quotes (for example, `\"2021-06-01T00:00:00Z\"` ).\n\nIf you specify `Recurrence` and `StartTime` , Amazon EC2 Auto Scaling performs the action at this time, and then performs the action based on the specified recurrence.", "title": "StartTime", "type": "string" }, "TimeZone": { "markdownDescription": "Specifies the time zone for a cron expression. If a time zone is not provided, UTC is used by default.\n\nValid values are the canonical names of the IANA time zones, derived from the IANA Time Zone Database (such as `Etc/GMT+9` or `Pacific/Tahiti` ). For more information, see [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) .", "title": "TimeZone", "type": "string" } }, "required": [ "AutoScalingGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::ScheduledAction" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::WarmPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingGroupName": { "markdownDescription": "The name of the Auto Scaling group.", "title": "AutoScalingGroupName", "type": "string" }, "InstanceReusePolicy": { "$ref": "#/definitions/AWS::AutoScaling::WarmPool.InstanceReusePolicy", "markdownDescription": "Indicates whether instances in the Auto Scaling group can be returned to the warm pool on scale in. The default is to terminate instances in the Auto Scaling group when the group scales in.", "title": "InstanceReusePolicy" }, "MaxGroupPreparedCapacity": { "markdownDescription": "Specifies the maximum number of instances that are allowed to be in the warm pool or in any state except `Terminated` for the Auto Scaling group. This is an optional property. Specify it only if you do not want the warm pool size to be determined by the difference between the group's maximum capacity and its desired capacity.\n\n> If a value for `MaxGroupPreparedCapacity` is not specified, Amazon EC2 Auto Scaling launches and maintains the difference between the group's maximum capacity and its desired capacity. If you specify a value for `MaxGroupPreparedCapacity` , Amazon EC2 Auto Scaling uses the difference between the `MaxGroupPreparedCapacity` and the desired capacity instead.\n> \n> The size of the warm pool is dynamic. Only when `MaxGroupPreparedCapacity` and `MinSize` are set to the same value does the warm pool have an absolute size. \n\nIf the desired capacity of the Auto Scaling group is higher than the `MaxGroupPreparedCapacity` , the capacity of the warm pool is 0, unless you specify a value for `MinSize` . To remove a value that you previously set, include the property but specify -1 for the value.", "title": "MaxGroupPreparedCapacity", "type": "number" }, "MinSize": { "markdownDescription": "Specifies the minimum number of instances to maintain in the warm pool. This helps you to ensure that there is always a certain number of warmed instances available to handle traffic spikes. Defaults to 0 if not specified.", "title": "MinSize", "type": "number" }, "PoolState": { "markdownDescription": "Sets the instance state to transition to after the lifecycle actions are complete. Default is `Stopped` .", "title": "PoolState", "type": "string" } }, "required": [ "AutoScalingGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScaling::WarmPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScaling::WarmPool.InstanceReusePolicy": { "additionalProperties": false, "properties": { "ReuseOnScaleIn": { "markdownDescription": "Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in.", "title": "ReuseOnScaleIn", "type": "boolean" } }, "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationSource": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.ApplicationSource", "markdownDescription": "A CloudFormation stack or a set of tags. You can create one scaling plan per application source. The `ApplicationSource` property must be present to ensure interoperability with the AWS Auto Scaling console.", "title": "ApplicationSource" }, "ScalingInstructions": { "items": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.ScalingInstruction" }, "markdownDescription": "The scaling instructions.", "title": "ScalingInstructions", "type": "array" } }, "required": [ "ApplicationSource", "ScalingInstructions" ], "type": "object" }, "Type": { "enum": [ "AWS::AutoScalingPlans::ScalingPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.ApplicationSource": { "additionalProperties": false, "properties": { "CloudFormationStackARN": { "markdownDescription": "The Amazon Resource Name (ARN) of a CloudFormation stack.\n\nYou must specify either a `CloudFormationStackARN` or `TagFilters` .", "title": "CloudFormationStackARN", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.TagFilter" }, "markdownDescription": "A set of tag filters (keys and values). Each tag filter specified must contain a key with values as optional. Each scaling plan can include up to 50 keys, and each key can include up to 20 values.\n\nTags are part of the syntax that you use to specify the resources you want returned when configuring a scaling plan from the AWS Auto Scaling console. You do not need to specify valid tag filter values when you create a scaling plan with CloudFormation. The `Key` and `Values` properties can accept any value as long as the combination of values is unique across scaling plans. However, if you also want to use the AWS Auto Scaling console to edit the scaling plan, then you must specify valid values.\n\nYou must specify either a `CloudFormationStackARN` or `TagFilters` .", "title": "TagFilters", "type": "array" } }, "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.CustomizedLoadMetricSpecification": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.MetricDimension" }, "markdownDescription": "The dimensions of the metric.\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your customized load metric specification.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, "Statistic": { "markdownDescription": "The statistic of the metric.\n\n*Allowed Values* : `Sum`", "title": "Statistic", "type": "string" }, "Unit": { "markdownDescription": "The unit of the metric.", "title": "Unit", "type": "string" } }, "required": [ "MetricName", "Namespace", "Statistic" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.CustomizedScalingMetricSpecification": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.MetricDimension" }, "markdownDescription": "The dimensions of the metric.\n\nConditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) .", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" }, "Statistic": { "markdownDescription": "The statistic of the metric.", "title": "Statistic", "type": "string" }, "Unit": { "markdownDescription": "The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* .", "title": "Unit", "type": "string" } }, "required": [ "MetricName", "Namespace", "Statistic" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.MetricDimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the dimension.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.PredefinedLoadMetricSpecification": { "additionalProperties": false, "properties": { "PredefinedLoadMetricType": { "markdownDescription": "The metric type.", "title": "PredefinedLoadMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is `ALBTargetGroupRequestCount` and there is a target group for an Application Load Balancer attached to the Auto Scaling group.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format is app///targetgroup//, where:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nThis is an example: app/EC2Co-EcsEl-1TKLTMITMM0EO/f37c06a68c1748aa/targetgroup/EC2Co-Defau-LDNM7Q3ZH1ZN/6d4ea56ca2d6a18d.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedLoadMetricType" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.PredefinedScalingMetricSpecification": { "additionalProperties": false, "properties": { "PredefinedScalingMetricType": { "markdownDescription": "The metric type. The `ALBRequestCountPerTarget` metric type applies only to Auto Scaling groups, Spot Fleet requests, and ECS services.", "title": "PredefinedScalingMetricType", "type": "string" }, "ResourceLabel": { "markdownDescription": "Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is `ALBRequestCountPerTarget` and there is a target group for an Application Load Balancer attached to the Auto Scaling group, Spot Fleet request, or ECS service.\n\nYou create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format is app///targetgroup//, where:\n\n- app// is the final portion of the load balancer ARN\n- targetgroup// is the final portion of the target group ARN.\n\nThis is an example: app/EC2Co-EcsEl-1TKLTMITMM0EO/f37c06a68c1748aa/targetgroup/EC2Co-Defau-LDNM7Q3ZH1ZN/6d4ea56ca2d6a18d.\n\nTo find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation.", "title": "ResourceLabel", "type": "string" } }, "required": [ "PredefinedScalingMetricType" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.ScalingInstruction": { "additionalProperties": false, "properties": { "CustomizedLoadMetricSpecification": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.CustomizedLoadMetricSpecification", "markdownDescription": "The customized load metric to use for predictive scaling. This property or a *PredefinedLoadMetricSpecification* is required when configuring predictive scaling, and cannot be used otherwise.", "title": "CustomizedLoadMetricSpecification" }, "DisableDynamicScaling": { "markdownDescription": "Controls whether dynamic scaling is disabled. When dynamic scaling is enabled, AWS Auto Scaling creates target tracking scaling policies based on the specified target tracking configurations.\n\nThe default is enabled ( `false` ).", "title": "DisableDynamicScaling", "type": "boolean" }, "MaxCapacity": { "markdownDescription": "The maximum capacity of the resource. The exception to this upper limit is if you specify a non-default setting for *PredictiveScalingMaxCapacityBehavior* .", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum capacity of the resource.", "title": "MinCapacity", "type": "number" }, "PredefinedLoadMetricSpecification": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.PredefinedLoadMetricSpecification", "markdownDescription": "The predefined load metric to use for predictive scaling. This property or a *CustomizedLoadMetricSpecification* is required when configuring predictive scaling, and cannot be used otherwise.", "title": "PredefinedLoadMetricSpecification" }, "PredictiveScalingMaxCapacityBehavior": { "markdownDescription": "Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity specified for the resource. The default value is `SetForecastCapacityToMaxCapacity` .\n\nThe following are possible values:\n\n- `SetForecastCapacityToMaxCapacity` - AWS Auto Scaling cannot scale resource capacity higher than the maximum capacity. The maximum capacity is enforced as a hard limit.\n- `SetMaxCapacityToForecastCapacity` - AWS Auto Scaling can scale resource capacity higher than the maximum capacity to equal but not exceed forecast capacity.\n- `SetMaxCapacityAboveForecastCapacity` - AWS Auto Scaling can scale resource capacity higher than the maximum capacity by a specified buffer value. The intention is to give the target tracking scaling policy extra capacity if unexpected traffic occurs.\n\nValid only when configuring predictive scaling.", "title": "PredictiveScalingMaxCapacityBehavior", "type": "string" }, "PredictiveScalingMaxCapacityBuffer": { "markdownDescription": "The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer. With a 10 percent buffer, if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55.\n\nValid only when configuring predictive scaling. Required if *PredictiveScalingMaxCapacityBehavior* is set to `SetMaxCapacityAboveForecastCapacity` , and cannot be used otherwise.\n\nThe range is 1-100.", "title": "PredictiveScalingMaxCapacityBuffer", "type": "number" }, "PredictiveScalingMode": { "markdownDescription": "The predictive scaling mode. The default value is `ForecastAndScale` . Otherwise, AWS Auto Scaling forecasts capacity but does not apply any scheduled scaling actions based on the capacity forecast.", "title": "PredictiveScalingMode", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the resource. This string consists of the resource type and unique identifier.\n\n- Auto Scaling group - The resource type is `autoScalingGroup` and the unique identifier is the name of the Auto Scaling group. Example: `autoScalingGroup/my-asg` .\n- ECS service - The resource type is `service` and the unique identifier is the cluster name and service name. Example: `service/default/sample-webapp` .\n- Spot Fleet request - The resource type is `spot-fleet-request` and the unique identifier is the Spot Fleet request ID. Example: `spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE` .\n- DynamoDB table - The resource type is `table` and the unique identifier is the resource ID. Example: `table/my-table` .\n- DynamoDB global secondary index - The resource type is `index` and the unique identifier is the resource ID. Example: `table/my-table/index/my-table-index` .\n- Aurora DB cluster - The resource type is `cluster` and the unique identifier is the cluster name. Example: `cluster:my-db-cluster` .", "title": "ResourceId", "type": "string" }, "ScalableDimension": { "markdownDescription": "The scalable dimension associated with the resource.\n\n- `autoscaling:autoScalingGroup:DesiredCapacity` - The desired capacity of an Auto Scaling group.\n- `ecs:service:DesiredCount` - The desired task count of an ECS service.\n- `ec2:spot-fleet-request:TargetCapacity` - The target capacity of a Spot Fleet request.\n- `dynamodb:table:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB table.\n- `dynamodb:table:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB table.\n- `dynamodb:index:ReadCapacityUnits` - The provisioned read capacity for a DynamoDB global secondary index.\n- `dynamodb:index:WriteCapacityUnits` - The provisioned write capacity for a DynamoDB global secondary index.\n- `rds:cluster:ReadReplicaCount` - The count of Aurora Replicas in an Aurora DB cluster. Available for Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.", "title": "ScalableDimension", "type": "string" }, "ScalingPolicyUpdateBehavior": { "markdownDescription": "Controls whether a resource's externally created scaling policies are deleted and new target tracking scaling policies created. The default value is `KeepExternalPolicies` .\n\nValid only when configuring dynamic scaling.", "title": "ScalingPolicyUpdateBehavior", "type": "string" }, "ScheduledActionBufferTime": { "markdownDescription": "The amount of time, in seconds, to buffer the run time of scheduled scaling actions when scaling out. For example, if the forecast says to add capacity at 10:00 AM, and the buffer time is 5 minutes, then the run time of the corresponding scheduled scaling action will be 9:55 AM. The intention is to give resources time to be provisioned. For example, it can take a few minutes to launch an EC2 instance. The actual amount of time required depends on several factors, such as the size of the instance and whether there are startup scripts to complete.\n\nThe value must be less than the forecast interval duration of 3600 seconds (60 minutes). The default is 300 seconds.\n\nValid only when configuring predictive scaling.", "title": "ScheduledActionBufferTime", "type": "number" }, "ServiceNamespace": { "markdownDescription": "The namespace of the AWS service.", "title": "ServiceNamespace", "type": "string" }, "TargetTrackingConfigurations": { "items": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.TargetTrackingConfiguration" }, "markdownDescription": "The target tracking configurations (up to 10). Each of these structures must specify a unique scaling metric and a target value for the metric.", "title": "TargetTrackingConfigurations", "type": "array" } }, "required": [ "MaxCapacity", "MinCapacity", "ResourceId", "ScalableDimension", "ServiceNamespace", "TargetTrackingConfigurations" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.TagFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The tag values (0 to 20).", "title": "Values", "type": "array" } }, "required": [ "Key" ], "type": "object" }, "AWS::AutoScalingPlans::ScalingPlan.TargetTrackingConfiguration": { "additionalProperties": false, "properties": { "CustomizedScalingMetricSpecification": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.CustomizedScalingMetricSpecification", "markdownDescription": "A customized metric. You can specify either a predefined metric or a customized metric.", "title": "CustomizedScalingMetricSpecification" }, "DisableScaleIn": { "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. If the value is `true` , scale in is disabled and the target tracking scaling policy doesn't remove capacity from the scalable resource. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable resource.\n\nThe default value is `false` .", "title": "DisableScaleIn", "type": "boolean" }, "EstimatedInstanceWarmup": { "markdownDescription": "The estimated time, in seconds, until a newly launched instance can contribute to the CloudWatch metrics. This value is used only if the resource is an Auto Scaling group.", "title": "EstimatedInstanceWarmup", "type": "number" }, "PredefinedScalingMetricSpecification": { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan.PredefinedScalingMetricSpecification", "markdownDescription": "A predefined metric. You can specify either a predefined metric or a customized metric.", "title": "PredefinedScalingMetricSpecification" }, "ScaleInCooldown": { "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale in activity can start. This value is not used if the scalable resource is an Auto Scaling group.", "title": "ScaleInCooldown", "type": "number" }, "ScaleOutCooldown": { "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start. This value is not used if the scalable resource is an Auto Scaling group.", "title": "ScaleOutCooldown", "type": "number" }, "TargetValue": { "markdownDescription": "The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::B2BI::Capability": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::B2BI::Capability.CapabilityConfiguration", "markdownDescription": "Specifies a structure that contains the details for a capability.", "title": "Configuration" }, "InstructionsDocuments": { "items": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location" }, "markdownDescription": "Specifies one or more locations in Amazon S3, each specifying an EDI document that can be used with this capability. Each item contains the name of the bucket and the key, to identify the document's location.", "title": "InstructionsDocuments", "type": "array" }, "Name": { "markdownDescription": "The display name of the capability.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the key-value pairs assigned to ARNs that you can use to group and search for resources by type. You can attach this metadata to resources (capabilities, partnerships, and so on) for any purpose.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "Returns the type of the capability. Currently, only `edi` is supported.", "title": "Type", "type": "string" } }, "required": [ "Configuration", "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::B2BI::Capability" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::B2BI::Capability.CapabilityConfiguration": { "additionalProperties": false, "properties": { "Edi": { "$ref": "#/definitions/AWS::B2BI::Capability.EdiConfiguration", "markdownDescription": "An EDI (electronic data interchange) configuration object.", "title": "Edi" } }, "required": [ "Edi" ], "type": "object" }, "AWS::B2BI::Capability.EdiConfiguration": { "additionalProperties": false, "properties": { "InputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the input file, which is contained in an `S3Location` object.", "title": "InputLocation" }, "OutputLocation": { "$ref": "#/definitions/AWS::B2BI::Capability.S3Location", "markdownDescription": "Contains the Amazon S3 bucket and prefix for the location of the output file, which is contained in an `S3Location` object.", "title": "OutputLocation" }, "TransformerId": { "markdownDescription": "Returns the system-assigned unique identifier for the transformer.", "title": "TransformerId", "type": "string" }, "Type": { "$ref": "#/definitions/AWS::B2BI::Capability.EdiType", "markdownDescription": "Returns the type of the capability. Currently, only `edi` is supported.", "title": "Type" } }, "required": [ "InputLocation", "OutputLocation", "TransformerId", "Type" ], "type": "object" }, "AWS::B2BI::Capability.EdiType": { "additionalProperties": false, "properties": { "X12Details": { "$ref": "#/definitions/AWS::B2BI::Capability.X12Details", "markdownDescription": "Returns the details for the EDI standard that is being used for the transformer. Currently, only X12 is supported. X12 is a set of standards and corresponding messages that define specific business documents.", "title": "X12Details" } }, "required": [ "X12Details" ], "type": "object" }, "AWS::B2BI::Capability.S3Location": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Specifies the name of the Amazon S3 bucket.", "title": "BucketName", "type": "string" }, "Key": { "markdownDescription": "Specifies the Amazon S3 key for the file location.", "title": "Key", "type": "string" } }, "type": "object" }, "AWS::B2BI::Capability.X12Details": { "additionalProperties": false, "properties": { "TransactionSet": { "markdownDescription": "Returns an enumerated type where each value identifies an X12 transaction set. Transaction sets are maintained by the X12 Accredited Standards Committee.", "title": "TransactionSet", "type": "string" }, "Version": { "markdownDescription": "Returns the version to use for the specified X12 transaction set.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::B2BI::Partnership": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Capabilities": { "items": { "type": "string" }, "markdownDescription": "Returns one or more capabilities associated with this partnership.", "title": "Capabilities", "type": "array" }, "Email": { "markdownDescription": "", "title": "Email", "type": "string" }, "Name": { "markdownDescription": "Returns the name of the partnership.", "title": "Name", "type": "string" }, "Phone": { "markdownDescription": "", "title": "Phone", "type": "string" }, "ProfileId": { "markdownDescription": "Returns the unique, system-generated identifier for the profile connected to this partnership.", "title": "ProfileId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A key-value pair for a specific partnership. Tags are metadata that you can use to search for and group capabilities for various purposes.", "title": "Tags", "type": "array" } }, "required": [ "Email", "Name", "ProfileId" ], "type": "object" }, "Type": { "enum": [ "AWS::B2BI::Partnership" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::B2BI::Profile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BusinessName": { "markdownDescription": "Returns the name for the business associated with this profile.", "title": "BusinessName", "type": "string" }, "Email": { "markdownDescription": "", "title": "Email", "type": "string" }, "Logging": { "markdownDescription": "Specifies whether or not logging is enabled for this profile.", "title": "Logging", "type": "string" }, "Name": { "markdownDescription": "Returns the display name for profile.", "title": "Name", "type": "string" }, "Phone": { "markdownDescription": "", "title": "Phone", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A key-value pair for a specific profile. Tags are metadata that you can use to search for and group capabilities for various purposes.", "title": "Tags", "type": "array" } }, "required": [ "BusinessName", "Logging", "Name", "Phone" ], "type": "object" }, "Type": { "enum": [ "AWS::B2BI::Profile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::B2BI::Transformer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EdiType": { "$ref": "#/definitions/AWS::B2BI::Transformer.EdiType", "markdownDescription": "Returns the details for the EDI standard that is being used for the transformer. Currently, only X12 is supported. X12 is a set of standards and corresponding messages that define specific business documents.", "title": "EdiType" }, "FileFormat": { "markdownDescription": "Returns that the currently supported file formats for EDI transformations are `JSON` and `XML` .", "title": "FileFormat", "type": "string" }, "MappingTemplate": { "markdownDescription": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data.", "title": "MappingTemplate", "type": "string" }, "Name": { "markdownDescription": "Returns the descriptive name for the transformer.", "title": "Name", "type": "string" }, "SampleDocument": { "markdownDescription": "Returns a sample EDI document that is used by a transformer as a guide for processing the EDI data.", "title": "SampleDocument", "type": "string" }, "Status": { "markdownDescription": "Returns the state of the newly created transformer. The transformer can be either `active` or `inactive` . For the transformer to be used in a capability, its status must `active` .", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A key-value pair for a specific transformer. Tags are metadata that you can use to search for and group capabilities for various purposes.", "title": "Tags", "type": "array" } }, "required": [ "EdiType", "FileFormat", "MappingTemplate", "Name", "Status" ], "type": "object" }, "Type": { "enum": [ "AWS::B2BI::Transformer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::B2BI::Transformer.EdiType": { "additionalProperties": false, "properties": { "X12Details": { "$ref": "#/definitions/AWS::B2BI::Transformer.X12Details", "markdownDescription": "Returns the details for the EDI standard that is being used for the transformer. Currently, only X12 is supported. X12 is a set of standards and corresponding messages that define specific business documents.", "title": "X12Details" } }, "required": [ "X12Details" ], "type": "object" }, "AWS::B2BI::Transformer.X12Details": { "additionalProperties": false, "properties": { "TransactionSet": { "markdownDescription": "Returns an enumerated type where each value identifies an X12 transaction set. Transaction sets are maintained by the X12 Accredited Standards Committee.", "title": "TransactionSet", "type": "string" }, "Version": { "markdownDescription": "Returns the version to use for the specified X12 transaction set.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::BCMDataExports::Export": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Export": { "$ref": "#/definitions/AWS::BCMDataExports::Export.Export", "markdownDescription": "The details that are available for an export.", "title": "Export" }, "Tags": { "items": { "$ref": "#/definitions/AWS::BCMDataExports::Export.ResourceTag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Export" ], "type": "object" }, "Type": { "enum": [ "AWS::BCMDataExports::Export" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::BCMDataExports::Export.DataQuery": { "additionalProperties": false, "properties": { "QueryStatement": { "markdownDescription": "The query statement.", "title": "QueryStatement", "type": "string" }, "TableConfigurations": { "markdownDescription": "The table configuration.", "title": "TableConfigurations", "type": "object" } }, "required": [ "QueryStatement" ], "type": "object" }, "AWS::BCMDataExports::Export.DestinationConfigurations": { "additionalProperties": false, "properties": { "S3Destination": { "$ref": "#/definitions/AWS::BCMDataExports::Export.S3Destination", "markdownDescription": "An object that describes the destination of the data exports file.", "title": "S3Destination" } }, "required": [ "S3Destination" ], "type": "object" }, "AWS::BCMDataExports::Export.Export": { "additionalProperties": false, "properties": { "DataQuery": { "$ref": "#/definitions/AWS::BCMDataExports::Export.DataQuery", "markdownDescription": "The data query for this specific data export.", "title": "DataQuery" }, "Description": { "markdownDescription": "The description for this specific data export.", "title": "Description", "type": "string" }, "DestinationConfigurations": { "$ref": "#/definitions/AWS::BCMDataExports::Export.DestinationConfigurations", "markdownDescription": "The destination configuration for this specific data export.", "title": "DestinationConfigurations" }, "ExportArn": { "markdownDescription": "The Amazon Resource Name (ARN) for this export.", "title": "ExportArn", "type": "string" }, "Name": { "markdownDescription": "The name of this specific data export.", "title": "Name", "type": "string" }, "RefreshCadence": { "$ref": "#/definitions/AWS::BCMDataExports::Export.RefreshCadence", "markdownDescription": "The cadence for AWS to update the export in your S3 bucket.", "title": "RefreshCadence" } }, "required": [ "DataQuery", "DestinationConfigurations", "Name", "RefreshCadence" ], "type": "object" }, "AWS::BCMDataExports::Export.RefreshCadence": { "additionalProperties": false, "properties": { "Frequency": { "markdownDescription": "The frequency that data exports are updated. The export refreshes each time the source data updates, up to three times daily.", "title": "Frequency", "type": "string" } }, "required": [ "Frequency" ], "type": "object" }, "AWS::BCMDataExports::Export.ResourceTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key that's associated with the tag.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value that's associated with the tag.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::BCMDataExports::Export.S3Destination": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The name of the Amazon S3 bucket used as the destination of a data export file.", "title": "S3Bucket", "type": "string" }, "S3OutputConfigurations": { "$ref": "#/definitions/AWS::BCMDataExports::Export.S3OutputConfigurations", "markdownDescription": "The output configuration for the data export.", "title": "S3OutputConfigurations" }, "S3Prefix": { "markdownDescription": "The S3 path prefix you want prepended to the name of your data export.", "title": "S3Prefix", "type": "string" }, "S3Region": { "markdownDescription": "The S3 bucket Region.", "title": "S3Region", "type": "string" } }, "required": [ "S3Bucket", "S3OutputConfigurations", "S3Prefix", "S3Region" ], "type": "object" }, "AWS::BCMDataExports::Export.S3OutputConfigurations": { "additionalProperties": false, "properties": { "Compression": { "markdownDescription": "The compression type for the data export.", "title": "Compression", "type": "string" }, "Format": { "markdownDescription": "The file format for the data export.", "title": "Format", "type": "string" }, "OutputType": { "markdownDescription": "The output type for the data export.", "title": "OutputType", "type": "string" }, "Overwrite": { "markdownDescription": "The rule to follow when generating a version of the data export file. You have the choice to overwrite the previous version or to be delivered in addition to the previous versions. Overwriting exports can save on Amazon S3 storage costs. Creating new export versions allows you to track the changes in cost and usage data over time.", "title": "Overwrite", "type": "string" } }, "required": [ "Compression", "Format", "OutputType", "Overwrite" ], "type": "object" }, "AWS::Backup::BackupPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BackupPlan": { "$ref": "#/definitions/AWS::Backup::BackupPlan.BackupPlanResourceType", "markdownDescription": "Uniquely identifies the backup plan to be associated with the selection of resources.", "title": "BackupPlan" }, "BackupPlanTags": { "additionalProperties": true, "markdownDescription": "The tags to assign to the backup plan.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "BackupPlanTags", "type": "object" } }, "required": [ "BackupPlan" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::BackupPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::BackupPlan.AdvancedBackupSettingResourceType": { "additionalProperties": false, "properties": { "BackupOptions": { "markdownDescription": "The backup option for the resource. Each option is a key-value pair. This option is only available for Windows VSS backup jobs.\n\nValid values:\n\nSet to `\"WindowsVSS\":\"enabled\"` to enable the `WindowsVSS` backup option and create a Windows VSS backup.\n\nSet to `\"WindowsVSS\":\"disabled\"` to create a regular backup. The `WindowsVSS` option is not enabled by default.\n\nIf you specify an invalid option, you get an `InvalidParameterValueException` exception.\n\nFor more information about Windows VSS backups, see [Creating a VSS-Enabled Windows Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html) .", "title": "BackupOptions", "type": "object" }, "ResourceType": { "markdownDescription": "The name of a resource type. The only supported resource type is EC2.", "title": "ResourceType", "type": "string" } }, "required": [ "BackupOptions", "ResourceType" ], "type": "object" }, "AWS::Backup::BackupPlan.BackupPlanResourceType": { "additionalProperties": false, "properties": { "AdvancedBackupSettings": { "items": { "$ref": "#/definitions/AWS::Backup::BackupPlan.AdvancedBackupSettingResourceType" }, "markdownDescription": "A list of backup options for each resource type.", "title": "AdvancedBackupSettings", "type": "array" }, "BackupPlanName": { "markdownDescription": "The display name of a backup plan.", "title": "BackupPlanName", "type": "string" }, "BackupPlanRule": { "items": { "$ref": "#/definitions/AWS::Backup::BackupPlan.BackupRuleResourceType" }, "markdownDescription": "An array of `BackupRule` objects, each of which specifies a scheduled task that is used to back up a selection of resources.", "title": "BackupPlanRule", "type": "array" } }, "required": [ "BackupPlanName", "BackupPlanRule" ], "type": "object" }, "AWS::Backup::BackupPlan.BackupRuleResourceType": { "additionalProperties": false, "properties": { "CompletionWindowMinutes": { "markdownDescription": "A value in minutes after a backup job is successfully started before it must be completed or it is canceled by AWS Backup .", "title": "CompletionWindowMinutes", "type": "number" }, "CopyActions": { "items": { "$ref": "#/definitions/AWS::Backup::BackupPlan.CopyActionResourceType" }, "markdownDescription": "An array of CopyAction objects, which contains the details of the copy operation.", "title": "CopyActions", "type": "array" }, "EnableContinuousBackup": { "markdownDescription": "Enables continuous backup and point-in-time restores (PITR).", "title": "EnableContinuousBackup", "type": "boolean" }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define.", "title": "Lifecycle" }, "RecoveryPointTags": { "additionalProperties": true, "markdownDescription": "The tags to assign to the resources.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RecoveryPointTags", "type": "object" }, "RuleName": { "markdownDescription": "A display name for a backup rule.", "title": "RuleName", "type": "string" }, "ScheduleExpression": { "markdownDescription": "A CRON expression specifying when AWS Backup initiates a backup job.", "title": "ScheduleExpression", "type": "string" }, "ScheduleExpressionTimezone": { "markdownDescription": "This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone.", "title": "ScheduleExpressionTimezone", "type": "string" }, "StartWindowMinutes": { "markdownDescription": "An optional value that specifies a period of time in minutes after a backup is scheduled before a job is canceled if it doesn't start successfully.\n\nIf this value is included, it must be at least 60 minutes to avoid errors.", "title": "StartWindowMinutes", "type": "number" }, "TargetBackupVault": { "markdownDescription": "The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of letters, numbers, and hyphens.", "title": "TargetBackupVault", "type": "string" } }, "required": [ "RuleName", "TargetBackupVault" ], "type": "object" }, "AWS::Backup::BackupPlan.CopyActionResourceType": { "additionalProperties": false, "properties": { "DestinationBackupVaultArn": { "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. For example, `arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.`", "title": "DestinationBackupVaultArn", "type": "string" }, "Lifecycle": { "$ref": "#/definitions/AWS::Backup::BackupPlan.LifecycleResourceType", "markdownDescription": "Defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, AWS Backup applies the lifecycle policy of the source backup to the destination backup.\n\nBackups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.", "title": "Lifecycle" } }, "required": [ "DestinationBackupVaultArn" ], "type": "object" }, "AWS::Backup::BackupPlan.LifecycleResourceType": { "additionalProperties": false, "properties": { "DeleteAfterDays": { "markdownDescription": "Specifies the number of days after creation that a recovery point is deleted. Must be greater than `MoveToColdStorageAfterDays` .", "title": "DeleteAfterDays", "type": "number" }, "MoveToColdStorageAfterDays": { "markdownDescription": "Specifies the number of days after creation that a recovery point is moved to cold storage.", "title": "MoveToColdStorageAfterDays", "type": "number" }, "OptInToArchiveForSupportedResources": { "markdownDescription": "If the value is true, your backup plan transitions supported resources to archive (cold) storage tier in accordance with your lifecycle settings.", "title": "OptInToArchiveForSupportedResources", "type": "boolean" } }, "type": "object" }, "AWS::Backup::BackupSelection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BackupPlanId": { "markdownDescription": "Uniquely identifies a backup plan.", "title": "BackupPlanId", "type": "string" }, "BackupSelection": { "$ref": "#/definitions/AWS::Backup::BackupSelection.BackupSelectionResourceType", "markdownDescription": "Specifies the body of a request to assign a set of resources to a backup plan.\n\nIt includes an array of resources, an optional array of patterns to exclude resources, an optional role to provide access to the AWS service the resource belongs to, and an optional array of tags used to identify a set of resources.", "title": "BackupSelection" } }, "required": [ "BackupPlanId", "BackupSelection" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::BackupSelection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::BackupSelection.BackupSelectionResourceType": { "additionalProperties": false, "properties": { "Conditions": { "$ref": "#/definitions/AWS::Backup::BackupSelection.Conditions", "markdownDescription": "A list of conditions that you define to assign resources to your backup plans using tags. For example, `\"StringEquals\": { \"ConditionKey\": \"aws:ResourceTag/CreatedByCryo\", \"ConditionValue\": \"true\" },` . Condition operators are case sensitive.\n\n`Conditions` differs from `ListOfTags` as follows:\n\n- When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic).\n- `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` .", "title": "Conditions" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that AWS Backup uses to authenticate when backing up the target resource; for example, `arn:aws:iam::123456789012:role/S3Access` .", "title": "IamRoleArn", "type": "string" }, "ListOfTags": { "items": { "$ref": "#/definitions/AWS::Backup::BackupSelection.ConditionResourceType" }, "markdownDescription": "A list of conditions that you define to assign resources to your backup plans using tags. For example, `\"StringEquals\": { \"ConditionKey\": \"aws:ResourceTag/CreatedByCryo\", \"ConditionValue\": \"true\" },` . Condition operators are case sensitive.\n\n`ListOfTags` differs from `Conditions` as follows:\n\n- When you specify more than one condition, you assign all resources that match AT LEAST ONE condition (using OR logic).\n- `ListOfTags` only supports `StringEquals` . `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` .", "title": "ListOfTags", "type": "array" }, "NotResources": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Resource Names (ARNs) to exclude from a backup plan. The maximum number of ARNs is 500 without wildcards, or 30 ARNs with wildcards.\n\nIf you need to exclude many resources from a backup plan, consider a different resource selection strategy, such as assigning only one or a few resource types or refining your resource selection using tags.", "title": "NotResources", "type": "array" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "An array of strings that contain Amazon Resource Names (ARNs) of resources to assign to a backup plan.", "title": "Resources", "type": "array" }, "SelectionName": { "markdownDescription": "The display name of a resource selection document.", "title": "SelectionName", "type": "string" } }, "required": [ "IamRoleArn", "SelectionName" ], "type": "object" }, "AWS::Backup::BackupSelection.ConditionParameter": { "additionalProperties": false, "properties": { "ConditionKey": { "markdownDescription": "The key in a key-value pair. For example, in the tag `Department: Accounting` , `Department` is the key.", "title": "ConditionKey", "type": "string" }, "ConditionValue": { "markdownDescription": "The value in a key-value pair. For example, in the tag `Department: Accounting` , `Accounting` is the value.", "title": "ConditionValue", "type": "string" } }, "type": "object" }, "AWS::Backup::BackupSelection.ConditionResourceType": { "additionalProperties": false, "properties": { "ConditionKey": { "markdownDescription": "The key in a key-value pair. For example, in `\"Department\": \"accounting\"` , `\"Department\"` is the key.", "title": "ConditionKey", "type": "string" }, "ConditionType": { "markdownDescription": "An operation, such as `STRINGEQUALS` , that is applied to a key-value pair used to filter resources in a selection.", "title": "ConditionType", "type": "string" }, "ConditionValue": { "markdownDescription": "The value in a key-value pair. For example, in `\"Department\": \"accounting\"` , `\"accounting\"` is the value.", "title": "ConditionValue", "type": "string" } }, "required": [ "ConditionKey", "ConditionType", "ConditionValue" ], "type": "object" }, "AWS::Backup::BackupSelection.Conditions": { "additionalProperties": false, "properties": { "StringEquals": { "items": { "$ref": "#/definitions/AWS::Backup::BackupSelection.ConditionParameter" }, "markdownDescription": "Filters the values of your tagged resources for only those resources that you tagged with the same value. Also called \"exact matching.\"", "title": "StringEquals", "type": "array" }, "StringLike": { "items": { "$ref": "#/definitions/AWS::Backup::BackupSelection.ConditionParameter" }, "markdownDescription": "Filters the values of your tagged resources for matching tag values with the use of a wildcard character (*) anywhere in the string. For example, \"prod*\" or \"*rod*\" matches the tag value \"production\".", "title": "StringLike", "type": "array" }, "StringNotEquals": { "items": { "$ref": "#/definitions/AWS::Backup::BackupSelection.ConditionParameter" }, "markdownDescription": "Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. Also called \"negated matching.\"", "title": "StringNotEquals", "type": "array" }, "StringNotLike": { "items": { "$ref": "#/definitions/AWS::Backup::BackupSelection.ConditionParameter" }, "markdownDescription": "Filters the values of your tagged resources for non-matching tag values with the use of a wildcard character (*) anywhere in the string.", "title": "StringNotLike", "type": "array" } }, "type": "object" }, "AWS::Backup::BackupVault": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPolicy": { "markdownDescription": "A resource-based policy that is used to manage access permissions on the target backup vault.", "title": "AccessPolicy", "type": "object" }, "BackupVaultName": { "markdownDescription": "The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of lowercase letters, numbers, and hyphens.", "title": "BackupVaultName", "type": "string" }, "BackupVaultTags": { "additionalProperties": true, "markdownDescription": "The tags to assign to the backup vault.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "BackupVaultTags", "type": "object" }, "EncryptionKeyArn": { "markdownDescription": "A server-side encryption key you can specify to encrypt your backups from services that support full AWS Backup management; for example, `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` . If you specify a key, you must specify its ARN, not its alias. If you do not specify a key, AWS Backup creates a KMS key for you by default.\n\nTo learn which AWS Backup services support full AWS Backup management and how AWS Backup handles encryption for backups from services that do not yet support full AWS Backup , see [Encryption for backups in AWS Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/encryption.html)", "title": "EncryptionKeyArn", "type": "string" }, "LockConfiguration": { "$ref": "#/definitions/AWS::Backup::BackupVault.LockConfigurationType", "markdownDescription": "Configuration for [AWS Backup Vault Lock](https://docs.aws.amazon.com/aws-backup/latest/devguide/vault-lock.html) .", "title": "LockConfiguration" }, "Notifications": { "$ref": "#/definitions/AWS::Backup::BackupVault.NotificationObjectType", "markdownDescription": "The SNS event notifications for the specified backup vault.", "title": "Notifications" } }, "required": [ "BackupVaultName" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::BackupVault" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::BackupVault.LockConfigurationType": { "additionalProperties": false, "properties": { "ChangeableForDays": { "markdownDescription": "The AWS Backup Vault Lock configuration that specifies the number of days before the lock date. For example, setting `ChangeableForDays` to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC.\n\nAWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set `ChangeableForDays` to 3 or greater.\n\nBefore the lock date, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted.\n\nIf this parameter is not specified, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` at any time.", "title": "ChangeableForDays", "type": "number" }, "MaxRetentionDays": { "markdownDescription": "The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days).\n\nIf this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period.\n\nIf this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.", "title": "MaxRetentionDays", "type": "number" }, "MinRetentionDays": { "markdownDescription": "The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days).\n\nIf this parameter is not specified, Vault Lock will not enforce a minimum retention period.\n\nIf this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected.", "title": "MinRetentionDays", "type": "number" } }, "required": [ "MinRetentionDays" ], "type": "object" }, "AWS::Backup::BackupVault.NotificationObjectType": { "additionalProperties": false, "properties": { "BackupVaultEvents": { "items": { "type": "string" }, "markdownDescription": "An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see [BackupVaultEvents](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestSyntax) in the *AWS Backup API Guide* .", "title": "BackupVaultEvents", "type": "array" }, "SNSTopicArn": { "markdownDescription": "An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, `arn:aws:sns:us-west-2:111122223333:MyTopic` .", "title": "SNSTopicArn", "type": "string" } }, "required": [ "BackupVaultEvents", "SNSTopicArn" ], "type": "object" }, "AWS::Backup::Framework": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FrameworkControls": { "items": { "$ref": "#/definitions/AWS::Backup::Framework.FrameworkControl" }, "markdownDescription": "Contains detailed information about all of the controls of a framework. Each framework must contain at least one control.", "title": "FrameworkControls", "type": "array" }, "FrameworkDescription": { "markdownDescription": "An optional description of the framework with a maximum 1,024 characters.", "title": "FrameworkDescription", "type": "string" }, "FrameworkName": { "markdownDescription": "The unique name of a framework. This name is between 1 and 256 characters, starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).", "title": "FrameworkName", "type": "string" }, "FrameworkTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to your framework.", "title": "FrameworkTags", "type": "array" } }, "required": [ "FrameworkControls" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::Framework" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::Framework.ControlInputParameter": { "additionalProperties": false, "properties": { "ParameterName": { "markdownDescription": "The name of a parameter, for example, `BackupPlanFrequency` .", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "The value of parameter, for example, `hourly` .", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterName", "ParameterValue" ], "type": "object" }, "AWS::Backup::Framework.ControlScope": { "additionalProperties": false, "properties": { "ComplianceResourceIds": { "items": { "type": "string" }, "markdownDescription": "The ID of the only AWS resource that you want your control scope to contain.", "title": "ComplianceResourceIds", "type": "array" }, "ComplianceResourceTypes": { "items": { "type": "string" }, "markdownDescription": "Describes whether the control scope includes one or more types of resources, such as `EFS` or `RDS` .", "title": "ComplianceResourceTypes", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tag key-value pair applied to those AWS resources that you want to trigger an evaluation for a rule. A maximum of one key-value pair can be provided. The tag value is optional, but it cannot be an empty string if you are creating or editing a framework from the console (though the value can be an empty string when included in a CloudFormation template).\n\nThe structure to assign a tag is: `[{\"Key\":\"string\",\"Value\":\"string\"}]` .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::Backup::Framework.FrameworkControl": { "additionalProperties": false, "properties": { "ControlInputParameters": { "items": { "$ref": "#/definitions/AWS::Backup::Framework.ControlInputParameter" }, "markdownDescription": "The name/value pairs.", "title": "ControlInputParameters", "type": "array" }, "ControlName": { "markdownDescription": "The name of a control. This name is between 1 and 256 characters.", "title": "ControlName", "type": "string" }, "ControlScope": { "$ref": "#/definitions/AWS::Backup::Framework.ControlScope", "markdownDescription": "The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans.\n\nFor more information, see [`ControlScope` .](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_ControlScope.html)", "title": "ControlScope" } }, "required": [ "ControlName" ], "type": "object" }, "AWS::Backup::ReportPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ReportDeliveryChannel": { "$ref": "#/definitions/AWS::Backup::ReportPlan.ReportDeliveryChannel", "markdownDescription": "Contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports.", "title": "ReportDeliveryChannel" }, "ReportPlanDescription": { "markdownDescription": "An optional description of the report plan with a maximum 1,024 characters.", "title": "ReportPlanDescription", "type": "string" }, "ReportPlanName": { "markdownDescription": "The unique name of the report plan. This name is between 1 and 256 characters starting with a letter, and consisting of letters (a-z, A-Z), numbers (0-9), and underscores (_).", "title": "ReportPlanName", "type": "string" }, "ReportPlanTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to your report plan.", "title": "ReportPlanTags", "type": "array" }, "ReportSetting": { "$ref": "#/definitions/AWS::Backup::ReportPlan.ReportSetting", "markdownDescription": "Identifies the report template for the report. Reports are built using a report template. The report templates are:\n\n`RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`\n\nIf the report template is `RESOURCE_COMPLIANCE_REPORT` or `CONTROL_COMPLIANCE_REPORT` , this API resource also describes the report coverage by AWS Regions and frameworks.", "title": "ReportSetting" } }, "required": [ "ReportDeliveryChannel", "ReportSetting" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::ReportPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::ReportPlan.ReportDeliveryChannel": { "additionalProperties": false, "properties": { "Formats": { "items": { "type": "string" }, "markdownDescription": "The format of your reports: `CSV` , `JSON` , or both. If not specified, the default format is `CSV` .", "title": "Formats", "type": "array" }, "S3BucketName": { "markdownDescription": "The unique name of the S3 bucket that receives your reports.", "title": "S3BucketName", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "The prefix for where AWS Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/ `prefix` /Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix.", "title": "S3KeyPrefix", "type": "string" } }, "required": [ "S3BucketName" ], "type": "object" }, "AWS::Backup::ReportPlan.ReportSetting": { "additionalProperties": false, "properties": { "Accounts": { "items": { "type": "string" }, "markdownDescription": "These are the accounts to be included in the report.\n\nUse string value of `ROOT` to include all organizational units.", "title": "Accounts", "type": "array" }, "FrameworkArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the frameworks a report covers.", "title": "FrameworkArns", "type": "array" }, "OrganizationUnits": { "items": { "type": "string" }, "markdownDescription": "These are the Organizational Units to be included in the report.", "title": "OrganizationUnits", "type": "array" }, "Regions": { "items": { "type": "string" }, "markdownDescription": "These are the Regions to be included in the report.\n\nUse the wildcard as the string value to include all Regions.", "title": "Regions", "type": "array" }, "ReportTemplate": { "markdownDescription": "Identifies the report template for the report. Reports are built using a report template. The report templates are:\n\n`RESOURCE_COMPLIANCE_REPORT | CONTROL_COMPLIANCE_REPORT | BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT`", "title": "ReportTemplate", "type": "string" } }, "required": [ "ReportTemplate" ], "type": "object" }, "AWS::Backup::RestoreTestingPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RecoveryPointSelection": { "$ref": "#/definitions/AWS::Backup::RestoreTestingPlan.RestoreTestingRecoveryPointSelection", "markdownDescription": "The specified criteria to assign a set of resources, such as recovery point types or backup vaults.", "title": "RecoveryPointSelection" }, "RestoreTestingPlanName": { "markdownDescription": "The RestoreTestingPlanName is a unique string that is the name of the restore testing plan. This cannot be changed after creation, and it must consist of only alphanumeric characters and underscores.", "title": "RestoreTestingPlanName", "type": "string" }, "ScheduleExpression": { "markdownDescription": "A CRON expression in specified timezone when a restore testing plan is executed.", "title": "ScheduleExpression", "type": "string" }, "ScheduleExpressionTimezone": { "markdownDescription": "Optional. This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone.", "title": "ScheduleExpressionTimezone", "type": "string" }, "StartWindowHours": { "markdownDescription": "Defaults to 24 hours.\n\nA value in hours after a restore test is scheduled before a job will be canceled if it doesn't start successfully. This value is optional. If this value is included, this parameter has a maximum value of 168 hours (one week).", "title": "StartWindowHours", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional tags to include. A tag is a key-value pair you can use to manage, filter, and search for your resources. Allowed characters include UTF-8 letters,numbers, spaces, and the following characters: `+ - = . _ : /.`", "title": "Tags", "type": "array" } }, "required": [ "RecoveryPointSelection", "RestoreTestingPlanName", "ScheduleExpression" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::RestoreTestingPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::RestoreTestingPlan.RestoreTestingRecoveryPointSelection": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "Acceptable values include \"LATEST_WITHIN_WINDOW\" or \"RANDOM_WITHIN_WINDOW\"", "title": "Algorithm", "type": "string" }, "ExcludeVaults": { "items": { "type": "string" }, "markdownDescription": "Accepted values include specific ARNs or list of selectors. Defaults to empty list if not listed.", "title": "ExcludeVaults", "type": "array" }, "IncludeVaults": { "items": { "type": "string" }, "markdownDescription": "Accepted values include wildcard [\"*\"] or by specific ARNs or ARN wilcard replacement [\"arn:aws:backup:us-west-2:123456789012:backup-vault:asdf\", ...] [\"arn:aws:backup:*:*:backup-vault:asdf-*\", ...]", "title": "IncludeVaults", "type": "array" }, "RecoveryPointTypes": { "items": { "type": "string" }, "markdownDescription": "These are the types of recovery points.\n\nInclude `SNAPSHOT` to restore only snapshot recovery points; include `CONTINUOUS` to restore continuous recovery points (point in time restore / PITR); use both to restore either a snapshot or a continuous recovery point. The recovery point will be determined by the value for `Algorithm` .", "title": "RecoveryPointTypes", "type": "array" }, "SelectionWindowDays": { "markdownDescription": "Accepted values are integers from 1 to 365.", "title": "SelectionWindowDays", "type": "number" } }, "required": [ "Algorithm", "IncludeVaults", "RecoveryPointTypes" ], "type": "object" }, "AWS::Backup::RestoreTestingSelection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IamRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that AWS Backup uses to create the target resource; for example: `arn:aws:iam::123456789012:role/S3Access` .", "title": "IamRoleArn", "type": "string" }, "ProtectedResourceArns": { "items": { "type": "string" }, "markdownDescription": "You can include specific ARNs, such as `ProtectedResourceArns: [\"arn:aws:...\", \"arn:aws:...\"]` or you can include a wildcard: `ProtectedResourceArns: [\"*\"]` , but not both.", "title": "ProtectedResourceArns", "type": "array" }, "ProtectedResourceConditions": { "$ref": "#/definitions/AWS::Backup::RestoreTestingSelection.ProtectedResourceConditions", "markdownDescription": "In a resource testing selection, this parameter filters by specific conditions such as `StringEquals` or `StringNotEquals` .", "title": "ProtectedResourceConditions" }, "ProtectedResourceType": { "markdownDescription": "The type of AWS resource included in a resource testing selection; for example, an Amazon EBS volume or an Amazon RDS database.", "title": "ProtectedResourceType", "type": "string" }, "RestoreMetadataOverrides": { "additionalProperties": true, "markdownDescription": "You can override certain restore metadata keys by including the parameter `RestoreMetadataOverrides` in the body of `RestoreTestingSelection` . Key values are not case sensitive.\n\nSee the complete list of [restore testing inferred metadata](https://docs.aws.amazon.com/aws-backup/latest/devguide/restore-testing-inferred-metadata.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "RestoreMetadataOverrides", "type": "object" }, "RestoreTestingPlanName": { "markdownDescription": "Unique string that is the name of the restore testing plan.\n\nThe name cannot be changed after creation. The name must consist of only alphanumeric characters and underscores. Maximum length is 50.", "title": "RestoreTestingPlanName", "type": "string" }, "RestoreTestingSelectionName": { "markdownDescription": "The unique name of the restore testing selection that belongs to the related restore testing plan.", "title": "RestoreTestingSelectionName", "type": "string" }, "ValidationWindowHours": { "markdownDescription": "This is amount of hours (1 to 168) available to run a validation script on the data. The data will be deleted upon the completion of the validation script or the end of the specified retention period, whichever comes first.", "title": "ValidationWindowHours", "type": "number" } }, "required": [ "IamRoleArn", "ProtectedResourceType", "RestoreTestingPlanName", "RestoreTestingSelectionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Backup::RestoreTestingSelection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Backup::RestoreTestingSelection.KeyValue": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Backup::RestoreTestingSelection.ProtectedResourceConditions": { "additionalProperties": false, "properties": { "StringEquals": { "items": { "$ref": "#/definitions/AWS::Backup::RestoreTestingSelection.KeyValue" }, "markdownDescription": "Filters the values of your tagged resources for only those resources that you tagged with the same value. Also called \"exact matching.\"", "title": "StringEquals", "type": "array" }, "StringNotEquals": { "items": { "$ref": "#/definitions/AWS::Backup::RestoreTestingSelection.KeyValue" }, "markdownDescription": "Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. Also called \"negated matching.\"", "title": "StringNotEquals", "type": "array" } }, "type": "object" }, "AWS::BackupGateway::Hypervisor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Host": { "markdownDescription": "The server host of the hypervisor. This can be either an IP address or a fully-qualified domain name (FQDN).", "title": "Host", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service used to encrypt the hypervisor.", "title": "KmsKeyArn", "type": "string" }, "LogGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the group of gateways within the requested log.", "title": "LogGroupArn", "type": "string" }, "Name": { "markdownDescription": "The name of the hypervisor.", "title": "Name", "type": "string" }, "Password": { "markdownDescription": "The password for the hypervisor.", "title": "Password", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags of the hypervisor configuration to import.", "title": "Tags", "type": "array" }, "Username": { "markdownDescription": "The username for the hypervisor.", "title": "Username", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::BackupGateway::Hypervisor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Batch::ComputeEnvironment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComputeEnvironmentName": { "markdownDescription": "The name for your compute environment. It can be up to 128 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", "title": "ComputeEnvironmentName", "type": "string" }, "ComputeResources": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.ComputeResources", "markdownDescription": "The ComputeResources property type specifies details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the ** .", "title": "ComputeResources" }, "EksConfiguration": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.EksConfiguration", "markdownDescription": "The details for the Amazon EKS cluster that supports the compute environment.", "title": "EksConfiguration" }, "ReplaceComputeEnvironment": { "markdownDescription": "Specifies whether the compute environment is replaced if an update is made that requires replacing the instances in the compute environment. The default value is `true` . To enable more properties to be updated, set this property to `false` . When changing the value of this property to `false` , do not change any other properties at the same time. If other properties are changed at the same time, and the change needs to be rolled back but it can't, it's possible for the stack to go into the `UPDATE_ROLLBACK_FAILED` state. You can't update a stack that is in the `UPDATE_ROLLBACK_FAILED` state. However, if you can continue to roll it back, you can return the stack to its original settings and then try to update it again. For more information, see [Continue rolling back an update](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html) in the *AWS CloudFormation User Guide* .\n\nThe properties that can't be changed without replacing the compute environment are in the [`ComputeResources`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html) property type: [`AllocationStrategy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-allocationstrategy) , [`BidPercentage`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-bidpercentage) , [`Ec2Configuration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2configuration) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`Ec2KeyPair`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-ec2keypair) , [`ImageId`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-imageid) , [`InstanceRole`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancerole) , [`InstanceTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-instancetypes) , [`LaunchTemplate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-launchtemplate) , [`MaxvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-maxvcpus) , [`MinvCpus`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-minvcpus) , [`PlacementGroup`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-placementgroup) , [`SecurityGroupIds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-securitygroupids) , [`Subnets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-subnets) , [Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-tags) , [`Type`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-type) , and [`UpdateToLatestImageVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-computeenvironment-computeresources.html#cfn-batch-computeenvironment-computeresources-updatetolatestimageversion) .", "title": "ReplaceComputeEnvironment", "type": "boolean" }, "ServiceRole": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf. For more information, see [AWS Batch service IAM role](https://docs.aws.amazon.com/batch/latest/userguide/service_IAM_role.html) in the *AWS Batch User Guide* .\n\n> If your account already created the AWS Batch service-linked role, that role is used by default for your compute environment unless you specify a different role here. If the AWS Batch service-linked role doesn't exist in your account, and no role is specified here, the service attempts to create the AWS Batch service-linked role in your account. \n\nIf your specified role has a path other than `/` , then you must specify either the full role ARN (recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` , specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .\n\n> Depending on how you created your AWS Batch service role, its ARN might contain the `service-role` path prefix. When you only specify the name of the service role, AWS Batch assumes that your ARN doesn't use the `service-role` path prefix. Because of this, we recommend that you specify the full ARN of your service role when you create compute environments.", "title": "ServiceRole", "type": "string" }, "State": { "markdownDescription": "The state of the compute environment. If the state is `ENABLED` , then the compute environment accepts jobs from a queue and can scale out automatically based on queues.\n\nIf the state is `ENABLED` , then the AWS Batch scheduler can attempt to place jobs from an associated job queue on the compute resources within the environment. If the compute environment is managed, then it can scale its instances out or in automatically, based on the job queue demand.\n\nIf the state is `DISABLED` , then the AWS Batch scheduler doesn't attempt to place jobs within the environment. Jobs in a `STARTING` or `RUNNING` state continue to progress normally. Managed compute environments in the `DISABLED` state don't scale out.\n\n> Compute environments in a `DISABLED` state may continue to incur billing charges. To prevent additional charges, turn off and then delete the compute environment. For more information, see [State](https://docs.aws.amazon.com/batch/latest/userguide/compute_environment_parameters.html#compute_environment_state) in the *AWS Batch User Guide* . \n\nWhen an instance is idle, the instance scales down to the `minvCpus` value. However, the instance size doesn't change. For example, consider a `c5.8xlarge` instance with a `minvCpus` value of `4` and a `desiredvCpus` value of `36` . This instance doesn't scale down to a `c5.large` instance.", "title": "State", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags applied to the compute environment.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The type of the compute environment: `MANAGED` or `UNMANAGED` . For more information, see [Compute Environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* .", "title": "Type", "type": "string" }, "UnmanagedvCpus": { "markdownDescription": "The maximum number of vCPUs for an unmanaged compute environment. This parameter is only used for fair share scheduling to reserve vCPU capacity for new share identifiers. If this parameter isn't provided for a fair share job queue, no vCPU capacity is reserved.\n\n> This parameter is only supported when the `type` parameter is set to `UNMANAGED` .", "title": "UnmanagedvCpus", "type": "number" }, "UpdatePolicy": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.UpdatePolicy", "markdownDescription": "Specifies the infrastructure update policy for the compute environment. For more information about infrastructure updates, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .", "title": "UpdatePolicy" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Batch::ComputeEnvironment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Batch::ComputeEnvironment.ComputeResources": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "The allocation strategy to use for the compute resource if not enough instances of the best fitting instance type can be allocated. This might be because of availability of the instance type in the Region or [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) . For more information, see [Allocation strategies](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) in the *AWS Batch User Guide* .\n\nWhen updating a compute environment, changing the allocation strategy requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . `BEST_FIT` is not supported when updating a compute environment.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified. \n\n- **BEST_FIT (default)** - AWS Batch selects an instance type that best fits the needs of the jobs with a preference for the lowest-cost instance type. If additional instances of the selected instance type aren't available, AWS Batch waits for the additional instances to be available. If there aren't enough instances available, or if the user is reaching [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) then additional jobs aren't run until the currently running jobs have completed. This allocation strategy keeps costs lower but can limit scaling. If you are using Spot Fleets with `BEST_FIT` then the Spot Fleet IAM role must be specified.\n- **BEST_FIT_PROGRESSIVE** - AWS Batch will select additional instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types with a lower cost per unit vCPU. If additional instances of the previously selected instance types aren't available, AWS Batch will select new instance types.\n- **SPOT_CAPACITY_OPTIMIZED** - AWS Batch will select one or more instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types that are less likely to be interrupted. This allocation strategy is only available for Spot Instance compute resources.\n- **SPOT_PRICE_CAPACITY_OPTIMIZED** - The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price. This allocation strategy is only available for Spot Instance compute resources.\n\n> We recommend that you use `SPOT_PRICE_CAPACITY_OPTIMIZED` rather than `SPOT_CAPACITY_OPTIMIZED` in most instances.\n\nWith `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` , and `SPOT_PRICE_CAPACITY_OPTIMIZED` allocation strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to go above `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance.", "title": "AllocationStrategy", "type": "string" }, "BidPercentage": { "markdownDescription": "The maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your maximum percentage is 20%, the Spot price must be less than 20% of the current On-Demand price for that Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum percentage. For most use cases, we recommend leaving this field empty.\n\nWhen updating a compute environment, changing the bid percentage requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "BidPercentage", "type": "number" }, "DesiredvCpus": { "markdownDescription": "The desired number of vCPUS in the compute environment. AWS Batch modifies this value between the minimum and maximum values based on job queue demand.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > AWS Batch doesn't support changing the desired number of vCPUs of an existing compute environment. Don't specify this parameter for compute environments using Amazon EKS clusters. > When you update the `desiredvCpus` setting, the value must be between the `minvCpus` and `maxvCpus` values.\n> \n> Additionally, the updated `desiredvCpus` value must be greater than or equal to the current `desiredvCpus` value. For more information, see [Troubleshooting AWS Batch](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#error-desired-vcpus-update) in the *AWS Batch User Guide* .", "title": "DesiredvCpus", "type": "number" }, "Ec2Configuration": { "items": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject" }, "markdownDescription": "Provides information used to select Amazon Machine Images (AMIs) for Amazon EC2 instances in the compute environment. If `Ec2Configuration` isn't specified, the default is `ECS_AL2` .\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . To remove the Amazon EC2 configuration and any custom AMI ID specified in `imageIdOverride` , set this value to an empty string.\n\nOne or two values can be provided.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "Ec2Configuration", "type": "array" }, "Ec2KeyPair": { "markdownDescription": "The Amazon EC2 key pair that's used for instances launched in the compute environment. You can use this key pair to log in to your instances with SSH. To remove the Amazon EC2 key pair, set this value to an empty string.\n\nWhen updating a compute environment, changing the Amazon EC2 key pair requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "Ec2KeyPair", "type": "string" }, "ImageId": { "markdownDescription": "The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter is overridden by the `imageIdOverride` member of the `Ec2Configuration` structure. To remove the custom AMI ID and use the default AMI ID, set this value to an empty string.\n\nWhen updating a compute environment, changing the AMI ID requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ImageId", "type": "string" }, "InstanceRole": { "markdownDescription": "The Amazon ECS instance profile applied to Amazon EC2 instances in a compute environment. Required for Amazon EC2 instances. You can specify the short name or full Amazon Resource Name (ARN) of an instance profile. For example, `*ecsInstanceRole*` or `arn:aws:iam:: ** :instance-profile/ *ecsInstanceRole*` . For more information, see [Amazon ECS instance role](https://docs.aws.amazon.com/batch/latest/userguide/instance_IAM_role.html) in the *AWS Batch User Guide* .\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "InstanceRole", "type": "string" }, "InstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instances types that can be launched. You can specify instance families to launch any instance type within those families (for example, `c5` or `p3` ), or you can specify specific sizes within a family (such as `c5.8xlarge` ). You can also choose `optimal` to select instance types (from the C4, M4, and R4 instance families) that match the demand of your job queues.\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > When you create a compute environment, the instance types that you select for the compute environment must share the same architecture. For example, you can't mix x86 and ARM instances in the same compute environment. > Currently, `optimal` uses instance types from the C4, M4, and R4 instance families. In Regions that don't have instance types from those instance families, instance types from the C5, M5, and R5 instance families are used.", "title": "InstanceTypes", "type": "array" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment.LaunchTemplateSpecification", "markdownDescription": "The launch template to use for your compute resources. Any other compute resource parameters that you specify in a [CreateComputeEnvironment](https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateComputeEnvironment.html) API operation override the same parameters in the launch template. You must specify either the launch template ID or launch template name in the request, but not both. For more information, see [Launch Template Support](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) in the ** . Removing the launch template from a compute environment will not remove the AMI specified in the launch template. In order to update the AMI specified in a launch template, the `updateToLatestImageVersion` parameter must be set to `true` .\n\nWhen updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the ** .\n\n> This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.", "title": "LaunchTemplate" }, "MaxvCpus": { "markdownDescription": "The maximum number of Amazon EC2 vCPUs that an environment can reach.\n\n> With `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` and `SPOT_PRICE_CAPACITY_OPTIMIZED` (recommended) strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to exceed `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance.", "title": "MaxvCpus", "type": "number" }, "MinvCpus": { "markdownDescription": "The minimum number of vCPUs that an environment should maintain (even if the compute environment is `DISABLED` ).\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "MinvCpus", "type": "number" }, "PlacementGroup": { "markdownDescription": "The Amazon EC2 placement group to associate with your compute resources. If you intend to submit multi-node parallel jobs to your compute environment, you should consider creating a cluster placement group and associate it with your compute resources. This keeps your multi-node parallel job on a logical grouping of instances within a single Availability Zone with high network flow potential. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\nWhen updating a compute environment, changing the placement group requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "title": "PlacementGroup", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 security groups that are associated with instances launched in the compute environment. This parameter is required for Fargate compute resources, where it can contain up to 5 security groups. For Fargate compute resources, providing an empty list is handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the security groups from the compute resource.\n\nWhen updating a compute environment, changing the Amazon EC2 security groups requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .", "title": "SecurityGroupIds", "type": "array" }, "SpotIamFleetRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a `SPOT` compute environment. This role is required if the allocation strategy set to `BEST_FIT` or if the allocation strategy isn't specified. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > To tag your Spot Instances on creation, the Spot Fleet IAM role specified here must use the newer *AmazonEC2SpotFleetTaggingRole* managed policy. The previously recommended *AmazonEC2SpotFleetRole* managed policy doesn't have the required permissions to tag Spot Instances. For more information, see [Spot instances not tagged on creation](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#spot-instance-no-tag) in the *AWS Batch User Guide* .", "title": "SpotIamFleetRole", "type": "string" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The VPC subnets where the compute resources are launched. Fargate compute resources can contain up to 16 subnets. For Fargate compute resources, providing an empty list will be handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the VPC subnets from the compute resource. For more information, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nWhen updating a compute environment, changing the VPC subnets requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> AWS Batch on Amazon EC2 and AWS Batch on Amazon EKS support Local Zones. For more information, see [Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-local-zones) in the *Amazon EC2 User Guide for Linux Instances* , [Amazon EKS and AWS Local Zones](https://docs.aws.amazon.com/eks/latest/userguide/local-zones.html) in the *Amazon EKS User Guide* and [Amazon ECS clusters in Local Zones, Wavelength Zones, and AWS Outposts](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-regions-zones.html#clusters-local-zones) in the *Amazon ECS Developer Guide* .\n> \n> AWS Batch on Fargate doesn't currently support Local Zones.", "title": "Subnets", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "Key-value pair tags to be applied to Amazon EC2 resources that are launched in the compute environment. For AWS Batch , these take the form of `\"String1\": \"String2\"` , where `String1` is the tag key and `String2` is the tag value-for example, `{ \"Name\": \"Batch Instance - C4OnDemand\" }` . This is helpful for recognizing your Batch instances in the Amazon EC2 console. These tags aren't seen when using the AWS Batch `ListTagsForResource` API operation.\n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The type of compute environment: `EC2` , `SPOT` , `FARGATE` , or `FARGATE_SPOT` . For more information, see [Compute environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* .\n\nIf you choose `SPOT` , you must also specify an Amazon EC2 Spot Fleet role with the `spotIamFleetRole` parameter. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* .\n\nWhen updating compute environment, changing the type of a compute environment requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .\n\nWhen updating the type of a compute environment, changing between `EC2` and `SPOT` or between `FARGATE` and `FARGATE_SPOT` will initiate an infrastructure update, but if you switch between `EC2` and `FARGATE` , AWS CloudFormation will create a new compute environment.", "title": "Type", "type": "string" }, "UpdateToLatestImageVersion": { "markdownDescription": "Specifies whether the AMI ID is updated to the latest one that's supported by AWS Batch when the compute environment has an infrastructure update. The default value is `false` .\n\n> An AMI ID can either be specified in the `imageId` or `imageIdOverride` parameters or be determined by the launch template that's specified in the `launchTemplate` parameter. If an AMI ID is specified any of these ways, this parameter is ignored. For more information about to update AMI IDs during an infrastructure update, see [Updating the AMI ID](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html#updating-compute-environments-ami) in the *AWS Batch User Guide* . \n\nWhen updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* .", "title": "UpdateToLatestImageVersion", "type": "boolean" } }, "required": [ "MaxvCpus", "Subnets", "Type" ], "type": "object" }, "AWS::Batch::ComputeEnvironment.Ec2ConfigurationObject": { "additionalProperties": false, "properties": { "ImageIdOverride": { "markdownDescription": "The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` set in the `computeResource` object.\n\n> The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ImageIdOverride", "type": "string" }, "ImageKubernetesVersion": { "markdownDescription": "The Kubernetes version for the compute environment. If you don't specify a value, the latest version that AWS Batch supports is used.", "title": "ImageKubernetesVersion", "type": "string" }, "ImageType": { "markdownDescription": "The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources.\n\n- **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used.\n\n- **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families.\n- **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.\n- **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023.\n\n> Amazon Linux 2023 does not support `A1` instances.\n- **ECS_AL1** - [Amazon Linux](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#alami) . Amazon Linux has reached the end-of-life of standard support. For more information, see [Amazon Linux AMI](https://docs.aws.amazon.com/amazon-linux-ami/) .\n- **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used.\n\n- **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all non-GPU instance families.\n- **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for all GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types.", "title": "ImageType", "type": "string" } }, "required": [ "ImageType" ], "type": "object" }, "AWS::Batch::ComputeEnvironment.EksConfiguration": { "additionalProperties": false, "properties": { "EksClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EKS cluster. An example is `arn: *aws* :eks: *us-east-1* : *123456789012* :cluster/ *ClusterForBatch*` .", "title": "EksClusterArn", "type": "string" }, "KubernetesNamespace": { "markdownDescription": "The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace. The value can't left empty or null. It must be fewer than 64 characters long, can't be set to `default` , can't start with \" `kube-` ,\" and must match this regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` . For more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the Kubernetes documentation.", "title": "KubernetesNamespace", "type": "string" } }, "required": [ "EksClusterArn", "KubernetesNamespace" ], "type": "object" }, "AWS::Batch::ComputeEnvironment.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The version number of the launch template, `$Latest` , or `$Default` .\n\nIf the value is `$Latest` , the latest version of the launch template is used. If the value is `$Default` , the default version of the launch template is used.\n\n> If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Latest` or `$Default` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . \n\nDefault: `$Default` .", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::Batch::ComputeEnvironment.UpdatePolicy": { "additionalProperties": false, "properties": { "JobExecutionTimeoutMinutes": { "markdownDescription": "Specifies the job timeout (in minutes) when the compute environment infrastructure is updated. The default value is 30.", "title": "JobExecutionTimeoutMinutes", "type": "number" }, "TerminateJobsOnUpdate": { "markdownDescription": "Specifies whether jobs are automatically terminated when the computer environment infrastructure is updated. The default value is `false` .", "title": "TerminateJobsOnUpdate", "type": "boolean" } }, "type": "object" }, "AWS::Batch::JobDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "An object with properties specific to Amazon ECS-based jobs. When `containerProperties` is used in the job definition, it can't be used in addition to `eksProperties` , `ecsProperties` , or `nodeProperties` .", "title": "ContainerProperties" }, "EcsProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", "markdownDescription": "An object that contains the properties for the Amazon ECS resources of a job.When `ecsProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `eksProperties` , or `nodeProperties` .", "title": "EcsProperties" }, "EksProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksProperties", "markdownDescription": "An object with properties that are specific to Amazon EKS-based jobs. When `eksProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `nodeProperties` .", "title": "EksProperties" }, "JobDefinitionName": { "markdownDescription": "The name of the job definition.", "title": "JobDefinitionName", "type": "string" }, "NodeProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.NodeProperties", "markdownDescription": "An object with properties that are specific to multi-node parallel jobs. When `nodeProperties` is used in the job definition, it can't be used in addition to `containerProperties` , `ecsProperties` , or `eksProperties` .\n\n> If the job runs on Fargate resources, don't specify `nodeProperties` . Use `containerProperties` instead.", "title": "NodeProperties" }, "Parameters": { "markdownDescription": "Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a `SubmitJob` request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see [Job definition parameters](https://docs.aws.amazon.com/batch/latest/userguide/job_definition_parameters.html) in the *AWS Batch User Guide* .", "title": "Parameters", "type": "object" }, "PlatformCapabilities": { "items": { "type": "string" }, "markdownDescription": "The platform capabilities required by the job definition. If no value is specified, it defaults to `EC2` . Jobs run on Fargate resources specify `FARGATE` .", "title": "PlatformCapabilities", "type": "array" }, "PropagateTags": { "markdownDescription": "Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the tasks when the tasks are created. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the `FAILED` state.", "title": "PropagateTags", "type": "boolean" }, "RetryStrategy": { "$ref": "#/definitions/AWS::Batch::JobDefinition.RetryStrategy", "markdownDescription": "The retry strategy to use for failed jobs that are submitted with this job definition.", "title": "RetryStrategy" }, "SchedulingPriority": { "markdownDescription": "The scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority.", "title": "SchedulingPriority", "type": "number" }, "Tags": { "markdownDescription": "The tags that are applied to the job definition.", "title": "Tags", "type": "object" }, "Timeout": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Timeout", "markdownDescription": "The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, AWS Batch terminates your jobs if they aren't finished.", "title": "Timeout" }, "Type": { "markdownDescription": "The type of job definition. For more information about multi-node parallel jobs, see [Creating a multi-node parallel job definition](https://docs.aws.amazon.com/batch/latest/userguide/multi-node-job-def.html) in the *AWS Batch User Guide* .\n\n- If the value is `container` , then one of the following is required: `containerProperties` , `ecsProperties` , or `eksProperties` .\n- If the value is `multinode` , then `nodeProperties` is required.\n\n> If the job is run on Fargate resources, then `multinode` isn't supported.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Batch::JobDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Batch::JobDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { "AccessPointId": { "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", "title": "AccessPointId", "type": "string" }, "Iam": { "markdownDescription": "Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified.", "title": "Iam", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.ContainerProperties": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", "title": "Command", "type": "array" }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" }, "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", "title": "Environment", "type": "array" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", "title": "EphemeralStorage" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", "title": "ExecutionRoleArn", "type": "string" }, "FargatePlatformConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.FargatePlatformConfiguration", "markdownDescription": "The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.", "title": "FargatePlatformConfiguration" }, "Image": { "markdownDescription": "Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. \n\n- Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` .\n- Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ).\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", "title": "Image", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", "title": "InstanceType", "type": "string" }, "JobRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "JobRoleArn", "type": "string" }, "LinuxParameters": { "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", "markdownDescription": "Linux-specific modifications that are applied to the container, such as details for device mappings.", "title": "LinuxParameters" }, "LogConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LogConfiguration" }, "Memory": { "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.", "title": "Memory", "type": "number" }, "MountPoints": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" }, "markdownDescription": "The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "MountPoints", "type": "array" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.NetworkConfiguration", "markdownDescription": "The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.", "title": "NetworkConfiguration" }, "Privileged": { "markdownDescription": "When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.", "title": "Privileged", "type": "boolean" }, "ReadonlyRootFilesystem": { "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` .", "title": "ReadonlyRootFilesystem", "type": "boolean" }, "RepositoryCredentials": { "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", "markdownDescription": "The private repository authentication credentials to use.", "title": "RepositoryCredentials" }, "ResourceRequirements": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" }, "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", "title": "ResourceRequirements", "type": "array" }, "RuntimePlatform": { "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", "title": "RuntimePlatform" }, "Secrets": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" }, "markdownDescription": "The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", "title": "Secrets", "type": "array" }, "Ulimits": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" }, "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", "title": "Ulimits", "type": "array" }, "User": { "markdownDescription": "The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .", "title": "User", "type": "string" }, "Vcpus": { "markdownDescription": "This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.\n\nEach vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.", "title": "Vcpus", "type": "number" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" }, "markdownDescription": "A list of data volumes used in a job.", "title": "Volumes", "type": "array" } }, "required": [ "Image" ], "type": "object" }, "AWS::Batch::JobDefinition.Device": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The path inside the container that's used to expose the host device. By default, the `hostPath` value is used.", "title": "ContainerPath", "type": "string" }, "HostPath": { "markdownDescription": "The path for the device on the host container instance.", "title": "HostPath", "type": "string" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", "title": "Permissions", "type": "array" } }, "type": "object" }, "AWS::Batch::JobDefinition.EcsProperties": { "additionalProperties": false, "properties": { "TaskProperties": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsTaskProperties" }, "markdownDescription": "An object that contains the properties for the Amazon ECS task definition of a job.\n\n> This object is currently limited to one element.", "title": "TaskProperties", "type": "array" } }, "required": [ "TaskProperties" ], "type": "object" }, "AWS::Batch::JobDefinition.EcsTaskProperties": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerProperties" }, "markdownDescription": "This object is a list of containers.", "title": "Containers", "type": "array" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EphemeralStorage", "markdownDescription": "The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .", "title": "EphemeralStorage" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* .", "title": "ExecutionRoleArn", "type": "string" }, "IpcMode": { "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` .\n\nIf `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified `task` share the same IPC resources.\n\nIf `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance.\n\nIf no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference.", "title": "IpcMode", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.NetworkConfiguration", "markdownDescription": "The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.", "title": "NetworkConfiguration" }, "PidMode": { "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference.", "title": "PidMode", "type": "string" }, "PlatformVersion": { "markdownDescription": "The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn't specified, the `LATEST` platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "PlatformVersion", "type": "string" }, "RuntimePlatform": { "$ref": "#/definitions/AWS::Batch::JobDefinition.RuntimePlatform", "markdownDescription": "An object that represents the compute environment architecture for AWS Batch jobs on Fargate.", "title": "RuntimePlatform" }, "TaskRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) that's associated with the Amazon ECS task.\n\n> This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) .", "title": "TaskRoleArn", "type": "string" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Volumes" }, "markdownDescription": "A list of volumes that are associated with the job.", "title": "Volumes", "type": "array" } }, "type": "object" }, "AWS::Batch::JobDefinition.EfsVolumeConfiguration": { "additionalProperties": false, "properties": { "AuthorizationConfig": { "$ref": "#/definitions/AWS::Batch::JobDefinition.AuthorizationConfig", "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", "title": "AuthorizationConfig" }, "FileSystemId": { "markdownDescription": "The Amazon EFS file system ID to use.", "title": "FileSystemId", "type": "string" }, "RootDirectory": { "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point.", "title": "RootDirectory", "type": "string" }, "TransitEncryption": { "markdownDescription": "Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", "title": "TransitEncryption", "type": "string" }, "TransitEncryptionPort": { "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", "title": "TransitEncryptionPort", "type": "number" } }, "required": [ "FileSystemId" ], "type": "object" }, "AWS::Batch::JobDefinition.EksContainer": { "additionalProperties": false, "properties": { "Args": { "items": { "type": "string" }, "markdownDescription": "An array of arguments to the entrypoint. If this isn't specified, the `CMD` of the container image is used. This corresponds to the `args` member in the [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) portion of the [Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/) in Kubernetes. Environment variable references are expanded using the container's environment.\n\nIf the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to \" `$(NAME1)` \" and the `NAME1` environment variable doesn't exist, the command string will remain \" `$(NAME1)` .\" `$$` is replaced with `$` , and the resulting string isn't expanded. For example, `$$(VAR_NAME)` is passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) and [Define a command and arguments for a pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) in the *Kubernetes documentation* .", "title": "Args", "type": "array" }, "Command": { "items": { "type": "string" }, "markdownDescription": "The entrypoint for the container. This isn't run within a shell. If this isn't specified, the `ENTRYPOINT` of the container image is used. Environment variable references are expanded using the container's environment.\n\nIf the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to \" `$(NAME1)` \" and the `NAME1` environment variable doesn't exist, the command string will remain \" `$(NAME1)` .\" `$$` is replaced with `$` and the resulting string isn't expanded. For example, `$$(VAR_NAME)` will be passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. The entrypoint can't be updated. For more information, see [ENTRYPOINT](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint) in the *Dockerfile reference* and [Define a command and arguments for a container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) and [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) in the *Kubernetes documentation* .", "title": "Command", "type": "array" }, "Env": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainerEnvironmentVariable" }, "markdownDescription": "The environment variables to pass to a container.\n\n> Environment variables cannot start with \" `AWS_BATCH` \". This naming convention is reserved for variables that AWS Batch sets.", "title": "Env", "type": "array" }, "Image": { "markdownDescription": "The Docker image used to start the container.", "title": "Image", "type": "string" }, "ImagePullPolicy": { "markdownDescription": "The image pull policy for the container. Supported values are `Always` , `IfNotPresent` , and `Never` . This parameter defaults to `IfNotPresent` . However, if the `:latest` tag is specified, it defaults to `Always` . For more information, see [Updating images](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/containers/images/#updating-images) in the *Kubernetes documentation* .", "title": "ImagePullPolicy", "type": "string" }, "Name": { "markdownDescription": "The name of the container. If the name isn't specified, the default name \" `Default` \" is used. Each container in a pod must have a unique name.", "title": "Name", "type": "string" }, "Resources": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainerResourceRequirements", "markdownDescription": "The type and amount of resources to assign to a container. The supported resources include `memory` , `cpu` , and `nvidia.com/gpu` . For more information, see [Resource management for pods and containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) in the *Kubernetes documentation* .", "title": "Resources" }, "SecurityContext": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainerSecurityContext", "markdownDescription": "The security context for a job. For more information, see [Configure a security context for a pod or container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) in the *Kubernetes documentation* .", "title": "SecurityContext" }, "VolumeMounts": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainerVolumeMount" }, "markdownDescription": "The volume mounts for the container. AWS Batch supports `emptyDir` , `hostPath` , and `secret` volume types. For more information about volumes and volume mounts in Kubernetes, see [Volumes](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/) in the *Kubernetes documentation* .", "title": "VolumeMounts", "type": "array" } }, "required": [ "Image" ], "type": "object" }, "AWS::Batch::JobDefinition.EksContainerEnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the environment variable.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the environment variable.", "title": "Value", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Batch::JobDefinition.EksContainerResourceRequirements": { "additionalProperties": false, "properties": { "Limits": { "markdownDescription": "The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", "title": "Limits", "type": "object" }, "Requests": { "markdownDescription": "The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects.\n\n- **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a \"Mi\" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* .\n- **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` .\n- **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` .", "title": "Requests", "type": "object" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksContainerSecurityContext": { "additionalProperties": false, "properties": { "AllowPrivilegeEscalation": { "markdownDescription": "Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` .", "title": "AllowPrivilegeEscalation", "type": "boolean" }, "Privileged": { "markdownDescription": "When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* .", "title": "Privileged", "type": "boolean" }, "ReadOnlyRootFilesystem": { "markdownDescription": "When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* .", "title": "ReadOnlyRootFilesystem", "type": "boolean" }, "RunAsGroup": { "markdownDescription": "When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .", "title": "RunAsGroup", "type": "number" }, "RunAsNonRoot": { "markdownDescription": "When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .", "title": "RunAsNonRoot", "type": "boolean" }, "RunAsUser": { "markdownDescription": "When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .", "title": "RunAsUser", "type": "number" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksContainerVolumeMount": { "additionalProperties": false, "properties": { "MountPath": { "markdownDescription": "The path on the container where the volume is mounted.", "title": "MountPath", "type": "string" }, "Name": { "markdownDescription": "The name the volume mount. This must match the name of one of the volumes in the pod.", "title": "Name", "type": "string" }, "ReadOnly": { "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksEmptyDir": { "additionalProperties": false, "properties": { "Medium": { "markdownDescription": "The medium to store the volume. The default value is an empty string, which uses the storage of the node.\n\n- **\"\"** - *(Default)* Use the disk storage of the node.\n- **\"Memory\"** - Use the `tmpfs` volume that's backed by the RAM of the node. Contents of the volume are lost when the node reboots, and any storage on the volume counts against the container's memory limit.", "title": "Medium", "type": "string" }, "SizeLimit": { "markdownDescription": "The maximum size of the volume. By default, there's no maximum size defined.", "title": "SizeLimit", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksHostPath": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The path of the file or directory on the host to mount into containers on the pod.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksProperties": { "additionalProperties": false, "properties": { "PodProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.PodProperties", "markdownDescription": "The properties for the Kubernetes pod resources of a job.", "title": "PodProperties" } }, "type": "object" }, "AWS::Batch::JobDefinition.EksSecret": { "additionalProperties": false, "properties": { "Optional": { "markdownDescription": "Specifies whether the secret or the secret's keys must be defined.", "title": "Optional", "type": "boolean" }, "SecretName": { "markdownDescription": "The name of the secret. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* .", "title": "SecretName", "type": "string" } }, "required": [ "SecretName" ], "type": "object" }, "AWS::Batch::JobDefinition.EksVolume": { "additionalProperties": false, "properties": { "EmptyDir": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksEmptyDir", "markdownDescription": "Specifies the configuration of a Kubernetes `emptyDir` volume. For more information, see [emptyDir](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) in the *Kubernetes documentation* .", "title": "EmptyDir" }, "HostPath": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksHostPath", "markdownDescription": "Specifies the configuration of a Kubernetes `hostPath` volume. For more information, see [hostPath](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) in the *Kubernetes documentation* .", "title": "HostPath" }, "Name": { "markdownDescription": "The name of the volume. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* .", "title": "Name", "type": "string" }, "Secret": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksSecret", "markdownDescription": "Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* .", "title": "Secret" } }, "required": [ "Name" ], "type": "object" }, "AWS::Batch::JobDefinition.Environment": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the environment variable.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the environment variable.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { "SizeInGiB": { "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", "title": "SizeInGiB", "type": "number" } }, "required": [ "SizeInGiB" ], "type": "object" }, "AWS::Batch::JobDefinition.EvaluateOnExit": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Specifies the action to take if all of the specified conditions ( `onStatusReason` , `onReason` , and `onExitCode` ) are met. The values aren't case sensitive.", "title": "Action", "type": "string" }, "OnExitCode": { "markdownDescription": "Contains a glob pattern to match against the decimal representation of the `ExitCode` returned for a job. The pattern can be up to 512 characters long. It can contain only numbers, and can end with an asterisk (*) so that only the start of the string needs to be an exact match.\n\nThe string can contain up to 512 characters.", "title": "OnExitCode", "type": "string" }, "OnReason": { "markdownDescription": "Contains a glob pattern to match against the `Reason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.", "title": "OnReason", "type": "string" }, "OnStatusReason": { "markdownDescription": "Contains a glob pattern to match against the `StatusReason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white spaces (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.", "title": "OnStatusReason", "type": "string" } }, "required": [ "Action" ], "type": "object" }, "AWS::Batch::JobDefinition.FargatePlatformConfiguration": { "additionalProperties": false, "properties": { "PlatformVersion": { "markdownDescription": "The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn't specified, the `LATEST` platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "PlatformVersion", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.ImagePullSecret": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Provides a unique identifier for the `ImagePullSecret` . This object is required when `EksPodProperties$imagePullSecrets` is used.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Batch::JobDefinition.LinuxParameters": { "additionalProperties": false, "properties": { "Devices": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Device" }, "markdownDescription": "Any of the host devices to expose to the container. This parameter maps to `Devices` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--device` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs.", "title": "Devices", "type": "array" }, "InitProcessEnabled": { "markdownDescription": "If true, run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", "title": "InitProcessEnabled", "type": "boolean" }, "MaxSwap": { "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter is translated to the `--memory-swap` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) where the value is the sum of the container memory plus the `maxSwap` value. For more information, see [`--memory-swap` details](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details) in the Docker documentation.\n\nIf a `maxSwap` value of `0` is specified, the container doesn't use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container doesn't use the swap configuration for the container instance that it's running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs.", "title": "MaxSwap", "type": "number" }, "SharedMemorySize": { "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs.", "title": "SharedMemorySize", "type": "number" }, "Swappiness": { "markdownDescription": "You can use this parameter to tune a container's memory swappiness behavior. A `swappiness` value of `0` causes swapping to not occur unless absolutely necessary. A `swappiness` value of `100` causes pages to be swapped aggressively. Valid values are whole numbers between `0` and `100` . If the `swappiness` parameter isn't specified, a default value of `60` is used. If a value isn't specified for `maxSwap` , then this parameter is ignored. If `maxSwap` is set to 0, the container doesn't use swap. This parameter maps to the `--memory-swappiness` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\nConsider the following when you use a per-container swap configuration.\n\n- Swap space must be enabled and allocated on the container instance for the containers to use.\n\n> By default, the Amazon ECS optimized AMIs don't have swap enabled. You must enable swap on the instance to use this feature. For more information, see [Instance store swap volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-store-swap-volumes.html) in the *Amazon EC2 User Guide for Linux Instances* or [How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/ec2-memory-swap-file/)\n- The swap space parameters are only supported for job definitions using EC2 resources.\n- If the `maxSwap` and `swappiness` parameters are omitted from a job definition, each container has a default `swappiness` value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs.", "title": "Swappiness", "type": "number" }, "Tmpfs": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Tmpfs" }, "markdownDescription": "The container path, mount options, and size (in MiB) of the `tmpfs` mount. This parameter maps to the `--tmpfs` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide this parameter for this resource type.", "title": "Tmpfs", "type": "array" } }, "type": "object" }, "AWS::Batch::JobDefinition.LogConfiguration": { "additionalProperties": false, "properties": { "LogDriver": { "markdownDescription": "The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.\n\nThe supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `logentries` , `syslog` , and `splunk` .\n\n> Jobs that are running on Fargate resources are restricted to the `awslogs` and `splunk` log drivers. \n\n- **awslogs** - Specifies the Amazon CloudWatch Logs logging driver. For more information, see [Using the awslogs log driver](https://docs.aws.amazon.com/batch/latest/userguide/using_awslogs.html) in the *AWS Batch User Guide* and [Amazon CloudWatch Logs logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/) in the Docker documentation.\n- **fluentd** - Specifies the Fluentd logging driver. For more information including usage and options, see [Fluentd logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/fluentd/) in the *Docker documentation* .\n- **gelf** - Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see [Graylog Extended Format logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/gelf/) in the *Docker documentation* .\n- **journald** - Specifies the journald logging driver. For more information including usage and options, see [Journald logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/journald/) in the *Docker documentation* .\n- **json-file** - Specifies the JSON file logging driver. For more information including usage and options, see [JSON File logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/json-file/) in the *Docker documentation* .\n- **splunk** - Specifies the Splunk logging driver. For more information including usage and options, see [Splunk logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/splunk/) in the *Docker documentation* .\n- **syslog** - Specifies the syslog logging driver. For more information including usage and options, see [Syslog logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/syslog/) in the *Docker documentation* .\n\n> If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", "title": "LogDriver", "type": "string" }, "Options": { "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep \"Server API version\"`", "title": "Options", "type": "object" }, "SecretOptions": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" }, "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* .", "title": "SecretOptions", "type": "array" } }, "required": [ "LogDriver" ], "type": "object" }, "AWS::Batch::JobDefinition.Metadata": { "additionalProperties": false, "properties": { "Labels": { "markdownDescription": "Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.", "title": "Labels", "type": "object" } }, "type": "object" }, "AWS::Batch::JobDefinition.MountPoints": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The path on the container where the host volume is mounted.", "title": "ContainerPath", "type": "string" }, "ReadOnly": { "markdownDescription": "If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" }, "SourceVolume": { "markdownDescription": "The name of the volume to mount.", "title": "SourceVolume", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.NetworkConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Indicates whether the job has a public IP address. For a job that's running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see [Amazon ECS task networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* . The default value is \" `DISABLED` \".", "title": "AssignPublicIp", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.NodeProperties": { "additionalProperties": false, "properties": { "MainNode": { "markdownDescription": "Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.", "title": "MainNode", "type": "number" }, "NodeRangeProperties": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.NodeRangeProperty" }, "markdownDescription": "A list of node ranges and their properties that are associated with a multi-node parallel job.", "title": "NodeRangeProperties", "type": "array" }, "NumNodes": { "markdownDescription": "The number of nodes that are associated with a multi-node parallel job.", "title": "NumNodes", "type": "number" } }, "required": [ "MainNode", "NodeRangeProperties", "NumNodes" ], "type": "object" }, "AWS::Batch::JobDefinition.NodeRangeProperty": { "additionalProperties": false, "properties": { "Container": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ContainerProperties", "markdownDescription": "The container details for the node range.", "title": "Container" }, "EcsProperties": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EcsProperties", "markdownDescription": "This is an object that represents the properties of the node range for a multi-node parallel job.", "title": "EcsProperties" }, "InstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types of the underlying host infrastructure of a multi-node parallel job.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources.\n> \n> In addition, this list object is currently limited to one element.", "title": "InstanceTypes", "type": "array" }, "TargetNodes": { "markdownDescription": "The range of nodes, using node index values. A range of `0:3` indicates nodes with index values of `0` through `3` . If the starting range value is omitted ( `:n` ), then `0` is used to start the range. If the ending range value is omitted ( `n:` ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes ( `0:n` ). You can nest node ranges (for example, `0:10` and `4:5` ). In this case, the `4:5` range properties override the `0:10` properties.", "title": "TargetNodes", "type": "string" } }, "required": [ "TargetNodes" ], "type": "object" }, "AWS::Batch::JobDefinition.PodProperties": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" }, "markdownDescription": "The properties of the container that's used on the Amazon EKS pod.", "title": "Containers", "type": "array" }, "DnsPolicy": { "markdownDescription": "The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* .\n\nValid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet`", "title": "DnsPolicy", "type": "string" }, "HostNetwork": { "markdownDescription": "Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* .", "title": "HostNetwork", "type": "boolean" }, "ImagePullSecrets": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ImagePullSecret" }, "markdownDescription": "", "title": "ImagePullSecrets", "type": "array" }, "InitContainers": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksContainer" }, "markdownDescription": "These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* .\n\n> This object is limited to 10 elements", "title": "InitContainers", "type": "array" }, "Metadata": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Metadata", "markdownDescription": "Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* .", "title": "Metadata" }, "ServiceAccountName": { "markdownDescription": "The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* .", "title": "ServiceAccountName", "type": "string" }, "ShareProcessNamespace": { "markdownDescription": "Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) .", "title": "ShareProcessNamespace", "type": "boolean" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EksVolume" }, "markdownDescription": "Specifies the volumes for a job definition that uses Amazon EKS resources.", "title": "Volumes", "type": "array" } }, "type": "object" }, "AWS::Batch::JobDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { "CredentialsParameter": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.", "title": "CredentialsParameter", "type": "string" } }, "required": [ "CredentialsParameter" ], "type": "object" }, "AWS::Batch::JobDefinition.ResourceRequirement": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, or 4\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.RetryStrategy": { "additionalProperties": false, "properties": { "Attempts": { "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. You can specify between 1 and 10 attempts. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", "title": "Attempts", "type": "number" }, "EvaluateOnExit": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EvaluateOnExit" }, "markdownDescription": "Array of up to 5 objects that specify the conditions where jobs are retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. If none of the listed conditions match, then the job is retried.", "title": "EvaluateOnExit", "type": "array" } }, "type": "object" }, "AWS::Batch::JobDefinition.RuntimePlatform": { "additionalProperties": false, "properties": { "CpuArchitecture": { "markdownDescription": "The vCPU architecture. The default value is `X86_64` . Valid values are `X86_64` and `ARM64` .\n\n> This parameter must be set to `X86_64` for Windows containers. > Fargate Spot is not supported for `ARM64` and Windows-based containers on Fargate. A job queue will be blocked if a Fargate `ARM64` or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue.", "title": "CpuArchitecture", "type": "string" }, "OperatingSystemFamily": { "markdownDescription": "The operating system for the compute environment. Valid values are: `LINUX` (default), `WINDOWS_SERVER_2019_CORE` , `WINDOWS_SERVER_2019_FULL` , `WINDOWS_SERVER_2022_CORE` , and `WINDOWS_SERVER_2022_FULL` .\n\n> The following parameters can\u2019t be set for Windows containers: `linuxParameters` , `privileged` , `user` , `ulimits` , `readonlyRootFilesystem` , and `efsVolumeConfiguration` . > The AWS Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is `LINUX` , the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. > Fargate Spot is not supported for `ARM64` and Windows-based containers on Fargate. A job queue will be blocked if a Fargate `ARM64` or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue.", "title": "OperatingSystemFamily", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.Secret": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the secret.", "title": "Name", "type": "string" }, "ValueFrom": { "markdownDescription": "The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.\n\n> If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", "title": "ValueFrom", "type": "string" } }, "required": [ "Name", "ValueFrom" ], "type": "object" }, "AWS::Batch::JobDefinition.TaskContainerDependency": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a zero status. This condition can't be set on an essential container.", "title": "Condition", "type": "string" }, "ContainerName": { "markdownDescription": "A unique identifier for the container.", "title": "ContainerName", "type": "string" } }, "required": [ "Condition", "ContainerName" ], "type": "object" }, "AWS::Batch::JobDefinition.TaskContainerProperties": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) .", "title": "Command", "type": "array" }, "DependsOn": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.TaskContainerDependency" }, "markdownDescription": "A list of containers that this container depends on.", "title": "DependsOn", "type": "array" }, "Environment": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Environment" }, "markdownDescription": "The environment variables to pass to a container. This parameter maps to Env inthe [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with `AWS_BATCH` . This naming convention is reserved for variables that AWS Batch sets.", "title": "Environment", "type": "array" }, "Essential": { "markdownDescription": "If the essential parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as false, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll jobs must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Essential", "type": "boolean" }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Image", "type": "string" }, "LinuxParameters": { "$ref": "#/definitions/AWS::Batch::JobDefinition.LinuxParameters", "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information, see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .", "title": "LinuxParameters" }, "LogConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.LogConfiguration", "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nBy default, containers use the same logging driver that the Docker daemon uses. However the container can use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the *Docker documentation* .\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the `LogConfiguration` data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LogConfiguration" }, "MountPoints": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.MountPoints" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", "type": "array" }, "Name": { "markdownDescription": "The name of a container. The name can be used as a unique identifier to target your `dependsOn` and `Overrides` objects.", "title": "Name", "type": "string" }, "Privileged": { "markdownDescription": "When this parameter is `true` , the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers or tasks run on Fargate.", "title": "Privileged", "type": "boolean" }, "ReadonlyRootFilesystem": { "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--read-only` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers.", "title": "ReadonlyRootFilesystem", "type": "boolean" }, "RepositoryCredentials": { "$ref": "#/definitions/AWS::Batch::JobDefinition.RepositoryCredentials", "markdownDescription": "The private repository authentication credentials to use.", "title": "RepositoryCredentials" }, "ResourceRequirements": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.ResourceRequirement" }, "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", "title": "ResourceRequirements", "type": "array" }, "Secrets": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Secret" }, "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the Amazon Elastic Container Service Developer Guide.", "title": "Secrets", "type": "array" }, "Ulimits": { "items": { "$ref": "#/definitions/AWS::Batch::JobDefinition.Ulimit" }, "markdownDescription": "A list of `ulimits` to set in the container. If a `ulimit` value is specified in a task definition, it overrides the default values set by Docker. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nAmazon ECS tasks hosted on Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which Fargate overrides. The `nofile` resource limit sets a restriction on the number of open files that a container can use. The default `nofile` soft limit is `1024` and the default hard limit is `65535` .\n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", "title": "Ulimits", "type": "array" }, "User": { "markdownDescription": "The user to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run.\n\n> When running tasks using the `host` network mode, don't run containers using the `root user (UID 0)` . We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gi`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", "title": "User", "type": "string" } }, "required": [ "Image" ], "type": "object" }, "AWS::Batch::JobDefinition.Timeout": { "additionalProperties": false, "properties": { "AttemptDurationSeconds": { "markdownDescription": "The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds.\n\nFor array jobs, the timeout applies to the child jobs, not to the parent array job.\n\nFor multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.", "title": "AttemptDurationSeconds", "type": "number" } }, "type": "object" }, "AWS::Batch::JobDefinition.Tmpfs": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The absolute file path in the container where the `tmpfs` volume is mounted.", "title": "ContainerPath", "type": "string" }, "MountOptions": { "items": { "type": "string" }, "markdownDescription": "The list of `tmpfs` volume mount options.\n\nValid values: \" `defaults` \" | \" `ro` \" | \" `rw` \" | \" `suid` \" | \" `nosuid` \" | \" `dev` \" | \" `nodev` \" | \" `exec` \" | \" `noexec` \" | \" `sync` \" | \" `async` \" | \" `dirsync` \" | \" `remount` \" | \" `mand` \" | \" `nomand` \" | \" `atime` \" | \" `noatime` \" | \" `diratime` \" | \" `nodiratime` \" | \" `bind` \" | \" `rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime` \" | \" `norelatime` \" | \" `strictatime` \" | \" `nostrictatime` \" | \" `mode` \" | \" `uid` \" | \" `gid` \" | \" `nr_inodes` \" | \" `nr_blocks` \" | \" `mpol` \"", "title": "MountOptions", "type": "array" }, "Size": { "markdownDescription": "The size (in MiB) of the `tmpfs` volume.", "title": "Size", "type": "number" } }, "required": [ "ContainerPath", "Size" ], "type": "object" }, "AWS::Batch::JobDefinition.Ulimit": { "additionalProperties": false, "properties": { "HardLimit": { "markdownDescription": "The hard limit for the `ulimit` type.", "title": "HardLimit", "type": "number" }, "Name": { "markdownDescription": "The `type` of the `ulimit` . Valid values are: `core` | `cpu` | `data` | `fsize` | `locks` | `memlock` | `msgqueue` | `nice` | `nofile` | `nproc` | `rss` | `rtprio` | `rttime` | `sigpending` | `stack` .", "title": "Name", "type": "string" }, "SoftLimit": { "markdownDescription": "The soft limit for the `ulimit` type.", "title": "SoftLimit", "type": "number" } }, "required": [ "HardLimit", "Name", "SoftLimit" ], "type": "object" }, "AWS::Batch::JobDefinition.Volumes": { "additionalProperties": false, "properties": { "EfsVolumeConfiguration": { "$ref": "#/definitions/AWS::Batch::JobDefinition.EfsVolumeConfiguration", "markdownDescription": "This is used when you're using an Amazon Elastic File System file system for job storage. For more information, see [Amazon EFS Volumes](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html) in the *AWS Batch User Guide* .", "title": "EfsVolumeConfiguration" }, "Host": { "$ref": "#/definitions/AWS::Batch::JobDefinition.VolumesHost", "markdownDescription": "The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\n> This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.", "title": "Host" }, "Name": { "markdownDescription": "The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` .", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::Batch::JobDefinition.VolumesHost": { "additionalProperties": false, "properties": { "SourcePath": { "markdownDescription": "The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\n> This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs.", "title": "SourcePath", "type": "string" } }, "type": "object" }, "AWS::Batch::JobQueue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComputeEnvironmentOrder": { "items": { "$ref": "#/definitions/AWS::Batch::JobQueue.ComputeEnvironmentOrder" }, "markdownDescription": "The set of compute environments mapped to a job queue and their order relative to each other. The job scheduler uses this parameter to determine which compute environment runs a specific job. Compute environments must be in the `VALID` state before you can associate them with a job queue. You can associate up to three compute environments with a job queue. All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed.\n\n> All compute environments that are associated with a job queue must share the same architecture. AWS Batch doesn't support mixing compute environment architecture types in a single job queue.", "title": "ComputeEnvironmentOrder", "type": "array" }, "JobQueueName": { "markdownDescription": "The name of the job queue. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", "title": "JobQueueName", "type": "string" }, "JobStateTimeLimitActions": { "items": { "$ref": "#/definitions/AWS::Batch::JobQueue.JobStateTimeLimitAction" }, "markdownDescription": "The set of actions that AWS Batch perform on jobs that remain at the head of the job queue in the specified state longer than specified times. AWS Batch will perform each action after `maxTimeSeconds` has passed.", "title": "JobStateTimeLimitActions", "type": "array" }, "Priority": { "markdownDescription": "The priority of the job queue. Job queues with a higher priority (or a higher integer value for the `priority` parameter) are evaluated first when associated with the same compute environment. Priority is determined in descending order. For example, a job queue with a priority value of `10` is given scheduling preference over a job queue with a priority value of `1` . All of the compute environments must be either EC2 ( `EC2` or `SPOT` ) or Fargate ( `FARGATE` or `FARGATE_SPOT` ); EC2 and Fargate compute environments can't be mixed.", "title": "Priority", "type": "number" }, "SchedulingPolicyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the scheduling policy. The format is `aws: *Partition* :batch: *Region* : *Account* :scheduling-policy/ *Name*` . For example, `aws:aws:batch:us-west-2:123456789012:scheduling-policy/MySchedulingPolicy` .", "title": "SchedulingPolicyArn", "type": "string" }, "State": { "markdownDescription": "The state of the job queue. If the job queue state is `ENABLED` , it is able to accept jobs. If the job queue state is `DISABLED` , new jobs can't be added to the queue, but jobs already in the queue can finish.", "title": "State", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags that are applied to the job queue. For more information, see [Tagging your AWS Batch resources](https://docs.aws.amazon.com/batch/latest/userguide/using-tags.html) in *AWS Batch User Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "ComputeEnvironmentOrder", "Priority" ], "type": "object" }, "Type": { "enum": [ "AWS::Batch::JobQueue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Batch::JobQueue.ComputeEnvironmentOrder": { "additionalProperties": false, "properties": { "ComputeEnvironment": { "markdownDescription": "The Amazon Resource Name (ARN) of the compute environment.", "title": "ComputeEnvironment", "type": "string" }, "Order": { "markdownDescription": "The order of the compute environment. Compute environments are tried in ascending order. For example, if two compute environments are associated with a job queue, the compute environment with a lower `order` integer value is tried for job placement first.", "title": "Order", "type": "number" } }, "required": [ "ComputeEnvironment", "Order" ], "type": "object" }, "AWS::Batch::JobQueue.JobStateTimeLimitAction": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to take when a job is at the head of the job queue in the specified state for the specified period of time. The only supported value is `CANCEL` , which will cancel the job.", "title": "Action", "type": "string" }, "MaxTimeSeconds": { "markdownDescription": "The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. The minimum value is 600 (10 minutes) and the maximum value is 86,400 (24 hours).", "title": "MaxTimeSeconds", "type": "number" }, "Reason": { "markdownDescription": "The reason to log for the action being taken.", "title": "Reason", "type": "string" }, "State": { "markdownDescription": "The state of the job needed to trigger the action. The only supported value is `RUNNABLE` .", "title": "State", "type": "string" } }, "required": [ "Action", "MaxTimeSeconds", "Reason", "State" ], "type": "object" }, "AWS::Batch::SchedulingPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FairsharePolicy": { "$ref": "#/definitions/AWS::Batch::SchedulingPolicy.FairsharePolicy", "markdownDescription": "The fair share policy of the scheduling policy.", "title": "FairsharePolicy" }, "Name": { "markdownDescription": "The name of the scheduling policy. It can be up to 128 letters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags that you apply to the scheduling policy to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in *AWS General Reference* .\n\nThese tags can be updated or removed using the [TagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_TagResource.html) and [UntagResource](https://docs.aws.amazon.com/batch/latest/APIReference/API_UntagResource.html) API operations.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::Batch::SchedulingPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Batch::SchedulingPolicy.FairsharePolicy": { "additionalProperties": false, "properties": { "ComputeReservation": { "markdownDescription": "A value used to reserve some of the available maximum vCPU for fair share identifiers that aren't already used.\n\nThe reserved ratio is `( *computeReservation* /100)^ *ActiveFairShares*` where `*ActiveFairShares*` is the number of active fair share identifiers.\n\nFor example, a `computeReservation` value of 50 indicates that AWS Batch reserves 50% of the maximum available vCPU if there's only one fair share identifier. It reserves 25% if there are two fair share identifiers. It reserves 12.5% if there are three fair share identifiers. A `computeReservation` value of 25 indicates that AWS Batch should reserve 25% of the maximum available vCPU if there's only one fair share identifier, 6.25% if there are two fair share identifiers, and 1.56% if there are three fair share identifiers.\n\nThe minimum value is 0 and the maximum value is 99.", "title": "ComputeReservation", "type": "number" }, "ShareDecaySeconds": { "markdownDescription": "The amount of time (in seconds) to use to calculate a fair share percentage for each fair share identifier in use. A value of zero (0) indicates that only current usage is measured. The decay allows for more recently run jobs to have more weight than jobs that ran earlier. The maximum supported value is 604800 (1 week).", "title": "ShareDecaySeconds", "type": "number" }, "ShareDistribution": { "items": { "$ref": "#/definitions/AWS::Batch::SchedulingPolicy.ShareAttributes" }, "markdownDescription": "An array of `SharedIdentifier` objects that contain the weights for the fair share identifiers for the fair share policy. Fair share identifiers that aren't included have a default weight of `1.0` .", "title": "ShareDistribution", "type": "array" } }, "type": "object" }, "AWS::Batch::SchedulingPolicy.ShareAttributes": { "additionalProperties": false, "properties": { "ShareIdentifier": { "markdownDescription": "A fair share identifier or fair share identifier prefix. If the string ends with an asterisk (*), this entry specifies the weight factor to use for fair share identifiers that start with that prefix. The list of fair share identifiers in a fair share policy can't overlap. For example, you can't have one that specifies a `shareIdentifier` of `UserA*` and another that specifies a `shareIdentifier` of `UserA-1` .\n\nThere can be no more than 500 fair share identifiers active in a job queue.\n\nThe string is limited to 255 alphanumeric characters, and can be followed by an asterisk (*).", "title": "ShareIdentifier", "type": "string" }, "WeightFactor": { "markdownDescription": "The weight factor for the fair share identifier. The default value is 1.0. A lower value has a higher priority for compute resources. For example, jobs that use a share identifier with a weight factor of 0.125 (1/8) get 8 times the compute resources of jobs that use a share identifier with a weight factor of 1.\n\nThe smallest supported value is 0.0001, and the largest supported value is 999.9999.", "title": "WeightFactor", "type": "number" } }, "type": "object" }, "AWS::Bedrock::Agent": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionGroups": { "items": { "$ref": "#/definitions/AWS::Bedrock::Agent.AgentActionGroup" }, "markdownDescription": "The action groups that belong to an agent.", "title": "ActionGroups", "type": "array" }, "AgentName": { "markdownDescription": "The name of the agent.", "title": "AgentName", "type": "string" }, "AgentResourceRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the agent.", "title": "AgentResourceRoleArn", "type": "string" }, "AutoPrepare": { "markdownDescription": "Specifies whether to automatically update the `DRAFT` version of the agent after making changes to the agent. The `DRAFT` version can be continually iterated upon during internal development. By default, this value is `false` .", "title": "AutoPrepare", "type": "boolean" }, "CustomerEncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that encrypts the agent.", "title": "CustomerEncryptionKeyArn", "type": "string" }, "Description": { "markdownDescription": "The description of the agent.", "title": "Description", "type": "string" }, "FoundationModel": { "markdownDescription": "The foundation model used for orchestration by the agent.", "title": "FoundationModel", "type": "string" }, "IdleSessionTTLInSeconds": { "markdownDescription": "The number of seconds for which Amazon Bedrock keeps information about a user's conversation with the agent.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Bedrock deletes any data provided before the timeout.", "title": "IdleSessionTTLInSeconds", "type": "number" }, "Instruction": { "markdownDescription": "Instructions that tell the agent what it should do and how it should interact with users.", "title": "Instruction", "type": "string" }, "KnowledgeBases": { "items": { "$ref": "#/definitions/AWS::Bedrock::Agent.AgentKnowledgeBase" }, "markdownDescription": "The knowledge bases associated with the agent.", "title": "KnowledgeBases", "type": "array" }, "PromptOverrideConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptOverrideConfiguration", "markdownDescription": "Contains configurations to override prompt templates in different parts of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", "title": "PromptOverrideConfiguration" }, "SkipResourceInUseCheckOnDelete": { "markdownDescription": "Specifies whether to delete the resource even if it's in use. By default, this value is `false` .", "title": "SkipResourceInUseCheckOnDelete", "type": "boolean" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TestAliasTags": { "additionalProperties": true, "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TestAliasTags", "type": "object" } }, "required": [ "AgentName" ], "type": "object" }, "Type": { "enum": [ "AWS::Bedrock::Agent" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Bedrock::Agent.APISchema": { "additionalProperties": false, "properties": { "Payload": { "markdownDescription": "The JSON or YAML-formatted payload defining the OpenAPI schema for the action group. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html) .", "title": "Payload", "type": "string" }, "S3": { "$ref": "#/definitions/AWS::Bedrock::Agent.S3Identifier", "markdownDescription": "Contains details about the S3 object containing the OpenAPI schema for the action group. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html) .", "title": "S3" } }, "type": "object" }, "AWS::Bedrock::Agent.ActionGroupExecutor": { "additionalProperties": false, "properties": { "Lambda": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action.", "title": "Lambda", "type": "string" } }, "required": [ "Lambda" ], "type": "object" }, "AWS::Bedrock::Agent.AgentActionGroup": { "additionalProperties": false, "properties": { "ActionGroupExecutor": { "$ref": "#/definitions/AWS::Bedrock::Agent.ActionGroupExecutor", "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action or the custom control method for handling the information elicited from the user.", "title": "ActionGroupExecutor" }, "ActionGroupName": { "markdownDescription": "The name of the action group.", "title": "ActionGroupName", "type": "string" }, "ActionGroupState": { "markdownDescription": "Specifies whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request.", "title": "ActionGroupState", "type": "string" }, "ApiSchema": { "$ref": "#/definitions/AWS::Bedrock::Agent.APISchema", "markdownDescription": "Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com/bedrock/latest/userguide/agents-api-schema.html) .", "title": "ApiSchema" }, "Description": { "markdownDescription": "The description of the action group.", "title": "Description", "type": "string" }, "ParentActionGroupSignature": { "markdownDescription": "If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group.\n\nDuring orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information.", "title": "ParentActionGroupSignature", "type": "string" }, "SkipResourceInUseCheckOnDelete": { "markdownDescription": "Specifies whether to delete the resource even if it's in use. By default, this value is `false` .", "title": "SkipResourceInUseCheckOnDelete", "type": "boolean" } }, "required": [ "ActionGroupName" ], "type": "object" }, "AWS::Bedrock::Agent.AgentKnowledgeBase": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the association between the agent and the knowledge base.", "title": "Description", "type": "string" }, "KnowledgeBaseId": { "markdownDescription": "The unique identifier of the association between the agent and the knowledge base.", "title": "KnowledgeBaseId", "type": "string" }, "KnowledgeBaseState": { "markdownDescription": "Specifies whether to use the knowledge base or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request.", "title": "KnowledgeBaseState", "type": "string" } }, "required": [ "Description", "KnowledgeBaseId" ], "type": "object" }, "AWS::Bedrock::Agent.InferenceConfiguration": { "additionalProperties": false, "properties": { "MaximumLength": { "markdownDescription": "The maximum number of tokens allowed in the generated response.", "title": "MaximumLength", "type": "number" }, "StopSequences": { "items": { "type": "string" }, "markdownDescription": "A list of stop sequences. A stop sequence is a sequence of characters that causes the model to stop generating the response.", "title": "StopSequences", "type": "array" }, "Temperature": { "markdownDescription": "The likelihood of the model selecting higher-probability options while generating a response. A lower value makes the model more likely to choose higher-probability options, while a higher value makes the model more likely to choose lower-probability options.\n\nThe default value is the default value for the model that you are using. For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", "title": "Temperature", "type": "number" }, "TopK": { "markdownDescription": "While generating a response, the model determines the probability of the following token at each point of generation. The value that you set for `topK` is the number of most-likely candidates from which the model chooses the next token in the sequence. For example, if you set `topK` to 50, the model selects the next token from among the top 50 most likely choices.", "title": "TopK", "type": "number" }, "TopP": { "markdownDescription": "The percentage of most-likely candidates that the model considers for the next token. For example, if you choose a value of 0.8 for `topP` , the model selects from the top 80% of the probability distribution of tokens that could be next in the sequence.\n\nThe default value is the default value for the model that you are using. For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", "title": "TopP", "type": "number" } }, "type": "object" }, "AWS::Bedrock::Agent.PromptConfiguration": { "additionalProperties": false, "properties": { "BasePromptTemplate": { "markdownDescription": "Defines the prompt template with which to replace the default prompt template. You can use placeholder variables in the base prompt template to customize the prompt. For more information, see [Prompt template placeholder variables](https://docs.aws.amazon.com/bedrock/latest/userguide/prompt-placeholders.html) . For more information, see [Configure the prompt templates](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts-configure.html) .", "title": "BasePromptTemplate", "type": "string" }, "InferenceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::Agent.InferenceConfiguration", "markdownDescription": "Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) .", "title": "InferenceConfiguration" }, "ParserMode": { "markdownDescription": "Specifies whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the `promptType` . If you set the field as `OVERRIDEN` , the `overrideLambda` field in the [PromptOverrideConfiguration](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptOverrideConfiguration.html) must be specified with the ARN of a Lambda function.", "title": "ParserMode", "type": "string" }, "PromptCreationMode": { "markdownDescription": "Specifies whether to override the default prompt template for this `promptType` . Set this value to `OVERRIDDEN` to use the prompt that you provide in the `basePromptTemplate` . If you leave it as `DEFAULT` , the agent uses a default prompt template.", "title": "PromptCreationMode", "type": "string" }, "PromptState": { "markdownDescription": "Specifies whether to allow the agent to carry out the step specified in the `promptType` . If you set this value to `DISABLED` , the agent skips that step. The default state for each `promptType` is as follows.\n\n- `PRE_PROCESSING` \u2013 `ENABLED`\n- `ORCHESTRATION` \u2013 `ENABLED`\n- `KNOWLEDGE_BASE_RESPONSE_GENERATION` \u2013 `ENABLED`\n- `POST_PROCESSING` \u2013 `DISABLED`", "title": "PromptState", "type": "string" }, "PromptType": { "markdownDescription": "The step in the agent sequence that this prompt configuration applies to.", "title": "PromptType", "type": "string" } }, "type": "object" }, "AWS::Bedrock::Agent.PromptOverrideConfiguration": { "additionalProperties": false, "properties": { "OverrideLambda": { "markdownDescription": "The ARN of the Lambda function to use when parsing the raw foundation model output in parts of the agent sequence. If you specify this field, at least one of the `promptConfigurations` must contain a `parserMode` value that is set to `OVERRIDDEN` . For more information, see [Parser Lambda function in Agents for Amazon Bedrock](https://docs.aws.amazon.com/bedrock/latest/userguide/lambda-parser.html) .", "title": "OverrideLambda", "type": "string" }, "PromptConfigurations": { "items": { "$ref": "#/definitions/AWS::Bedrock::Agent.PromptConfiguration" }, "markdownDescription": "Contains configurations to override a prompt template in one part of an agent sequence. For more information, see [Advanced prompts](https://docs.aws.amazon.com/bedrock/latest/userguide/advanced-prompts.html) .", "title": "PromptConfigurations", "type": "array" } }, "required": [ "PromptConfigurations" ], "type": "object" }, "AWS::Bedrock::Agent.S3Identifier": { "additionalProperties": false, "properties": { "S3BucketName": { "markdownDescription": "The name of the S3 bucket.", "title": "S3BucketName", "type": "string" }, "S3ObjectKey": { "markdownDescription": "The S3 object key for the S3 resource.", "title": "S3ObjectKey", "type": "string" } }, "type": "object" }, "AWS::Bedrock::AgentAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentAliasName": { "markdownDescription": "The name of the alias of the agent.", "title": "AgentAliasName", "type": "string" }, "AgentId": { "markdownDescription": "The unique identifier of the agent.", "title": "AgentId", "type": "string" }, "Description": { "markdownDescription": "The description of the alias of the agent.", "title": "Description", "type": "string" }, "RoutingConfiguration": { "items": { "$ref": "#/definitions/AWS::Bedrock::AgentAlias.AgentAliasRoutingConfigurationListItem" }, "markdownDescription": "Contains details about the routing configuration of the alias.", "title": "RoutingConfiguration", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "AgentAliasName", "AgentId" ], "type": "object" }, "Type": { "enum": [ "AWS::Bedrock::AgentAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Bedrock::AgentAlias.AgentAliasHistoryEvent": { "additionalProperties": false, "properties": { "EndDate": { "markdownDescription": "The date that the alias stopped being associated to the version in the `routingConfiguration` object", "title": "EndDate", "type": "string" }, "RoutingConfiguration": { "items": { "$ref": "#/definitions/AWS::Bedrock::AgentAlias.AgentAliasRoutingConfigurationListItem" }, "markdownDescription": "Contains details about the version of the agent with which the alias is associated.", "title": "RoutingConfiguration", "type": "array" }, "StartDate": { "markdownDescription": "The date that the alias began being associated to the version in the `routingConfiguration` object.", "title": "StartDate", "type": "string" } }, "type": "object" }, "AWS::Bedrock::AgentAlias.AgentAliasRoutingConfigurationListItem": { "additionalProperties": false, "properties": { "AgentVersion": { "markdownDescription": "The version of the agent with which the alias is associated.", "title": "AgentVersion", "type": "string" } }, "required": [ "AgentVersion" ], "type": "object" }, "AWS::Bedrock::DataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataSourceConfiguration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.DataSourceConfiguration", "markdownDescription": "The connection configuration for the data source.", "title": "DataSourceConfiguration" }, "Description": { "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, "KnowledgeBaseId": { "markdownDescription": "The unique identifier of the knowledge base to which the data source belongs.", "title": "KnowledgeBaseId", "type": "string" }, "Name": { "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, "ServerSideEncryptionConfiguration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration", "markdownDescription": "Contains details about the configuration of the server-side encryption.", "title": "ServerSideEncryptionConfiguration" }, "VectorIngestionConfiguration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.VectorIngestionConfiguration", "markdownDescription": "Contains details about how to ingest the documents in the data source.", "title": "VectorIngestionConfiguration" } }, "required": [ "DataSourceConfiguration", "KnowledgeBaseId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Bedrock::DataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Bedrock::DataSource.ChunkingConfiguration": { "additionalProperties": false, "properties": { "ChunkingStrategy": { "markdownDescription": "Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk.\n\n- `FIXED_SIZE` \u2013 Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` .\n- `HIERARCHICAL` \u2013 Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer.\n- `SEMANTIC` \u2013 Split documents into chunks based on groups of similar content derived with natural language processing.\n- `NONE` \u2013 Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files.", "title": "ChunkingStrategy", "type": "string" }, "FixedSizeChunkingConfiguration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration", "markdownDescription": "Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field.", "title": "FixedSizeChunkingConfiguration" } }, "required": [ "ChunkingStrategy" ], "type": "object" }, "AWS::Bedrock::DataSource.DataSourceConfiguration": { "additionalProperties": false, "properties": { "S3Configuration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.S3DataSourceConfiguration", "markdownDescription": "The configuration information to connect to Amazon S3 as your data source.", "title": "S3Configuration" }, "Type": { "markdownDescription": "The type of data source.", "title": "Type", "type": "string" } }, "required": [ "S3Configuration", "Type" ], "type": "object" }, "AWS::Bedrock::DataSource.FixedSizeChunkingConfiguration": { "additionalProperties": false, "properties": { "MaxTokens": { "markdownDescription": "The maximum number of tokens to include in a chunk.", "title": "MaxTokens", "type": "number" }, "OverlapPercentage": { "markdownDescription": "The percentage of overlap between adjacent chunks of a data source.", "title": "OverlapPercentage", "type": "number" } }, "required": [ "MaxTokens", "OverlapPercentage" ], "type": "object" }, "AWS::Bedrock::DataSource.S3DataSourceConfiguration": { "additionalProperties": false, "properties": { "BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket that contains your data.", "title": "BucketArn", "type": "string" }, "InclusionPrefixes": { "items": { "type": "string" }, "markdownDescription": "A list of S3 prefixes to include certain files or content. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) .", "title": "InclusionPrefixes", "type": "array" } }, "required": [ "BucketArn" ], "type": "object" }, "AWS::Bedrock::DataSource.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key used to encrypt the resource.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::Bedrock::DataSource.VectorIngestionConfiguration": { "additionalProperties": false, "properties": { "ChunkingConfiguration": { "$ref": "#/definitions/AWS::Bedrock::DataSource.ChunkingConfiguration", "markdownDescription": "Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried.", "title": "ChunkingConfiguration" } }, "type": "object" }, "AWS::Bedrock::Guardrail": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BlockedInputMessaging": { "markdownDescription": "The message to return when the guardrail blocks a prompt.", "title": "BlockedInputMessaging", "type": "string" }, "BlockedOutputsMessaging": { "markdownDescription": "The message to return when the guardrail blocks a model response.", "title": "BlockedOutputsMessaging", "type": "string" }, "ContentPolicyConfig": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentPolicyConfig", "markdownDescription": "The content filter policies to configure for the guardrail.", "title": "ContentPolicyConfig" }, "Description": { "markdownDescription": "A description of the guardrail.", "title": "Description", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The ARN of the AWS KMS key that you use to encrypt the guardrail.", "title": "KmsKeyArn", "type": "string" }, "Name": { "markdownDescription": "The name of the guardrail.", "title": "Name", "type": "string" }, "SensitiveInformationPolicyConfig": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig", "markdownDescription": "The sensitive information policy to configure for the guardrail.", "title": "SensitiveInformationPolicyConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that you want to attach to the guardrail.", "title": "Tags", "type": "array" }, "TopicPolicyConfig": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicPolicyConfig", "markdownDescription": "The topic policies to configure for the guardrail.", "title": "TopicPolicyConfig" }, "WordPolicyConfig": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordPolicyConfig", "markdownDescription": "The word policy you configure for the guardrail.", "title": "WordPolicyConfig" } }, "required": [ "BlockedInputMessaging", "BlockedOutputsMessaging", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Bedrock::Guardrail" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Bedrock::Guardrail.ContentFilterConfig": { "additionalProperties": false, "properties": { "InputStrength": { "markdownDescription": "The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", "title": "InputStrength", "type": "string" }, "OutputStrength": { "markdownDescription": "The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces.", "title": "OutputStrength", "type": "string" }, "Type": { "markdownDescription": "The harmful category that the content filter is applied to.", "title": "Type", "type": "string" } }, "required": [ "InputStrength", "OutputStrength", "Type" ], "type": "object" }, "AWS::Bedrock::Guardrail.ContentPolicyConfig": { "additionalProperties": false, "properties": { "FiltersConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.ContentFilterConfig" }, "markdownDescription": "Contains the type of the content filter and how strongly it should apply to prompts and model responses.", "title": "FiltersConfig", "type": "array" } }, "required": [ "FiltersConfig" ], "type": "object" }, "AWS::Bedrock::Guardrail.ManagedWordsConfig": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The managed word type to configure for the guardrail.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Bedrock::Guardrail.PiiEntityConfig": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Configure guardrail action when the PII entity is detected.", "title": "Action", "type": "string" }, "Type": { "markdownDescription": "Configure guardrail type when the PII entity is detected.\n\nThe following PIIs are used to block or mask sensitive information:\n\n- *General*\n\n- *ADDRESS*\n\nA physical address, such as \"100 Main Street, Anytown, USA\" or \"Suite #12, Building 123\". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood.\n- *AGE*\n\nAn individual's age, including the quantity and unit of time. For example, in the phrase \"I am 40 years old,\" Guarrails recognizes \"40 years\" as an age.\n- *NAME*\n\nAn individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the \"John Doe Organization\" as an organization, and it recognizes \"Jane Doe Street\" as an address.\n- *EMAIL*\n\nAn email address, such as *marymajor@email.com* .\n- *PHONE*\n\nA phone number. This entity type also includes fax and pager numbers.\n- *USERNAME*\n\nA user name that identifies an account, such as a login name, screen name, nick name, or handle.\n- *PASSWORD*\n\nAn alphanumeric string that is used as a password, such as \"* *very20special#pass** \".\n- *DRIVER_ID*\n\nThe number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters.\n- *LICENSE_PLATE*\n\nA license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country.\n- *VEHICLE_IDENTIFICATION_NUMBER*\n\nA Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs.\n- *Finance*\n\n- *REDIT_DEBIT_CARD_CVV*\n\nA three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code.\n- *CREDIT_DEBIT_CARD_EXPIRY*\n\nThe expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* .\n- *CREDIT_DEBIT_CARD_NUMBER*\n\nThe number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present.\n- *PIN*\n\nA four-digit personal identification number (PIN) with which you can access your bank account.\n- *INTERNATIONAL_BANK_ACCOUNT_NUMBER*\n\nAn International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) .\n- *SWIFT_CODE*\n\nA SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers.\n\nSWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office.\n- *IT*\n\n- *IP_ADDRESS*\n\nAn IPv4 address, such as *198.51.100.0* .\n- *MAC_ADDRESS*\n\nA *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC).\n- *URL*\n\nA web address, such as *www.example.com* .\n- *AWS_ACCESS_KEY*\n\nA unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *AWS_SECRET_KEY*\n\nA unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically.\n- *USA specific*\n\n- *US_BANK_ACCOUNT_NUMBER*\n\nA US bank account number, which is typically 10 to 12 digits long.\n- *US_BANK_ROUTING_NUMBER*\n\nA US bank account routing number. These are typically nine digits long,\n- *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER*\n\nA US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a \"9\" and contain a \"7\" or \"8\" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits.\n- *US_PASSPORT_NUMBER*\n\nA US passport number. Passport numbers range from six to nine alphanumeric characters.\n- *US_SOCIAL_SECURITY_NUMBER*\n\nA US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents.\n- *Canada specific*\n\n- *CA_HEALTH_NUMBER*\n\nA Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits.\n- *CA_SOCIAL_INSURANCE_NUMBER*\n\nA Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits.\n\nThe SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) .\n- *UK Specific*\n\n- *UK_NATIONAL_HEALTH_SERVICE_NUMBER*\n\nA UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum.\n- *UK_NATIONAL_INSURANCE_NUMBER*\n\nA UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system.\n\nThe number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits.\n- *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER*\n\nA UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business.\n- *Custom*\n\n- *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc..", "title": "Type", "type": "string" } }, "required": [ "Action", "Type" ], "type": "object" }, "AWS::Bedrock::Guardrail.RegexConfig": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The guardrail action to configure when matching regular expression is detected.", "title": "Action", "type": "string" }, "Description": { "markdownDescription": "The description of the regular expression to configure for the guardrail.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the regular expression to configure for the guardrail.", "title": "Name", "type": "string" }, "Pattern": { "markdownDescription": "The regular expression pattern to configure for the guardrail.", "title": "Pattern", "type": "string" } }, "required": [ "Action", "Name", "Pattern" ], "type": "object" }, "AWS::Bedrock::Guardrail.SensitiveInformationPolicyConfig": { "additionalProperties": false, "properties": { "PiiEntitiesConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.PiiEntityConfig" }, "markdownDescription": "A list of PII entities to configure to the guardrail.", "title": "PiiEntitiesConfig", "type": "array" }, "RegexesConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.RegexConfig" }, "markdownDescription": "A list of regular expressions to configure to the guardrail.", "title": "RegexesConfig", "type": "array" } }, "type": "object" }, "AWS::Bedrock::Guardrail.TopicConfig": { "additionalProperties": false, "properties": { "Definition": { "markdownDescription": "A definition of the topic to deny.", "title": "Definition", "type": "string" }, "Examples": { "items": { "type": "string" }, "markdownDescription": "A list of prompts, each of which is an example of a prompt that can be categorized as belonging to the topic.", "title": "Examples", "type": "array" }, "Name": { "markdownDescription": "The name of the topic to deny.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "Specifies to deny the topic.", "title": "Type", "type": "string" } }, "required": [ "Definition", "Name", "Type" ], "type": "object" }, "AWS::Bedrock::Guardrail.TopicPolicyConfig": { "additionalProperties": false, "properties": { "TopicsConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.TopicConfig" }, "markdownDescription": "A list of policies related to topics that the guardrail should deny.", "title": "TopicsConfig", "type": "array" } }, "required": [ "TopicsConfig" ], "type": "object" }, "AWS::Bedrock::Guardrail.WordConfig": { "additionalProperties": false, "properties": { "Text": { "markdownDescription": "Text of the word configured for the guardrail to block.", "title": "Text", "type": "string" } }, "required": [ "Text" ], "type": "object" }, "AWS::Bedrock::Guardrail.WordPolicyConfig": { "additionalProperties": false, "properties": { "ManagedWordListsConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.ManagedWordsConfig" }, "markdownDescription": "A list of managed words to configure for the guardrail.", "title": "ManagedWordListsConfig", "type": "array" }, "WordsConfig": { "items": { "$ref": "#/definitions/AWS::Bedrock::Guardrail.WordConfig" }, "markdownDescription": "A list of words to configure for the guardrail.", "title": "WordsConfig", "type": "array" } }, "type": "object" }, "AWS::Bedrock::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the knowledge base.", "title": "Description", "type": "string" }, "KnowledgeBaseConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration", "markdownDescription": "Contains details about the embeddings configuration of the knowledge base.", "title": "KnowledgeBaseConfiguration" }, "Name": { "markdownDescription": "The name of the knowledge base.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role with permissions to invoke API operations on the knowledge base.", "title": "RoleArn", "type": "string" }, "StorageConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.StorageConfiguration", "markdownDescription": "Contains details about the storage configuration of the knowledge base.", "title": "StorageConfiguration" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that you can assign to a resource as key-value pairs. For more information, see the following resources:\n\n- [Tag naming limits and requirements](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions)\n- [Tagging best practices](https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-best-practices)", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "KnowledgeBaseConfiguration", "Name", "RoleArn", "StorageConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::Bedrock::KnowledgeBase" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.KnowledgeBaseConfiguration": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of data that the data source is converted into for the knowledge base.", "title": "Type", "type": "string" }, "VectorKnowledgeBaseConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration", "markdownDescription": "Contains details about the embeddings model that'sused to convert the data source.", "title": "VectorKnowledgeBaseConfiguration" } }, "required": [ "Type", "VectorKnowledgeBaseConfiguration" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration": { "additionalProperties": false, "properties": { "CollectionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the OpenSearch Service vector store.", "title": "CollectionArn", "type": "string" }, "FieldMapping": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping", "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", "title": "FieldMapping" }, "VectorIndexName": { "markdownDescription": "The name of the vector store.", "title": "VectorIndexName", "type": "string" } }, "required": [ "CollectionArn", "FieldMapping", "VectorIndexName" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.OpenSearchServerlessFieldMapping": { "additionalProperties": false, "properties": { "MetadataField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", "title": "MetadataField", "type": "string" }, "TextField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", "title": "TextField", "type": "string" }, "VectorField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", "title": "VectorField", "type": "string" } }, "required": [ "MetadataField", "TextField", "VectorField" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.PineconeConfiguration": { "additionalProperties": false, "properties": { "ConnectionString": { "markdownDescription": "The endpoint URL for your index management page.", "title": "ConnectionString", "type": "string" }, "CredentialsSecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key.", "title": "CredentialsSecretArn", "type": "string" }, "FieldMapping": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeFieldMapping", "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", "title": "FieldMapping" }, "Namespace": { "markdownDescription": "The namespace to be used to write new data to your database.", "title": "Namespace", "type": "string" } }, "required": [ "ConnectionString", "CredentialsSecretArn", "FieldMapping" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.PineconeFieldMapping": { "additionalProperties": false, "properties": { "MetadataField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", "title": "MetadataField", "type": "string" }, "TextField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", "title": "TextField", "type": "string" } }, "required": [ "MetadataField", "TextField" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.RdsConfiguration": { "additionalProperties": false, "properties": { "CredentialsSecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database.", "title": "CredentialsSecretArn", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of your Amazon RDS database.", "title": "DatabaseName", "type": "string" }, "FieldMapping": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsFieldMapping", "markdownDescription": "Contains the names of the fields to which to map information about the vector store.", "title": "FieldMapping" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the vector store.", "title": "ResourceArn", "type": "string" }, "TableName": { "markdownDescription": "The name of the table in the database.", "title": "TableName", "type": "string" } }, "required": [ "CredentialsSecretArn", "DatabaseName", "FieldMapping", "ResourceArn", "TableName" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.RdsFieldMapping": { "additionalProperties": false, "properties": { "MetadataField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores metadata about the vector store.", "title": "MetadataField", "type": "string" }, "PrimaryKeyField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the ID for each entry.", "title": "PrimaryKeyField", "type": "string" }, "TextField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose.", "title": "TextField", "type": "string" }, "VectorField": { "markdownDescription": "The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources.", "title": "VectorField", "type": "string" } }, "required": [ "MetadataField", "PrimaryKeyField", "TextField", "VectorField" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.StorageConfiguration": { "additionalProperties": false, "properties": { "OpensearchServerlessConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.OpenSearchServerlessConfiguration", "markdownDescription": "Contains the storage configuration of the knowledge base in Amazon OpenSearch Service.", "title": "OpensearchServerlessConfiguration" }, "PineconeConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.PineconeConfiguration", "markdownDescription": "Contains the storage configuration of the knowledge base in Pinecone.", "title": "PineconeConfiguration" }, "RdsConfiguration": { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase.RdsConfiguration", "markdownDescription": "Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) .", "title": "RdsConfiguration" }, "Type": { "markdownDescription": "The vector store service in which the knowledge base is stored.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Bedrock::KnowledgeBase.VectorKnowledgeBaseConfiguration": { "additionalProperties": false, "properties": { "EmbeddingModelArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base.", "title": "EmbeddingModelArn", "type": "string" } }, "required": [ "EmbeddingModelArn" ], "type": "object" }, "AWS::BillingConductor::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountGrouping": { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.AccountGrouping", "markdownDescription": "The set of accounts that will be under the billing group. The set of accounts resemble the linked accounts in a consolidated billing family.", "title": "AccountGrouping" }, "ComputationPreference": { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup.ComputationPreference", "markdownDescription": "The preferences and settings that will be used to compute the AWS charges for a billing group.", "title": "ComputationPreference" }, "Description": { "markdownDescription": "The description of the billing group.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The billing group's name.", "title": "Name", "type": "string" }, "PrimaryAccountId": { "markdownDescription": "The account ID that serves as the main account in a billing group.", "title": "PrimaryAccountId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values that are attached to a billing group.", "title": "Tags", "type": "array" } }, "required": [ "AccountGrouping", "ComputationPreference", "Name", "PrimaryAccountId" ], "type": "object" }, "Type": { "enum": [ "AWS::BillingConductor::BillingGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::BillingConductor::BillingGroup.AccountGrouping": { "additionalProperties": false, "properties": { "AutoAssociate": { "markdownDescription": "Specifies if this billing group will automatically associate newly added AWS accounts that join your consolidated billing family.", "title": "AutoAssociate", "type": "boolean" }, "LinkedAccountIds": { "items": { "type": "string" }, "markdownDescription": "The account IDs that make up the billing group. Account IDs must be a part of the consolidated billing family, and not associated with another billing group.", "title": "LinkedAccountIds", "type": "array" } }, "required": [ "LinkedAccountIds" ], "type": "object" }, "AWS::BillingConductor::BillingGroup.ComputationPreference": { "additionalProperties": false, "properties": { "PricingPlanArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the pricing plan used to compute the AWS charges for a billing group.", "title": "PricingPlanArn", "type": "string" } }, "required": [ "PricingPlanArn" ], "type": "object" }, "AWS::BillingConductor::CustomLineItem": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The AWS account in which this custom line item will be applied to.", "title": "AccountId", "type": "string" }, "BillingGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) that references the billing group where the custom line item applies to.", "title": "BillingGroupArn", "type": "string" }, "BillingPeriodRange": { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.BillingPeriodRange", "markdownDescription": "A time range for which the custom line item is effective.", "title": "BillingPeriodRange" }, "CustomLineItemChargeDetails": { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails", "markdownDescription": "The charge details of a custom line item. It should contain only one of `Flat` or `Percentage` .", "title": "CustomLineItemChargeDetails" }, "Description": { "markdownDescription": "The custom line item's description. This is shown on the Bills page in association with the charge value.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The custom line item's name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values that are attached to a custom line item.", "title": "Tags", "type": "array" } }, "required": [ "BillingGroupArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::BillingConductor::CustomLineItem" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::BillingConductor::CustomLineItem.BillingPeriodRange": { "additionalProperties": false, "properties": { "ExclusiveEndBillingPeriod": { "markdownDescription": "The exclusive end billing period that defines a billing period range where a custom line is applied.", "title": "ExclusiveEndBillingPeriod", "type": "string" }, "InclusiveStartBillingPeriod": { "markdownDescription": "The inclusive start billing period that defines a billing period range where a custom line is applied.", "title": "InclusiveStartBillingPeriod", "type": "string" } }, "type": "object" }, "AWS::BillingConductor::CustomLineItem.CustomLineItemChargeDetails": { "additionalProperties": false, "properties": { "Flat": { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails", "markdownDescription": "A `CustomLineItemFlatChargeDetails` that describes the charge details of a flat custom line item.", "title": "Flat" }, "LineItemFilters": { "items": { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.LineItemFilter" }, "markdownDescription": "A representation of the line item filter.", "title": "LineItemFilters", "type": "array" }, "Percentage": { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails", "markdownDescription": "A `CustomLineItemPercentageChargeDetails` that describes the charge details of a percentage custom line item.", "title": "Percentage" }, "Type": { "markdownDescription": "The type of the custom line item that indicates whether the charge is a fee or credit.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::BillingConductor::CustomLineItem.CustomLineItemFlatChargeDetails": { "additionalProperties": false, "properties": { "ChargeValue": { "markdownDescription": "The custom line item's fixed charge value in USD.", "title": "ChargeValue", "type": "number" } }, "required": [ "ChargeValue" ], "type": "object" }, "AWS::BillingConductor::CustomLineItem.CustomLineItemPercentageChargeDetails": { "additionalProperties": false, "properties": { "ChildAssociatedResources": { "items": { "type": "string" }, "markdownDescription": "A list of resource ARNs to associate to the percentage custom line item.", "title": "ChildAssociatedResources", "type": "array" }, "PercentageValue": { "markdownDescription": "The custom line item's percentage value. This will be multiplied against the combined value of its associated resources to determine its charge value.", "title": "PercentageValue", "type": "number" } }, "required": [ "PercentageValue" ], "type": "object" }, "AWS::BillingConductor::CustomLineItem.LineItemFilter": { "additionalProperties": false, "properties": { "Attribute": { "markdownDescription": "The attribute of the line item filter. This specifies what attribute that you can filter on.", "title": "Attribute", "type": "string" }, "MatchOption": { "markdownDescription": "The match criteria of the line item filter. This parameter specifies whether not to include the resource value from the billing group total cost.", "title": "MatchOption", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values of the line item filter. This specifies the values to filter on. Currently, you can only exclude Savings Plan discounts.", "title": "Values", "type": "array" } }, "required": [ "Attribute", "MatchOption", "Values" ], "type": "object" }, "AWS::BillingConductor::PricingPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The pricing plan description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of a pricing plan.", "title": "Name", "type": "string" }, "PricingRuleArns": { "items": { "type": "string" }, "markdownDescription": "The `PricingRuleArns` that are associated with the Pricing Plan.", "title": "PricingRuleArns", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing plan.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::BillingConductor::PricingPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::BillingConductor::PricingRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BillingEntity": { "markdownDescription": "The seller of services provided by AWS , their affiliates, or third-party providers selling services via AWS Marketplace .", "title": "BillingEntity", "type": "string" }, "Description": { "markdownDescription": "The pricing rule description.", "title": "Description", "type": "string" }, "ModifierPercentage": { "markdownDescription": "A percentage modifier applied on the public pricing rates.", "title": "ModifierPercentage", "type": "number" }, "Name": { "markdownDescription": "The name of a pricing rule.", "title": "Name", "type": "string" }, "Operation": { "markdownDescription": "Operation is the specific AWS action covered by this line item. This describes the specific usage of the line item.\n\nIf the `Scope` attribute is set to `SKU` , this attribute indicates which operation the `PricingRule` is modifying. For example, a value of `RunInstances:0202` indicates the operation of running an Amazon EC2 instance.", "title": "Operation", "type": "string" }, "Scope": { "markdownDescription": "The scope of pricing rule that indicates if it's globally applicable or service-specific.", "title": "Scope", "type": "string" }, "Service": { "markdownDescription": "If the `Scope` attribute is `SERVICE` , this attribute indicates which service the `PricingRule` is applicable for.", "title": "Service", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values that are attached to a pricing rule.", "title": "Tags", "type": "array" }, "Tiering": { "$ref": "#/definitions/AWS::BillingConductor::PricingRule.Tiering", "markdownDescription": "The set of tiering configurations for the pricing rule.", "title": "Tiering" }, "Type": { "markdownDescription": "The type of pricing rule.", "title": "Type", "type": "string" }, "UsageType": { "markdownDescription": "Usage Type is the unit that each service uses to measure the usage of a specific type of resource.", "title": "UsageType", "type": "string" } }, "required": [ "Name", "Scope", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::BillingConductor::PricingRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::BillingConductor::PricingRule.FreeTier": { "additionalProperties": false, "properties": { "Activated": { "markdownDescription": "Activate or deactivate AWS Free Tier.", "title": "Activated", "type": "boolean" } }, "required": [ "Activated" ], "type": "object" }, "AWS::BillingConductor::PricingRule.Tiering": { "additionalProperties": false, "properties": { "FreeTier": { "$ref": "#/definitions/AWS::BillingConductor::PricingRule.FreeTier", "markdownDescription": "The possible AWS Free Tier configurations.", "title": "FreeTier" } }, "type": "object" }, "AWS::Budgets::Budget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Budget": { "$ref": "#/definitions/AWS::Budgets::Budget.BudgetData", "markdownDescription": "The budget object that you want to create.", "title": "Budget" }, "NotificationsWithSubscribers": { "items": { "$ref": "#/definitions/AWS::Budgets::Budget.NotificationWithSubscribers" }, "markdownDescription": "A notification that you want to associate with a budget. A budget can have up to five notifications, and each notification can have one SNS subscriber and up to 10 email subscribers. If you include notifications and subscribers in your `CreateBudget` call, AWS creates the notifications and subscribers for you.", "title": "NotificationsWithSubscribers", "type": "array" } }, "required": [ "Budget" ], "type": "object" }, "Type": { "enum": [ "AWS::Budgets::Budget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Budgets::Budget.AutoAdjustData": { "additionalProperties": false, "properties": { "AutoAdjustType": { "markdownDescription": "The string that defines whether your budget auto-adjusts based on historical or forecasted data.", "title": "AutoAdjustType", "type": "string" }, "HistoricalOptions": { "$ref": "#/definitions/AWS::Budgets::Budget.HistoricalOptions", "markdownDescription": "The parameters that define or describe the historical data that your auto-adjusting budget is based on.", "title": "HistoricalOptions" } }, "required": [ "AutoAdjustType" ], "type": "object" }, "AWS::Budgets::Budget.BudgetData": { "additionalProperties": false, "properties": { "AutoAdjustData": { "$ref": "#/definitions/AWS::Budgets::Budget.AutoAdjustData", "markdownDescription": "Determine the budget amount for an auto-adjusting budget.", "title": "AutoAdjustData" }, "BudgetLimit": { "$ref": "#/definitions/AWS::Budgets::Budget.Spend", "markdownDescription": "The total amount of cost, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage that you want to track with your budget.\n\n`BudgetLimit` is required for cost or usage budgets, but optional for RI or Savings Plans utilization or coverage budgets. RI and Savings Plans utilization or coverage budgets default to `100` . This is the only valid value for RI or Savings Plans utilization or coverage budgets. You can't use `BudgetLimit` with `PlannedBudgetLimits` for `CreateBudget` and `UpdateBudget` actions.", "title": "BudgetLimit" }, "BudgetName": { "markdownDescription": "The name of a budget. The value must be unique within an account. `BudgetName` can't include `:` and `\\` characters. If you don't include value for `BudgetName` in the template, Billing and Cost Management assigns your budget a randomly generated name.", "title": "BudgetName", "type": "string" }, "BudgetType": { "markdownDescription": "Specifies whether this budget tracks costs, usage, RI utilization, RI coverage, Savings Plans utilization, or Savings Plans coverage.", "title": "BudgetType", "type": "string" }, "CostFilters": { "markdownDescription": "The cost filters, such as `Region` , `Service` , `LinkedAccount` , `Tag` , or `CostCategory` , that are applied to a budget.\n\nAWS Budgets supports the following services as a `Service` filter for RI budgets:\n\n- Amazon EC2\n- Amazon Redshift\n- Amazon Relational Database Service\n- Amazon ElastiCache\n- Amazon OpenSearch Service", "title": "CostFilters", "type": "object" }, "CostTypes": { "$ref": "#/definitions/AWS::Budgets::Budget.CostTypes", "markdownDescription": "The types of costs that are included in this `COST` budget.\n\n`USAGE` , `RI_UTILIZATION` , `RI_COVERAGE` , `SAVINGS_PLANS_UTILIZATION` , and `SAVINGS_PLANS_COVERAGE` budgets do not have `CostTypes` .", "title": "CostTypes" }, "PlannedBudgetLimits": { "markdownDescription": "A map containing multiple `BudgetLimit` , including current or future limits.\n\n`PlannedBudgetLimits` is available for cost or usage budget and supports both monthly and quarterly `TimeUnit` .\n\nFor monthly budgets, provide 12 months of `PlannedBudgetLimits` values. This must start from the current month and include the next 11 months. The `key` is the start of the month, `UTC` in epoch seconds.\n\nFor quarterly budgets, provide four quarters of `PlannedBudgetLimits` value entries in standard calendar quarter increments. This must start from the current quarter and include the next three quarters. The `key` is the start of the quarter, `UTC` in epoch seconds.\n\nIf the planned budget expires before 12 months for monthly or four quarters for quarterly, provide the `PlannedBudgetLimits` values only for the remaining periods.\n\nIf the budget begins at a date in the future, provide `PlannedBudgetLimits` values from the start date of the budget.\n\nAfter all of the `BudgetLimit` values in `PlannedBudgetLimits` are used, the budget continues to use the last limit as the `BudgetLimit` . At that point, the planned budget provides the same experience as a fixed budget.\n\n`DescribeBudget` and `DescribeBudgets` response along with `PlannedBudgetLimits` also contain `BudgetLimit` representing the current month or quarter limit present in `PlannedBudgetLimits` . This only applies to budgets that are created with `PlannedBudgetLimits` . Budgets that are created without `PlannedBudgetLimits` only contain `BudgetLimit` . They don't contain `PlannedBudgetLimits` .", "title": "PlannedBudgetLimits", "type": "object" }, "TimePeriod": { "$ref": "#/definitions/AWS::Budgets::Budget.TimePeriod", "markdownDescription": "The period of time that is covered by a budget. The period has a start date and an end date. The start date must come before the end date. There are no restrictions on the end date.\n\nThe start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the AWS Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nAfter the end date, AWS deletes the budget and all associated notifications and subscribers.", "title": "TimePeriod" }, "TimeUnit": { "markdownDescription": "The length of time until a budget resets the actual and forecasted spend. `DAILY` is available only for `RI_UTILIZATION` and `RI_COVERAGE` budgets.", "title": "TimeUnit", "type": "string" } }, "required": [ "BudgetType", "TimeUnit" ], "type": "object" }, "AWS::Budgets::Budget.CostTypes": { "additionalProperties": false, "properties": { "IncludeCredit": { "markdownDescription": "Specifies whether a budget includes credits.\n\nThe default value is `true` .", "title": "IncludeCredit", "type": "boolean" }, "IncludeDiscount": { "markdownDescription": "Specifies whether a budget includes discounts.\n\nThe default value is `true` .", "title": "IncludeDiscount", "type": "boolean" }, "IncludeOtherSubscription": { "markdownDescription": "Specifies whether a budget includes non-RI subscription costs.\n\nThe default value is `true` .", "title": "IncludeOtherSubscription", "type": "boolean" }, "IncludeRecurring": { "markdownDescription": "Specifies whether a budget includes recurring fees such as monthly RI fees.\n\nThe default value is `true` .", "title": "IncludeRecurring", "type": "boolean" }, "IncludeRefund": { "markdownDescription": "Specifies whether a budget includes refunds.\n\nThe default value is `true` .", "title": "IncludeRefund", "type": "boolean" }, "IncludeSubscription": { "markdownDescription": "Specifies whether a budget includes subscriptions.\n\nThe default value is `true` .", "title": "IncludeSubscription", "type": "boolean" }, "IncludeSupport": { "markdownDescription": "Specifies whether a budget includes support subscription fees.\n\nThe default value is `true` .", "title": "IncludeSupport", "type": "boolean" }, "IncludeTax": { "markdownDescription": "Specifies whether a budget includes taxes.\n\nThe default value is `true` .", "title": "IncludeTax", "type": "boolean" }, "IncludeUpfront": { "markdownDescription": "Specifies whether a budget includes upfront RI costs.\n\nThe default value is `true` .", "title": "IncludeUpfront", "type": "boolean" }, "UseAmortized": { "markdownDescription": "Specifies whether a budget uses the amortized rate.\n\nThe default value is `false` .", "title": "UseAmortized", "type": "boolean" }, "UseBlended": { "markdownDescription": "Specifies whether a budget uses a blended rate.\n\nThe default value is `false` .", "title": "UseBlended", "type": "boolean" } }, "type": "object" }, "AWS::Budgets::Budget.HistoricalOptions": { "additionalProperties": false, "properties": { "BudgetAdjustmentPeriod": { "markdownDescription": "The number of budget periods included in the moving-average calculation that determines your auto-adjusted budget amount. The maximum value depends on the `TimeUnit` granularity of the budget:\n\n- For the `DAILY` granularity, the maximum value is `60` .\n- For the `MONTHLY` granularity, the maximum value is `12` .\n- For the `QUARTERLY` granularity, the maximum value is `4` .\n- For the `ANNUALLY` granularity, the maximum value is `1` .", "title": "BudgetAdjustmentPeriod", "type": "number" } }, "required": [ "BudgetAdjustmentPeriod" ], "type": "object" }, "AWS::Budgets::Budget.Notification": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The comparison that's used for this notification.", "title": "ComparisonOperator", "type": "string" }, "NotificationType": { "markdownDescription": "Specifies whether the notification is for how much you have spent ( `ACTUAL` ) or for how much that you're forecasted to spend ( `FORECASTED` ).", "title": "NotificationType", "type": "string" }, "Threshold": { "markdownDescription": "The threshold that's associated with a notification. Thresholds are always a percentage, and many customers find value being alerted between 50% - 200% of the budgeted amount. The maximum limit for your threshold is 1,000,000% above the budgeted amount.", "title": "Threshold", "type": "number" }, "ThresholdType": { "markdownDescription": "The type of threshold for a notification. For `ABSOLUTE_VALUE` thresholds, AWS notifies you when you go over or are forecasted to go over your total cost threshold. For `PERCENTAGE` thresholds, AWS notifies you when you go over or are forecasted to go over a certain percentage of your forecasted spend. For example, if you have a budget for 200 dollars and you have a `PERCENTAGE` threshold of 80%, AWS notifies you when you go over 160 dollars.", "title": "ThresholdType", "type": "string" } }, "required": [ "ComparisonOperator", "NotificationType", "Threshold" ], "type": "object" }, "AWS::Budgets::Budget.NotificationWithSubscribers": { "additionalProperties": false, "properties": { "Notification": { "$ref": "#/definitions/AWS::Budgets::Budget.Notification", "markdownDescription": "The notification that's associated with a budget.", "title": "Notification" }, "Subscribers": { "items": { "$ref": "#/definitions/AWS::Budgets::Budget.Subscriber" }, "markdownDescription": "A list of subscribers who are subscribed to this notification.", "title": "Subscribers", "type": "array" } }, "required": [ "Notification", "Subscribers" ], "type": "object" }, "AWS::Budgets::Budget.Spend": { "additionalProperties": false, "properties": { "Amount": { "markdownDescription": "The cost or usage amount that's associated with a budget forecast, actual spend, or budget threshold.", "title": "Amount", "type": "number" }, "Unit": { "markdownDescription": "The unit of measurement that's used for the budget forecast, actual spend, or budget threshold.", "title": "Unit", "type": "string" } }, "required": [ "Amount", "Unit" ], "type": "object" }, "AWS::Budgets::Budget.Subscriber": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", "title": "Address", "type": "string" }, "SubscriptionType": { "markdownDescription": "The type of notification that AWS sends to a subscriber.", "title": "SubscriptionType", "type": "string" } }, "required": [ "Address", "SubscriptionType" ], "type": "object" }, "AWS::Budgets::Budget.TimePeriod": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "The end date for a budget. If you didn't specify an end date, AWS set your end date to `06/15/87 00:00 UTC` . The defaults are the same for the AWS Billing and Cost Management console and the API.\n\nAfter the end date, AWS deletes the budget and all the associated notifications and subscribers. You can change your end date with the `UpdateBudget` operation.", "title": "End", "type": "string" }, "Start": { "markdownDescription": "The start date for a budget. If you created your budget and didn't specify a start date, the start date defaults to the start of the chosen time period (MONTHLY, QUARTERLY, or ANNUALLY). For example, if you create your budget on January 24, 2019, choose `MONTHLY` , and don't set a start date, the start date defaults to `01/01/19 00:00 UTC` . The defaults are the same for the AWS Billing and Cost Management console and the API.\n\nYou can change your start date with the `UpdateBudget` operation.\n\nValid values depend on the value of `BudgetType` :\n\n- If `BudgetType` is `COST` or `USAGE` : Valid values are `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .\n- If `BudgetType` is `RI_UTILIZATION` or `RI_COVERAGE` : Valid values are `DAILY` , `MONTHLY` , `QUARTERLY` , and `ANNUALLY` .", "title": "Start", "type": "string" } }, "type": "object" }, "AWS::Budgets::BudgetsAction": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionThreshold": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ActionThreshold", "markdownDescription": "The trigger threshold of the action.", "title": "ActionThreshold" }, "ActionType": { "markdownDescription": "The type of action. This defines the type of tasks that can be carried out by this action. This field also determines the format for definition.", "title": "ActionType", "type": "string" }, "ApprovalModel": { "markdownDescription": "This specifies if the action needs manual or automatic approval.", "title": "ApprovalModel", "type": "string" }, "BudgetName": { "markdownDescription": "A string that represents the budget name. \":\" and \"\\\" characters aren't allowed.", "title": "BudgetName", "type": "string" }, "Definition": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Definition", "markdownDescription": "Specifies all of the type-specific parameters.", "title": "Definition" }, "ExecutionRoleArn": { "markdownDescription": "The role passed for action execution and reversion. Roles and actions must be in the same account.", "title": "ExecutionRoleArn", "type": "string" }, "NotificationType": { "markdownDescription": "The type of a notification.", "title": "NotificationType", "type": "string" }, "Subscribers": { "items": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.Subscriber" }, "markdownDescription": "A list of subscribers.", "title": "Subscribers", "type": "array" } }, "required": [ "ActionThreshold", "ActionType", "BudgetName", "Definition", "ExecutionRoleArn", "NotificationType", "Subscribers" ], "type": "object" }, "Type": { "enum": [ "AWS::Budgets::BudgetsAction" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Budgets::BudgetsAction.ActionThreshold": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of threshold for a notification.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The threshold of a notification.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::Budgets::BudgetsAction.Definition": { "additionalProperties": false, "properties": { "IamActionDefinition": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.IamActionDefinition", "markdownDescription": "The AWS Identity and Access Management ( IAM ) action definition details.", "title": "IamActionDefinition" }, "ScpActionDefinition": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.ScpActionDefinition", "markdownDescription": "The service control policies (SCP) action definition details.", "title": "ScpActionDefinition" }, "SsmActionDefinition": { "$ref": "#/definitions/AWS::Budgets::BudgetsAction.SsmActionDefinition", "markdownDescription": "The Amazon EC2 Systems Manager ( SSM ) action definition details.", "title": "SsmActionDefinition" } }, "type": "object" }, "AWS::Budgets::BudgetsAction.IamActionDefinition": { "additionalProperties": false, "properties": { "Groups": { "items": { "type": "string" }, "markdownDescription": "A list of groups to be attached. There must be at least one group.", "title": "Groups", "type": "array" }, "PolicyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the policy to be attached.", "title": "PolicyArn", "type": "string" }, "Roles": { "items": { "type": "string" }, "markdownDescription": "A list of roles to be attached. There must be at least one role.", "title": "Roles", "type": "array" }, "Users": { "items": { "type": "string" }, "markdownDescription": "A list of users to be attached. There must be at least one user.", "title": "Users", "type": "array" } }, "required": [ "PolicyArn" ], "type": "object" }, "AWS::Budgets::BudgetsAction.ScpActionDefinition": { "additionalProperties": false, "properties": { "PolicyId": { "markdownDescription": "The policy ID attached.", "title": "PolicyId", "type": "string" }, "TargetIds": { "items": { "type": "string" }, "markdownDescription": "A list of target IDs.", "title": "TargetIds", "type": "array" } }, "required": [ "PolicyId", "TargetIds" ], "type": "object" }, "AWS::Budgets::BudgetsAction.SsmActionDefinition": { "additionalProperties": false, "properties": { "InstanceIds": { "items": { "type": "string" }, "markdownDescription": "The EC2 and RDS instance IDs.", "title": "InstanceIds", "type": "array" }, "Region": { "markdownDescription": "The Region to run the ( SSM ) document.", "title": "Region", "type": "string" }, "Subtype": { "markdownDescription": "The action subType.", "title": "Subtype", "type": "string" } }, "required": [ "InstanceIds", "Region", "Subtype" ], "type": "object" }, "AWS::Budgets::BudgetsAction.Subscriber": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The address that AWS sends budget notifications to, either an SNS topic or an email.\n\nWhen you create a subscriber, the value of `Address` can't contain line breaks.", "title": "Address", "type": "string" }, "Type": { "markdownDescription": "The type of notification that AWS sends to a subscriber.", "title": "Type", "type": "string" } }, "required": [ "Address", "Type" ], "type": "object" }, "AWS::CE::AnomalyMonitor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MonitorDimension": { "markdownDescription": "The dimensions to evaluate.", "title": "MonitorDimension", "type": "string" }, "MonitorName": { "markdownDescription": "The name of the monitor.", "title": "MonitorName", "type": "string" }, "MonitorSpecification": { "markdownDescription": "The array of `MonitorSpecification` in JSON array format. For instance, you can use `MonitorSpecification` to specify a tag, Cost Category, or linked account for your custom anomaly monitor. For further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalymonitor.html#aws-resource-ce-anomalymonitor--examples) section of this page.", "title": "MonitorSpecification", "type": "string" }, "MonitorType": { "markdownDescription": "The possible type values.", "title": "MonitorType", "type": "string" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::CE::AnomalyMonitor.ResourceTag" }, "markdownDescription": "", "title": "ResourceTags", "type": "array" } }, "required": [ "MonitorName", "MonitorType" ], "type": "object" }, "Type": { "enum": [ "AWS::CE::AnomalyMonitor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CE::AnomalyMonitor.ResourceTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key that's associated with the tag.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value that's associated with the tag.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::CE::AnomalySubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Frequency": { "markdownDescription": "The frequency that anomaly notifications are sent. Notifications are sent either over email (for DAILY and WEEKLY frequencies) or SNS (for IMMEDIATE frequency). For more information, see [Creating an Amazon SNS topic for anomaly notifications](https://docs.aws.amazon.com/cost-management/latest/userguide/ad-SNS.html) .", "title": "Frequency", "type": "string" }, "MonitorArnList": { "items": { "type": "string" }, "markdownDescription": "A list of cost anomaly monitors.", "title": "MonitorArnList", "type": "array" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::CE::AnomalySubscription.ResourceTag" }, "markdownDescription": "", "title": "ResourceTags", "type": "array" }, "Subscribers": { "items": { "$ref": "#/definitions/AWS::CE::AnomalySubscription.Subscriber" }, "markdownDescription": "A list of subscribers to notify.", "title": "Subscribers", "type": "array" }, "SubscriptionName": { "markdownDescription": "The name for the subscription.", "title": "SubscriptionName", "type": "string" }, "Threshold": { "markdownDescription": "(deprecated)\n\nAn absolute dollar value that must be exceeded by the anomaly's total impact (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details) for an anomaly notification to be generated.\n\nThis field has been deprecated. To specify a threshold, use ThresholdExpression. Continued use of Threshold will be treated as shorthand syntax for a ThresholdExpression.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.", "title": "Threshold", "type": "number" }, "ThresholdExpression": { "markdownDescription": "An [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Expression.html) object in JSON string format used to specify the anomalies that you want to generate alerts for. This supports dimensions and nested expressions. The supported dimensions are `ANOMALY_TOTAL_IMPACT_ABSOLUTE` and `ANOMALY_TOTAL_IMPACT_PERCENTAGE` , corresponding to an anomaly\u2019s TotalImpact and TotalImpactPercentage, respectively (see [Impact](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_Impact.html) for more details). The supported nested expression types are `AND` and `OR` . The match option `GREATER_THAN_OR_EQUAL` is required. Values must be numbers between 0 and 10,000,000,000 in string format.\n\nOne of Threshold or ThresholdExpression is required for `AWS::CE::AnomalySubscription` . You cannot specify both.\n\nFor further information, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ce-anomalysubscription.html#aws-resource-ce-anomalysubscription--examples) section of this page.", "title": "ThresholdExpression", "type": "string" } }, "required": [ "Frequency", "MonitorArnList", "Subscribers", "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ "AWS::CE::AnomalySubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CE::AnomalySubscription.ResourceTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key that's associated with the tag.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value that's associated with the tag.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::CE::AnomalySubscription.Subscriber": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` .", "title": "Address", "type": "string" }, "Status": { "markdownDescription": "Indicates if the subscriber accepts the notifications.", "title": "Status", "type": "string" }, "Type": { "markdownDescription": "The notification delivery channel.", "title": "Type", "type": "string" } }, "required": [ "Address", "Type" ], "type": "object" }, "AWS::CE::CostCategory": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "The default value for the cost category.", "title": "DefaultValue", "type": "string" }, "Name": { "markdownDescription": "The unique name of the Cost Category.", "title": "Name", "type": "string" }, "RuleVersion": { "markdownDescription": "The rule schema version in this particular Cost Category.", "title": "RuleVersion", "type": "string" }, "Rules": { "markdownDescription": "The array of CostCategoryRule in JSON array format.\n\n> Rules are processed in order. If there are multiple rules that match the line item, then the first rule to match is used to determine that Cost Category value.", "title": "Rules", "type": "string" }, "SplitChargeRules": { "markdownDescription": "The split charge rules that are used to allocate your charges between your Cost Category values.", "title": "SplitChargeRules", "type": "string" } }, "required": [ "Name", "RuleVersion", "Rules" ], "type": "object" }, "Type": { "enum": [ "AWS::CE::CostCategory" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CUR::ReportDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalArtifacts": { "items": { "type": "string" }, "markdownDescription": "A list of manifests that you want AWS to create for this report.", "title": "AdditionalArtifacts", "type": "array" }, "AdditionalSchemaElements": { "items": { "type": "string" }, "markdownDescription": "A list of strings that indicate additional content that AWS includes in the report, such as individual resource IDs.", "title": "AdditionalSchemaElements", "type": "array" }, "BillingViewArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the billing view. You can get this value by using the billing view service public APIs.", "title": "BillingViewArn", "type": "string" }, "Compression": { "markdownDescription": "The compression format that Amazon Web Services uses for the report.", "title": "Compression", "type": "string" }, "Format": { "markdownDescription": "The format that Amazon Web Services saves the report in.", "title": "Format", "type": "string" }, "RefreshClosedReports": { "markdownDescription": "Whether you want AWS to update your reports after they have been finalized if AWS detects charges related to previous months. These charges can include refunds, credits, or support fees.", "title": "RefreshClosedReports", "type": "boolean" }, "ReportName": { "markdownDescription": "The name of the report that you want to create. The name must be unique, is case sensitive, and can't include spaces.", "title": "ReportName", "type": "string" }, "ReportVersioning": { "markdownDescription": "Whether you want AWS to overwrite the previous version of each report or to deliver the report in addition to the previous versions.", "title": "ReportVersioning", "type": "string" }, "S3Bucket": { "markdownDescription": "The S3 bucket where Amazon Web Services delivers the report.", "title": "S3Bucket", "type": "string" }, "S3Prefix": { "markdownDescription": "The prefix that Amazon Web Services adds to the report name when Amazon Web Services delivers the report. Your prefix can't include spaces.", "title": "S3Prefix", "type": "string" }, "S3Region": { "markdownDescription": "The Region of the S3 bucket that Amazon Web Services delivers the report into.", "title": "S3Region", "type": "string" }, "TimeUnit": { "markdownDescription": "The granularity of the line items in the report.", "title": "TimeUnit", "type": "string" } }, "required": [ "Compression", "Format", "RefreshClosedReports", "ReportName", "ReportVersioning", "S3Bucket", "S3Prefix", "S3Region", "TimeUnit" ], "type": "object" }, "Type": { "enum": [ "AWS::CUR::ReportDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cassandra::Keyspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "KeyspaceName": { "markdownDescription": "The name of the keyspace to be created. The keyspace name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the keyspace name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", "title": "KeyspaceName", "type": "string" }, "ReplicationSpecification": { "$ref": "#/definitions/AWS::Cassandra::Keyspace.ReplicationSpecification", "markdownDescription": "Specifies the `ReplicationStrategy` of a keyspace. The options are:\n\n- `SINGLE_REGION` for a single Region keyspace (optional) or\n- `MULTI_REGION` for a multi-Region keyspace\n\nIf no `ReplicationStrategy` is provided, the default is `SINGLE_REGION` . If you choose `MULTI_REGION` , you must also provide a `RegionList` with the AWS Regions that the keyspace is replicated in.", "title": "ReplicationSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Cassandra::Keyspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Cassandra::Keyspace.ReplicationSpecification": { "additionalProperties": false, "properties": { "RegionList": { "items": { "type": "string" }, "markdownDescription": "Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two and up to six Regions, including the Region that the keyspace is being created in.", "title": "RegionList", "type": "array" }, "ReplicationStrategy": { "markdownDescription": "The options are:\n\n- `SINGLE_REGION` (optional)\n- `MULTI_REGION`\n\nIf no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required.", "title": "ReplicationStrategy", "type": "string" } }, "type": "object" }, "AWS::Cassandra::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingSpecifications": { "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSpecification", "markdownDescription": "The optional auto scaling capacity settings for a table in provisioned capacity mode.", "title": "AutoScalingSpecifications" }, "BillingMode": { "$ref": "#/definitions/AWS::Cassandra::Table.BillingMode", "markdownDescription": "The billing mode for the table, which determines how you'll be charged for reads and writes:\n\n- *On-demand mode* (default) - You pay based on the actual reads and writes your application performs.\n- *Provisioned mode* - Lets you specify the number of reads and writes per second that you need for your application.\n\nIf you don't specify a value for this property, then the table will use on-demand mode.", "title": "BillingMode" }, "ClientSideTimestampsEnabled": { "markdownDescription": "Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option:\n\n- `status: \"enabled\"`\n\nAfter client-side timestamps are enabled for a table, you can't disable this setting.", "title": "ClientSideTimestampsEnabled", "type": "boolean" }, "ClusteringKeyColumns": { "items": { "$ref": "#/definitions/AWS::Cassandra::Table.ClusteringKeyColumn" }, "markdownDescription": "One or more columns that determine how the table data is sorted.", "title": "ClusteringKeyColumns", "type": "array" }, "DefaultTimeToLive": { "markdownDescription": "The default Time To Live (TTL) value for all rows in a table in seconds. The maximum configurable value is 630,720,000 seconds, which is the equivalent of 20 years. By default, the TTL value for a table is 0, which means data does not expire.\n\nFor more information, see [Setting the default TTL value for a table](https://docs.aws.amazon.com/keyspaces/latest/devguide/TTL-how-it-works.html#ttl-howitworks_default_ttl) in the *Amazon Keyspaces Developer Guide* .", "title": "DefaultTimeToLive", "type": "number" }, "EncryptionSpecification": { "$ref": "#/definitions/AWS::Cassandra::Table.EncryptionSpecification", "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - The key is owned by Amazon Keyspaces .\n- *Customer managed key* - The key is stored in your account and is created, owned, and managed by you.\n\n> If you choose encryption with a customer managed key, you must specify a valid customer managed KMS key with permissions granted to Amazon Keyspaces.\n\nFor more information, see [Encryption at rest in Amazon Keyspaces](https://docs.aws.amazon.com/keyspaces/latest/devguide/EncryptionAtRest.html) in the *Amazon Keyspaces Developer Guide* .", "title": "EncryptionSpecification" }, "KeyspaceName": { "markdownDescription": "The name of the keyspace to create the table in. The keyspace must already exist.", "title": "KeyspaceName", "type": "string" }, "PartitionKeyColumns": { "items": { "$ref": "#/definitions/AWS::Cassandra::Table.Column" }, "markdownDescription": "One or more columns that uniquely identify every row in the table. Every table must have a partition key.", "title": "PartitionKeyColumns", "type": "array" }, "PointInTimeRecoveryEnabled": { "markdownDescription": "Specifies if point-in-time recovery is enabled or disabled for the table. The options are `PointInTimeRecoveryEnabled=true` and `PointInTimeRecoveryEnabled=false` . If not specified, the default is `PointInTimeRecoveryEnabled=false` .", "title": "PointInTimeRecoveryEnabled", "type": "boolean" }, "RegularColumns": { "items": { "$ref": "#/definitions/AWS::Cassandra::Table.Column" }, "markdownDescription": "One or more columns that are not part of the primary key - that is, columns that are *not* defined as partition key columns or clustering key columns.\n\nYou can add regular columns to existing tables by adding them to the template.", "title": "RegularColumns", "type": "array" }, "ReplicaSpecifications": { "items": { "$ref": "#/definitions/AWS::Cassandra::Table.ReplicaSpecification" }, "markdownDescription": "The AWS Region specific settings of a multi-Region table.\n\nFor a multi-Region table, you can configure the table's read capacity differently per AWS Region. You can do this by configuring the following parameters.\n\n- `region` : The Region where these settings are applied. (Required)\n- `readCapacityUnits` : The provisioned read capacity units. (Optional)\n- `readCapacityAutoScaling` : The read capacity auto scaling settings for the table. (Optional)", "title": "ReplicaSpecifications", "type": "array" }, "TableName": { "markdownDescription": "The name of the table to be created. The table name is case sensitive. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacing this resource. You can perform updates that require no interruption or some interruption. If you must replace the resource, specify a new name. \n\n*Length constraints:* Minimum length of 3. Maximum length of 255.\n\n*Pattern:* `^[a-zA-Z0-9][a-zA-Z0-9_]{1,47}$`", "title": "TableName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "KeyspaceName", "PartitionKeyColumns" ], "type": "object" }, "Type": { "enum": [ "AWS::Cassandra::Table" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cassandra::Table.AutoScalingSetting": { "additionalProperties": false, "properties": { "AutoScalingDisabled": { "markdownDescription": "This optional parameter enables auto scaling for the table if set to `false` .", "title": "AutoScalingDisabled", "type": "boolean" }, "MaximumUnits": { "markdownDescription": "Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", "title": "MaximumUnits", "type": "number" }, "MinimumUnits": { "markdownDescription": "The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default).", "title": "MinimumUnits", "type": "number" }, "ScalingPolicy": { "$ref": "#/definitions/AWS::Cassandra::Table.ScalingPolicy", "markdownDescription": "Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90.", "title": "ScalingPolicy" } }, "type": "object" }, "AWS::Cassandra::Table.AutoScalingSpecification": { "additionalProperties": false, "properties": { "ReadCapacityAutoScaling": { "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", "markdownDescription": "The auto scaling settings for the table's read capacity.", "title": "ReadCapacityAutoScaling" }, "WriteCapacityAutoScaling": { "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", "markdownDescription": "The auto scaling settings for the table's write capacity.", "title": "WriteCapacityAutoScaling" } }, "type": "object" }, "AWS::Cassandra::Table.BillingMode": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The billing mode for the table:\n\n- On-demand mode - `ON_DEMAND`\n- Provisioned mode - `PROVISIONED`\n\n> If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table.\n\nValid values: `ON_DEMAND` | `PROVISIONED`", "title": "Mode", "type": "string" }, "ProvisionedThroughput": { "$ref": "#/definitions/AWS::Cassandra::Table.ProvisionedThroughput", "markdownDescription": "The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* .", "title": "ProvisionedThroughput" } }, "required": [ "Mode" ], "type": "object" }, "AWS::Cassandra::Table.ClusteringKeyColumn": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::Cassandra::Table.Column", "markdownDescription": "The name and data type of this clustering key column.", "title": "Column" }, "OrderBy": { "markdownDescription": "The order in which this column's data is stored:\n\n- `ASC` (default) - The column's data is stored in ascending order.\n- `DESC` - The column's data is stored in descending order.", "title": "OrderBy", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::Cassandra::Table.Column": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* .", "title": "ColumnName", "type": "string" }, "ColumnType": { "markdownDescription": "The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* .", "title": "ColumnType", "type": "string" } }, "required": [ "ColumnName", "ColumnType" ], "type": "object" }, "AWS::Cassandra::Table.EncryptionSpecification": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The encryption at rest options for the table.\n\n- *AWS owned key* (default) - `AWS_OWNED_KMS_KEY`\n- *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY`\n\n> If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required.\n\nValid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` .", "title": "EncryptionType", "type": "string" }, "KmsKeyIdentifier": { "markdownDescription": "Requires a `kms_key_identifier` in the format of a key ARN.", "title": "KmsKeyIdentifier", "type": "string" } }, "required": [ "EncryptionType" ], "type": "object" }, "AWS::Cassandra::Table.ProvisionedThroughput": { "additionalProperties": false, "properties": { "ReadCapacityUnits": { "markdownDescription": "The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", "title": "ReadCapacityUnits", "type": "number" }, "WriteCapacityUnits": { "markdownDescription": "The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* .", "title": "WriteCapacityUnits", "type": "number" } }, "required": [ "ReadCapacityUnits", "WriteCapacityUnits" ], "type": "object" }, "AWS::Cassandra::Table.ReplicaSpecification": { "additionalProperties": false, "properties": { "ReadCapacityAutoScaling": { "$ref": "#/definitions/AWS::Cassandra::Table.AutoScalingSetting", "markdownDescription": "The read capacity auto scaling settings for the multi-Region table in the specified AWS Region.", "title": "ReadCapacityAutoScaling" }, "ReadCapacityUnits": { "markdownDescription": "The provisioned read capacity units for the multi-Region table in the specified AWS Region.", "title": "ReadCapacityUnits", "type": "number" }, "Region": { "markdownDescription": "The AWS Region.", "title": "Region", "type": "string" } }, "required": [ "Region" ], "type": "object" }, "AWS::Cassandra::Table.ScalingPolicy": { "additionalProperties": false, "properties": { "TargetTrackingScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration", "markdownDescription": "The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity.", "title": "TargetTrackingScalingPolicyConfiguration" } }, "type": "object" }, "AWS::Cassandra::Table.TargetTrackingScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "DisableScaleIn": { "markdownDescription": "Specifies if `scale-in` is enabled.\n\nWhen auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity.", "title": "DisableScaleIn", "type": "boolean" }, "ScaleInCooldown": { "markdownDescription": "Specifies a `scale-in` cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", "title": "ScaleInCooldown", "type": "number" }, "ScaleOutCooldown": { "markdownDescription": "Specifies a scale out cool down period.\n\nA cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts.", "title": "ScaleOutCooldown", "type": "number" }, "TargetValue": { "markdownDescription": "Specifies the target value for the target tracking auto scaling policy.\n\nAmazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::CertificateManager::Account": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExpiryEventsConfiguration": { "$ref": "#/definitions/AWS::CertificateManager::Account.ExpiryEventsConfiguration", "markdownDescription": "Object containing expiration events options associated with an AWS account . For more information, see [ExpiryEventsConfiguration](https://docs.aws.amazon.com/acm/latest/APIReference/API_ExpiryEventsConfiguration.html) in the API reference.", "title": "ExpiryEventsConfiguration" } }, "required": [ "ExpiryEventsConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::CertificateManager::Account" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CertificateManager::Account.ExpiryEventsConfiguration": { "additionalProperties": false, "properties": { "DaysBeforeExpiry": { "markdownDescription": "This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration.", "title": "DaysBeforeExpiry", "type": "number" } }, "type": "object" }, "AWS::CertificateManager::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the [AWS Private Certificate Authority](https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html) user guide. The ARN must have the following form:\n\n`arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012`", "title": "CertificateAuthorityArn", "type": "string" }, "CertificateTransparencyLoggingPreference": { "markdownDescription": "You can opt out of certificate transparency logging by specifying the `DISABLED` option. Opt in by specifying `ENABLED` .\n\nIf you do not specify a certificate transparency logging preference on a new CloudFormation template, or if you remove the logging preference from an existing template, this is the same as explicitly enabling the preference.\n\nChanging the certificate transparency logging preference will update the existing resource by calling `UpdateCertificateOptions` on the certificate. This action will not create a new resource.", "title": "CertificateTransparencyLoggingPreference", "type": "string" }, "DomainName": { "markdownDescription": "The fully qualified domain name (FQDN), such as www.example.com, with which you want to secure an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, `*.example.com` protects `www.example.com` , `site.example.com` , and `images.example.com.`", "title": "DomainName", "type": "string" }, "DomainValidationOptions": { "items": { "$ref": "#/definitions/AWS::CertificateManager::Certificate.DomainValidationOption" }, "markdownDescription": "Domain information that domain name registrars use to verify your identity.\n\n> In order for a AWS::CertificateManager::Certificate to be provisioned and validated in CloudFormation automatically, the `DomainName` property needs to be identical to one of the `DomainName` property supplied in DomainValidationOptions, if the ValidationMethod is **DNS**. Failing to keep them like-for-like will result in failure to create the domain validation records in Route53.", "title": "DomainValidationOptions", "type": "array" }, "KeyAlgorithm": { "markdownDescription": "Specifies the algorithm of the public and private key pair that your certificate uses to encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but with greater computing efficiency. However, ECDSA is not supported by all network clients. Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken. Check the requirements for the AWS service where you plan to deploy your certificate. For more information about selecting an algorithm, see [Key algorithms](https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms) .\n\n> Algorithms supported for an ACM certificate request include:\n> \n> - `RSA_2048`\n> - `EC_prime256v1`\n> - `EC_secp384r1`\n> \n> Other listed algorithms are for imported certificates only. > When you request a private PKI certificate signed by a CA from AWS Private CA, the specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key. \n\nDefault: RSA_2048", "title": "KeyAlgorithm", "type": "string" }, "SubjectAlternativeNames": { "items": { "type": "string" }, "markdownDescription": "Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, you can add www.example.net to a certificate for which the `DomainName` field is www.example.com if users can reach your site by using either name.", "title": "SubjectAlternativeNames", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can identify the certificate.", "title": "Tags", "type": "array" }, "ValidationMethod": { "markdownDescription": "The method you want to use to validate that you own or control the domain associated with a public certificate. You can [validate with DNS](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html) or [validate with email](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html) . We recommend that you use DNS validation.\n\nIf not specified, this property defaults to email validation.", "title": "ValidationMethod", "type": "string" } }, "required": [ "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::CertificateManager::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CertificateManager::Certificate.DomainValidationOption": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "A fully qualified domain name (FQDN) in the certificate request.", "title": "DomainName", "type": "string" }, "HostedZoneId": { "markdownDescription": "The `HostedZoneId` option, which is available if you are using Route 53 as your domain registrar, causes ACM to add your CNAME to the domain record. Your list of `DomainValidationOptions` must contain one and only one of the domain-validation options, and the `HostedZoneId` can be used only when `DNS` is specified as your validation method.\n\nUse the Route 53 `ListHostedZones` API to discover IDs for available hosted zones.\n\nThis option is required for publicly trusted certificates.\n\n> The `ListHostedZones` API returns IDs in the format \"/hostedzone/Z111111QQQQQQQ\", but CloudFormation requires the IDs to be in the format \"Z111111QQQQQQQ\". \n\nWhen you change your `DomainValidationOptions` , a new resource is created.", "title": "HostedZoneId", "type": "string" }, "ValidationDomain": { "markdownDescription": "The domain name to which you want ACM to send validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the `DomainName` value or a superdomain of the `DomainName` value. For example, if you request a certificate for `testing.example.com` , you can specify `example.com` as this value. In that case, ACM sends domain validation emails to the following five addresses:\n\n- admin@example.com\n- administrator@example.com\n- hostmaster@example.com\n- postmaster@example.com\n- webmaster@example.com", "title": "ValidationDomain", "type": "string" } }, "required": [ "DomainName" ], "type": "object" }, "AWS::Chatbot::MicrosoftTeamsChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigurationName": { "markdownDescription": "The name of the configuration.", "title": "ConfigurationName", "type": "string" }, "GuardrailPolicies": { "items": { "type": "string" }, "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", "title": "GuardrailPolicies", "type": "array" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that defines the permissions for AWS Chatbot .\n\nThis is a user-defined role that AWS Chatbot will assume. This is not the service-linked role. For more information, see [IAM Policies for AWS Chatbot](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", "title": "IamRoleArn", "type": "string" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", "title": "LoggingLevel", "type": "string" }, "SnsTopicArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the SNS topics that deliver notifications to AWS Chatbot .", "title": "SnsTopicArns", "type": "array" }, "TeamId": { "markdownDescription": "The ID of the Microsoft Team authorized with AWS Chatbot .\n\nTo get the team ID, you must perform the initial authorization flow with Microsoft Teams in the AWS Chatbot console. Then you can copy and paste the team ID from the console. For more details, see steps 1-4 in [Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html#teams-client-setup) in the *AWS Chatbot Administrator Guide* .", "title": "TeamId", "type": "string" }, "TeamsChannelId": { "markdownDescription": "The ID of the Microsoft Teams channel.\n\nTo get the channel ID, open Microsoft Teams, right click on the channel name in the left pane, then choose Copy. An example of the channel ID syntax is: `19%3ab6ef35dc342d56ba5654e6fc6d25a071%40thread.tacv2` .", "title": "TeamsChannelId", "type": "string" }, "TeamsTenantId": { "markdownDescription": "The ID of the Microsoft Teams tenant.\n\nTo get the tenant ID, you must perform the initial authorization flow with Microsoft Teams in the AWS Chatbot console. Then you can copy and paste the tenant ID from the console. For more details, see steps 1-4 in [Get started with Microsoft Teams](https://docs.aws.amazon.com/chatbot/latest/adminguide/teams-setup.html#teams-client-setup) in the *AWS Chatbot Administrator Guide* .", "title": "TeamsTenantId", "type": "string" }, "UserRoleRequired": { "markdownDescription": "Enables use of a user role requirement in your chat configuration.", "title": "UserRoleRequired", "type": "boolean" } }, "required": [ "ConfigurationName", "IamRoleArn", "TeamId", "TeamsChannelId", "TeamsTenantId" ], "type": "object" }, "Type": { "enum": [ "AWS::Chatbot::MicrosoftTeamsChannelConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Chatbot::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigurationName": { "markdownDescription": "The name of the configuration.", "title": "ConfigurationName", "type": "string" }, "GuardrailPolicies": { "items": { "type": "string" }, "markdownDescription": "The list of IAM policy ARNs that are applied as channel guardrails. The AWS managed 'AdministratorAccess' policy is applied as a default if this is not set.", "title": "GuardrailPolicies", "type": "array" }, "IamRoleArn": { "markdownDescription": "The ARN of the IAM role that defines the permissions for AWS Chatbot .\n\nThis is a user-defined role that AWS Chatbot will assume. This is not the service-linked role. For more information, see [IAM Policies for AWS Chatbot](https://docs.aws.amazon.com/chatbot/latest/adminguide/chatbot-iam-policies.html) .", "title": "IamRoleArn", "type": "string" }, "LoggingLevel": { "markdownDescription": "Specifies the logging level for this configuration. This property affects the log entries pushed to Amazon CloudWatch Logs.\n\nLogging levels include `ERROR` , `INFO` , or `NONE` .", "title": "LoggingLevel", "type": "string" }, "SlackChannelId": { "markdownDescription": "The ID of the Slack channel.\n\nTo get the ID, open Slack, right click on the channel name in the left pane, then choose Copy Link. The channel ID is the 9-character string at the end of the URL. For example, `ABCBBLZZZ` .", "title": "SlackChannelId", "type": "string" }, "SlackWorkspaceId": { "markdownDescription": "The ID of the Slack workspace authorized with AWS Chatbot .\n\nTo get the workspace ID, you must perform the initial authorization flow with Slack in the AWS Chatbot console. Then you can copy and paste the workspace ID from the console. For more details, see steps 1-4 in [Setting Up AWS Chatbot with Slack](https://docs.aws.amazon.com/chatbot/latest/adminguide/setting-up.html#Setup_intro) in the *AWS Chatbot User Guide* .", "title": "SlackWorkspaceId", "type": "string" }, "SnsTopicArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the SNS topics that deliver notifications to AWS Chatbot .", "title": "SnsTopicArns", "type": "array" }, "UserRoleRequired": { "markdownDescription": "Enables use of a user role requirement in your chat configuration.", "title": "UserRoleRequired", "type": "boolean" } }, "required": [ "ConfigurationName", "IamRoleArn", "SlackChannelId", "SlackWorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::Chatbot::SlackChannelConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::AnalysisTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AnalysisParameters": { "items": { "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisParameter" }, "markdownDescription": "The parameters of the analysis template.", "title": "AnalysisParameters", "type": "array" }, "Description": { "markdownDescription": "The description of the analysis template.", "title": "Description", "type": "string" }, "Format": { "markdownDescription": "The format of the analysis template.", "title": "Format", "type": "string" }, "MembershipIdentifier": { "markdownDescription": "The identifier for a membership resource.", "title": "MembershipIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the analysis template.", "title": "Name", "type": "string" }, "Source": { "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate.AnalysisSource", "markdownDescription": "The source of the analysis template.", "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ "Format", "MembershipIdentifier", "Name", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::AnalysisTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::AnalysisTemplate.AnalysisParameter": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor.", "title": "DefaultValue", "type": "string" }, "Name": { "markdownDescription": "The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of parameter.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::CleanRooms::AnalysisTemplate.AnalysisSchema": { "additionalProperties": false, "properties": { "ReferencedTables": { "items": { "type": "string" }, "markdownDescription": "The tables referenced in the analysis schema.", "title": "ReferencedTables", "type": "array" } }, "required": [ "ReferencedTables" ], "type": "object" }, "AWS::CleanRooms::AnalysisTemplate.AnalysisSource": { "additionalProperties": false, "properties": { "Text": { "markdownDescription": "The query text.", "title": "Text", "type": "string" } }, "required": [ "Text" ], "type": "object" }, "AWS::CleanRooms::Collaboration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CreatorDisplayName": { "markdownDescription": "A display name of the collaboration creator.", "title": "CreatorDisplayName", "type": "string" }, "CreatorMemberAbilities": { "items": { "type": "string" }, "markdownDescription": "The abilities granted to the collaboration creator.\n\n*Allowed values* `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", "title": "CreatorMemberAbilities", "type": "array" }, "CreatorPaymentConfiguration": { "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", "markdownDescription": "An object representing the collaboration member's payment responsibilities set by the collaboration creator.", "title": "CreatorPaymentConfiguration" }, "DataEncryptionMetadata": { "$ref": "#/definitions/AWS::CleanRooms::Collaboration.DataEncryptionMetadata", "markdownDescription": "The settings for client-side encryption for cryptographic computing.", "title": "DataEncryptionMetadata" }, "Description": { "markdownDescription": "A description of the collaboration provided by the collaboration owner.", "title": "Description", "type": "string" }, "Members": { "items": { "$ref": "#/definitions/AWS::CleanRooms::Collaboration.MemberSpecification" }, "markdownDescription": "A list of initial members, not including the creator. This list is immutable.", "title": "Members", "type": "array" }, "Name": { "markdownDescription": "A human-readable identifier provided by the collaboration owner. Display names are not unique.", "title": "Name", "type": "string" }, "QueryLogStatus": { "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the collaboration.", "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ "CreatorDisplayName", "CreatorMemberAbilities", "Description", "Members", "Name", "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::Collaboration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::Collaboration.DataEncryptionMetadata": { "additionalProperties": false, "properties": { "AllowCleartext": { "markdownDescription": "Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ).", "title": "AllowCleartext", "type": "boolean" }, "AllowDuplicates": { "markdownDescription": "Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ).", "title": "AllowDuplicates", "type": "boolean" }, "AllowJoinsOnColumnsWithDifferentNames": { "markdownDescription": "Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ).", "title": "AllowJoinsOnColumnsWithDifferentNames", "type": "boolean" }, "PreserveNulls": { "markdownDescription": "Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ).", "title": "PreserveNulls", "type": "boolean" } }, "required": [ "AllowCleartext", "AllowDuplicates", "AllowJoinsOnColumnsWithDifferentNames", "PreserveNulls" ], "type": "object" }, "AWS::CleanRooms::Collaboration.MemberSpecification": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The identifier used to reference members of the collaboration. Currently only supports AWS account ID.", "title": "AccountId", "type": "string" }, "DisplayName": { "markdownDescription": "The member's display name.", "title": "DisplayName", "type": "string" }, "MemberAbilities": { "items": { "type": "string" }, "markdownDescription": "The abilities granted to the collaboration member.\n\n*Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS`", "title": "MemberAbilities", "type": "array" }, "PaymentConfiguration": { "$ref": "#/definitions/AWS::CleanRooms::Collaboration.PaymentConfiguration", "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator.\n\nIf the collaboration creator hasn't speci\ufb01ed anyone as the member paying for query compute costs, then the member who can query is the default payer.", "title": "PaymentConfiguration" } }, "required": [ "AccountId", "DisplayName", "MemberAbilities" ], "type": "object" }, "AWS::CleanRooms::Collaboration.PaymentConfiguration": { "additionalProperties": false, "properties": { "QueryCompute": { "$ref": "#/definitions/AWS::CleanRooms::Collaboration.QueryComputePaymentConfig", "markdownDescription": "The collaboration member's payment responsibilities set by the collaboration creator for query compute costs.", "title": "QueryCompute" } }, "required": [ "QueryCompute" ], "type": "object" }, "AWS::CleanRooms::Collaboration.QueryComputePaymentConfig": { "additionalProperties": false, "properties": { "IsResponsible": { "markdownDescription": "Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ).\n\nExactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration.\n\nIf the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query.", "title": "IsResponsible", "type": "boolean" } }, "required": [ "IsResponsible" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedColumns": { "items": { "type": "string" }, "markdownDescription": "The columns within the underlying AWS Glue table that can be utilized within collaborations.", "title": "AllowedColumns", "type": "array" }, "AnalysisMethod": { "markdownDescription": "The analysis method for the configured table. The only valid value is currently `DIRECT_QUERY`.", "title": "AnalysisMethod", "type": "string" }, "AnalysisRules": { "items": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRule" }, "markdownDescription": "The entire created analysis rule.", "title": "AnalysisRules", "type": "array" }, "Description": { "markdownDescription": "A description for the configured table.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the configured table.", "title": "Name", "type": "string" }, "TableReference": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.TableReference", "markdownDescription": "The AWS Glue table that this configured table represents.", "title": "TableReference" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ "AllowedColumns", "AnalysisMethod", "Name", "TableReference" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::ConfiguredTable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AggregateColumn": { "additionalProperties": false, "properties": { "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "Column names in configured table of aggregate columns.", "title": "ColumnNames", "type": "array" }, "Function": { "markdownDescription": "Aggregation function that can be applied to aggregate column in query.", "title": "Function", "type": "string" } }, "required": [ "ColumnNames", "Function" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AggregationConstraint": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "Column in aggregation constraint for which there must be a minimum number of distinct values in an output row for it to be in the query output.", "title": "ColumnName", "type": "string" }, "Minimum": { "markdownDescription": "The minimum number of distinct values that an output row must be an aggregation of. Minimum threshold of distinct values for a specified column that must exist in an output row for it to be in the query output.", "title": "Minimum", "type": "number" }, "Type": { "markdownDescription": "The type of aggregation the constraint allows. The only valid value is currently `COUNT_DISTINCT`.", "title": "Type", "type": "string" } }, "required": [ "ColumnName", "Minimum", "Type" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AnalysisRule": { "additionalProperties": false, "properties": { "Policy": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy", "markdownDescription": "A policy that describes the associated data usage limitations.", "title": "Policy" }, "Type": { "markdownDescription": "The type of analysis rule.", "title": "Type", "type": "string" } }, "required": [ "Policy", "Type" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation": { "additionalProperties": false, "properties": { "AggregateColumns": { "items": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregateColumn" }, "markdownDescription": "The columns that query runners are allowed to use in aggregation queries.", "title": "AggregateColumns", "type": "array" }, "AllowedJoinOperators": { "items": { "type": "string" }, "markdownDescription": "Which logical operators (if any) are to be used in an INNER JOIN match condition. Default is `AND` .", "title": "AllowedJoinOperators", "type": "array" }, "DimensionColumns": { "items": { "type": "string" }, "markdownDescription": "The columns that query runners are allowed to select, group by, or filter by.", "title": "DimensionColumns", "type": "array" }, "JoinColumns": { "items": { "type": "string" }, "markdownDescription": "Columns in configured table that can be used in join statements and/or as aggregate columns. They can never be outputted directly.", "title": "JoinColumns", "type": "array" }, "JoinRequired": { "markdownDescription": "Control that requires member who runs query to do a join with their configured table and/or other configured table in query.", "title": "JoinRequired", "type": "string" }, "OutputConstraints": { "items": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AggregationConstraint" }, "markdownDescription": "Columns that must meet a specific threshold value (after an aggregation function is applied to it) for each output row to be returned.", "title": "OutputConstraints", "type": "array" }, "ScalarFunctions": { "items": { "type": "string" }, "markdownDescription": "Set of scalar functions that are allowed to be used on dimension columns and the output of aggregation of metrics.", "title": "ScalarFunctions", "type": "array" } }, "required": [ "AggregateColumns", "DimensionColumns", "JoinColumns", "OutputConstraints", "ScalarFunctions" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom": { "additionalProperties": false, "properties": { "AllowedAnalyses": { "items": { "type": "string" }, "markdownDescription": "The ARN of the analysis templates that are allowed by the custom analysis rule.", "title": "AllowedAnalyses", "type": "array" }, "AllowedAnalysisProviders": { "items": { "type": "string" }, "markdownDescription": "The IDs of the AWS accounts that are allowed to query by the custom analysis rule. Required when `allowedAnalyses` is `ANY_QUERY` .", "title": "AllowedAnalysisProviders", "type": "array" }, "DifferentialPrivacy": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy", "markdownDescription": "The differential privacy configuration.", "title": "DifferentialPrivacy" } }, "required": [ "AllowedAnalyses" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.AnalysisRuleList": { "additionalProperties": false, "properties": { "AllowedJoinOperators": { "items": { "type": "string" }, "markdownDescription": "The logical operators (if any) that are to be used in an INNER JOIN match condition. Default is `AND` .", "title": "AllowedJoinOperators", "type": "array" }, "JoinColumns": { "items": { "type": "string" }, "markdownDescription": "Columns that can be used to join a configured table with the table of the member who can query and other members' configured tables.", "title": "JoinColumns", "type": "array" }, "ListColumns": { "items": { "type": "string" }, "markdownDescription": "Columns that can be listed in the output.", "title": "ListColumns", "type": "array" } }, "required": [ "JoinColumns", "ListColumns" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicy": { "additionalProperties": false, "properties": { "V1": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1", "markdownDescription": "Controls on the query specifications that can be run on a configured table.", "title": "V1" } }, "required": [ "V1" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.ConfiguredTableAnalysisRulePolicyV1": { "additionalProperties": false, "properties": { "Aggregation": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleAggregation", "markdownDescription": "Analysis rule type that enables only aggregation queries on a configured table.", "title": "Aggregation" }, "Custom": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleCustom", "markdownDescription": "Analysis rule type that enables custom SQL queries on a configured table.", "title": "Custom" }, "List": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.AnalysisRuleList", "markdownDescription": "Analysis rule type that enables only list queries on a configured table.", "title": "List" } }, "type": "object" }, "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn" }, "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", "title": "Columns", "type": "array" } }, "required": [ "Columns" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.DifferentialPrivacyColumn": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the column, such as user_id, that contains the unique identifier of your users, whose privacy you want to protect. If you want to turn on differential privacy for two or more tables in a collaboration, you must configure the same column as the user identifier column in both analysis rules.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.GlueTableReference": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of the database the AWS Glue table belongs to.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The name of the AWS Glue table.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "TableName" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTable.TableReference": { "additionalProperties": false, "properties": { "Glue": { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable.GlueTableReference", "markdownDescription": "If present, a reference to the AWS Glue table referred to by this table reference.", "title": "Glue" } }, "required": [ "Glue" ], "type": "object" }, "AWS::CleanRooms::ConfiguredTableAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfiguredTableIdentifier": { "markdownDescription": "A unique identifier for the configured table to be associated to. Currently accepts a configured table ID.", "title": "ConfiguredTableIdentifier", "type": "string" }, "Description": { "markdownDescription": "A description of the configured table association.", "title": "Description", "type": "string" }, "MembershipIdentifier": { "markdownDescription": "The unique ID for the membership this configured table association belongs to.", "title": "MembershipIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the configured table association, in lowercase. The table is identified by this name when running protected queries against the underlying data.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The service will assume this role to access catalog metadata and query the table.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ "ConfiguredTableIdentifier", "MembershipIdentifier", "Name", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::ConfiguredTableAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::Membership": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CollaborationIdentifier": { "markdownDescription": "The unique ID for the associated collaboration.", "title": "CollaborationIdentifier", "type": "string" }, "DefaultResultConfiguration": { "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration", "markdownDescription": "The default protected query result configuration as specified by the member who can receive results.", "title": "DefaultResultConfiguration" }, "PaymentConfiguration": { "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipPaymentConfiguration", "markdownDescription": "The payment responsibilities accepted by the collaboration member.", "title": "PaymentConfiguration" }, "QueryLogStatus": { "markdownDescription": "An indicator as to whether query logging has been enabled or disabled for the membership.", "title": "QueryLogStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional label that you can assign to a resource when you create it. Each tag consists of a key and an optional value, both of which you define. When you use tagging, you can also use tag-based access control in IAM policies to control access to this resource.", "title": "Tags", "type": "array" } }, "required": [ "CollaborationIdentifier", "QueryLogStatus" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::Membership" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::Membership.MembershipPaymentConfiguration": { "additionalProperties": false, "properties": { "QueryCompute": { "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig", "markdownDescription": "The payment responsibilities accepted by the collaboration member for query compute costs.", "title": "QueryCompute" } }, "required": [ "QueryCompute" ], "type": "object" }, "AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration": { "additionalProperties": false, "properties": { "S3": { "$ref": "#/definitions/AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration", "markdownDescription": "Required configuration for a protected query with an `S3` output type.", "title": "S3" } }, "required": [ "S3" ], "type": "object" }, "AWS::CleanRooms::Membership.MembershipProtectedQueryResultConfiguration": { "additionalProperties": false, "properties": { "OutputConfiguration": { "$ref": "#/definitions/AWS::CleanRooms::Membership.MembershipProtectedQueryOutputConfiguration", "markdownDescription": "Configuration for protected query results.", "title": "OutputConfiguration" }, "RoleArn": { "markdownDescription": "The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results.", "title": "RoleArn", "type": "string" } }, "required": [ "OutputConfiguration" ], "type": "object" }, "AWS::CleanRooms::Membership.MembershipQueryComputePaymentConfig": { "additionalProperties": false, "properties": { "IsResponsible": { "markdownDescription": "Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ).\n\nIf the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer.\n\nAn error message is returned for the following reasons:\n\n- If you set the value to `FALSE` but you are responsible to pay for query compute costs.\n- If you set the value to `TRUE` but you are not responsible to pay for query compute costs.", "title": "IsResponsible", "type": "boolean" } }, "required": [ "IsResponsible" ], "type": "object" }, "AWS::CleanRooms::Membership.ProtectedQueryS3OutputConfiguration": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The S3 bucket to unload the protected query results.", "title": "Bucket", "type": "string" }, "KeyPrefix": { "markdownDescription": "The S3 prefix to unload the protected query results.", "title": "KeyPrefix", "type": "string" }, "ResultFormat": { "markdownDescription": "Intended file format of the result.", "title": "ResultFormat", "type": "string" } }, "required": [ "Bucket", "ResultFormat" ], "type": "object" }, "AWS::CleanRooms::PrivacyBudgetTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoRefresh": { "markdownDescription": "How often the privacy budget refreshes.\n\n> If you plan to regularly bring new data into the collaboration, use `CALENDAR_MONTH` to automatically get a new privacy budget for the collaboration every calendar month. Choosing this option allows arbitrary amounts of information to be revealed about rows of the data when repeatedly queried across refreshes. Avoid choosing this if the same rows will be repeatedly queried between privacy budget refreshes.", "title": "AutoRefresh", "type": "string" }, "MembershipIdentifier": { "markdownDescription": "The identifier for a membership resource.", "title": "MembershipIdentifier", "type": "string" }, "Parameters": { "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate.Parameters", "markdownDescription": "Specifies the epislon and noise parameters for the privacy budget template.", "title": "Parameters" }, "PrivacyBudgetType": { "markdownDescription": "Specifies the type of the privacy budget template.", "title": "PrivacyBudgetType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "AutoRefresh", "MembershipIdentifier", "Parameters", "PrivacyBudgetType" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRooms::PrivacyBudgetTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRooms::PrivacyBudgetTemplate.Parameters": { "additionalProperties": false, "properties": { "Epsilon": { "markdownDescription": "The epsilon value that you want to use.", "title": "Epsilon", "type": "number" }, "UsersNoisePerQuery": { "markdownDescription": "Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted.", "title": "UsersNoisePerQuery", "type": "number" } }, "required": [ "Epsilon", "UsersNoisePerQuery" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the training dataset.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the training dataset.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that Clean Rooms ML can assume to read the data referred to in the `dataSource` field of each dataset.\n\nPassing a role across accounts is not allowed. If you pass a role that isn't in your account, you get an `AccessDeniedException` error.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The optional metadata that you apply to the resource to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50.\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8.\n- Maximum value length - 256 Unicode characters in UTF-8.\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for keys as it is reserved. You cannot edit or delete tag keys with this prefix. Values can have this prefix. If a tag value has `aws` as its prefix but the key does not, then Clean Rooms ML considers it to be a user tag and will count against the limit of 50 tags. Tags with only the key prefix of `aws` do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, "TrainingData": { "items": { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.Dataset" }, "markdownDescription": "An array of information that lists the Dataset objects, which specifies the dataset type and details on its location and schema. You must provide a role that has read access to these tables.", "title": "TrainingData", "type": "array" } }, "required": [ "Name", "RoleArn", "TrainingData" ], "type": "object" }, "Type": { "enum": [ "AWS::CleanRoomsML::TrainingDataset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset.ColumnSchema": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of a column.", "title": "ColumnName", "type": "string" }, "ColumnTypes": { "items": { "type": "string" }, "markdownDescription": "The data type of column.", "title": "ColumnTypes", "type": "array" } }, "required": [ "ColumnName", "ColumnTypes" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset.DataSource": { "additionalProperties": false, "properties": { "GlueDataSource": { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.GlueDataSource", "markdownDescription": "A GlueDataSource object that defines the catalog ID, database name, and table name for the training data.", "title": "GlueDataSource" } }, "required": [ "GlueDataSource" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset.Dataset": { "additionalProperties": false, "properties": { "InputConfig": { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig", "markdownDescription": "A DatasetInputConfig object that defines the data source and schema mapping.", "title": "InputConfig" }, "Type": { "markdownDescription": "What type of information is found in the dataset.", "title": "Type", "type": "string" } }, "required": [ "InputConfig", "Type" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset.DatasetInputConfig": { "additionalProperties": false, "properties": { "DataSource": { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.DataSource", "markdownDescription": "A DataSource object that specifies the Glue data source for the training data.", "title": "DataSource" }, "Schema": { "items": { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset.ColumnSchema" }, "markdownDescription": "The schema information for the training data.", "title": "Schema", "type": "array" } }, "required": [ "DataSource", "Schema" ], "type": "object" }, "AWS::CleanRoomsML::TrainingDataset.GlueDataSource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The Glue catalog that contains the training data.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The Glue database that contains the training data.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The Glue table that contains the training data.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "TableName" ], "type": "object" }, "AWS::Cloud9::EnvironmentEC2": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutomaticStopTimeMinutes": { "markdownDescription": "The number of minutes until the running instance is shut down after the environment was last used.", "title": "AutomaticStopTimeMinutes", "type": "number" }, "ConnectionType": { "markdownDescription": "The connection type used for connecting to an Amazon EC2 environment. Valid values are `CONNECT_SSH` (default) and `CONNECT_SSM` (connected through AWS Systems Manager ).", "title": "ConnectionType", "type": "string" }, "Description": { "markdownDescription": "The description of the environment to create.", "title": "Description", "type": "string" }, "ImageId": { "markdownDescription": "The identifier for the Amazon Machine Image (AMI) that's used to create the EC2 instance. To choose an AMI for the instance, you must specify a valid AMI alias or a valid AWS Systems Manager path.\n\nFrom December 04, 2023, you will be required to include the `ImageId` parameter for the `CreateEnvironmentEC2` action. This change will be reflected across all direct methods of communicating with the API, such as AWS SDK, AWS CLI and AWS CloudFormation. This change will only affect direct API consumers, and not AWS Cloud9 console users.\n\nSince Ubuntu 18.04 has ended standard support as of May 31, 2023, we recommend you choose Ubuntu 22.04.\n\n*AMI aliases*\n\n- Amazon Linux 2: `amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `ubuntu-22.04-x86_64`\n\n*SSM paths*\n\n- Amazon Linux 2: `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2-x86_64`\n- Amazon Linux 2023 (recommended): `resolve:ssm:/aws/service/cloud9/amis/amazonlinux-2023-x86_64`\n- Ubuntu 18.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-18.04-x86_64`\n- Ubuntu 22.04: `resolve:ssm:/aws/service/cloud9/amis/ubuntu-22.04-x86_64`", "title": "ImageId", "type": "string" }, "InstanceType": { "markdownDescription": "The type of instance to connect to the environment (for example, `t2.micro` ).", "title": "InstanceType", "type": "string" }, "Name": { "markdownDescription": "The name of the environment.", "title": "Name", "type": "string" }, "OwnerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the environment owner. This ARN can be the ARN of any AWS Identity and Access Management principal. If this value is not specified, the ARN defaults to this environment's creator.", "title": "OwnerArn", "type": "string" }, "Repositories": { "items": { "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2.Repository" }, "markdownDescription": "Any AWS CodeCommit source code repositories to be cloned into the development environment.", "title": "Repositories", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet in Amazon Virtual Private Cloud (Amazon VPC) that AWS Cloud9 will use to communicate with the Amazon Elastic Compute Cloud (Amazon EC2) instance.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs that will be associated with the new AWS Cloud9 development environment.", "title": "Tags", "type": "array" } }, "required": [ "ImageId", "InstanceType" ], "type": "object" }, "Type": { "enum": [ "AWS::Cloud9::EnvironmentEC2" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cloud9::EnvironmentEC2.Repository": { "additionalProperties": false, "properties": { "PathComponent": { "markdownDescription": "The path within the development environment's default file system location to clone the AWS CodeCommit repository into. For example, `/REPOSITORY_NAME` would clone the repository into the `/home/USER_NAME/environment/REPOSITORY_NAME` directory in the environment.", "title": "PathComponent", "type": "string" }, "RepositoryUrl": { "markdownDescription": "The clone URL of the AWS CodeCommit repository to be cloned. For example, for an AWS CodeCommit repository this might be `https://git-codecommit.us-east-2.amazonaws.com/v1/repos/REPOSITORY_NAME` .", "title": "RepositoryUrl", "type": "string" } }, "required": [ "PathComponent", "RepositoryUrl" ], "type": "object" }, "AWS::CloudFormation::CustomResource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ServiceToken": { "markdownDescription": "The service token, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same Region as the stack.\n\nUpdates aren't supported.", "title": "ServiceToken", "type": "string" } }, "required": [ "ServiceToken" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::CustomResource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::HookDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "TypeName": { "markdownDescription": "The name of the hook.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "TypeName", "type": "string" }, "TypeVersionArn": { "markdownDescription": "The version ID of the type configuration.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "TypeVersionArn", "type": "string" }, "VersionId": { "markdownDescription": "The version ID of the type specified.\n\nYou must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "VersionId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::HookDefaultVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::HookTypeConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "markdownDescription": "Specifies the activated hook type configuration, in this AWS account and AWS Region .\n\nYou must specify either `TypeName` and `Configuration` or `TypeARN` and `Configuration` .", "title": "Configuration", "type": "string" }, "ConfigurationAlias": { "markdownDescription": "Specifies the activated hook type configuration, in this AWS account and AWS Region .\n\nDefaults to `default` alias. Hook types currently support default configuration alias.", "title": "ConfigurationAlias", "type": "string" }, "TypeArn": { "markdownDescription": "The Amazon Resource Number (ARN) for the hook to set `Configuration` for.\n\nYou must specify either `TypeName` and `Configuration` or `TypeARN` and `Configuration` .", "title": "TypeArn", "type": "string" }, "TypeName": { "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\nYou must specify either `TypeName` and `Configuration` or `TypeARN` and `Configuration` .", "title": "TypeName", "type": "string" } }, "required": [ "Configuration" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::HookTypeConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::HookVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the hook permission.", "title": "ExecutionRoleArn", "type": "string" }, "LoggingConfig": { "$ref": "#/definitions/AWS::CloudFormation::HookVersion.LoggingConfig", "markdownDescription": "Contains logging configuration information for an extension.", "title": "LoggingConfig" }, "SchemaHandlerPackage": { "markdownDescription": "A URL to the Amazon S3 bucket containing the hook project package that contains the necessary files for the hook you want to register.\n\nFor information on generating a schema handler package for the resource you want to register, see [submit](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-cli-submit.html) in the *CloudFormation CLI User Guide for Extension Development* .\n\n> The user registering the resource must be able to access the package in the S3 bucket. That's, the user must have [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) permissions for the schema handler package. For more information, see [Actions, Resources, and Condition Keys for Amazon S3](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazons3.html) in the *AWS Identity and Access Management User Guide* .", "title": "SchemaHandlerPackage", "type": "string" }, "TypeName": { "markdownDescription": "The unique name for your hook. Specifies a three-part namespace for your hook, with a recommended pattern of `Organization::Service::Hook` .\n\n> The following organization namespaces are reserved and can't be used in your hook type names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `ASK`\n> - `AWS`\n> - `Custom`\n> - `Dev`", "title": "TypeName", "type": "string" } }, "required": [ "SchemaHandlerPackage", "TypeName" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::HookVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::HookVersion.LoggingConfig": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", "title": "LogGroupName", "type": "string" }, "LogRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", "title": "LogRoleArn", "type": "string" } }, "type": "object" }, "AWS::CloudFormation::Macro": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the macro.", "title": "Description", "type": "string" }, "FunctionName": { "markdownDescription": "The Amazon Resource Name (ARN) of the underlying AWS Lambda function that you want AWS CloudFormation to invoke when the macro is run.", "title": "FunctionName", "type": "string" }, "LogGroupName": { "markdownDescription": "The CloudWatch Logs group to which AWS CloudFormation sends error logging information when invoking the macro's underlying AWS Lambda function.", "title": "LogGroupName", "type": "string" }, "LogRoleARN": { "markdownDescription": "The ARN of the role AWS CloudFormation should assume when sending log entries to CloudWatch Logs .", "title": "LogRoleARN", "type": "string" }, "Name": { "markdownDescription": "The name of the macro. The name of the macro must be unique across all macros in the account.", "title": "Name", "type": "string" } }, "required": [ "FunctionName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::Macro" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::ModuleDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the module version to set as the default version.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", "title": "Arn", "type": "string" }, "ModuleName": { "markdownDescription": "The name of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", "title": "ModuleName", "type": "string" }, "VersionId": { "markdownDescription": "The ID for the specific version of the module.\n\nConditional: You must specify either `Arn` , or `ModuleName` and `VersionId` .", "title": "VersionId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::ModuleDefaultVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::ModuleVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ModuleName": { "markdownDescription": "The name of the module being registered.", "title": "ModuleName", "type": "string" }, "ModulePackage": { "markdownDescription": "A URL to the S3 bucket containing the package that contains the template fragment and schema files for the module version to register.\n\n> The user registering the module version must be able to access the module package in the S3 bucket. That's, the user needs to have [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) permissions for the package. For more information, see [Actions, Resources, and Condition Keys for Amazon S3](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazons3.html) in the *AWS Identity and Access Management User Guide* .", "title": "ModulePackage", "type": "string" } }, "required": [ "ModuleName", "ModulePackage" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::ModuleVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::PublicTypeVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Number (ARN) of the extension.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", "title": "Arn", "type": "string" }, "LogDeliveryBucket": { "markdownDescription": "The S3 bucket to which CloudFormation delivers the contract test execution logs.\n\nCloudFormation delivers the logs by the time contract testing has completed and the extension has been assigned a test type status of `PASSED` or `FAILED` .\n\nThe user initiating the stack operation must be able to access items in the specified S3 bucket. Specifically, the user needs the following permissions:\n\n- GetObject\n- PutObject\n\nFor more information, see [Actions, Resources, and Condition Keys for Amazon S3](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html) in the *AWS Identity and Access Management User Guide* .", "title": "LogDeliveryBucket", "type": "string" }, "PublicVersionNumber": { "markdownDescription": "The version number to assign to this version of the extension.\n\nUse the following format, and adhere to semantic versioning when assigning a version number to your extension:\n\n`MAJOR.MINOR.PATCH`\n\nFor more information, see [Semantic Versioning 2.0.0](https://docs.aws.amazon.com/https://semver.org/) .\n\nIf you don't specify a version number, CloudFormation increments the version number by one minor version release.\n\nYou cannot specify a version number the first time you publish a type. AWS CloudFormation automatically sets the first version number to be `1.0.0` .", "title": "PublicVersionNumber", "type": "string" }, "Type": { "markdownDescription": "The type of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", "title": "Type", "type": "string" }, "TypeName": { "markdownDescription": "The name of the extension to test.\n\nConditional: You must specify `Arn` , or `TypeName` and `Type` .", "title": "TypeName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::PublicTypeVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::Publisher": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptTermsAndConditions": { "markdownDescription": "Whether you accept the [Terms and Conditions](https://docs.aws.amazon.com/https://cloudformation-registry-documents.s3.amazonaws.com/Terms_and_Conditions_for_AWS_CloudFormation_Registry_Publishers.pdf) for publishing extensions in the CloudFormation registry. You must accept the terms and conditions in order to register to publish public extensions to the CloudFormation registry.\n\nThe default is `false` .", "title": "AcceptTermsAndConditions", "type": "boolean" }, "ConnectionArn": { "markdownDescription": "If you are using a Bitbucket or GitHub account for identity verification, the Amazon Resource Name (ARN) for your connection to that account.\n\nFor more information, see [Registering your account to publish CloudFormation extensions](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs) in the *CloudFormation CLI User Guide* .", "title": "ConnectionArn", "type": "string" } }, "required": [ "AcceptTermsAndConditions" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::Publisher" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::ResourceDefaultVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "TypeName": { "markdownDescription": "The name of the resource.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "TypeName", "type": "string" }, "TypeVersionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource version.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "TypeVersionArn", "type": "string" }, "VersionId": { "markdownDescription": "The ID of a specific version of the resource. The version ID is the value at the end of the Amazon Resource Name (ARN) assigned to the resource version when it's registered.\n\nConditional: You must specify either `TypeVersionArn` , or `TypeName` and `VersionId` .", "title": "VersionId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::ResourceDefaultVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::ResourceVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for CloudFormation to assume when invoking the resource. If your resource calls AWS APIs in any of its handlers, you must create an *[IAM execution role](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html)* that includes the necessary permissions to call those AWS APIs, and provision that execution role in your account. When CloudFormation needs to invoke the resource type handler, CloudFormation assumes this execution role to create a temporary session token, which it then passes to the resource type handler, thereby supplying your resource type with the appropriate credentials.", "title": "ExecutionRoleArn", "type": "string" }, "LoggingConfig": { "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion.LoggingConfig", "markdownDescription": "Logging configuration information for a resource.", "title": "LoggingConfig" }, "SchemaHandlerPackage": { "markdownDescription": "A URL to the S3 bucket containing the resource project package that contains the necessary files for the resource you want to register.\n\nFor information on generating a schema handler package for the resource you want to register, see [submit](https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-cli-submit.html) in the *CloudFormation CLI User Guide* .\n\n> The user registering the resource must be able to access the package in the S3 bucket. That is, the user needs to have [GetObject](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) permissions for the schema handler package. For more information, see [Actions, Resources, and Condition Keys for Amazon S3](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazons3.html) in the *AWS Identity and Access Management User Guide* .", "title": "SchemaHandlerPackage", "type": "string" }, "TypeName": { "markdownDescription": "The name of the resource being registered.\n\nWe recommend that resource names adhere to the following pattern: *company_or_organization* :: *service* :: *type* .\n\n> The following organization namespaces are reserved and can't be used in your resource names:\n> \n> - `Alexa`\n> - `AMZN`\n> - `Amazon`\n> - `AWS`\n> - `Custom`\n> - `Dev`", "title": "TypeName", "type": "string" } }, "required": [ "SchemaHandlerPackage", "TypeName" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::ResourceVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::ResourceVersion.LoggingConfig": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "The Amazon CloudWatch logs group to which CloudFormation sends error logging information when invoking the type's handlers.", "title": "LogGroupName", "type": "string" }, "LogRoleArn": { "markdownDescription": "The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs.", "title": "LogRoleArn", "type": "string" } }, "type": "object" }, "AWS::CloudFormation::Stack": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "NotificationARNs": { "items": { "type": "string" }, "markdownDescription": "The Amazon Simple Notification Service (Amazon SNS) topic ARNs to publish stack related events. You can find your Amazon SNS topic ARNs using the Amazon SNS console or your Command Line Interface (CLI).", "title": "NotificationARNs", "type": "array" }, "Parameters": { "additionalProperties": true, "markdownDescription": "The set value pairs that represent the parameters passed to CloudFormation when this nested stack is created. Each parameter has a name corresponding to a parameter defined in the embedded template and a value representing the value that you want to set for the parameter.\n\n> If you use the `Ref` function to pass a parameter value to a nested stack, comma-delimited list parameters must be of type `String` . In other words, you can't pass values that are of type `CommaDelimitedList` to nested stacks. \n\nConditional. Required if the nested stack requires input parameters.\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to the resources created in the stack. A maximum number of 50 tags can be specified.", "title": "Tags", "type": "array" }, "TemplateURL": { "markdownDescription": "Location of file containing the template body. The URL must point to a template (max size: 460,800 bytes) that's located in an Amazon S3 bucket. For more information, see [Template anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) .\n\nWhether an update causes interruptions depends on the resources that are being updated. An update never causes a nested stack to be replaced.", "title": "TemplateURL", "type": "string" }, "TimeoutInMinutes": { "markdownDescription": "The length of time, in minutes, that CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state. The default is no timeout. When CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE` , CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack.\n\nUpdates aren't supported.", "title": "TimeoutInMinutes", "type": "number" } }, "required": [ "TemplateURL" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::Stack" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::StackSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdministrationRoleARN": { "markdownDescription": "The Amazon Resource Number (ARN) of the IAM role to use to create this stack set. Specify an IAM role only if you are using customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account.\n\nUse customized administrator roles to control which users or groups can manage specific stack sets within the same administrator account. For more information, see [Prerequisites: Granting Permissions for Stack Set Operations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs.html) in the *AWS CloudFormation User Guide* .\n\n*Minimum* : `20`\n\n*Maximum* : `2048`", "title": "AdministrationRoleARN", "type": "string" }, "AutoDeployment": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.AutoDeployment", "markdownDescription": "[ `Service-managed` permissions] Describes whether StackSets automatically deploys to AWS Organizations accounts that are added to a target organization or organizational unit (OU).", "title": "AutoDeployment" }, "CallAs": { "markdownDescription": "[Service-managed permissions] Specifies whether you are acting as an account administrator in the organization's management account or as a delegated administrator in a member account.\n\nBy default, `SELF` is specified. Use `SELF` for stack sets with self-managed permissions.\n\n- To create a stack set with service-managed permissions while signed in to the management account, specify `SELF` .\n- To create a stack set with service-managed permissions while signed in to a delegated administrator account, specify `DELEGATED_ADMIN` .\n\nYour AWS account must be registered as a delegated admin in the management account. For more information, see [Register a delegated administrator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-orgs-delegated-admin.html) in the *AWS CloudFormation User Guide* .\n\nStack sets with service-managed permissions are created in the management account, including stack sets that are created by delegated administrators.\n\n*Valid Values* : `SELF` | `DELEGATED_ADMIN`", "title": "CallAs", "type": "string" }, "Capabilities": { "items": { "type": "string" }, "markdownDescription": "The capabilities that are allowed in the stack set. Some stack set templates might include resources that can affect permissions in your AWS account \u2014for example, by creating new AWS Identity and Access Management ( IAM ) users. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#capabilities) .", "title": "Capabilities", "type": "array" }, "Description": { "markdownDescription": "A description of the stack set.\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", "title": "Description", "type": "string" }, "ExecutionRoleName": { "markdownDescription": "The name of the IAM execution role to use to create the stack set. If you don't specify an execution role, AWS CloudFormation uses the `AWSCloudFormationStackSetExecutionRole` role for the stack set operation.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `[a-zA-Z_0-9+=,.@-]+`", "title": "ExecutionRoleName", "type": "string" }, "ManagedExecution": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.ManagedExecution", "markdownDescription": "Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations.\n\nWhen active, StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen inactive (default), StackSets performs one operation at a time in request order.", "title": "ManagedExecution" }, "OperationPreferences": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.OperationPreferences", "markdownDescription": "The user-specified preferences for how AWS CloudFormation performs a stack set operation.", "title": "OperationPreferences" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, "markdownDescription": "The input parameters for the stack set template.", "title": "Parameters", "type": "array" }, "PermissionModel": { "markdownDescription": "Describes how the IAM roles required for stack set operations are created.\n\n- With `SELF_MANAGED` permissions, you must create the administrator and execution roles required to deploy to target accounts. For more information, see [Grant Self-Managed Stack Set Permissions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-prereqs-self-managed.html) .\n- With `SERVICE_MANAGED` permissions, StackSets automatically creates the IAM roles required to deploy to accounts managed by AWS Organizations .", "title": "PermissionModel", "type": "string" }, "StackInstancesGroup": { "items": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.StackInstances" }, "markdownDescription": "A group of stack instances with parameters in some specific accounts and Regions.", "title": "StackInstancesGroup", "type": "array" }, "StackSetName": { "markdownDescription": "The name to associate with the stack set. The name must be unique in the Region where you create your stack set.\n\n> The `StackSetName` property is required.", "title": "StackSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs to associate with this stack. AWS CloudFormation also propagates these tags to supported resources in the stack. You can specify a maximum number of 50 tags.\n\nIf you don't specify this parameter, AWS CloudFormation doesn't modify the stack's tags. If you specify an empty value, AWS CloudFormation removes all associated tags.", "title": "Tags", "type": "array" }, "TemplateBody": { "markdownDescription": "The structure that contains the template body, with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\nYou must include either `TemplateURL` or `TemplateBody` in a StackSet, but you can't use both. Dynamic references in the `TemplateBody` may not work correctly in all cases. It's recommended to pass templates containing dynamic references through `TemplateUrl` instead.", "title": "TemplateBody", "type": "string" }, "TemplateURL": { "markdownDescription": "Location of file containing the template body. The URL must point to a template that's located in an Amazon S3 bucket or a Systems Manager document. For more information, go to [Template Anatomy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-anatomy.html) in the AWS CloudFormation User Guide.\n\nConditional: You must specify only one of the following parameters: `TemplateBody` , `TemplateURL` .", "title": "TemplateURL", "type": "string" } }, "required": [ "PermissionModel", "StackSetName" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::StackSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFormation::StackSet.AutoDeployment": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "If set to `true` , StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions.", "title": "Enabled", "type": "boolean" }, "RetainStacksOnAccountRemoval": { "markdownDescription": "If set to `true` , stack resources are retained when an account is removed from a target organization or OU. If set to `false` , stack resources are deleted. Specify only if `Enabled` is set to `True` .", "title": "RetainStacksOnAccountRemoval", "type": "boolean" } }, "type": "object" }, "AWS::CloudFormation::StackSet.DeploymentTargets": { "additionalProperties": false, "properties": { "AccountFilterType": { "markdownDescription": "Limit deployment targets to individual accounts or include additional accounts with provided OUs.\n\nThe following is a list of possible values for the `AccountFilterType` operation.\n\n- `INTERSECTION` : StackSets deploys to the accounts specified in `Accounts` parameter.\n- `DIFFERENCE` : StackSets excludes the accounts specified in `Accounts` parameter. This enables user to avoid certain accounts within an OU such as suspended accounts.\n- `UNION` : StackSets includes additional accounts deployment targets.\n\nThis is the default value if `AccountFilterType` is not provided. This enables user to update an entire OU and individual accounts from a different OU in one request, which used to be two separate requests.\n- `NONE` : Deploys to all the accounts in specified organizational units (OU).", "title": "AccountFilterType", "type": "string" }, "Accounts": { "items": { "type": "string" }, "markdownDescription": "The names of one or more AWS accounts for which you want to deploy stack set updates.\n\n*Pattern* : `^[0-9]{12}$`", "title": "Accounts", "type": "array" }, "AccountsUrl": { "markdownDescription": "Returns the value of the `AccountsUrl` property.", "title": "AccountsUrl", "type": "string" }, "OrganizationalUnitIds": { "items": { "type": "string" }, "markdownDescription": "The organization root ID or organizational unit (OU) IDs to which StackSets deploys.\n\n*Pattern* : `^(ou-[a-z0-9]{4,32}-[a-z0-9]{8,32}|r-[a-z0-9]{4,32})$`", "title": "OrganizationalUnitIds", "type": "array" } }, "type": "object" }, "AWS::CloudFormation::StackSet.ManagedExecution": { "additionalProperties": false, "properties": { "Active": { "markdownDescription": "When `true` , StackSets performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, StackSets starts queued operations in request order.\n\n> If there are already running or queued operations, StackSets queues all incoming operations even if they are non-conflicting.\n> \n> You can't modify your stack set's execution configuration while there are running or queued operations for that stack set. \n\nWhen `false` (default), StackSets performs one operation at a time in request order.", "title": "Active", "type": "boolean" } }, "type": "object" }, "AWS::CloudFormation::StackSet.OperationPreferences": { "additionalProperties": false, "properties": { "FailureToleranceCount": { "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both).", "title": "FailureToleranceCount", "type": "number" }, "FailureTolerancePercentage": { "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS CloudFormation stops the operation in that Region. If the operation is stopped in a Region, AWS CloudFormation doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds *down* to the next whole number.\n\nConditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both.", "title": "FailureTolerancePercentage", "type": "number" }, "MaxConcurrentCount": { "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` .\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", "title": "MaxConcurrentCount", "type": "number" }, "MaxConcurrentPercentage": { "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead.\n\nNote that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nConditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both.", "title": "MaxConcurrentPercentage", "type": "number" }, "RegionConcurrencyType": { "markdownDescription": "The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time.", "title": "RegionConcurrencyType", "type": "string" }, "RegionOrder": { "items": { "type": "string" }, "markdownDescription": "The order of the Regions where you want to perform the stack operation.\n\n> `RegionOrder` isn't followed if `AutoDeployment` is enabled.", "title": "RegionOrder", "type": "array" } }, "type": "object" }, "AWS::CloudFormation::StackSet.Parameter": { "additionalProperties": false, "properties": { "ParameterKey": { "markdownDescription": "The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that's specified in your template.", "title": "ParameterKey", "type": "string" }, "ParameterValue": { "markdownDescription": "The input value associated with the parameter.", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterKey", "ParameterValue" ], "type": "object" }, "AWS::CloudFormation::StackSet.StackInstances": { "additionalProperties": false, "properties": { "DeploymentTargets": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.DeploymentTargets", "markdownDescription": "The AWS `OrganizationalUnitIds` or `Accounts` for which to create stack instances in the specified Regions.", "title": "DeploymentTargets" }, "ParameterOverrides": { "items": { "$ref": "#/definitions/AWS::CloudFormation::StackSet.Parameter" }, "markdownDescription": "A list of stack set parameters whose values you want to override in the selected stack instances.", "title": "ParameterOverrides", "type": "array" }, "Regions": { "items": { "type": "string" }, "markdownDescription": "The names of one or more Regions where you want to create stack instances using the specified AWS accounts .", "title": "Regions", "type": "array" } }, "required": [ "DeploymentTargets", "Regions" ], "type": "object" }, "AWS::CloudFormation::TypeActivation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoUpdate": { "markdownDescription": "Whether to automatically update the extension in this account and Region when a new *minor* version is published by the extension publisher. Major versions released by the publisher must be manually updated.\n\nThe default is `true` .", "title": "AutoUpdate", "type": "boolean" }, "ExecutionRoleArn": { "markdownDescription": "The name of the IAM execution role to use to activate the extension.", "title": "ExecutionRoleArn", "type": "string" }, "LoggingConfig": { "$ref": "#/definitions/AWS::CloudFormation::TypeActivation.LoggingConfig", "markdownDescription": "Specifies logging configuration information for an extension.", "title": "LoggingConfig" }, "MajorVersion": { "markdownDescription": "The major version of this extension you want to activate, if multiple major versions are available. The default is the latest major version. CloudFormation uses the latest available *minor* version of the major version selected.\n\nYou can specify `MajorVersion` or `VersionBump` , but not both.", "title": "MajorVersion", "type": "string" }, "PublicTypeArn": { "markdownDescription": "The Amazon Resource Number (ARN) of the public extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", "title": "PublicTypeArn", "type": "string" }, "PublisherId": { "markdownDescription": "The ID of the extension publisher.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", "title": "PublisherId", "type": "string" }, "Type": { "markdownDescription": "The extension type.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", "title": "Type", "type": "string" }, "TypeName": { "markdownDescription": "The name of the extension.\n\nConditional: You must specify `PublicTypeArn` , or `TypeName` , `Type` , and `PublisherId` .", "title": "TypeName", "type": "string" }, "TypeNameAlias": { "markdownDescription": "An alias to assign to the public extension, in this account and Region. If you specify an alias for the extension, CloudFormation treats the alias as the extension type name within this account and Region. You must use the alias to refer to the extension in your templates, API calls, and CloudFormation console.\n\nAn extension alias must be unique within a given account and Region. You can activate the same public resource multiple times in the same account and Region, using different type name aliases.", "title": "TypeNameAlias", "type": "string" }, "VersionBump": { "markdownDescription": "Manually updates a previously-activated type to a new major or minor version, if available. You can also use this parameter to update the value of `AutoUpdate` .\n\n- `MAJOR` : CloudFormation updates the extension to the newest major version, if one is available.\n- `MINOR` : CloudFormation updates the extension to the newest minor version, if one is available.", "title": "VersionBump", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::TypeActivation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::TypeActivation.LoggingConfig": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "The Amazon CloudWatch Logs group to which CloudFormation sends error logging information when invoking the extension's handlers.", "title": "LogGroupName", "type": "string" }, "LogRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that CloudFormation should assume when sending log entries to CloudWatch Logs.", "title": "LogRoleArn", "type": "string" } }, "type": "object" }, "AWS::CloudFormation::WaitCondition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "CreationPolicy": { "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The number of success signals that CloudFormation must receive before it continues the stack creation process. When the wait condition receives the requisite number of success signals, CloudFormation resumes the creation of the stack. If the wait condition doesn't receive the specified number of success signals before the Timeout period expires, CloudFormation assumes that the wait condition has failed and rolls the stack back.\n\nUpdates aren't supported.", "title": "Count", "type": "number" }, "Handle": { "markdownDescription": "A reference to the wait condition handle used to signal this wait condition. Use the `Ref` intrinsic function to specify an [`AWS::CloudFormation::WaitConditionHandle`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-waitconditionhandle.html) resource.\n\nAnytime you add a `WaitCondition` resource during a stack update, you must associate the wait condition with a new WaitConditionHandle resource. Don't reuse an old wait condition handle that has already been defined in the template. If you reuse a wait condition handle, the wait condition might evaluate old signals from a previous create or update stack command.\n\nUpdates aren't supported.", "title": "Handle", "type": "string" }, "Timeout": { "markdownDescription": "The length of time (in seconds) to wait for the number of signals that the `Count` property specifies. `Timeout` is a minimum-bound property, meaning the timeout occurs no sooner than the time you specify, but can occur shortly thereafter. The maximum time that can be specified for this property is 12 hours (43200 seconds).\n\nUpdates aren't supported.", "title": "Timeout", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::WaitCondition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFormation::WaitConditionHandle": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": {}, "type": "object" }, "Type": { "enum": [ "AWS::CloudFormation::WaitConditionHandle" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFront::CachePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CachePolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CachePolicyConfig", "markdownDescription": "The cache policy configuration.", "title": "CachePolicyConfig" } }, "required": [ "CachePolicyConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::CachePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::CachePolicy.CachePolicyConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the cache policy. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "DefaultTTL": { "markdownDescription": "The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 86400 seconds (one day). If the value of `MinTTL` is more than 86400 seconds, then the default value for this field is the same as the value of `MinTTL` .", "title": "DefaultTTL", "type": "number" }, "MaxTTL": { "markdownDescription": "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends `Cache-Control` or `Expires` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default value for this field is 31536000 seconds (one year). If the value of `MinTTL` or `DefaultTTL` is more than 31536000 seconds, then the default value for this field is the same as the value of `DefaultTTL` .", "title": "MaxTTL", "type": "number" }, "MinTTL": { "markdownDescription": "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "MinTTL", "type": "number" }, "Name": { "markdownDescription": "A unique name to identify the cache policy.", "title": "Name", "type": "string" }, "ParametersInCacheKeyAndForwardedToOrigin": { "$ref": "#/definitions/AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin", "markdownDescription": "The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.", "title": "ParametersInCacheKeyAndForwardedToOrigin" } }, "required": [ "DefaultTTL", "MaxTTL", "MinTTL", "Name", "ParametersInCacheKeyAndForwardedToOrigin" ], "type": "object" }, "AWS::CloudFront::CachePolicy.CookiesConfig": { "additionalProperties": false, "properties": { "CookieBehavior": { "markdownDescription": "Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** for those that are listed in the `CookieNames` type, which are not included.\n- `all` \u2013 All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", "title": "CookieBehavior", "type": "string" }, "Cookies": { "items": { "type": "string" }, "markdownDescription": "Contains a list of cookie names.", "title": "Cookies", "type": "array" } }, "required": [ "CookieBehavior" ], "type": "object" }, "AWS::CloudFront::CachePolicy.HeadersConfig": { "additionalProperties": false, "properties": { "HeaderBehavior": { "markdownDescription": "Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in the cache key and in requests that CloudFront sends to the origin.", "title": "HeaderBehavior", "type": "string" }, "Headers": { "items": { "type": "string" }, "markdownDescription": "Contains a list of HTTP header names.", "title": "Headers", "type": "array" } }, "required": [ "HeaderBehavior" ], "type": "object" }, "AWS::CloudFront::CachePolicy.ParametersInCacheKeyAndForwardedToOrigin": { "additionalProperties": false, "properties": { "CookiesConfig": { "$ref": "#/definitions/AWS::CloudFront::CachePolicy.CookiesConfig", "markdownDescription": "An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.", "title": "CookiesConfig" }, "EnableAcceptEncodingBrotli": { "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingGzip` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", "title": "EnableAcceptEncodingBrotli", "type": "boolean" }, "EnableAcceptEncodingGzip": { "markdownDescription": "A flag that can affect whether the `Accept-Encoding` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.\n\nThis field is related to the `EnableAcceptEncodingBrotli` field. If one or both of these fields is `true` *and* the viewer request includes the `Accept-Encoding` header, then CloudFront does the following:\n\n- Normalizes the value of the viewer's `Accept-Encoding` header\n- Includes the normalized header in the cache key\n- Includes the normalized header in the request to the origin, if a request is necessary\n\nFor more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide* .\n\nIf you set this value to `true` , and this cache behavior also has an origin request policy attached, do not include the `Accept-Encoding` header in the origin request policy. CloudFront always includes the `Accept-Encoding` header in origin requests when the value of this field is `true` , so including this header in an origin request policy has no effect.\n\nIf both of these fields are `false` , then CloudFront treats the `Accept-Encoding` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add `Accept-Encoding` to the headers whitelist like any other HTTP header.", "title": "EnableAcceptEncodingGzip", "type": "boolean" }, "HeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::CachePolicy.HeadersConfig", "markdownDescription": "An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.", "title": "HeadersConfig" }, "QueryStringsConfig": { "$ref": "#/definitions/AWS::CloudFront::CachePolicy.QueryStringsConfig", "markdownDescription": "An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.", "title": "QueryStringsConfig" } }, "required": [ "CookiesConfig", "EnableAcceptEncodingGzip", "HeadersConfig", "QueryStringsConfig" ], "type": "object" }, "AWS::CloudFront::CachePolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { "QueryStringBehavior": { "markdownDescription": "Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in an `OriginRequestPolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in the cache key and in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, **except** those that are listed in the `QueryStringNames` type, which are not included.\n- `all` \u2013 All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.", "title": "QueryStringBehavior", "type": "string" }, "QueryStrings": { "items": { "type": "string" }, "markdownDescription": "Contains a list of query string names.", "title": "QueryStrings", "type": "array" } }, "required": [ "QueryStringBehavior" ], "type": "object" }, "AWS::CloudFront::CloudFrontOriginAccessIdentity": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CloudFrontOriginAccessIdentityConfig": { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig", "markdownDescription": "The current configuration information for the identity.", "title": "CloudFrontOriginAccessIdentityConfig" } }, "required": [ "CloudFrontOriginAccessIdentityConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::CloudFrontOriginAccessIdentity" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the origin access identity. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" } }, "required": [ "Comment" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContinuousDeploymentPolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig", "markdownDescription": "Contains the configuration for a continuous deployment policy.", "title": "ContinuousDeploymentPolicyConfig" } }, "required": [ "ContinuousDeploymentPolicyConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::ContinuousDeploymentPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfig": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is `true` , this policy is enabled and in effect. When this value is `false` , this policy is not enabled and has no effect.", "title": "Enabled", "type": "boolean" }, "SingleHeaderPolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig", "markdownDescription": "This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.", "title": "SingleHeaderPolicyConfig" }, "SingleWeightPolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig", "markdownDescription": "This configuration determines the percentage of HTTP requests that are sent to the staging distribution.", "title": "SingleWeightPolicyConfig" }, "StagingDistributionDnsNames": { "items": { "type": "string" }, "markdownDescription": "The CloudFront domain name of the staging distribution. For example: `d111111abcdef8.cloudfront.net` .", "title": "StagingDistributionDnsNames", "type": "array" }, "TrafficConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig", "markdownDescription": "Contains the parameters for routing production traffic from your primary to staging distributions.", "title": "TrafficConfig" }, "Type": { "markdownDescription": "The type of traffic configuration.", "title": "Type", "type": "string" } }, "required": [ "Enabled", "StagingDistributionDnsNames" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig": { "additionalProperties": false, "properties": { "IdleTTL": { "markdownDescription": "The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", "title": "IdleTTL", "type": "number" }, "MaximumTTL": { "markdownDescription": "The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300\u20133600 seconds (5\u201360 minutes).", "title": "MaximumTTL", "type": "number" } }, "required": [ "IdleTTL", "MaximumTTL" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix `aws-cf-cd-` .", "title": "Header", "type": "string" }, "Value": { "markdownDescription": "The request header value.", "title": "Value", "type": "string" } }, "required": [ "Header", "Value" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderPolicyConfig": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "string" }, "Value": { "markdownDescription": "", "title": "Value", "type": "string" } }, "required": [ "Header", "Value" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig": { "additionalProperties": false, "properties": { "SessionStickinessConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", "markdownDescription": "Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.", "title": "SessionStickinessConfig" }, "Weight": { "markdownDescription": "The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution.", "title": "Weight", "type": "number" } }, "required": [ "Weight" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightPolicyConfig": { "additionalProperties": false, "properties": { "SessionStickinessConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SessionStickinessConfig", "markdownDescription": "", "title": "SessionStickinessConfig" }, "Weight": { "markdownDescription": "", "title": "Weight", "type": "number" } }, "required": [ "Weight" ], "type": "object" }, "AWS::CloudFront::ContinuousDeploymentPolicy.TrafficConfig": { "additionalProperties": false, "properties": { "SingleHeaderConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleHeaderConfig", "markdownDescription": "Determines which HTTP requests are sent to the staging distribution.", "title": "SingleHeaderConfig" }, "SingleWeightConfig": { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy.SingleWeightConfig", "markdownDescription": "Contains the percentage of traffic to send to the staging distribution.", "title": "SingleWeightConfig" }, "Type": { "markdownDescription": "The type of traffic configuration.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudFront::Distribution": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DistributionConfig": { "$ref": "#/definitions/AWS::CloudFront::Distribution.DistributionConfig", "markdownDescription": "The distribution's configuration.", "title": "DistributionConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" } }, "required": [ "DistributionConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::Distribution" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { "AllowedMethods": { "items": { "type": "string" }, "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", "title": "AllowedMethods", "type": "array" }, "CachePolicyId": { "markdownDescription": "The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", "title": "CachePolicyId", "type": "string" }, "CachedMethods": { "items": { "type": "string" }, "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", "title": "CachedMethods", "type": "array" }, "Compress": { "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", "title": "Compress", "type": "boolean" }, "DefaultTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "DefaultTTL", "type": "number" }, "FieldLevelEncryptionId": { "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.", "title": "FieldLevelEncryptionId", "type": "string" }, "ForwardedValues": { "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", "title": "ForwardedValues" }, "FunctionAssociations": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the `LIVE` stage to associate them with a cache behavior.", "title": "FunctionAssociations", "type": "array" }, "LambdaFunctionAssociations": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" }, "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", "title": "LambdaFunctionAssociations", "type": "array" }, "MaxTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "MaxTTL", "type": "number" }, "MinTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", "title": "MinTTL", "type": "number" }, "OriginRequestPolicyId": { "markdownDescription": "The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginRequestPolicyId", "type": "string" }, "PathPattern": { "markdownDescription": "The pattern (for example, `images/*.jpg` ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.\n\n> You can optionally include a slash ( `/` ) at the beginning of the path pattern. For example, `/images/*.jpg` . CloudFront behavior is the same with or without the leading `/` . \n\nThe path pattern for the default cache behavior is `*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.\n\nFor more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide* .", "title": "PathPattern", "type": "string" }, "RealtimeLogConfigArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", "title": "RealtimeLogConfigArn", "type": "string" }, "ResponseHeadersPolicyId": { "markdownDescription": "The identifier for a response headers policy.", "title": "ResponseHeadersPolicyId", "type": "string" }, "SmoothStreaming": { "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", "title": "SmoothStreaming", "type": "boolean" }, "TargetOriginId": { "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.", "title": "TargetOriginId", "type": "string" }, "TrustedKeyGroups": { "items": { "type": "string" }, "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "TrustedKeyGroups", "type": "array" }, "TrustedSigners": { "items": { "type": "string" }, "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "TrustedSigners", "type": "array" }, "ViewerProtocolPolicy": { "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ "PathPattern", "TargetOriginId", "ViewerProtocolPolicy" ], "type": "object" }, "AWS::CloudFront::Distribution.Cookies": { "additionalProperties": false, "properties": { "Forward": { "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nSpecifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type.\n\nAmazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the `Forward` element.", "title": "Forward", "type": "string" }, "WhitelistedNames": { "items": { "type": "string" }, "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nRequired if you specify `whitelist` for the value of `Forward` . A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.\n\nIf you specify `all` or `none` for the value of `Forward` , omit `WhitelistedNames` . If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically.\n\nFor the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *AWS General Reference* .", "title": "WhitelistedNames", "type": "array" } }, "required": [ "Forward" ], "type": "object" }, "AWS::CloudFront::Distribution.CustomErrorResponse": { "additionalProperties": false, "properties": { "ErrorCachingMinTTL": { "markdownDescription": "The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in `ErrorCode` . When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.\n\nFor more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", "title": "ErrorCachingMinTTL", "type": "number" }, "ErrorCode": { "markdownDescription": "The HTTP status code for which you want to specify a custom error page and/or a caching duration.", "title": "ErrorCode", "type": "number" }, "ResponseCode": { "markdownDescription": "The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:\n\n- Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute `200` , the response typically won't be intercepted.\n- If you don't care about distinguishing among different client errors or server errors, you can specify `400` or `500` as the `ResponseCode` for all 4xx or 5xx errors.\n- You might want to return a `200` status code (OK) and static website so your customers don't know that your website is down.\n\nIf you specify a value for `ResponseCode` , you must also specify a value for `ResponsePagePath` .", "title": "ResponseCode", "type": "number" }, "ResponsePagePath": { "markdownDescription": "The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by `ErrorCode` , for example, `/4xx-errors/403-forbidden.html` . If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:\n\n- The value of `PathPattern` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named `/4xx-errors` . Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, `/4xx-errors/*` .\n- The value of `TargetOriginId` specifies the value of the `ID` element for the origin that contains your custom error pages.\n\nIf you specify a value for `ResponsePagePath` , you must also specify a value for `ResponseCode` .\n\nWe recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.", "title": "ResponsePagePath", "type": "string" } }, "required": [ "ErrorCode" ], "type": "object" }, "AWS::CloudFront::Distribution.CustomOriginConfig": { "additionalProperties": false, "properties": { "HTTPPort": { "markdownDescription": "The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on.", "title": "HTTPPort", "type": "number" }, "HTTPSPort": { "markdownDescription": "The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on.", "title": "HTTPSPort", "type": "number" }, "OriginKeepaliveTimeout": { "markdownDescription": "Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 5 seconds.\n\nFor more information, see [Origin Keep-alive Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide* .", "title": "OriginKeepaliveTimeout", "type": "number" }, "OriginProtocolPolicy": { "markdownDescription": "Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are:\n\n- `http-only` \u2013 CloudFront always uses HTTP to connect to the origin.\n- `match-viewer` \u2013 CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront.\n- `https-only` \u2013 CloudFront always uses HTTPS to connect to the origin.", "title": "OriginProtocolPolicy", "type": "string" }, "OriginReadTimeout": { "markdownDescription": "Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout* . The minimum timeout is 1 second, the maximum is 60 seconds, and the default (if you don't specify otherwise) is 30 seconds.\n\nFor more information, see [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide* .", "title": "OriginReadTimeout", "type": "number" }, "OriginSSLProtocols": { "items": { "type": "string" }, "markdownDescription": "Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include `SSLv3` , `TLSv1` , `TLSv1.1` , and `TLSv1.2` .\n\nFor more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide* .", "title": "OriginSSLProtocols", "type": "array" } }, "required": [ "OriginProtocolPolicy" ], "type": "object" }, "AWS::CloudFront::Distribution.DefaultCacheBehavior": { "additionalProperties": false, "properties": { "AllowedMethods": { "items": { "type": "string" }, "markdownDescription": "A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:\n\n- CloudFront forwards only `GET` and `HEAD` requests.\n- CloudFront forwards only `GET` , `HEAD` , and `OPTIONS` requests.\n- CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST` , and `DELETE` requests.\n\nIf you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.", "title": "AllowedMethods", "type": "array" }, "CachePolicyId": { "markdownDescription": "The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .", "title": "CachePolicyId", "type": "string" }, "CachedMethods": { "items": { "type": "string" }, "markdownDescription": "A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:\n\n- CloudFront caches responses to `GET` and `HEAD` requests.\n- CloudFront caches responses to `GET` , `HEAD` , and `OPTIONS` requests.\n\nIf you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.", "title": "CachedMethods", "type": "array" }, "Compress": { "markdownDescription": "Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify `true` ; if not, specify `false` . For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide* .", "title": "Compress", "type": "boolean" }, "DefaultTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "DefaultTTL", "type": "number" }, "FieldLevelEncryptionId": { "markdownDescription": "The value of `ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior.", "title": "FieldLevelEncryptionId", "type": "string" }, "ForwardedValues": { "$ref": "#/definitions/AWS::CloudFront::Distribution.ForwardedValues", "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nA `DefaultCacheBehavior` must include either a `CachePolicyId` or `ForwardedValues` . We recommend that you use a `CachePolicyId` .\n\nA complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.", "title": "ForwardedValues" }, "FunctionAssociations": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.FunctionAssociation" }, "markdownDescription": "A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the `LIVE` stage to associate them with a cache behavior.", "title": "FunctionAssociations", "type": "array" }, "LambdaFunctionAssociations": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.LambdaFunctionAssociation" }, "markdownDescription": "A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.", "title": "LambdaFunctionAssociations", "type": "array" }, "MaxTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "MaxTTL", "type": "number" }, "MinTTL": { "markdownDescription": "This field is deprecated. We recommend that you use the `MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide* .\n\nThe minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .\n\nYou must specify `0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers` , if you specify `1` for `Quantity` and `*` for `Name` ).", "title": "MinTTL", "type": "number" }, "OriginRequestPolicyId": { "markdownDescription": "The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginRequestPolicyId", "type": "string" }, "RealtimeLogConfigArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide* .", "title": "RealtimeLogConfigArn", "type": "string" }, "ResponseHeadersPolicyId": { "markdownDescription": "The identifier for a response headers policy.", "title": "ResponseHeadersPolicyId", "type": "string" }, "SmoothStreaming": { "markdownDescription": "Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify `true` ; if not, specify `false` . If you specify `true` for `SmoothStreaming` , you can still distribute other content using this cache behavior if the content matches the value of `PathPattern` .", "title": "SmoothStreaming", "type": "boolean" }, "TargetOriginId": { "markdownDescription": "The value of `ID` for the origin that you want CloudFront to route requests to when they use the default cache behavior.", "title": "TargetOriginId", "type": "string" }, "TrustedKeyGroups": { "items": { "type": "string" }, "markdownDescription": "A list of key groups that CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "TrustedKeyGroups", "type": "array" }, "TrustedSigners": { "items": { "type": "string" }, "markdownDescription": "> We recommend using `TrustedKeyGroups` instead of `TrustedSigners` . \n\nA list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.\n\nWhen a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "TrustedSigners", "type": "array" }, "ViewerProtocolPolicy": { "markdownDescription": "The protocol that viewers can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern` . You can specify the following options:\n\n- `allow-all` : Viewers can use HTTP or HTTPS.\n- `redirect-to-https` : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.\n- `https-only` : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).\n\nFor more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide* .\n\n> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide* .", "title": "ViewerProtocolPolicy", "type": "string" } }, "required": [ "TargetOriginId", "ViewerProtocolPolicy" ], "type": "object" }, "AWS::CloudFront::Distribution.DistributionConfig": { "additionalProperties": false, "properties": { "Aliases": { "items": { "type": "string" }, "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.", "title": "Aliases", "type": "array" }, "CNAMEs": { "items": { "type": "string" }, "markdownDescription": "", "title": "CNAMEs", "type": "array" }, "CacheBehaviors": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.CacheBehavior" }, "markdownDescription": "A complex type that contains zero or more `CacheBehavior` elements.", "title": "CacheBehaviors", "type": "array" }, "Comment": { "markdownDescription": "A comment to describe the distribution. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "ContinuousDeploymentPolicyId": { "markdownDescription": "The identifier of a continuous deployment policy. For more information, see `CreateContinuousDeploymentPolicy` .", "title": "ContinuousDeploymentPolicyId", "type": "string" }, "CustomErrorResponses": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomErrorResponse" }, "markdownDescription": "A complex type that controls the following:\n\n- Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.\n- How long CloudFront caches HTTP status codes in the 4xx and 5xx range.\n\nFor more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide* .", "title": "CustomErrorResponses", "type": "array" }, "CustomOrigin": { "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyCustomOrigin", "markdownDescription": "", "title": "CustomOrigin" }, "DefaultCacheBehavior": { "$ref": "#/definitions/AWS::CloudFront::Distribution.DefaultCacheBehavior", "markdownDescription": "A complex type that describes the default cache behavior if you don't specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.", "title": "DefaultCacheBehavior" }, "DefaultRootObject": { "markdownDescription": "The object that you want CloudFront to request from your origin (for example, `index.html` ) when a viewer requests the root URL for your distribution ( `https://www.example.com` ) instead of an object in your distribution ( `https://www.example.com/product-description.html` ). Specifying a default root object avoids exposing the contents of your distribution.\n\nSpecify only the object name, for example, `index.html` . Don't add a `/` before the object name.\n\nIf you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element.\n\nTo delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element.\n\nTo replace the default root object, update the distribution configuration and specify the new object.\n\nFor more information about the default root object, see [Creating a Default Root Object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide* .", "title": "DefaultRootObject", "type": "string" }, "Enabled": { "markdownDescription": "From this field, you can enable or disable the selected distribution.", "title": "Enabled", "type": "boolean" }, "HttpVersion": { "markdownDescription": "(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . The default value for new distributions is `http1.1` .\n\nFor viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).\n\nFor viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html) .", "title": "HttpVersion", "type": "string" }, "IPV6Enabled": { "markdownDescription": "If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify `true` . If you specify `false` , CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.\n\nIn general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the `IpAddress` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide* .\n\nIf you're using an Amazon Route\u00a053 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:\n\n- You enable IPv6 for the distribution\n- You're using alternate domain names in the URLs for your objects\n\nFor more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Amazon Route\u00a053 AWS Integration Developer Guide* .\n\nIf you created a CNAME resource record set, either with Amazon Route\u00a053 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.", "title": "IPV6Enabled", "type": "boolean" }, "Logging": { "$ref": "#/definitions/AWS::CloudFront::Distribution.Logging", "markdownDescription": "A complex type that controls whether access logs are written for the distribution.\n\nFor more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide* .", "title": "Logging" }, "OriginGroups": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroups", "markdownDescription": "A complex type that contains information about origin groups for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", "title": "OriginGroups" }, "Origins": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.Origin" }, "markdownDescription": "A complex type that contains information about origins for this distribution.\n\nSpecify a value for either the `Origins` or `OriginGroups` property.", "title": "Origins", "type": "array" }, "PriceClass": { "markdownDescription": "The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All` , CloudFront responds to requests for your objects from all CloudFront edge locations.\n\nIf you specify a price class other than `PriceClass_All` , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.\n\nFor more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide* . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/) .", "title": "PriceClass", "type": "string" }, "Restrictions": { "$ref": "#/definitions/AWS::CloudFront::Distribution.Restrictions", "markdownDescription": "A complex type that identifies ways in which you want to restrict distribution of your content.", "title": "Restrictions" }, "S3Origin": { "$ref": "#/definitions/AWS::CloudFront::Distribution.LegacyS3Origin", "markdownDescription": "", "title": "S3Origin" }, "Staging": { "markdownDescription": "A Boolean that indicates whether this is a staging distribution. When this value is `true` , this is a staging distribution. When this value is `false` , this is not a staging distribution.", "title": "Staging", "type": "boolean" }, "ViewerCertificate": { "$ref": "#/definitions/AWS::CloudFront::Distribution.ViewerCertificate", "markdownDescription": "A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.", "title": "ViewerCertificate" }, "WebACLId": { "markdownDescription": "A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` .\n\nAWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html) .", "title": "WebACLId", "type": "string" } }, "required": [ "DefaultCacheBehavior", "Enabled" ], "type": "object" }, "AWS::CloudFront::Distribution.ForwardedValues": { "additionalProperties": false, "properties": { "Cookies": { "$ref": "#/definitions/AWS::CloudFront::Distribution.Cookies", "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide* .", "title": "Cookies" }, "Headers": { "items": { "type": "string" }, "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that specifies the `Headers` , if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests.\n\nFor more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide* .", "title": "Headers", "type": "array" }, "QueryString": { "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nIndicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of `QueryString` and on the values that you specify for `QueryStringCacheKeys` , if any:\n\nIf you specify true for `QueryString` and you don't specify any values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.\n\nIf you specify true for `QueryString` and you specify one or more values for `QueryStringCacheKeys` , CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.\n\nIf you specify false for `QueryString` , CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.\n\nFor more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide* .", "title": "QueryString", "type": "boolean" }, "QueryStringCacheKeys": { "items": { "type": "string" }, "markdownDescription": "This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.\n\nIf you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide* .\n\nIf you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide* .\n\nA complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.", "title": "QueryStringCacheKeys", "type": "array" } }, "required": [ "QueryString" ], "type": "object" }, "AWS::CloudFront::Distribution.FunctionAssociation": { "additionalProperties": false, "properties": { "EventType": { "markdownDescription": "The event type of the function, either `viewer-request` or `viewer-response` . You cannot use origin-facing event types ( `origin-request` and `origin-response` ) with a CloudFront function.", "title": "EventType", "type": "string" }, "FunctionARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the function.", "title": "FunctionARN", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Distribution.GeoRestriction": { "additionalProperties": false, "properties": { "Locations": { "items": { "type": "string" }, "markdownDescription": "A complex type that contains a `Location` element for each country in which you want CloudFront either to distribute your content ( `whitelist` ) or not distribute your content ( `blacklist` ).\n\nThe `Location` element is a two-letter, uppercase country code for a country that you want to include in your `blacklist` or `whitelist` . Include one `Location` element for each country.\n\nCloudFront and `MaxMind` both use `ISO 3166` country codes. For the current list of countries and the corresponding codes, see `ISO 3166-1-alpha-2` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.", "title": "Locations", "type": "array" }, "RestrictionType": { "markdownDescription": "The method that you want to use to restrict distribution of your content by country:\n\n- `none` : No geo restriction is enabled, meaning access to content is not restricted by client geo location.\n- `blacklist` : The `Location` elements specify the countries in which you don't want CloudFront to distribute your content.\n- `whitelist` : The `Location` elements specify the countries in which you want CloudFront to distribute your content.", "title": "RestrictionType", "type": "string" } }, "required": [ "RestrictionType" ], "type": "object" }, "AWS::CloudFront::Distribution.LambdaFunctionAssociation": { "additionalProperties": false, "properties": { "EventType": { "markdownDescription": "Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values:\n\n- `viewer-request` : The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache.\n- `origin-request` : The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute.\n- `origin-response` : The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute.\n- `viewer-response` : The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache.\n\nIf the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.", "title": "EventType", "type": "string" }, "IncludeBody": { "markdownDescription": "A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide.", "title": "IncludeBody", "type": "boolean" }, "LambdaFunctionARN": { "markdownDescription": "The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST.", "title": "LambdaFunctionARN", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Distribution.LegacyCustomOrigin": { "additionalProperties": false, "properties": { "DNSName": { "markdownDescription": "", "title": "DNSName", "type": "string" }, "HTTPPort": { "markdownDescription": "", "title": "HTTPPort", "type": "number" }, "HTTPSPort": { "markdownDescription": "", "title": "HTTPSPort", "type": "number" }, "OriginProtocolPolicy": { "markdownDescription": "", "title": "OriginProtocolPolicy", "type": "string" }, "OriginSSLProtocols": { "items": { "type": "string" }, "markdownDescription": "", "title": "OriginSSLProtocols", "type": "array" } }, "required": [ "DNSName", "OriginProtocolPolicy", "OriginSSLProtocols" ], "type": "object" }, "AWS::CloudFront::Distribution.LegacyS3Origin": { "additionalProperties": false, "properties": { "DNSName": { "markdownDescription": "", "title": "DNSName", "type": "string" }, "OriginAccessIdentity": { "markdownDescription": "", "title": "OriginAccessIdentity", "type": "string" } }, "required": [ "DNSName" ], "type": "object" }, "AWS::CloudFront::Distribution.Logging": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com` .", "title": "Bucket", "type": "string" }, "IncludeCookies": { "markdownDescription": "Specifies whether you want CloudFront to include cookies in access logs, specify `true` for `IncludeCookies` . If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify `false` for `IncludeCookies` .", "title": "IncludeCookies", "type": "boolean" }, "Prefix": { "markdownDescription": "An optional string that you want CloudFront to prefix to the access log `filenames` for this distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", "title": "Prefix", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::CloudFront::Distribution.Origin": { "additionalProperties": false, "properties": { "ConnectionAttempts": { "markdownDescription": "The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3.\n\nFor a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout) .\n\nFor more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide* .", "title": "ConnectionAttempts", "type": "number" }, "ConnectionTimeout": { "markdownDescription": "The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds.\n\nFor more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide* .", "title": "ConnectionTimeout", "type": "number" }, "CustomOriginConfig": { "$ref": "#/definitions/AWS::CloudFront::Distribution.CustomOriginConfig", "markdownDescription": "Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the `S3OriginConfig` type instead.", "title": "CustomOriginConfig" }, "DomainName": { "markdownDescription": "The domain name for the origin.\n\nFor more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide* .", "title": "DomainName", "type": "string" }, "Id": { "markdownDescription": "A unique identifier for the origin. This value must be unique within the distribution.\n\nUse this value to specify the `TargetOriginId` in a `CacheBehavior` or `DefaultCacheBehavior` .", "title": "Id", "type": "string" }, "OriginAccessControlId": { "markdownDescription": "The unique identifier of an origin access control for this origin.\n\nFor more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginAccessControlId", "type": "string" }, "OriginCustomHeaders": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginCustomHeader" }, "markdownDescription": "A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin.\n\nFor more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginCustomHeaders", "type": "array" }, "OriginPath": { "markdownDescription": "An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.\n\nFor more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide* .", "title": "OriginPath", "type": "string" }, "OriginShield": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginShield", "markdownDescription": "CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin.\n\nFor more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginShield" }, "S3OriginConfig": { "$ref": "#/definitions/AWS::CloudFront::Distribution.S3OriginConfig", "markdownDescription": "Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the `CustomOriginConfig` type instead.", "title": "S3OriginConfig" } }, "required": [ "DomainName", "Id" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginCustomHeader": { "additionalProperties": false, "properties": { "HeaderName": { "markdownDescription": "The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide* .", "title": "HeaderName", "type": "string" }, "HeaderValue": { "markdownDescription": "The value for the header that you specified in the `HeaderName` field.", "title": "HeaderValue", "type": "string" } }, "required": [ "HeaderName", "HeaderValue" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginGroup": { "additionalProperties": false, "properties": { "FailoverCriteria": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupFailoverCriteria", "markdownDescription": "A complex type that contains information about the failover criteria for an origin group.", "title": "FailoverCriteria" }, "Id": { "markdownDescription": "The origin group's ID.", "title": "Id", "type": "string" }, "Members": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMembers", "markdownDescription": "A complex type that contains information about the origins in an origin group.", "title": "Members" } }, "required": [ "FailoverCriteria", "Id", "Members" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginGroupFailoverCriteria": { "additionalProperties": false, "properties": { "StatusCodes": { "$ref": "#/definitions/AWS::CloudFront::Distribution.StatusCodes", "markdownDescription": "The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin.", "title": "StatusCodes" } }, "required": [ "StatusCodes" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginGroupMember": { "additionalProperties": false, "properties": { "OriginId": { "markdownDescription": "The ID for an origin in an origin group.", "title": "OriginId", "type": "string" } }, "required": [ "OriginId" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginGroupMembers": { "additionalProperties": false, "properties": { "Items": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroupMember" }, "markdownDescription": "Items (origins) in an origin group.", "title": "Items", "type": "array" }, "Quantity": { "markdownDescription": "The number of origins in an origin group.", "title": "Quantity", "type": "number" } }, "required": [ "Items", "Quantity" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginGroups": { "additionalProperties": false, "properties": { "Items": { "items": { "$ref": "#/definitions/AWS::CloudFront::Distribution.OriginGroup" }, "markdownDescription": "The items (origin groups) in a distribution.", "title": "Items", "type": "array" }, "Quantity": { "markdownDescription": "The number of origin groups.", "title": "Quantity", "type": "number" } }, "required": [ "Quantity" ], "type": "object" }, "AWS::CloudFront::Distribution.OriginShield": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "A flag that specifies whether Origin Shield is enabled.\n\nWhen it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches.", "title": "Enabled", "type": "boolean" }, "OriginShieldRegion": { "markdownDescription": "The AWS Region for Origin Shield.\n\nSpecify the AWS Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as `us-east-2` .\n\nWhen you enable CloudFront Origin Shield, you must specify the AWS Region for Origin Shield. For the list of AWS Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the AWS Region for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide* .", "title": "OriginShieldRegion", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Distribution.Restrictions": { "additionalProperties": false, "properties": { "GeoRestriction": { "$ref": "#/definitions/AWS::CloudFront::Distribution.GeoRestriction", "markdownDescription": "A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using `MaxMind` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template.", "title": "GeoRestriction" } }, "required": [ "GeoRestriction" ], "type": "object" }, "AWS::CloudFront::Distribution.S3OriginConfig": { "additionalProperties": false, "properties": { "OriginAccessIdentity": { "markdownDescription": "> If you're using origin access control (OAC) instead of origin access identity, specify an empty `OriginAccessIdentity` element. For more information, see [Restricting access to an AWS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* . \n\nThe CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is:\n\n`origin-access-identity/cloudfront/ID-of-origin-access-identity`\n\nThe `*ID-of-origin-access-identity*` is the value that CloudFront returned in the `ID` element when you created the origin access identity.\n\nIf you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginAccessIdentity", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Distribution.StatusCodes": { "additionalProperties": false, "properties": { "Items": { "items": { "type": "number" }, "markdownDescription": "The items (status codes) for an origin group.", "title": "Items", "type": "array" }, "Quantity": { "markdownDescription": "The number of status codes.", "title": "Quantity", "type": "number" } }, "required": [ "Items", "Quantity" ], "type": "object" }, "AWS::CloudFront::Distribution.ViewerCertificate": { "additionalProperties": false, "properties": { "AcmCertificateArn": { "markdownDescription": "> In CloudFormation, this field name is `AcmCertificateArn` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate Manager (ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) , provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region ( `us-east-1` ).\n\nIf you specify an ACM certificate ARN, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", "title": "AcmCertificateArn", "type": "string" }, "CloudFrontDefaultCertificate": { "markdownDescription": "If the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , set this field to `true` .\n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), omit this field and specify values for the following fields:\n\n- `AcmCertificateArn` or `IamCertificateId` (specify a value for one, not both)\n- `MinimumProtocolVersion`\n- `SslSupportMethod`", "title": "CloudFrontDefaultCertificate", "type": "boolean" }, "IamCertificateId": { "markdownDescription": "> In CloudFormation, this field name is `IamCertificateId` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and Access Management (IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) , provide the ID of the IAM certificate.\n\nIf you specify an IAM certificate ID, you must also specify values for `MinimumProtocolVersion` and `SSLSupportMethod` . (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)", "title": "IamCertificateId", "type": "string" }, "MinimumProtocolVersion": { "markdownDescription": "If the distribution uses `Aliases` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:\n\n- The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.\n- The ciphers that CloudFront can use to encrypt the content that it returns to viewers.\n\nFor more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide* .\n\n> On the CloudFront console, this setting is called *Security Policy* . \n\nWhen you're using SNI only (you set `SSLSupportMethod` to `sni-only` ), you must specify `TLSv1` or higher. (In CloudFormation, the field name is `SslSupportMethod` . Note the different capitalization.)\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` (you set `CloudFrontDefaultCertificate` to `true` ), CloudFront automatically sets the security policy to `TLSv1` regardless of the value that you set here.", "title": "MinimumProtocolVersion", "type": "string" }, "SslSupportMethod": { "markdownDescription": "> In CloudFormation, this field name is `SslSupportMethod` . Note the different capitalization. \n\nIf the distribution uses `Aliases` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.\n\n- `sni-only` \u2013 The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) . This is recommended. Most browsers and clients support SNI.\n- `vip` \u2013 The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.\n- `static-ip` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [AWS Support Center](https://docs.aws.amazon.com/support/home) .\n\nIf the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net` , don't set a value for this field.", "title": "SslSupportMethod", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Function": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoPublish": { "markdownDescription": "A flag that determines whether to automatically publish the function to the `LIVE` stage when it\u2019s created. To automatically publish to the `LIVE` stage, set this property to `true` .", "title": "AutoPublish", "type": "boolean" }, "FunctionCode": { "markdownDescription": "The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .", "title": "FunctionCode", "type": "string" }, "FunctionConfig": { "$ref": "#/definitions/AWS::CloudFront::Function.FunctionConfig", "markdownDescription": "Contains configuration information about a CloudFront function.", "title": "FunctionConfig" }, "FunctionMetadata": { "$ref": "#/definitions/AWS::CloudFront::Function.FunctionMetadata", "markdownDescription": "Contains metadata about a CloudFront function.", "title": "FunctionMetadata" }, "Name": { "markdownDescription": "A name to identify the function.", "title": "Name", "type": "string" } }, "required": [ "FunctionCode", "FunctionConfig", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::Function" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::Function.FunctionConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the function.", "title": "Comment", "type": "string" }, "KeyValueStoreAssociations": { "items": { "$ref": "#/definitions/AWS::CloudFront::Function.KeyValueStoreAssociation" }, "markdownDescription": "The configuration for the key value store associations.", "title": "KeyValueStoreAssociations", "type": "array" }, "Runtime": { "markdownDescription": "The function's runtime environment version.", "title": "Runtime", "type": "string" } }, "required": [ "Comment", "Runtime" ], "type": "object" }, "AWS::CloudFront::Function.FunctionMetadata": { "additionalProperties": false, "properties": { "FunctionARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function.", "title": "FunctionARN", "type": "string" } }, "type": "object" }, "AWS::CloudFront::Function.KeyValueStoreAssociation": { "additionalProperties": false, "properties": { "KeyValueStoreARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the key value store association.", "title": "KeyValueStoreARN", "type": "string" } }, "required": [ "KeyValueStoreARN" ], "type": "object" }, "AWS::CloudFront::KeyGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "KeyGroupConfig": { "$ref": "#/definitions/AWS::CloudFront::KeyGroup.KeyGroupConfig", "markdownDescription": "The key group configuration.", "title": "KeyGroupConfig" } }, "required": [ "KeyGroupConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::KeyGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::KeyGroup.KeyGroupConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the key group. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "Items": { "items": { "type": "string" }, "markdownDescription": "A list of the identifiers of the public keys in the key group.", "title": "Items", "type": "array" }, "Name": { "markdownDescription": "A name to identify the key group.", "title": "Name", "type": "string" } }, "required": [ "Items", "Name" ], "type": "object" }, "AWS::CloudFront::KeyValueStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment for the key value store.", "title": "Comment", "type": "string" }, "ImportSource": { "$ref": "#/definitions/AWS::CloudFront::KeyValueStore.ImportSource", "markdownDescription": "The import source for the key value store.", "title": "ImportSource" }, "Name": { "markdownDescription": "The name of the key value store.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::KeyValueStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::KeyValueStore.ImportSource": { "additionalProperties": false, "properties": { "SourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the import source for the key value store.", "title": "SourceArn", "type": "string" }, "SourceType": { "markdownDescription": "The source type of the import source for the key value store.", "title": "SourceType", "type": "string" } }, "required": [ "SourceArn", "SourceType" ], "type": "object" }, "AWS::CloudFront::MonitoringSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DistributionId": { "markdownDescription": "The ID of the distribution that you are enabling metrics for.", "title": "DistributionId", "type": "string" }, "MonitoringSubscription": { "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.MonitoringSubscription", "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", "title": "MonitoringSubscription" } }, "required": [ "DistributionId", "MonitoringSubscription" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::MonitoringSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::MonitoringSubscription.MonitoringSubscription": { "additionalProperties": false, "properties": { "RealtimeMetricsSubscriptionConfig": { "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig", "markdownDescription": "A subscription configuration for additional CloudWatch metrics.", "title": "RealtimeMetricsSubscriptionConfig" } }, "type": "object" }, "AWS::CloudFront::MonitoringSubscription.RealtimeMetricsSubscriptionConfig": { "additionalProperties": false, "properties": { "RealtimeMetricsSubscriptionStatus": { "markdownDescription": "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution.", "title": "RealtimeMetricsSubscriptionStatus", "type": "string" } }, "required": [ "RealtimeMetricsSubscriptionStatus" ], "type": "object" }, "AWS::CloudFront::OriginAccessControl": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "OriginAccessControlConfig": { "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig", "markdownDescription": "The origin access control.", "title": "OriginAccessControlConfig" } }, "required": [ "OriginAccessControlConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::OriginAccessControl" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the origin access control.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name to identify the origin access control. You can specify up to 64 characters.", "title": "Name", "type": "string" }, "OriginAccessControlOriginType": { "markdownDescription": "The type of origin that this origin access control is for.", "title": "OriginAccessControlOriginType", "type": "string" }, "SigningBehavior": { "markdownDescription": "Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .\n\nThis field can have one of the following values:\n\n- `always` \u2013 CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.\n- `never` \u2013 CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.\n- `no-override` \u2013 If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*", "title": "SigningBehavior", "type": "string" }, "SigningProtocol": { "markdownDescription": "The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .", "title": "SigningProtocol", "type": "string" } }, "required": [ "Name", "OriginAccessControlOriginType", "SigningBehavior", "SigningProtocol" ], "type": "object" }, "AWS::CloudFront::OriginRequestPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "OriginRequestPolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig", "markdownDescription": "The origin request policy configuration.", "title": "OriginRequestPolicyConfig" } }, "required": [ "OriginRequestPolicyConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::OriginRequestPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::OriginRequestPolicy.CookiesConfig": { "additionalProperties": false, "properties": { "CookieBehavior": { "markdownDescription": "Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any cookies that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the cookies in viewer requests that are listed in the `CookieNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All cookies in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `CookieNames` type, which are not included.", "title": "CookieBehavior", "type": "string" }, "Cookies": { "items": { "type": "string" }, "markdownDescription": "Contains a list of cookie names.", "title": "Cookies", "type": "array" } }, "required": [ "CookieBehavior" ], "type": "object" }, "AWS::CloudFront::OriginRequestPolicy.HeadersConfig": { "additionalProperties": false, "properties": { "HeaderBehavior": { "markdownDescription": "Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any headers that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the HTTP headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin.\n- `allViewer` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin.\n- `allViewerAndWhitelistCloudFront` \u2013 All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the `Headers` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront.\n- `allExcept` \u2013 All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `Headers` type, which are not included.", "title": "HeaderBehavior", "type": "string" }, "Headers": { "items": { "type": "string" }, "markdownDescription": "Contains a list of HTTP header names.", "title": "Headers", "type": "array" } }, "required": [ "HeaderBehavior" ], "type": "object" }, "AWS::CloudFront::OriginRequestPolicy.OriginRequestPolicyConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the origin request policy. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "CookiesConfig": { "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.CookiesConfig", "markdownDescription": "The cookies from viewer requests to include in origin requests.", "title": "CookiesConfig" }, "HeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.HeadersConfig", "markdownDescription": "The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront.", "title": "HeadersConfig" }, "Name": { "markdownDescription": "A unique name to identify the origin request policy.", "title": "Name", "type": "string" }, "QueryStringsConfig": { "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig", "markdownDescription": "The URL query strings from viewer requests to include in origin requests.", "title": "QueryStringsConfig" } }, "required": [ "CookiesConfig", "HeadersConfig", "Name", "QueryStringsConfig" ], "type": "object" }, "AWS::CloudFront::OriginRequestPolicy.QueryStringsConfig": { "additionalProperties": false, "properties": { "QueryStringBehavior": { "markdownDescription": "Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are:\n\n- `none` \u2013 No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to `none` , any query strings that are listed in a `CachePolicy` *are* included in origin requests.\n- `whitelist` \u2013 Only the query strings in viewer requests that are listed in the `QueryStringNames` type are included in requests that CloudFront sends to the origin.\n- `all` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin.\n- `allExcept` \u2013 All query strings in viewer requests are included in requests that CloudFront sends to the origin, **except** for those listed in the `QueryStringNames` type, which are not included.", "title": "QueryStringBehavior", "type": "string" }, "QueryStrings": { "items": { "type": "string" }, "markdownDescription": "Contains a list of query string names.", "title": "QueryStrings", "type": "array" } }, "required": [ "QueryStringBehavior" ], "type": "object" }, "AWS::CloudFront::PublicKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PublicKeyConfig": { "$ref": "#/definitions/AWS::CloudFront::PublicKey.PublicKeyConfig", "markdownDescription": "Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", "title": "PublicKeyConfig" } }, "required": [ "PublicKeyConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::PublicKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::PublicKey.PublicKeyConfig": { "additionalProperties": false, "properties": { "CallerReference": { "markdownDescription": "A string included in the request to help make sure that the request can't be replayed.", "title": "CallerReference", "type": "string" }, "Comment": { "markdownDescription": "A comment to describe the public key. The comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "EncodedKey": { "markdownDescription": "The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .", "title": "EncodedKey", "type": "string" }, "Name": { "markdownDescription": "A name to help identify the public key.", "title": "Name", "type": "string" } }, "required": [ "CallerReference", "EncodedKey", "Name" ], "type": "object" }, "AWS::CloudFront::RealtimeLogConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndPoints": { "items": { "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.EndPoint" }, "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.", "title": "EndPoints", "type": "array" }, "Fields": { "items": { "type": "string" }, "markdownDescription": "A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.\n\nFor more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .", "title": "Fields", "type": "array" }, "Name": { "markdownDescription": "The unique name of this real-time log configuration.", "title": "Name", "type": "string" }, "SamplingRate": { "markdownDescription": "The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.", "title": "SamplingRate", "type": "number" } }, "required": [ "EndPoints", "Fields", "Name", "SamplingRate" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::RealtimeLogConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::RealtimeLogConfig.EndPoint": { "additionalProperties": false, "properties": { "KinesisStreamConfig": { "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig", "markdownDescription": "Contains information about the Amazon Kinesis data stream where you are sending real-time log data.", "title": "KinesisStreamConfig" }, "StreamType": { "markdownDescription": "The type of data stream where you are sending real-time log data. The only valid value is `Kinesis` .", "title": "StreamType", "type": "string" } }, "required": [ "KinesisStreamConfig", "StreamType" ], "type": "object" }, "AWS::CloudFront::RealtimeLogConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream.\n\nFor more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide* .", "title": "RoleArn", "type": "string" }, "StreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data.", "title": "StreamArn", "type": "string" } }, "required": [ "RoleArn", "StreamArn" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResponseHeadersPolicyConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig", "markdownDescription": "A response headers policy configuration.", "title": "ResponseHeadersPolicyConfig" } }, "required": [ "ResponseHeadersPolicyConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::ResponseHeadersPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders": { "additionalProperties": false, "properties": { "Items": { "items": { "type": "string" }, "markdownDescription": "The list of HTTP header names. You can specify `*` to allow all headers.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods": { "additionalProperties": false, "properties": { "Items": { "items": { "type": "string" }, "markdownDescription": "The list of HTTP methods. Valid values are:\n\n- `GET`\n- `DELETE`\n- `HEAD`\n- `OPTIONS`\n- `PATCH`\n- `POST`\n- `PUT`\n- `ALL`\n\n`ALL` is a special value that includes all of the listed HTTP methods.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins": { "additionalProperties": false, "properties": { "Items": { "items": { "type": "string" }, "markdownDescription": "The list of origins (domain names). You can specify `*` to allow all origins.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders": { "additionalProperties": false, "properties": { "Items": { "items": { "type": "string" }, "markdownDescription": "The list of HTTP headers. You can specify `*` to expose all headers.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy": { "additionalProperties": false, "properties": { "ContentSecurityPolicy": { "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.", "title": "ContentSecurityPolicy", "type": "string" }, "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Content-Security-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" } }, "required": [ "ContentSecurityPolicy", "Override" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions": { "additionalProperties": false, "properties": { "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Content-Type-Options` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" } }, "required": [ "Override" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.CorsConfig": { "additionalProperties": false, "properties": { "AccessControlAllowCredentials": { "markdownDescription": "A Boolean that CloudFront uses as the value for the `Access-Control-Allow-Credentials` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Credentials` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs.", "title": "AccessControlAllowCredentials", "type": "boolean" }, "AccessControlAllowHeaders": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowHeaders", "markdownDescription": "A list of HTTP header names that CloudFront includes as values for the `Access-Control-Allow-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Headers` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs.", "title": "AccessControlAllowHeaders" }, "AccessControlAllowMethods": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowMethods", "markdownDescription": "A list of HTTP methods that CloudFront includes as values for the `Access-Control-Allow-Methods` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Methods` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs.", "title": "AccessControlAllowMethods" }, "AccessControlAllowOrigins": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlAllowOrigins", "markdownDescription": "A list of origins (domain names) that CloudFront can use as the value for the `Access-Control-Allow-Origin` HTTP response header.\n\nFor more information about the `Access-Control-Allow-Origin` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs.", "title": "AccessControlAllowOrigins" }, "AccessControlExposeHeaders": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.AccessControlExposeHeaders", "markdownDescription": "A list of HTTP headers that CloudFront includes as values for the `Access-Control-Expose-Headers` HTTP response header.\n\nFor more information about the `Access-Control-Expose-Headers` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs.", "title": "AccessControlExposeHeaders" }, "AccessControlMaxAgeSec": { "markdownDescription": "A number that CloudFront uses as the value for the `Access-Control-Max-Age` HTTP response header.\n\nFor more information about the `Access-Control-Max-Age` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs.", "title": "AccessControlMaxAgeSec", "type": "number" }, "OriginOverride": { "markdownDescription": "A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.", "title": "OriginOverride", "type": "boolean" } }, "required": [ "AccessControlAllowCredentials", "AccessControlAllowHeaders", "AccessControlAllowMethods", "AccessControlAllowOrigins", "OriginOverride" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.CustomHeader": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "The HTTP response header name.", "title": "Header", "type": "string" }, "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.", "title": "Override", "type": "boolean" }, "Value": { "markdownDescription": "The value for the HTTP response header.", "title": "Value", "type": "string" } }, "required": [ "Header", "Override", "Value" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig": { "additionalProperties": false, "properties": { "Items": { "items": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeader" }, "markdownDescription": "The list of HTTP response headers and their values.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.FrameOptions": { "additionalProperties": false, "properties": { "FrameOption": { "markdownDescription": "The value of the `X-Frame-Options` HTTP response header. Valid values are `DENY` and `SAMEORIGIN` .\n\nFor more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", "title": "FrameOption", "type": "string" }, "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-Frame-Options` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" } }, "required": [ "FrameOption", "Override" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy": { "additionalProperties": false, "properties": { "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Referrer-Policy` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" }, "ReferrerPolicy": { "markdownDescription": "The value of the `Referrer-Policy` HTTP response header. Valid values are:\n\n- `no-referrer`\n- `no-referrer-when-downgrade`\n- `origin`\n- `origin-when-cross-origin`\n- `same-origin`\n- `strict-origin`\n- `strict-origin-when-cross-origin`\n- `unsafe-url`\n\nFor more information about these values, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", "title": "ReferrerPolicy", "type": "string" } }, "required": [ "Override", "ReferrerPolicy" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "The HTTP header name.", "title": "Header", "type": "string" } }, "required": [ "Header" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig": { "additionalProperties": false, "properties": { "Items": { "items": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeader" }, "markdownDescription": "The list of HTTP header names.", "title": "Items", "type": "array" } }, "required": [ "Items" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.ResponseHeadersPolicyConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A comment to describe the response headers policy.\n\nThe comment cannot be longer than 128 characters.", "title": "Comment", "type": "string" }, "CorsConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CorsConfig", "markdownDescription": "A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).", "title": "CorsConfig" }, "CustomHeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.CustomHeadersConfig", "markdownDescription": "A configuration for a set of custom HTTP response headers.", "title": "CustomHeadersConfig" }, "Name": { "markdownDescription": "A name to identify the response headers policy.\n\nThe name must be unique for response headers policies in this AWS account .", "title": "Name", "type": "string" }, "RemoveHeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.RemoveHeadersConfig", "markdownDescription": "A configuration for a set of HTTP headers to remove from the HTTP response.", "title": "RemoveHeadersConfig" }, "SecurityHeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig", "markdownDescription": "A configuration for a set of security-related HTTP response headers.", "title": "SecurityHeadersConfig" }, "ServerTimingHeadersConfig": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig", "markdownDescription": "A configuration for enabling the `Server-Timing` header in HTTP responses sent from CloudFront.", "title": "ServerTimingHeadersConfig" } }, "required": [ "Name" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.SecurityHeadersConfig": { "additionalProperties": false, "properties": { "ContentSecurityPolicy": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentSecurityPolicy", "markdownDescription": "The policy directives and their values that CloudFront includes as values for the `Content-Security-Policy` HTTP response header.\n\nFor more information about the `Content-Security-Policy` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs.", "title": "ContentSecurityPolicy" }, "ContentTypeOptions": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ContentTypeOptions", "markdownDescription": "Determines whether CloudFront includes the `X-Content-Type-Options` HTTP response header with its value set to `nosniff` .\n\nFor more information about the `X-Content-Type-Options` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs.", "title": "ContentTypeOptions" }, "FrameOptions": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.FrameOptions", "markdownDescription": "Determines whether CloudFront includes the `X-Frame-Options` HTTP response header and the header's value.\n\nFor more information about the `X-Frame-Options` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs.", "title": "FrameOptions" }, "ReferrerPolicy": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.ReferrerPolicy", "markdownDescription": "Determines whether CloudFront includes the `Referrer-Policy` HTTP response header and the header's value.\n\nFor more information about the `Referrer-Policy` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs.", "title": "ReferrerPolicy" }, "StrictTransportSecurity": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity", "markdownDescription": "Determines whether CloudFront includes the `Strict-Transport-Security` HTTP response header and the header's value.\n\nFor more information about the `Strict-Transport-Security` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs.", "title": "StrictTransportSecurity" }, "XSSProtection": { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy.XSSProtection", "markdownDescription": "Determines whether CloudFront includes the `X-XSS-Protection` HTTP response header and the header's value.\n\nFor more information about the `X-XSS-Protection` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", "title": "XSSProtection" } }, "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.ServerTimingHeadersConfig": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "A Boolean that determines whether CloudFront adds the `Server-Timing` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.", "title": "Enabled", "type": "boolean" }, "SamplingRate": { "markdownDescription": "A number 0\u2013100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the `Server-Timing` header to. When you set the sampling rate to 100, CloudFront adds the `Server-Timing` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0\u2013100 with up to four decimal places.", "title": "SamplingRate", "type": "number" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.StrictTransportSecurity": { "additionalProperties": false, "properties": { "AccessControlMaxAgeSec": { "markdownDescription": "A number that CloudFront uses as the value for the `max-age` directive in the `Strict-Transport-Security` HTTP response header.", "title": "AccessControlMaxAgeSec", "type": "number" }, "IncludeSubdomains": { "markdownDescription": "A Boolean that determines whether CloudFront includes the `includeSubDomains` directive in the `Strict-Transport-Security` HTTP response header.", "title": "IncludeSubdomains", "type": "boolean" }, "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `Strict-Transport-Security` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" }, "Preload": { "markdownDescription": "A Boolean that determines whether CloudFront includes the `preload` directive in the `Strict-Transport-Security` HTTP response header.", "title": "Preload", "type": "boolean" } }, "required": [ "AccessControlMaxAgeSec", "Override" ], "type": "object" }, "AWS::CloudFront::ResponseHeadersPolicy.XSSProtection": { "additionalProperties": false, "properties": { "ModeBlock": { "markdownDescription": "A Boolean that determines whether CloudFront includes the `mode=block` directive in the `X-XSS-Protection` header.\n\nFor more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", "title": "ModeBlock", "type": "boolean" }, "Override": { "markdownDescription": "A Boolean that determines whether CloudFront overrides the `X-XSS-Protection` HTTP response header received from the origin with the one specified in this response headers policy.", "title": "Override", "type": "boolean" }, "Protection": { "markdownDescription": "A Boolean that determines the value of the `X-XSS-Protection` HTTP response header. When this setting is `true` , the value of the `X-XSS-Protection` header is `1` . When this setting is `false` , the value of the `X-XSS-Protection` header is `0` .\n\nFor more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", "title": "Protection", "type": "boolean" }, "ReportUri": { "markdownDescription": "A reporting URI, which CloudFront uses as the value of the `report` directive in the `X-XSS-Protection` header.\n\nYou cannot specify a `ReportUri` when `ModeBlock` is `true` .\n\nFor more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs.", "title": "ReportUri", "type": "string" } }, "required": [ "Override", "Protection" ], "type": "object" }, "AWS::CloudFront::StreamingDistribution": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "StreamingDistributionConfig": { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig", "markdownDescription": "The current configuration information for the RTMP distribution.", "title": "StreamingDistributionConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A complex type that contains zero or more `Tag` elements.", "title": "Tags", "type": "array" } }, "required": [ "StreamingDistributionConfig", "Tags" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudFront::StreamingDistribution" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudFront::StreamingDistribution.Logging": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com` .", "title": "Bucket", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a streaming distribution or if you want to disable logging for an existing streaming distribution, specify `false` for `Enabled` , and specify `empty Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix` , the values are automatically deleted.", "title": "Enabled", "type": "boolean" }, "Prefix": { "markdownDescription": "An optional string that you want CloudFront to prefix to the access log filenames for this streaming distribution, for example, `myprefix/` . If you want to enable logging, but you don't want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element.", "title": "Prefix", "type": "string" } }, "required": [ "Bucket", "Enabled", "Prefix" ], "type": "object" }, "AWS::CloudFront::StreamingDistribution.S3Origin": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The DNS name of the Amazon S3 origin.", "title": "DomainName", "type": "string" }, "OriginAccessIdentity": { "markdownDescription": "The CloudFront origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an Amazon S3 bucket through CloudFront.\n\nIf you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element.\n\nTo delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element.\n\nTo replace the origin access identity, update the distribution configuration and specify the new origin access identity.\n\nFor more information, see [Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .", "title": "OriginAccessIdentity", "type": "string" } }, "required": [ "DomainName", "OriginAccessIdentity" ], "type": "object" }, "AWS::CloudFront::StreamingDistribution.StreamingDistributionConfig": { "additionalProperties": false, "properties": { "Aliases": { "items": { "type": "string" }, "markdownDescription": "A complex type that contains information about CNAMEs (alternate domain names), if any, for this streaming distribution.", "title": "Aliases", "type": "array" }, "Comment": { "markdownDescription": "Any comments you want to include about the streaming distribution.", "title": "Comment", "type": "string" }, "Enabled": { "markdownDescription": "Whether the streaming distribution is enabled to accept user requests for content.", "title": "Enabled", "type": "boolean" }, "Logging": { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.Logging", "markdownDescription": "A complex type that controls whether access logs are written for the streaming distribution.", "title": "Logging" }, "PriceClass": { "markdownDescription": "A complex type that contains information about price class for this streaming distribution.", "title": "PriceClass", "type": "string" }, "S3Origin": { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.S3Origin", "markdownDescription": "A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.", "title": "S3Origin" }, "TrustedSigners": { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution.TrustedSigners", "markdownDescription": "A complex type that specifies any AWS accounts that you want to permit to create signed URLs for private content. If you want the distribution to use signed URLs, include this element; if you want the distribution to use public URLs, remove this element. For more information, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide* .", "title": "TrustedSigners" } }, "required": [ "Comment", "Enabled", "S3Origin", "TrustedSigners" ], "type": "object" }, "AWS::CloudFront::StreamingDistribution.TrustedSigners": { "additionalProperties": false, "properties": { "AwsAccountNumbers": { "items": { "type": "string" }, "markdownDescription": "An AWS account number that contains active CloudFront key pairs that CloudFront can use to verify the signatures of signed URLs and signed cookies. If the AWS account that owns the key pairs is the same account that owns the CloudFront distribution, the value of this field is `self` .", "title": "AwsAccountNumbers", "type": "array" }, "Enabled": { "markdownDescription": "This field is `true` if any of the AWS accounts in the list are configured as trusted signers. If not, this field is `false` .", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::CloudTrail::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Destinations": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Channel.Destination" }, "markdownDescription": "One or more event data stores to which events arriving through a channel will be logged.", "title": "Destinations", "type": "array" }, "Name": { "markdownDescription": "The name of the channel.", "title": "Name", "type": "string" }, "Source": { "markdownDescription": "The name of the partner or external event source. You cannot change this name after you create the channel. A maximum of one channel is allowed per source.\n\nA source can be either `Custom` for all valid non- AWS events, or the name of a partner event source. For information about the source names for available partners, see [Additional information about integration partners](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-integration.html#cloudtrail-lake-partner-information) in the CloudTrail User Guide.", "title": "Source", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudTrail::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudTrail::Channel.Destination": { "additionalProperties": false, "properties": { "Location": { "markdownDescription": "For channels used for a CloudTrail Lake integration, the location is the ARN of an event data store that receives events from a channel. For service-linked channels, the location is the name of the AWS service.", "title": "Location", "type": "string" }, "Type": { "markdownDescription": "The type of destination for events arriving from a channel. For channels used for a CloudTrail Lake integration, the value is `EVENT_DATA_STORE` . For service-linked channels, the value is `AWS_SERVICE` .", "title": "Type", "type": "string" } }, "required": [ "Location", "Type" ], "type": "object" }, "AWS::CloudTrail::EventDataStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdvancedEventSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedEventSelector" }, "markdownDescription": "The advanced event selectors to use to select the events for the data store. You can configure up to five advanced event selectors for each event data store.\n\nFor more information about how to use advanced event selectors to log CloudTrail events, see [Log events by using advanced event selectors](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-advanced) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include AWS Config configuration items in your event data store, see [Create an event data store for AWS Config configuration items](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-eds-cli.html#lake-cli-create-eds-config) in the CloudTrail User Guide.\n\nFor more information about how to use advanced event selectors to include events outside of AWS events in your event data store, see [Create an integration to log events from outside AWS](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/lake-integrations-cli.html#lake-cli-create-integration) in the CloudTrail User Guide.", "title": "AdvancedEventSelectors", "type": "array" }, "BillingMode": { "markdownDescription": "The billing mode for the event data store determines the cost for ingesting events and the default and maximum retention period for the event data store.\n\nThe following are the possible values:\n\n- `EXTENDABLE_RETENTION_PRICING` - This billing mode is generally recommended if you want a flexible retention period of up to 3653 days (about 10 years). The default retention period for this billing mode is 366 days.\n- `FIXED_RETENTION_PRICING` - This billing mode is recommended if you expect to ingest more than 25 TB of event data per month and need a retention period of up to 2557 days (about 7 years). The default retention period for this billing mode is 2557 days.\n\nThe default value is `EXTENDABLE_RETENTION_PRICING` .\n\nFor more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) and [Managing CloudTrail Lake costs](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-lake-manage-costs.html) .", "title": "BillingMode", "type": "string" }, "FederationEnabled": { "markdownDescription": "Indicates if [Lake query federation](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html) is enabled. By default, Lake query federation is disabled. You cannot delete an event data store if Lake query federation is enabled.", "title": "FederationEnabled", "type": "boolean" }, "FederationRoleArn": { "markdownDescription": "If Lake query federation is enabled, provides the ARN of the federation role used to access the resources for the federated event data store.\n\nThe federation role must exist in your account and provide the [required minimum permissions](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-federation.html#query-federation-permissions-role) .", "title": "FederationRoleArn", "type": "string" }, "IngestionEnabled": { "markdownDescription": "Specifies whether the event data store should start ingesting live events. The default is true.", "title": "IngestionEnabled", "type": "boolean" }, "InsightSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.InsightSelector" }, "markdownDescription": "A JSON string that contains the Insights types you want to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", "title": "InsightSelectors", "type": "array" }, "InsightsDestination": { "markdownDescription": "The ARN (or ID suffix of the ARN) of the destination event data store that logs Insights events. For more information, see [Create an event data store for CloudTrail Insights events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/query-event-data-store-insights.html) .", "title": "InsightsDestination", "type": "string" }, "KmsKeyId": { "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the events delivered by CloudTrail. The value can be an alias name prefixed by `alias/` , a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\n> Disabling or deleting the KMS key, or removing CloudTrail permissions on the key, prevents CloudTrail from logging events to the event data store, and prevents users from querying the data in the event data store that was encrypted with the key. After you associate an event data store with a KMS key, the KMS key cannot be removed or changed. Before you disable or delete a KMS key that you are using with an event data store, delete or back up your event data store. \n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- `alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:alias/MyAliasName`\n- `arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012`\n- `12345678-1234-1234-1234-123456789012`", "title": "KmsKeyId", "type": "string" }, "MultiRegionEnabled": { "markdownDescription": "Specifies whether the event data store includes events from all Regions, or only from the Region in which the event data store is created.", "title": "MultiRegionEnabled", "type": "boolean" }, "Name": { "markdownDescription": "The name of the event data store.", "title": "Name", "type": "string" }, "OrganizationEnabled": { "markdownDescription": "Specifies whether an event data store collects events logged for an organization in AWS Organizations .", "title": "OrganizationEnabled", "type": "boolean" }, "RetentionPeriod": { "markdownDescription": "The retention period of the event data store, in days. If `BillingMode` is set to `EXTENDABLE_RETENTION_PRICING` , you can set a retention period of up to 3653 days, the equivalent of 10 years. If `BillingMode` is set to `FIXED_RETENTION_PRICING` , you can set a retention period of up to 2557 days, the equivalent of seven years.\n\nCloudTrail Lake determines whether to retain an event by checking if the `eventTime` of the event is within the specified retention period. For example, if you set a retention period of 90 days, CloudTrail will remove events when the `eventTime` is older than 90 days.\n\n> If you plan to copy trail events to this event data store, we recommend that you consider both the age of the events that you want to copy as well as how long you want to keep the copied events in your event data store. For example, if you copy trail events that are 5 years old and specify a retention period of 7 years, the event data store will retain those events for two years.", "title": "RetentionPeriod", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags.", "title": "Tags", "type": "array" }, "TerminationProtectionEnabled": { "markdownDescription": "Specifies whether termination protection is enabled for the event data store. If termination protection is enabled, you cannot delete the event data store until termination protection is disabled.", "title": "TerminationProtectionEnabled", "type": "boolean" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudTrail::EventDataStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudTrail::EventDataStore.AdvancedEventSelector": { "additionalProperties": false, "properties": { "FieldSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore.AdvancedFieldSelector" }, "markdownDescription": "Contains all selector statements in an advanced event selector.", "title": "FieldSelectors", "type": "array" }, "Name": { "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", "title": "Name", "type": "string" } }, "required": [ "FieldSelectors" ], "type": "object" }, "AWS::CloudTrail::EventDataStore.AdvancedFieldSelector": { "additionalProperties": false, "properties": { "EndsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", "title": "EndsWith", "type": "array" }, "Equals": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", "title": "Equals", "type": "array" }, "Field": { "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `readOnly` , `eventCategory` , and `eventSource` .\n\nFor CloudTrail data events, supported fields include `readOnly` , `eventCategory` , `eventName` , `resources.type` , and `resources.ARN` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n- *`readOnly`* - Optional. Can be set to `Equals` a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - For filtering management events only. This can be set to `NotEquals` `kms.amazonaws.com` or `NotEquals` `rdsdata.amazonaws.com` .\n- *`eventName`* - Can use any operator. You can use it to \ufb01lter in or \ufb01lter out any data event logged to CloudTrail, such as `PutBucket` or `GetSnapshotBlock` . You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For non- AWS events, the value must be `ActivityAuditLog` .\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator, and the value can be one of the following:\n\n- `AWS::AppConfig::Configuration`\n- `AWS::B2BI::Transformer`\n- `AWS::Bedrock::AgentAlias`\n- `AWS::Bedrock::FlowAlias`\n- `AWS::Bedrock::Guardrail`\n- `AWS::Bedrock::KnowledgeBase`\n- `AWS::Cassandra::Table`\n- `AWS::CloudFront::KeyValueStore`\n- `AWS::CloudTrail::Channel`\n- `AWS::CloudWatch::Metric`\n- `AWS::CodeWhisperer::Customization`\n- `AWS::CodeWhisperer::Profile`\n- `AWS::Cognito::IdentityPool`\n- `AWS::DynamoDB::Stream`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::Snapshot`\n- `AWS::EMRWAL::Workspace`\n- `AWS::FinSpace::Environment`\n- `AWS::Glue::Table`\n- `AWS::GreengrassV2::ComponentVersion`\n- `AWS::GreengrassV2::Deployment`\n- `AWS::GuardDuty::Detector`\n- `AWS::IoT::Certificate`\n- `AWS::IoT::Thing`\n- `AWS::IoTSiteWise::Asset`\n- `AWS::IoTSiteWise::TimeSeries`\n- `AWS::IoTTwinMaker::Entity`\n- `AWS::IoTTwinMaker::Workspace`\n- `AWS::KendraRanking::ExecutionPlan`\n- `AWS::Kinesis::Stream`\n- `AWS::Kinesis::StreamConsumer`\n- `AWS::KinesisVideo::Stream`\n- `AWS::Lambda::Function`\n- `AWS::MachineLearning::MlModel`\n- `AWS::ManagedBlockchain::Network`\n- `AWS::ManagedBlockchain::Node`\n- `AWS::MedicalImaging::Datastore`\n- `AWS::NeptuneGraph::Graph`\n- `AWS::PaymentCryptography::Alias`\n- `AWS::PaymentCryptography::Key`\n- `AWS::PCAConnectorAD::Connector`\n- `AWS::PCAConnectorSCEP::Connector`\n- `AWS::QApps:QApp`\n- `AWS::QBusiness::Application`\n- `AWS::QBusiness::DataSource`\n- `AWS::QBusiness::Index`\n- `AWS::QBusiness::WebExperience`\n- `AWS::RDS::DBCluster`\n- `AWS::S3::AccessPoint`\n- `AWS::S3::Object`\n- `AWS::S3Express::Object`\n- `AWS::S3ObjectLambda::AccessPoint`\n- `AWS::S3Outposts::Object`\n- `AWS::SageMaker::Endpoint`\n- `AWS::SageMaker::ExperimentTrialComponent`\n- `AWS::SageMaker::FeatureGroup`\n- `AWS::ServiceDiscovery::Namespace`\n- `AWS::ServiceDiscovery::Service`\n- `AWS::SCN::Instance`\n- `AWS::SNS::PlatformEndpoint`\n- `AWS::SNS::Topic`\n- `AWS::SQS::Queue`\n- `AWS::SSM::ManagedNode`\n- `AWS::SSMMessages::ControlChannel`\n- `AWS::StepFunctions::StateMachine`\n- `AWS::SWF::Domain`\n- `AWS::ThinClient::Device`\n- `AWS::ThinClient::Environment`\n- `AWS::Timestream::Database`\n- `AWS::Timestream::Table`\n- `AWS::VerifiedPermissions::PolicyStore`\n- `AWS::XRay::Trace`\n\nYou can have only one `resources.type` \ufb01eld per selector. To log data events on more than one resource type, add another selector.\n- *`resources.ARN`* - You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value. For information about filtering on the `resources.ARN` field, see [Filtering data events by resources.ARN](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-resourcearn) in the *AWS CloudTrail User Guide* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.", "title": "Field", "type": "string" }, "NotEndsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", "title": "NotEndsWith", "type": "array" }, "NotEquals": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", "title": "NotEquals", "type": "array" }, "NotStartsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", "title": "NotStartsWith", "type": "array" }, "StartsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", "title": "StartsWith", "type": "array" } }, "required": [ "Field" ], "type": "object" }, "AWS::CloudTrail::EventDataStore.InsightSelector": { "additionalProperties": false, "properties": { "InsightType": { "markdownDescription": "The type of Insights events to log on an event data store. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", "title": "InsightType", "type": "string" } }, "type": "object" }, "AWS::CloudTrail::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the CloudTrail channel attached to the resource-based policy. The following is the format of a resource ARN: `arn:aws:cloudtrail:us-east-2:123456789012:channel/MyChannel` .", "title": "ResourceArn", "type": "string" }, "ResourcePolicy": { "markdownDescription": "A JSON-formatted string for an AWS resource-based policy.\n\nThe following are requirements for the resource policy:\n\n- Contains only one action: cloudtrail-data:PutAuditEvents\n- Contains at least one statement. The policy can have a maximum of 20 statements.\n- Each statement contains at least one principal. A statement can have a maximum of 50 principals.", "title": "ResourcePolicy", "type": "object" } }, "required": [ "ResourceArn", "ResourcePolicy" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudTrail::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudTrail::Trail": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdvancedEventSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedEventSelector" }, "markdownDescription": "Specifies the settings for advanced event selectors. You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use either `AdvancedEventSelectors` or `EventSelectors` , but not both. If you apply `AdvancedEventSelectors` to a trail, any existing `EventSelectors` are overwritten. For more information about advanced event selectors, see [Logging data events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .", "title": "AdvancedEventSelectors", "type": "array" }, "CloudWatchLogsLogGroupArn": { "markdownDescription": "Specifies a log group name using an Amazon Resource Name (ARN), a unique identifier that represents the log group to which CloudTrail logs are delivered. You must use a log group that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", "title": "CloudWatchLogsLogGroupArn", "type": "string" }, "CloudWatchLogsRoleArn": { "markdownDescription": "Specifies the role for the CloudWatch Logs endpoint to assume to write to a user's log group. You must use a role that exists in your account.\n\nTo enable CloudWatch Logs delivery, you must provide values for `CloudWatchLogsLogGroupArn` and `CloudWatchLogsRoleArn` .\n\n> If you previously enabled CloudWatch Logs delivery and want to disable CloudWatch Logs delivery, you must set the values of the `CloudWatchLogsRoleArn` and `CloudWatchLogsLogGroupArn` fields to `\"\"` .", "title": "CloudWatchLogsRoleArn", "type": "string" }, "EnableLogFileValidation": { "markdownDescription": "Specifies whether log file validation is enabled. The default is false.\n\n> When you disable log file integrity validation, the chain of digest files is broken after one hour. CloudTrail does not create digest files for log files that were delivered during a period in which log file integrity validation was disabled. For example, if you enable log file integrity validation at noon on January 1, disable it at noon on January 2, and re-enable it at noon on January 10, digest files will not be created for the log files delivered from noon on January 2 to noon on January 10. The same applies whenever you stop CloudTrail logging or delete a trail.", "title": "EnableLogFileValidation", "type": "boolean" }, "EventSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Trail.EventSelector" }, "markdownDescription": "Use event selectors to further specify the management and data event settings for your trail. By default, trails created without specific event selectors will be configured to log all read and write management events, and no data events. When an event occurs in your account, CloudTrail evaluates the event selector for all trails. For each trail, if the event matches any event selector, the trail processes and logs the event. If the event doesn't match any event selector, the trail doesn't log the event.\n\nYou can configure up to five event selectors for a trail.\n\nYou cannot apply both event selectors and advanced event selectors to a trail.", "title": "EventSelectors", "type": "array" }, "IncludeGlobalServiceEvents": { "markdownDescription": "Specifies whether the trail is publishing events from global services such as IAM to the log files.", "title": "IncludeGlobalServiceEvents", "type": "boolean" }, "InsightSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Trail.InsightSelector" }, "markdownDescription": "A JSON string that contains the Insights types you want to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", "title": "InsightSelectors", "type": "array" }, "IsLogging": { "markdownDescription": "Whether the CloudTrail trail is currently logging AWS API calls.", "title": "IsLogging", "type": "boolean" }, "IsMultiRegionTrail": { "markdownDescription": "Specifies whether the trail applies only to the current Region or to all Regions. The default is false. If the trail exists only in the current Region and this value is set to true, shadow trails (replications of the trail) will be created in the other Regions. If the trail exists in all Regions and this value is set to false, the trail will remain in the Region where it was created, and its shadow trails in other Regions will be deleted. As a best practice, consider using trails that log events in all Regions.", "title": "IsMultiRegionTrail", "type": "boolean" }, "IsOrganizationTrail": { "markdownDescription": "Specifies whether the trail is applied to all accounts in an organization in AWS Organizations , or only for the current AWS account . The default is false, and cannot be true unless the call is made on behalf of an AWS account that is the management account for an organization in AWS Organizations . If the trail is not an organization trail and this is set to `true` , the trail will be created in all AWS accounts that belong to the organization. If the trail is an organization trail and this is set to `false` , the trail will remain in the current AWS account but be deleted from all member accounts in the organization.\n\n> Only the management account for the organization can convert an organization trail to a non-organization trail, or convert a non-organization trail to an organization trail.", "title": "IsOrganizationTrail", "type": "boolean" }, "KMSKeyId": { "markdownDescription": "Specifies the AWS KMS key ID to use to encrypt the logs delivered by CloudTrail. The value can be an alias name prefixed by \"alias/\", a fully specified ARN to an alias, a fully specified ARN to a key, or a globally unique identifier.\n\nCloudTrail also supports AWS KMS multi-Region keys. For more information about multi-Region keys, see [Using multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nExamples:\n\n- alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:alias/MyAliasName\n- arn:aws:kms:us-east-2:123456789012:key/12345678-1234-1234-1234-123456789012\n- 12345678-1234-1234-1234-123456789012", "title": "KMSKeyId", "type": "string" }, "S3BucketName": { "markdownDescription": "Specifies the name of the Amazon S3 bucket designated for publishing log files. See [Amazon S3 Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) .", "title": "S3BucketName", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "Specifies the Amazon S3 key prefix that comes after the name of the bucket you have designated for log file delivery. For more information, see [Finding Your CloudTrail Log Files](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/get-and-view-cloudtrail-log-files.html#cloudtrail-find-log-files) . The maximum length is 200 characters.", "title": "S3KeyPrefix", "type": "string" }, "SnsTopicName": { "markdownDescription": "Specifies the name of the Amazon SNS topic defined for notification of log file delivery. The maximum length is 256 characters.", "title": "SnsTopicName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A custom set of tags (key-value pairs) for this trail.", "title": "Tags", "type": "array" }, "TrailName": { "markdownDescription": "Specifies the name of the trail. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), periods (.), underscores (_), or dashes (-)\n- Start with a letter or number, and end with a letter or number\n- Be between 3 and 128 characters\n- Have no adjacent periods, underscores or dashes. Names like `my-_namespace` and `my--namespace` are not valid.\n- Not be in IP address format (for example, 192.168.5.4)", "title": "TrailName", "type": "string" } }, "required": [ "IsLogging", "S3BucketName" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudTrail::Trail" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudTrail::Trail.AdvancedEventSelector": { "additionalProperties": false, "properties": { "FieldSelectors": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Trail.AdvancedFieldSelector" }, "markdownDescription": "Contains all selector statements in an advanced event selector.", "title": "FieldSelectors", "type": "array" }, "Name": { "markdownDescription": "An optional, descriptive name for an advanced event selector, such as \"Log data events for only two S3 buckets\".", "title": "Name", "type": "string" } }, "required": [ "FieldSelectors" ], "type": "object" }, "AWS::CloudTrail::Trail.AdvancedFieldSelector": { "additionalProperties": false, "properties": { "EndsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the last few characters of the event record field specified as the value of `Field` .", "title": "EndsWith", "type": "array" }, "Equals": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the exact value of the event record field specified as the value of `Field` . This is the only valid operator that you can use with the `readOnly` , `eventCategory` , and `resources.type` fields.", "title": "Equals", "type": "array" }, "Field": { "markdownDescription": "A field in a CloudTrail event record on which to filter events to be logged. For event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the field is used only for selecting events as filtering is not supported.\n\nFor CloudTrail management events, supported fields include `readOnly` , `eventCategory` , and `eventSource` .\n\nFor CloudTrail data events, supported fields include `readOnly` , `eventCategory` , `eventName` , `resources.type` , and `resources.ARN` .\n\nFor event data stores for CloudTrail Insights events, AWS Config configuration items, Audit Manager evidence, or events outside of AWS , the only supported field is `eventCategory` .\n\n- *`readOnly`* - Optional. Can be set to `Equals` a value of `true` or `false` . If you do not add this field, CloudTrail logs both `read` and `write` events. A value of `true` logs only `read` events. A value of `false` logs only `write` events.\n- *`eventSource`* - For filtering management events only. This can be set to `NotEquals` `kms.amazonaws.com` or `NotEquals` `rdsdata.amazonaws.com` .\n- *`eventName`* - Can use any operator. You can use it to \ufb01lter in or \ufb01lter out any data event logged to CloudTrail, such as `PutBucket` or `GetSnapshotBlock` . You can have multiple values for this \ufb01eld, separated by commas.\n- *`eventCategory`* - This is required and must be set to `Equals` .\n\n- For CloudTrail management events, the value must be `Management` .\n- For CloudTrail data events, the value must be `Data` .\n\nThe following are used only for event data stores:\n\n- For CloudTrail Insights events, the value must be `Insight` .\n- For AWS Config configuration items, the value must be `ConfigurationItem` .\n- For Audit Manager evidence, the value must be `Evidence` .\n- For non- AWS events, the value must be `ActivityAuditLog` .\n- *`resources.type`* - This \ufb01eld is required for CloudTrail data events. `resources.type` can only use the `Equals` operator, and the value can be one of the following:\n\n- `AWS::AppConfig::Configuration`\n- `AWS::B2BI::Transformer`\n- `AWS::Bedrock::AgentAlias`\n- `AWS::Bedrock::FlowAlias`\n- `AWS::Bedrock::Guardrail`\n- `AWS::Bedrock::KnowledgeBase`\n- `AWS::Cassandra::Table`\n- `AWS::CloudFront::KeyValueStore`\n- `AWS::CloudTrail::Channel`\n- `AWS::CloudWatch::Metric`\n- `AWS::CodeWhisperer::Customization`\n- `AWS::CodeWhisperer::Profile`\n- `AWS::Cognito::IdentityPool`\n- `AWS::DynamoDB::Stream`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::Snapshot`\n- `AWS::EMRWAL::Workspace`\n- `AWS::FinSpace::Environment`\n- `AWS::Glue::Table`\n- `AWS::GreengrassV2::ComponentVersion`\n- `AWS::GreengrassV2::Deployment`\n- `AWS::GuardDuty::Detector`\n- `AWS::IoT::Certificate`\n- `AWS::IoT::Thing`\n- `AWS::IoTSiteWise::Asset`\n- `AWS::IoTSiteWise::TimeSeries`\n- `AWS::IoTTwinMaker::Entity`\n- `AWS::IoTTwinMaker::Workspace`\n- `AWS::KendraRanking::ExecutionPlan`\n- `AWS::Kinesis::Stream`\n- `AWS::Kinesis::StreamConsumer`\n- `AWS::KinesisVideo::Stream`\n- `AWS::Lambda::Function`\n- `AWS::MachineLearning::MlModel`\n- `AWS::ManagedBlockchain::Network`\n- `AWS::ManagedBlockchain::Node`\n- `AWS::MedicalImaging::Datastore`\n- `AWS::NeptuneGraph::Graph`\n- `AWS::PaymentCryptography::Alias`\n- `AWS::PaymentCryptography::Key`\n- `AWS::PCAConnectorAD::Connector`\n- `AWS::PCAConnectorSCEP::Connector`\n- `AWS::QApps:QApp`\n- `AWS::QBusiness::Application`\n- `AWS::QBusiness::DataSource`\n- `AWS::QBusiness::Index`\n- `AWS::QBusiness::WebExperience`\n- `AWS::RDS::DBCluster`\n- `AWS::S3::AccessPoint`\n- `AWS::S3::Object`\n- `AWS::S3Express::Object`\n- `AWS::S3ObjectLambda::AccessPoint`\n- `AWS::S3Outposts::Object`\n- `AWS::SageMaker::Endpoint`\n- `AWS::SageMaker::ExperimentTrialComponent`\n- `AWS::SageMaker::FeatureGroup`\n- `AWS::ServiceDiscovery::Namespace`\n- `AWS::ServiceDiscovery::Service`\n- `AWS::SCN::Instance`\n- `AWS::SNS::PlatformEndpoint`\n- `AWS::SNS::Topic`\n- `AWS::SQS::Queue`\n- `AWS::SSM::ManagedNode`\n- `AWS::SSMMessages::ControlChannel`\n- `AWS::StepFunctions::StateMachine`\n- `AWS::SWF::Domain`\n- `AWS::ThinClient::Device`\n- `AWS::ThinClient::Environment`\n- `AWS::Timestream::Database`\n- `AWS::Timestream::Table`\n- `AWS::VerifiedPermissions::PolicyStore`\n- `AWS::XRay::Trace`\n\nYou can have only one `resources.type` \ufb01eld per selector. To log data events on more than one resource type, add another selector.\n- *`resources.ARN`* - You can use any operator with `resources.ARN` , but if you use `Equals` or `NotEquals` , the value must exactly match the ARN of a valid resource of the type you've speci\ufb01ed in the template as the value of resources.type. To log all data events for all objects in a specific S3 bucket, use the `StartsWith` operator, and include only the bucket ARN as the matching value. For information about filtering on the `resources.ARN` field, see [Filtering data events by resources.ARN](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/filtering-data-events.html#filtering-data-events-resourcearn) in the *AWS CloudTrail User Guide* .\n\n> You can't use the `resources.ARN` field to filter resource types that do not have ARNs.", "title": "Field", "type": "string" }, "NotEndsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the last few characters of the event record field specified as the value of `Field` .", "title": "NotEndsWith", "type": "array" }, "NotEquals": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the exact value of the event record field specified as the value of `Field` .", "title": "NotEquals", "type": "array" }, "NotStartsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that excludes events that match the first few characters of the event record field specified as the value of `Field` .", "title": "NotStartsWith", "type": "array" }, "StartsWith": { "items": { "type": "string" }, "markdownDescription": "An operator that includes events that match the first few characters of the event record field specified as the value of `Field` .", "title": "StartsWith", "type": "array" } }, "required": [ "Field" ], "type": "object" }, "AWS::CloudTrail::Trail.DataResource": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The resource type in which you want to log data events. You can specify the following *basic* event selector resource types:\n\n- `AWS::DynamoDB::Table`\n- `AWS::Lambda::Function`\n- `AWS::S3::Object`\n\nAdditional resource types are available through *advanced* event selectors. For more information about these additional resource types, see [AdvancedFieldSelector](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedFieldSelector.html) .", "title": "Type", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified resource type.\n\n- To log data events for all objects in all S3 buckets in your AWS account , specify the prefix as `arn:aws:s3` .\n\n> This also enables logging of data event activity performed by any user or role in your AWS account , even if that activity is performed on a bucket that belongs to another AWS account .\n- To log data events for all objects in an S3 bucket, specify the bucket and an empty object prefix such as `arn:aws:s3:::DOC-EXAMPLE-BUCKET1/` . The trail logs data events for all objects in this S3 bucket.\n- To log data events for specific objects, specify the S3 bucket and object prefix such as `arn:aws:s3:::DOC-EXAMPLE-BUCKET1/example-images` . The trail logs data events for objects in this S3 bucket that match the prefix.\n- To log data events for all Lambda functions in your AWS account , specify the prefix as `arn:aws:lambda` .\n\n> This also enables logging of `Invoke` activity performed by any user or role in your AWS account , even if that activity is performed on a function that belongs to another AWS account .\n- To log data events for a specific Lambda function, specify the function ARN.\n\n> Lambda function ARNs are exact. For example, if you specify a function ARN *arn:aws:lambda:us-west-2:111111111111:function:helloworld* , data events will only be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld* . They will not be logged for *arn:aws:lambda:us-west-2:111111111111:function:helloworld2* .\n- To log data events for all DynamoDB tables in your AWS account , specify the prefix as `arn:aws:dynamodb` .", "title": "Values", "type": "array" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudTrail::Trail.EventSelector": { "additionalProperties": false, "properties": { "DataResources": { "items": { "$ref": "#/definitions/AWS::CloudTrail::Trail.DataResource" }, "markdownDescription": "CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events.\n\nFor more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* .\n\n> To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field.", "title": "DataResources", "type": "array" }, "ExcludeManagementEventSources": { "items": { "type": "string" }, "markdownDescription": "An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service or Amazon RDS Data API events by containing `kms.amazonaws.com` or `rdsdata.amazonaws.com` . By default, `ExcludeManagementEventSources` is empty, and AWS KMS and Amazon RDS Data API events are logged to your trail. You can exclude management event sources only in Regions that support the event source.", "title": "ExcludeManagementEventSources", "type": "array" }, "IncludeManagementEvents": { "markdownDescription": "Specify if you want your event selector to include management events for your trail.\n\nFor more information, see [Management Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide* .\n\nBy default, the value is `true` .\n\nThe first copy of management events is free. You are charged for additional copies of management events that you are logging on any subsequent trail in the same Region. For more information about CloudTrail pricing, see [AWS CloudTrail Pricing](https://docs.aws.amazon.com/cloudtrail/pricing/) .", "title": "IncludeManagementEvents", "type": "boolean" }, "ReadWriteType": { "markdownDescription": "Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 `GetConsoleOutput` is a read-only API operation and `RunInstances` is a write-only API operation.\n\nBy default, the value is `All` .", "title": "ReadWriteType", "type": "string" } }, "type": "object" }, "AWS::CloudTrail::Trail.InsightSelector": { "additionalProperties": false, "properties": { "InsightType": { "markdownDescription": "The type of Insights events to log on a trail. `ApiCallRateInsight` and `ApiErrorRateInsight` are valid Insight types.\n\nThe `ApiCallRateInsight` Insights type analyzes write-only management API calls that are aggregated per minute against a baseline API call volume.\n\nThe `ApiErrorRateInsight` Insights type analyzes management API calls that result in error codes. The error is shown if the API call is unsuccessful.", "title": "InsightType", "type": "string" } }, "type": "object" }, "AWS::CloudWatch::Alarm": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionsEnabled": { "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state. The default is TRUE.", "title": "ActionsEnabled", "type": "boolean" }, "AlarmActions": { "items": { "type": "string" }, "markdownDescription": "The list of actions to execute when this alarm transitions into an ALARM state from any other state. Specify each action as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutMetricAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutMetricAlarm.html) in the *Amazon CloudWatch API Reference* .", "title": "AlarmActions", "type": "array" }, "AlarmDescription": { "markdownDescription": "The description of the alarm.", "title": "AlarmDescription", "type": "string" }, "AlarmName": { "markdownDescription": "The name of the alarm. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the alarm name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "AlarmName", "type": "string" }, "ComparisonOperator": { "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold. The specified statistic value is used as the first operand.", "title": "ComparisonOperator", "type": "string" }, "DatapointsToAlarm": { "markdownDescription": "The number of datapoints that must be breaching to trigger the alarm. This is used only if you are setting an \"M out of N\" alarm. In that case, this value is the M, and the value that you set for `EvaluationPeriods` is the N value. For more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, CloudWatch uses the same value here that you set for `EvaluationPeriods` , and the alarm goes to alarm state if that many consecutive periods are breaching.", "title": "DatapointsToAlarm", "type": "number" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, "markdownDescription": "The dimensions for the metric associated with the alarm. For an alarm based on a math expression, you can't specify `Dimensions` . Instead, you use `Metrics` .", "title": "Dimensions", "type": "array" }, "EvaluateLowSampleCountPercentile": { "markdownDescription": "Used only for alarms based on percentiles. If `ignore` , the alarm state does not change during periods with too few data points to be statistically significant. If `evaluate` or this parameter is not used, the alarm is always evaluated and possibly changes state no matter how many data points are available.", "title": "EvaluateLowSampleCountPercentile", "type": "string" }, "EvaluationPeriods": { "markdownDescription": "The number of periods over which data is compared to the specified threshold. If you are setting an alarm that requires that a number of consecutive data points be breaching to trigger the alarm, this value specifies that number. If you are setting an \"M out of N\" alarm, this value is the N, and `DatapointsToAlarm` is the M.\n\nFor more information, see [Evaluating an Alarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarm-evaluation) in the *Amazon CloudWatch User Guide* .", "title": "EvaluationPeriods", "type": "number" }, "ExtendedStatistic": { "markdownDescription": "The percentile statistic for the metric associated with the alarm. Specify a value between p0.0 and p100.\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `ExtendedStatistic` . Instead, you use `Metrics` .", "title": "ExtendedStatistic", "type": "string" }, "InsufficientDataActions": { "items": { "type": "string" }, "markdownDescription": "The actions to execute when this alarm transitions to the `INSUFFICIENT_DATA` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", "title": "InsufficientDataActions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you use `Metrics` instead and you can't specify `MetricName` .", "title": "MetricName", "type": "string" }, "Metrics": { "items": { "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricDataQuery" }, "markdownDescription": "An array that enables you to create an alarm based on the result of a metric math expression. Each item in the array either retrieves a metric or performs a math expression.\n\nIf you specify the `Metrics` parameter, you cannot specify `MetricName` , `Dimensions` , `Period` , `Namespace` , `Statistic` , `ExtendedStatistic` , or `Unit` .", "title": "Metrics", "type": "array" }, "Namespace": { "markdownDescription": "The namespace of the metric associated with the alarm. This is required for an alarm based on a metric. For an alarm based on a math expression, you can't specify `Namespace` and you use `Metrics` instead.\n\nFor a list of namespaces for metrics from AWS services, see [AWS Services That Publish CloudWatch Metrics.](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html)", "title": "Namespace", "type": "string" }, "OKActions": { "items": { "type": "string" }, "markdownDescription": "The actions to execute when this alarm transitions to the `OK` state from any other state. Each action is specified as an Amazon Resource Name (ARN).", "title": "OKActions", "type": "array" }, "Period": { "markdownDescription": "The period, in seconds, over which the statistic is applied. This is required for an alarm based on a metric. Valid values are 10, 30, 60, and any multiple of 60.\n\nFor an alarm based on a math expression, you can't specify `Period` , and instead you use the `Metrics` parameter.\n\n*Minimum:* 10", "title": "Period", "type": "number" }, "Statistic": { "markdownDescription": "The statistic for the metric associated with the alarm, other than percentile. For percentile statistics, use `ExtendedStatistic` .\n\nFor an alarm based on a metric, you must specify either `Statistic` or `ExtendedStatistic` but not both.\n\nFor an alarm based on a math expression, you can't specify `Statistic` . Instead, you use `Metrics` .", "title": "Statistic", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" }, "Threshold": { "markdownDescription": "The value to compare with the specified statistic.", "title": "Threshold", "type": "number" }, "ThresholdMetricId": { "markdownDescription": "In an alarm based on an anomaly detection model, this is the ID of the `ANOMALY_DETECTION_BAND` function used as the threshold for the alarm.", "title": "ThresholdMetricId", "type": "string" }, "TreatMissingData": { "markdownDescription": "Sets how this alarm is to handle missing data points. Valid values are `breaching` , `notBreaching` , `ignore` , and `missing` . For more information, see [Configuring How CloudWatch Alarms Treat Missing Data](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html#alarms-and-missing-data) in the *Amazon CloudWatch User Guide* .\n\nIf you omit this parameter, the default behavior of `missing` is used.", "title": "TreatMissingData", "type": "string" }, "Unit": { "markdownDescription": "The unit of the metric associated with the alarm. Specify this only if you are creating an alarm based on a single metric. Do not specify this if you are specifying a `Metrics` array.\n\nYou can specify the following values: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", "title": "Unit", "type": "string" } }, "required": [ "ComparisonOperator", "EvaluationPeriods" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::Alarm" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudWatch::Alarm.Dimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension, from 1\u2013255 characters in length. This dimension name must have been included when the metric was published.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value for the dimension, from 1\u2013255 characters in length.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::CloudWatch::Alarm.Metric": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::CloudWatch::Alarm.Dimension" }, "markdownDescription": "The metric dimensions that you want to be used for the metric that the alarm will watch.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric that you want the alarm to watch. This is a required field.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric that the alarm will watch.", "title": "Namespace", "type": "string" } }, "type": "object" }, "AWS::CloudWatch::Alarm.MetricDataQuery": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The ID of the account where the metrics are located, if this is a cross-account alarm.", "title": "AccountId", "type": "string" }, "Expression": { "markdownDescription": "The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", "title": "Expression", "type": "string" }, "Id": { "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", "title": "Id", "type": "string" }, "Label": { "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If `Label` is omitted, CloudWatch generates a default.", "title": "Label", "type": "string" }, "MetricStat": { "$ref": "#/definitions/AWS::CloudWatch::Alarm.MetricStat", "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", "title": "MetricStat" }, "Period": { "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", "title": "Period", "type": "number" }, "ReturnData": { "markdownDescription": "This option indicates whether to return the timestamps and raw data values of this metric.\n\nWhen you create an alarm based on a metric math expression, specify `True` for this value for only the one math expression that the alarm is based on. You must specify `False` for `ReturnData` for all the other metrics and expressions used in the alarm.\n\nThis field is required.", "title": "ReturnData", "type": "boolean" } }, "required": [ "Id" ], "type": "object" }, "AWS::CloudWatch::Alarm.MetricStat": { "additionalProperties": false, "properties": { "Metric": { "$ref": "#/definitions/AWS::CloudWatch::Alarm.Metric", "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", "title": "Metric" }, "Period": { "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", "title": "Period", "type": "number" }, "Stat": { "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* .", "title": "Stat", "type": "string" }, "Unit": { "markdownDescription": "The unit to use for the returned data points.\n\nValid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None.", "title": "Unit", "type": "string" } }, "required": [ "Metric", "Period", "Stat" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Configuration", "markdownDescription": "Specifies details about how the anomaly detection model is to be trained, including time ranges to exclude when training and updating the model. The configuration can also include the time zone to use for the metric.", "title": "Configuration" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, "markdownDescription": "The dimensions of the metric associated with the anomaly detection band.", "title": "Dimensions", "type": "array" }, "MetricCharacteristics": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricCharacteristics", "markdownDescription": "Use this object to include parameters to provide information about your metric to CloudWatch to help it build more accurate anomaly detection models. Currently, it includes the `PeriodicSpikes` parameter.", "title": "MetricCharacteristics" }, "MetricMathAnomalyDetector": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector", "markdownDescription": "The CloudWatch metric math expression for this anomaly detector.", "title": "MetricMathAnomalyDetector" }, "MetricName": { "markdownDescription": "The name of the metric associated with the anomaly detection band.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric associated with the anomaly detection band.", "title": "Namespace", "type": "string" }, "SingleMetricAnomalyDetector": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector", "markdownDescription": "The CloudWatch metric and statistic for this anomaly detector.", "title": "SingleMetricAnomalyDetector" }, "Stat": { "markdownDescription": "The statistic of the metric associated with the anomaly detection band.", "title": "Stat", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::AnomalyDetector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.Configuration": { "additionalProperties": false, "properties": { "ExcludedTimeRanges": { "items": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Range" }, "markdownDescription": "Specifies an array of time ranges to exclude from use when the anomaly detection model is trained and updated. Use this to make sure that events that could cause unusual values for the metric, such as deployments, aren't used when CloudWatch creates or updates the model.", "title": "ExcludedTimeRanges", "type": "array" }, "MetricTimeZone": { "markdownDescription": "The time zone to use for the metric. This is useful to enable the model to automatically account for daylight savings time changes if the metric is sensitive to such time changes.\n\nTo specify a time zone, use the name of the time zone as specified in the standard tz database. For more information, see [tz database](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Tz_database) .", "title": "MetricTimeZone", "type": "string" } }, "type": "object" }, "AWS::CloudWatch::AnomalyDetector.Dimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the dimension.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.Metric": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, "markdownDescription": "The dimensions for the metric.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric. This is a required field.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" } }, "required": [ "MetricName", "Namespace" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.MetricCharacteristics": { "additionalProperties": false, "properties": { "PeriodicSpikes": { "markdownDescription": "Set this parameter to true if values for this metric consistently include spikes that should not be considered to be anomalies. With this set to true, CloudWatch will expect to see spikes that occurred consistently during the model training period, and won't flag future similar spikes as anomalies.", "title": "PeriodicSpikes", "type": "boolean" } }, "type": "object" }, "AWS::CloudWatch::AnomalyDetector.MetricDataQueries": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::CloudWatch::AnomalyDetector.MetricDataQuery": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The ID of the account where the metrics are located.\n\nIf you are performing a `GetMetricData` operation in a monitoring account, use this to specify which account to retrieve this metric from.\n\nIf you are performing a `PutMetricAlarm` operation, use this to specify which account contains the metric that the alarm is watching.", "title": "AccountId", "type": "string" }, "Expression": { "markdownDescription": "This field can contain either a Metrics Insights query, or a metric math expression to be performed on the returned data. For more information about Metrics Insights queries, see [Metrics Insights query components and syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch-metrics-insights-querylanguage) in the *Amazon CloudWatch User Guide* .\n\nA math expression can use the `Id` of the other metrics or queries to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *Amazon CloudWatch User Guide* .\n\nWithin each MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", "title": "Expression", "type": "string" }, "Id": { "markdownDescription": "A short name used to tie this object to the results in the response. This name must be unique within a single call to `GetMetricData` . If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter.", "title": "Id", "type": "string" }, "Label": { "markdownDescription": "A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the label is shown. If Label is omitted, CloudWatch generates a default.\n\nYou can put dynamic expressions into a label, so that it is more descriptive. For more information, see [Using Dynamic Labels](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/graph-dynamic-labels.html) .", "title": "Label", "type": "string" }, "MetricStat": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricStat", "markdownDescription": "The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data.\n\nWithin one MetricDataQuery object, you must specify either `Expression` or `MetricStat` but not both.", "title": "MetricStat" }, "Period": { "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` operation that includes a `StorageResolution of 1 second` .", "title": "Period", "type": "number" }, "ReturnData": { "markdownDescription": "When used in `GetMetricData` , this option indicates whether to return the timestamps and raw data values of this metric. If you are performing this call just to do math expressions and do not also need the raw data returned, you can specify `false` . If you omit this, the default of `true` is used.\n\nWhen used in `PutMetricAlarm` , specify `true` for the one expression result to use as the alarm. For all other metrics and expressions in the same `PutMetricAlarm` operation, specify `ReturnData` as False.", "title": "ReturnData", "type": "boolean" } }, "required": [ "Id" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.MetricMathAnomalyDetector": { "additionalProperties": false, "properties": { "MetricDataQueries": { "items": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.MetricDataQuery" }, "markdownDescription": "An array of metric data query structures that enables you to create an anomaly detector based on the result of a metric math expression. Each item in `MetricDataQueries` gets a metric or performs a math expression. One item in `MetricDataQueries` is the expression that provides the time series that the anomaly detector uses as input. Designate the expression by setting `ReturnData` to `true` for this object in the array. For all other expressions and metrics, set `ReturnData` to `false` . The designated expression must return a single time series.", "title": "MetricDataQueries", "type": "array" } }, "type": "object" }, "AWS::CloudWatch::AnomalyDetector.MetricStat": { "additionalProperties": false, "properties": { "Metric": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Metric", "markdownDescription": "The metric to return, including the metric name, namespace, and dimensions.", "title": "Metric" }, "Period": { "markdownDescription": "The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a `PutMetricData` call that includes a `StorageResolution` of 1 second.\n\nIf the `StartTime` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned:\n\n- Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).\n- Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).\n- Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).", "title": "Period", "type": "number" }, "Stat": { "markdownDescription": "The statistic to return. It can include any CloudWatch statistic or extended statistic.", "title": "Stat", "type": "string" }, "Unit": { "markdownDescription": "When you are using a `Put` operation, this defines what unit you want to use when storing the metric.\n\nIn a `Get` operation, if you omit `Unit` then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.", "title": "Unit", "type": "string" } }, "required": [ "Metric", "Period", "Stat" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.Range": { "additionalProperties": false, "properties": { "EndTime": { "markdownDescription": "The end time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", "title": "EndTime", "type": "string" }, "StartTime": { "markdownDescription": "The start time of the range to exclude. The format is `yyyy-MM-dd'T'HH:mm:ss` . For example, `2019-07-01T23:59:59` .", "title": "StartTime", "type": "string" } }, "required": [ "EndTime", "StartTime" ], "type": "object" }, "AWS::CloudWatch::AnomalyDetector.SingleMetricAnomalyDetector": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "If the CloudWatch metric that provides the time series that the anomaly detector uses as input is in another account, specify that account ID here. If you omit this parameter, the current account is used.", "title": "AccountId", "type": "string" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector.Dimension" }, "markdownDescription": "The metric dimensions to create the anomaly detection model for.", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the metric to create the anomaly detection model for.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric to create the anomaly detection model for.", "title": "Namespace", "type": "string" }, "Stat": { "markdownDescription": "The statistic to use for the metric and anomaly detection model.", "title": "Stat", "type": "string" } }, "type": "object" }, "AWS::CloudWatch::CompositeAlarm": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionsEnabled": { "markdownDescription": "Indicates whether actions should be executed during any changes to the alarm state of the composite alarm. The default is TRUE.", "title": "ActionsEnabled", "type": "boolean" }, "ActionsSuppressor": { "markdownDescription": "Actions will be suppressed if the suppressor alarm is in the `ALARM` state. `ActionsSuppressor` can be an AlarmName or an Amazon Resource Name (ARN) from an existing alarm.", "title": "ActionsSuppressor", "type": "string" }, "ActionsSuppressorExtensionPeriod": { "markdownDescription": "The maximum time in seconds that the composite alarm waits after suppressor alarm goes out of the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `ExtensionPeriod` is required only when `ActionsSuppressor` is specified.", "title": "ActionsSuppressorExtensionPeriod", "type": "number" }, "ActionsSuppressorWaitPeriod": { "markdownDescription": "The maximum time in seconds that the composite alarm waits for the suppressor alarm to go into the `ALARM` state. After this time, the composite alarm performs its actions.\n\n> `WaitPeriod` is required only when `ActionsSuppressor` is specified.", "title": "ActionsSuppressorWaitPeriod", "type": "number" }, "AlarmActions": { "items": { "type": "string" }, "markdownDescription": "The actions to execute when this alarm transitions to the ALARM state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", "title": "AlarmActions", "type": "array" }, "AlarmDescription": { "markdownDescription": "The description for the composite alarm.", "title": "AlarmDescription", "type": "string" }, "AlarmName": { "markdownDescription": "The name for the composite alarm. This name must be unique within your AWS account.", "title": "AlarmName", "type": "string" }, "AlarmRule": { "markdownDescription": "An expression that specifies which other alarms are to be evaluated to determine this composite alarm's state. For each alarm that you reference, you designate a function that specifies whether that alarm needs to be in ALARM state, OK state, or INSUFFICIENT_DATA state. You can use operators (AND, OR and NOT) to combine multiple functions in a single expression. You can use parenthesis to logically group the functions in your expression.\n\nYou can use either alarm names or ARNs to reference the other alarms that are to be evaluated.\n\nFunctions can include the following:\n\n- ALARM(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in ALARM state.\n- OK(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in OK state.\n- INSUFFICIENT_DATA(\"alarm-name or alarm-ARN\") is TRUE if the named alarm is in INSUFFICIENT_DATA state.\n- TRUE always evaluates to TRUE.\n- FALSE always evaluates to FALSE.\n\nTRUE and FALSE are useful for testing a complex AlarmRule structure, and for testing your alarm actions.\n\nFor more information about `AlarmRule` syntax, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", "title": "AlarmRule", "type": "string" }, "InsufficientDataActions": { "items": { "type": "string" }, "markdownDescription": "The actions to execute when this alarm transitions to the INSUFFICIENT_DATA state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", "title": "InsufficientDataActions", "type": "array" }, "OKActions": { "items": { "type": "string" }, "markdownDescription": "The actions to execute when this alarm transitions to the OK state from any other state. Each action is specified as an Amazon Resource Name (ARN). For more information about creating alarms and the actions that you can specify, see [PutCompositeAlarm](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_PutCompositeAlarm.html) in the *Amazon CloudWatch API Reference* .", "title": "OKActions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to associate with the alarm. You can associate as many as 50 tags with an alarm. To be able to associate tags with the alarm when you create the alarm, you must have the `cloudwatch:TagResource` permission.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.", "title": "Tags", "type": "array" } }, "required": [ "AlarmRule" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::CompositeAlarm" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudWatch::Dashboard": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DashboardBody": { "markdownDescription": "The detailed information about the dashboard in JSON format, including the widgets to include and their location on the dashboard. This parameter is required.\n\nFor more information about the syntax, see [Dashboard Body Structure and Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/CloudWatch-Dashboard-Body-Structure.html) .", "title": "DashboardBody", "type": "string" }, "DashboardName": { "markdownDescription": "The name of the dashboard. The name must be between 1 and 255 characters. If you do not specify a name, one will be generated automatically.", "title": "DashboardName", "type": "string" } }, "required": [ "DashboardBody" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::Dashboard" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudWatch::InsightRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RuleBody": { "markdownDescription": "The definition of the rule, as a JSON object. For details about the syntax, see [Contributor Insights Rule Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/ContributorInsights-RuleSyntax.html) in the *Amazon CloudWatch User Guide* .", "title": "RuleBody", "type": "string" }, "RuleName": { "markdownDescription": "The name of the rule.", "title": "RuleName", "type": "string" }, "RuleState": { "markdownDescription": "The current state of the rule. Valid values are `ENABLED` and `DISABLED` .", "title": "RuleState", "type": "string" }, "Tags": { "$ref": "#/definitions/AWS::CloudWatch::InsightRule.Tags", "markdownDescription": "A list of key-value pairs to associate with the Contributor Insights rule. You can associate as many as 50 tags with a rule.\n\nTags can help you organize and categorize your resources. For more information, see [Tagging Your Amazon CloudWatch Resources](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Tagging.html) .\n\nTo be able to associate tags with a rule, you must have the `cloudwatch:TagResource` permission in addition to the `cloudwatch:PutInsightRule` permission.", "title": "Tags" } }, "required": [ "RuleBody", "RuleName", "RuleState" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::InsightRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudWatch::InsightRule.Tags": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::CloudWatch::MetricStream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExcludeFilters": { "items": { "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" }, "markdownDescription": "If you specify this parameter, the stream sends metrics from all metric namespaces except for the namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", "title": "ExcludeFilters", "type": "array" }, "FirehoseArn": { "markdownDescription": "The ARN of the Amazon Kinesis Firehose delivery stream to use for this metric stream. This Amazon Kinesis Firehose delivery stream must already exist and must be in the same account as the metric stream.", "title": "FirehoseArn", "type": "string" }, "IncludeFilters": { "items": { "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamFilter" }, "markdownDescription": "If you specify this parameter, the stream sends only the metrics from the metric namespaces that you specify here. You cannot specify both `IncludeFilters` and `ExcludeFilters` in the same metric stream.\n\nWhen you modify the `IncludeFilters` or `ExcludeFilters` of an existing metric stream in any way, the metric stream is effectively restarted, so after such a change you will get only the datapoints that have a timestamp after the time of the update.", "title": "IncludeFilters", "type": "array" }, "IncludeLinkedAccountsMetrics": { "markdownDescription": "If you are creating a metric stream in a monitoring account, specify `true` to include metrics from source accounts that are linked to this monitoring account, in the metric stream. The default is `false` .\n\nFor more information about linking accounts, see [CloudWatch cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html)", "title": "IncludeLinkedAccountsMetrics", "type": "boolean" }, "Name": { "markdownDescription": "If you are creating a new metric stream, this is the name for the new stream. The name must be different than the names of other metric streams in this account and Region.\n\nIf you are updating a metric stream, specify the name of that stream here.", "title": "Name", "type": "string" }, "OutputFormat": { "markdownDescription": "The output format for the stream. Valid values are `json` , `opentelemetry1.0` and `opentelemetry0.7` For more information about metric stream output formats, see [Metric streams output formats](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats.html) .\n\nThis parameter is required.", "title": "OutputFormat", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that this metric stream will use to access Amazon Kinesis Firehose resources. This IAM role must already exist and must be in the same account as the metric stream. This IAM role must include the `firehose:PutRecord` and `firehose:PutRecordBatch` permissions.", "title": "RoleArn", "type": "string" }, "StatisticsConfigurations": { "items": { "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration" }, "markdownDescription": "By default, a metric stream always sends the MAX, MIN, SUM, and SAMPLECOUNT statistics for each metric that is streamed. You can use this parameter to have the metric stream also send additional statistics in the stream. This array can have up to 100 members.\n\nFor each entry in this array, you specify one or more metrics and the list of additional statistics to stream for those metrics. The additional statistics that you can stream depend on the stream's `OutputFormat` . If the `OutputFormat` is `json` , you can stream any additional statistic that is supported by CloudWatch , listed in [CloudWatch statistics definitions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Statistics-definitions.html) . If the `OutputFormat` is OpenTelemetry, you can stream percentile statistics.", "title": "StatisticsConfigurations", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the metric stream.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "FirehoseArn", "OutputFormat", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::CloudWatch::MetricStream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CloudWatch::MetricStream.MetricStreamFilter": { "additionalProperties": false, "properties": { "MetricNames": { "items": { "type": "string" }, "markdownDescription": "The names of the metrics to either include or exclude from the metric stream.\n\nIf you omit this parameter, all metrics in the namespace are included or excluded, depending on whether this filter is specified as an exclude filter or an include filter.\n\nEach metric name can contain only ASCII printable characters (ASCII range 32 through 126). Each metric name must contain at least one non-whitespace character.", "title": "MetricNames", "type": "array" }, "Namespace": { "markdownDescription": "The name of the metric namespace in the filter.\n\nThe namespace can contain only ASCII printable characters (ASCII range 32 through 126). It must contain at least one non-whitespace character.", "title": "Namespace", "type": "string" } }, "required": [ "Namespace" ], "type": "object" }, "AWS::CloudWatch::MetricStream.MetricStreamStatisticsConfiguration": { "additionalProperties": false, "properties": { "AdditionalStatistics": { "items": { "type": "string" }, "markdownDescription": "The additional statistics to stream for the metrics listed in `IncludeMetrics` .", "title": "AdditionalStatistics", "type": "array" }, "IncludeMetrics": { "items": { "$ref": "#/definitions/AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric" }, "markdownDescription": "An array that defines the metrics that are to have additional statistics streamed.", "title": "IncludeMetrics", "type": "array" } }, "required": [ "AdditionalStatistics", "IncludeMetrics" ], "type": "object" }, "AWS::CloudWatch::MetricStream.MetricStreamStatisticsMetric": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace of the metric.", "title": "Namespace", "type": "string" } }, "required": [ "MetricName", "Namespace" ], "type": "object" }, "AWS::CodeArtifact::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "A string that specifies the name of the requested domain.", "title": "DomainName", "type": "string" }, "EncryptionKey": { "markdownDescription": "The key used to encrypt the domain.", "title": "EncryptionKey", "type": "string" }, "PermissionsPolicyDocument": { "markdownDescription": "The document that defines the resource policy that is set on a domain.", "title": "PermissionsPolicyDocument", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be applied to the domain.", "title": "Tags", "type": "array" } }, "required": [ "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeArtifact::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeArtifact::PackageGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactInfo": { "markdownDescription": "The contact information of the package group.", "title": "ContactInfo", "type": "string" }, "Description": { "markdownDescription": "The description of the package group.", "title": "Description", "type": "string" }, "DomainName": { "markdownDescription": "The domain that contains the package group.", "title": "DomainName", "type": "string" }, "DomainOwner": { "markdownDescription": "The 12-digit account number of the AWS account that owns the domain. It does not include dashes or spaces.", "title": "DomainOwner", "type": "string" }, "OriginConfiguration": { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.OriginConfiguration", "markdownDescription": "Details about the package origin configuration of a package group.", "title": "OriginConfiguration" }, "Pattern": { "markdownDescription": "The pattern of the package group. The pattern determines which packages are associated with the package group.", "title": "Pattern", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be applied to the package group.", "title": "Tags", "type": "array" } }, "required": [ "DomainName", "Pattern" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeArtifact::PackageGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeArtifact::PackageGroup.OriginConfiguration": { "additionalProperties": false, "properties": { "Restrictions": { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.Restrictions", "markdownDescription": "The origin configuration settings that determine how package versions can enter repositories.", "title": "Restrictions" } }, "required": [ "Restrictions" ], "type": "object" }, "AWS::CodeArtifact::PackageGroup.RestrictionType": { "additionalProperties": false, "properties": { "Repositories": { "items": { "type": "string" }, "markdownDescription": "The repositories to add to the allowed repositories list. The allowed repositories list is used when the `RestrictionMode` is set to `ALLOW_SPECIFIC_REPOSITORIES` .", "title": "Repositories", "type": "array" }, "RestrictionMode": { "markdownDescription": "The package group origin restriction setting. When the value is `INHERIT` , the value is set to the value of the first parent package group which does not have a value of `INHERIT` .", "title": "RestrictionMode", "type": "string" } }, "required": [ "RestrictionMode" ], "type": "object" }, "AWS::CodeArtifact::PackageGroup.Restrictions": { "additionalProperties": false, "properties": { "ExternalUpstream": { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", "markdownDescription": "The package group origin restriction setting for external, upstream repositories.", "title": "ExternalUpstream" }, "InternalUpstream": { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", "markdownDescription": "The package group origin restriction setting for internal, upstream repositories.", "title": "InternalUpstream" }, "Publish": { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup.RestrictionType", "markdownDescription": "The package group origin restriction setting for publishing packages.", "title": "Publish" } }, "type": "object" }, "AWS::CodeArtifact::Repository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A text description of the repository.", "title": "Description", "type": "string" }, "DomainName": { "markdownDescription": "The name of the domain that contains the repository.", "title": "DomainName", "type": "string" }, "DomainOwner": { "markdownDescription": "The 12-digit account number of the AWS account that owns the domain that contains the repository. It does not include dashes or spaces.", "title": "DomainOwner", "type": "string" }, "ExternalConnections": { "items": { "type": "string" }, "markdownDescription": "An array of external connections associated with the repository. For more information, see [Supported external connection repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/external-connection.html#supported-public-repositories) in the *CodeArtifact user guide* .", "title": "ExternalConnections", "type": "array" }, "PermissionsPolicyDocument": { "markdownDescription": "The document that defines the resource policy that is set on a repository.", "title": "PermissionsPolicyDocument", "type": "object" }, "RepositoryName": { "markdownDescription": "The name of an upstream repository.", "title": "RepositoryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be applied to the repository.", "title": "Tags", "type": "array" }, "Upstreams": { "items": { "type": "string" }, "markdownDescription": "A list of upstream repositories to associate with the repository. The order of the upstream repositories in the list determines their priority order when AWS CodeArtifact looks for a requested package version. For more information, see [Working with upstream repositories](https://docs.aws.amazon.com/codeartifact/latest/ug/repos-upstream.html) .", "title": "Upstreams", "type": "array" } }, "required": [ "DomainName", "RepositoryName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeArtifact::Repository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeBuild::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BaseCapacity": { "markdownDescription": "The initial number of machines allocated to the compute \ufb02eet, which de\ufb01nes the number of builds that can run in parallel.", "title": "BaseCapacity", "type": "number" }, "ComputeType": { "markdownDescription": "Information about the compute resources the compute fleet uses. Available values include:\n\n- `BUILD_GENERAL1_SMALL` : Use up to 3 GB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 7 GB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n\nIf you use `BUILD_GENERAL1_SMALL` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 3 GB memory and 2 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.\n\nIf you use `BUILD_GENERAL1_LARGE` :\n\n- For environment type `LINUX_CONTAINER` , you can use up to 15 GB memory and 8 vCPUs for builds.\n- For environment type `LINUX_GPU_CONTAINER` , you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds.\n- For environment type `ARM_CONTAINER` , you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide.*", "title": "ComputeType", "type": "string" }, "EnvironmentType": { "markdownDescription": "The environment type of the compute fleet.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (S\u00e3o Paulo).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (S\u00e3o Paulo), and Asia Pacific (Mumbai).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney).\n- The environment type `WINDOWS_SERVER_2019_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland).\n- The environment type `WINDOWS_SERVER_2022_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (S\u00e3o Paulo) and Asia Pacific (Mumbai).\n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", "title": "EnvironmentType", "type": "string" }, "Name": { "markdownDescription": "The name of the compute fleet.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tag key and value pairs associated with this compute fleet.\n\nThese tags are available for use by AWS services that support AWS CodeBuild compute fleet tags.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::CodeBuild::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeBuild::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Artifacts": { "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts", "markdownDescription": "`Artifacts` is a property of the [AWS::CodeBuild::Project](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html) resource that specifies output settings for artifacts generated by an AWS CodeBuild build.", "title": "Artifacts" }, "BadgeEnabled": { "markdownDescription": "Indicates whether AWS CodeBuild generates a publicly accessible URL for your project's build badge. For more information, see [Build Badges Sample](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-build-badges.html) in the *AWS CodeBuild User Guide* .\n\n> Including build badges with your project is currently not supported if the source type is CodePipeline. If you specify `CODEPIPELINE` for the `Source` property, do not specify the `BadgeEnabled` property.", "title": "BadgeEnabled", "type": "boolean" }, "BuildBatchConfig": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectBuildBatchConfig", "markdownDescription": "A `ProjectBuildBatchConfig` object that defines the batch build options for the project.", "title": "BuildBatchConfig" }, "Cache": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectCache", "markdownDescription": "Settings that AWS CodeBuild uses to store and reuse build dependencies.", "title": "Cache" }, "ConcurrentBuildLimit": { "markdownDescription": "The maximum number of concurrent builds that are allowed for this project.\n\nNew builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.", "title": "ConcurrentBuildLimit", "type": "number" }, "Description": { "markdownDescription": "A description that makes the build project easy to identify.", "title": "Description", "type": "string" }, "EncryptionKey": { "markdownDescription": "The AWS Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.\n\n> You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key. \n\nYou can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format `alias/` ). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).", "title": "EncryptionKey", "type": "string" }, "Environment": { "$ref": "#/definitions/AWS::CodeBuild::Project.Environment", "markdownDescription": "The build environment settings for the project, such as the environment type or the environment variables to use for the build environment.", "title": "Environment" }, "FileSystemLocations": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFileSystemLocation" }, "markdownDescription": "An array of `ProjectFileSystemLocation` objects for a CodeBuild build project. A `ProjectFileSystemLocation` object specifies the `identifier` , `location` , `mountOptions` , `mountPoint` , and `type` of a file system created using Amazon Elastic File System.", "title": "FileSystemLocations", "type": "array" }, "LogsConfig": { "$ref": "#/definitions/AWS::CodeBuild::Project.LogsConfig", "markdownDescription": "Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.", "title": "LogsConfig" }, "Name": { "markdownDescription": "The name of the build project. The name must be unique across all of the projects in your AWS account .", "title": "Name", "type": "string" }, "QueuedTimeoutInMinutes": { "markdownDescription": "The number of minutes a build is allowed to be queued before it times out.", "title": "QueuedTimeoutInMinutes", "type": "number" }, "ResourceAccessRole": { "markdownDescription": "The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.", "title": "ResourceAccessRole", "type": "string" }, "SecondaryArtifacts": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.Artifacts" }, "markdownDescription": "A list of `Artifacts` objects. Each artifacts object specifies output settings that the project generates during a build.", "title": "SecondaryArtifacts", "type": "array" }, "SecondarySourceVersions": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectSourceVersion" }, "markdownDescription": "An array of `ProjectSourceVersion` objects. If `secondarySourceVersions` is specified at the build level, then they take over these `secondarySourceVersions` (at the project level).", "title": "SecondarySourceVersions", "type": "array" }, "SecondarySources": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.Source" }, "markdownDescription": "An array of `ProjectSource` objects.", "title": "SecondarySources", "type": "array" }, "ServiceRole": { "markdownDescription": "The ARN of the IAM role that enables AWS CodeBuild to interact with dependent AWS services on behalf of the AWS account.", "title": "ServiceRole", "type": "string" }, "Source": { "$ref": "#/definitions/AWS::CodeBuild::Project.Source", "markdownDescription": "The source code settings for the project, such as the source code's repository type and location.", "title": "Source" }, "SourceVersion": { "markdownDescription": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nIf `sourceVersion` is specified at the build level, then that version takes precedence over this `sourceVersion` (at the project level).\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", "title": "SourceVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key-value pairs) for the AWS CodeBuild project.\n\nThese tags are available for use by AWS services that support AWS CodeBuild build project tags.", "title": "Tags", "type": "array" }, "TimeoutInMinutes": { "markdownDescription": "How long, in minutes, from 5 to 2160 (36 hours), for AWS CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.", "title": "TimeoutInMinutes", "type": "number" }, "Triggers": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectTriggers", "markdownDescription": "For an existing AWS CodeBuild build project that has its source code stored in a GitHub repository, enables AWS CodeBuild to begin automatically rebuilding the source code every time a code change is pushed to the repository.", "title": "Triggers" }, "Visibility": { "markdownDescription": "Specifies the visibility of the project's builds. Possible values are:\n\n- **PUBLIC_READ** - The project builds are visible to the public.\n- **PRIVATE** - The project builds are not visible to the public.", "title": "Visibility", "type": "string" }, "VpcConfig": { "$ref": "#/definitions/AWS::CodeBuild::Project.VpcConfig", "markdownDescription": "`VpcConfig` specifies settings that enable AWS CodeBuild to access resources in an Amazon VPC. For more information, see [Use AWS CodeBuild with Amazon Virtual Private Cloud](https://docs.aws.amazon.com/codebuild/latest/userguide/vpc-support.html) in the *AWS CodeBuild User Guide* .", "title": "VpcConfig" } }, "required": [ "Artifacts", "Environment", "ServiceRole", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeBuild::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeBuild::Project.Artifacts": { "additionalProperties": false, "properties": { "ArtifactIdentifier": { "markdownDescription": "An identifier for this artifact definition.", "title": "ArtifactIdentifier", "type": "string" }, "EncryptionDisabled": { "markdownDescription": "Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon Simple Storage Service (Amazon S3). If this is set with another artifacts type, an `invalidInputException` is thrown.", "title": "EncryptionDisabled", "type": "boolean" }, "Location": { "markdownDescription": "Information about the build output artifact location:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output bucket.\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", "title": "Location", "type": "string" }, "Name": { "markdownDescription": "Along with `path` and `namespaceType` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , AWS CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.\n\nFor example:\n\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , then the output artifact is stored in `MyArtifacts/ *build-ID* /MyArtifact.zip` .\n- If `path` is empty, `namespaceType` is set to `NONE` , and `name` is set to \" `/` \", the output artifact is stored in the root of the output bucket.\n- If `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to \" `/` \", the output artifact is stored in `MyArtifacts/ *build-ID*` .\n\nIf you specify `CODEPIPELINE` or `NO_ARTIFACTS` for the `Type` property, don't specify this property. For all of the other types, you must specify this property.", "title": "Name", "type": "string" }, "NamespaceType": { "markdownDescription": "Along with `path` and `name` , the pattern that AWS CodeBuild uses to determine the name and location to store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `BUILD_ID` : Include the build ID in the location of the build output artifact.\n- `NONE` : Do not include the build ID. This is the default if `namespaceType` is not specified.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `BUILD_ID` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in `MyArtifacts//MyArtifact.zip` .", "title": "NamespaceType", "type": "string" }, "OverrideArtifactName": { "markdownDescription": "If set to true a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell command language. For example, you can append a date and time to your artifact name so that it is always unique.", "title": "OverrideArtifactName", "type": "boolean" }, "Packaging": { "markdownDescription": "The type of build output artifact to create:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , valid values include:\n\n- `NONE` : AWS CodeBuild creates in the output bucket a folder that contains the build output. This is the default if `packaging` is not specified.\n- `ZIP` : AWS CodeBuild creates in the output bucket a ZIP file that contains the build output.", "title": "Packaging", "type": "string" }, "Path": { "markdownDescription": "Along with `namespaceType` and `name` , the pattern that AWS CodeBuild uses to name and store the output artifact:\n\n- If `type` is set to `CODEPIPELINE` , CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of AWS CodeBuild .\n- If `type` is set to `NO_ARTIFACTS` , this value is ignored if specified, because no build output is produced.\n- If `type` is set to `S3` , this is the path to the output artifact. If `path` is not specified, `path` is not used.\n\nFor example, if `path` is set to `MyArtifacts` , `namespaceType` is set to `NONE` , and `name` is set to `MyArtifact.zip` , the output artifact is stored in the output bucket at `MyArtifacts/MyArtifact.zip` .", "title": "Path", "type": "string" }, "Type": { "markdownDescription": "The type of build output artifact. Valid values include:\n\n- `CODEPIPELINE` : The build project has build output generated through CodePipeline.\n\n> The `CODEPIPELINE` type is not supported for `secondaryArtifacts` .\n- `NO_ARTIFACTS` : The build project does not produce any build output.\n- `S3` : The build project stores build output in Amazon S3.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeBuild::Project.BatchRestrictions": { "additionalProperties": false, "properties": { "ComputeTypesAllowed": { "items": { "type": "string" }, "markdownDescription": "An array of strings that specify the compute types that are allowed for the batch build. See [Build environment compute types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide* for these values.", "title": "ComputeTypesAllowed", "type": "array" }, "MaximumBuildsAllowed": { "markdownDescription": "Specifies the maximum number of builds allowed.", "title": "MaximumBuildsAllowed", "type": "number" } }, "type": "object" }, "AWS::CodeBuild::Project.BuildStatusConfig": { "additionalProperties": false, "properties": { "Context": { "markdownDescription": "Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `name` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `context` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", "title": "Context", "type": "string" }, "TargetUrl": { "markdownDescription": "Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.\n\n- **Bitbucket** - This parameter is used for the `url` parameter in the Bitbucket commit status. For more information, see [build](https://docs.aws.amazon.com/https://developer.atlassian.com/bitbucket/api/2/reference/resource/repositories/%7Bworkspace%7D/%7Brepo_slug%7D/commit/%7Bnode%7D/statuses/build) in the Bitbucket API documentation.\n- **GitHub/GitHub Enterprise Server** - This parameter is used for the `target_url` parameter in the GitHub commit status. For more information, see [Create a commit status](https://docs.aws.amazon.com/https://developer.github.com/v3/repos/statuses/#create-a-commit-status) in the GitHub developer guide.", "title": "TargetUrl", "type": "string" } }, "type": "object" }, "AWS::CodeBuild::Project.CloudWatchLogsConfig": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The group name of the logs in CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", "title": "GroupName", "type": "string" }, "Status": { "markdownDescription": "The current status of the logs in CloudWatch Logs for a build project. Valid values are:\n\n- `ENABLED` : CloudWatch Logs are enabled for this build project.\n- `DISABLED` : CloudWatch Logs are not enabled for this build project.", "title": "Status", "type": "string" }, "StreamName": { "markdownDescription": "The prefix of the stream name of the CloudWatch Logs. For more information, see [Working with Log Groups and Log Streams](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) .", "title": "StreamName", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::CodeBuild::Project.Environment": { "additionalProperties": false, "properties": { "Certificate": { "markdownDescription": "The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see [certificate](https://docs.aws.amazon.com/codebuild/latest/userguide/create-project-cli.html#cli.environment.certificate) in the *AWS CodeBuild User Guide* .", "title": "Certificate", "type": "string" }, "ComputeType": { "markdownDescription": "The type of compute environment. This determines the number of CPU cores and memory the build environment uses. Available values include:\n\n- `BUILD_GENERAL1_SMALL` : Use up to 3 GB memory and 2 vCPUs for builds.\n- `BUILD_GENERAL1_MEDIUM` : Use up to 7 GB memory and 4 vCPUs for builds.\n- `BUILD_GENERAL1_LARGE` : Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_XLARGE` : Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type.\n- `BUILD_GENERAL1_2XLARGE` : Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.\n- `BUILD_LAMBDA_1GB` : Use up to 1 GB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_2GB` : Use up to 2 GB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_4GB` : Use up to 4 GB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_8GB` : Use up to 8 GB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n- `BUILD_LAMBDA_10GB` : Use up to 10 GB memory for builds. Only available for environment type `LINUX_LAMBDA_CONTAINER` and `ARM_LAMBDA_CONTAINER` .\n\nFor more information, see [Build Environment Compute Types](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild User Guide.*", "title": "ComputeType", "type": "string" }, "EnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.EnvironmentVariable" }, "markdownDescription": "A set of environment variables to make available to builds for this build project.", "title": "EnvironmentVariables", "type": "array" }, "Fleet": { "$ref": "#/definitions/AWS::CodeBuild::Project.ProjectFleet" }, "Image": { "markdownDescription": "The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:\n\n- For an image tag: `/:` . For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would be `aws/codebuild/standard:4.0` .\n- For an image digest: `/@` . For example, to specify an image with the digest \"sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf,\" use `/@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf` .\n\nFor more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-available.html) in the *AWS CodeBuild user guide* .", "title": "Image", "type": "string" }, "ImagePullCredentialsType": { "markdownDescription": "The type of credentials AWS CodeBuild uses to pull images in your build. There are two valid values:\n\n- `CODEBUILD` specifies that AWS CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust AWS CodeBuild service principal.\n- `SERVICE_ROLE` specifies that AWS CodeBuild uses your build project's service role.\n\nWhen you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an AWS CodeBuild curated image, you must use CODEBUILD credentials.", "title": "ImagePullCredentialsType", "type": "string" }, "PrivilegedMode": { "markdownDescription": "Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is `false` .\n\nYou can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:\n\nIf the operating system's base image is Ubuntu Linux:\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout 15 sh -c \"until docker info; do echo .; sleep 1; done\"`\n\nIf the operating system's base image is Alpine Linux and the previous command does not work, add the `-t` argument to `timeout` :\n\n`- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&`\n\n`- timeout -t 15 sh -c \"until docker info; do echo .; sleep 1; done\"`", "title": "PrivilegedMode", "type": "boolean" }, "RegistryCredential": { "$ref": "#/definitions/AWS::CodeBuild::Project.RegistryCredential", "markdownDescription": "`RegistryCredential` is a property of the [AWS::CodeBuild::Project Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html#cfn-codebuild-project-environment) property that specifies information about credentials that provide access to a private Docker registry. When this is set:\n\n- `imagePullCredentialsType` must be set to `SERVICE_ROLE` .\n- images cannot be curated or an Amazon ECR image.", "title": "RegistryCredential" }, "Type": { "markdownDescription": "The type of build environment to use for related builds.\n\n- The environment type `ARM_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt).\n- The environment type `LINUX_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia).\n- The environment type `LINUX_GPU_CONTAINER` is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).\n\n- The environment types `ARM_LAMBDA_CONTAINER` and `LINUX_LAMBDA_CONTAINER` are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (S\u00e3o Paulo).\n\n- The environment types `WINDOWS_CONTAINER` and `WINDOWS_SERVER_2019_CONTAINER` are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).\n\n> If you're using compute fleets during project creation, `type` will be ignored. \n\nFor more information, see [Build environment compute types](https://docs.aws.amazon.com//codebuild/latest/userguide/build-env-ref-compute-types.html) in the *AWS CodeBuild user guide* .", "title": "Type", "type": "string" } }, "required": [ "ComputeType", "Image", "Type" ], "type": "object" }, "AWS::CodeBuild::Project.EnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name or key of the environment variable.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of environment variable. Valid values include:\n\n- `PARAMETER_STORE` : An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as the `value` of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see [env/parameter-store](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.parameter-store) in the *AWS CodeBuild User Guide* .\n- `PLAINTEXT` : An environment variable in plain text format. This is the default value.\n- `SECRETS_MANAGER` : An environment variable stored in AWS Secrets Manager . For environment variables of this type, specify the name of the secret as the `value` of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define AWS Secrets Manager environment variables in the buildspec. To learn how to do so, see [env/secrets-manager](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager) in the *AWS CodeBuild User Guide* .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The value of the environment variable.\n\n> We strongly discourage the use of `PLAINTEXT` environment variables to store sensitive values, especially AWS secret key IDs. `PLAINTEXT` environment variables can be displayed in plain text using the AWS CodeBuild console and the AWS CLI . For sensitive values, we recommend you use an environment variable of type `PARAMETER_STORE` or `SECRETS_MANAGER` .", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::CodeBuild::Project.FilterGroup": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::CodeBuild::Project.GitSubmodulesConfig": { "additionalProperties": false, "properties": { "FetchSubmodules": { "markdownDescription": "Set to true to fetch Git submodules for your AWS CodeBuild build project.", "title": "FetchSubmodules", "type": "boolean" } }, "required": [ "FetchSubmodules" ], "type": "object" }, "AWS::CodeBuild::Project.LogsConfig": { "additionalProperties": false, "properties": { "CloudWatchLogs": { "$ref": "#/definitions/AWS::CodeBuild::Project.CloudWatchLogsConfig", "markdownDescription": "Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.", "title": "CloudWatchLogs" }, "S3Logs": { "$ref": "#/definitions/AWS::CodeBuild::Project.S3LogsConfig", "markdownDescription": "Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.", "title": "S3Logs" } }, "type": "object" }, "AWS::CodeBuild::Project.ProjectBuildBatchConfig": { "additionalProperties": false, "properties": { "BatchReportMode": { "markdownDescription": "Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.\n\n- **REPORT_AGGREGATED_BATCH** - (Default) Aggregate all of the build statuses into a single status report.\n- **REPORT_INDIVIDUAL_BUILDS** - Send a separate status report for each individual build.", "title": "BatchReportMode", "type": "string" }, "CombineArtifacts": { "markdownDescription": "Specifies if the build artifacts for the batch build should be combined into a single artifact location.", "title": "CombineArtifacts", "type": "boolean" }, "Restrictions": { "$ref": "#/definitions/AWS::CodeBuild::Project.BatchRestrictions", "markdownDescription": "A `BatchRestrictions` object that specifies the restrictions for the batch build.", "title": "Restrictions" }, "ServiceRole": { "markdownDescription": "Specifies the service role ARN for the batch build project.", "title": "ServiceRole", "type": "string" }, "TimeoutInMins": { "markdownDescription": "Specifies the maximum amount of time, in minutes, that the batch build must be completed in.", "title": "TimeoutInMins", "type": "number" } }, "type": "object" }, "AWS::CodeBuild::Project.ProjectCache": { "additionalProperties": false, "properties": { "Location": { "markdownDescription": "Information about the cache location:\n\n- `NO_CACHE` or `LOCAL` : This value is ignored.\n- `S3` : This is the S3 bucket name/prefix.", "title": "Location", "type": "string" }, "Modes": { "items": { "type": "string" }, "markdownDescription": "An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for `LOCAL` cache types.\n\nPossible values are:\n\n- **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.\n- **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.\n\n> - You can use a Docker layer cache in the Linux environment only.\n> - The `privileged` flag must be set so that your project has the required Docker permissions.\n> - You should consider the security implications before you use a Docker layer cache.\n- **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:\n\n- Only directories can be specified for caching. You cannot specify individual files.\n- Symlinks are used to reference cached directories.\n- Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.", "title": "Modes", "type": "array" }, "Type": { "markdownDescription": "The type of cache used by the build project. Valid values include:\n\n- `NO_CACHE` : The build project does not use any cache.\n- `S3` : The build project reads and writes from and to S3.\n- `LOCAL` : The build project stores a cache locally on a build host that is only available to that build host.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeBuild::Project.ProjectFileSystemLocation": { "additionalProperties": false, "properties": { "Identifier": { "markdownDescription": "The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the `identifier` in all capital letters to `CODEBUILD_` . For example, if you specify `my_efs` for `identifier` , a new environment variable is create named `CODEBUILD_MY_EFS` .\n\nThe `identifier` is used to mount your file system.", "title": "Identifier", "type": "string" }, "Location": { "markdownDescription": "A string that specifies the location of the file system created by Amazon EFS. Its format is `efs-dns-name:/directory-path` . You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system is `fs-abcd1234.efs.us-west-2.amazonaws.com` , and its mount directory is `my-efs-mount-directory` , then the `location` is `fs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory` .\n\nThe directory path in the format `efs-dns-name:/directory-path` is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.", "title": "Location", "type": "string" }, "MountOptions": { "markdownDescription": "The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are `nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2` . For more information, see [Recommended NFS Mount Options](https://docs.aws.amazon.com/efs/latest/ug/mounting-fs-nfs-mount-settings.html) .", "title": "MountOptions", "type": "string" }, "MountPoint": { "markdownDescription": "The location in the container where you mount the file system.", "title": "MountPoint", "type": "string" }, "Type": { "markdownDescription": "The type of the file system. The one supported type is `EFS` .", "title": "Type", "type": "string" } }, "required": [ "Identifier", "Location", "MountPoint", "Type" ], "type": "object" }, "AWS::CodeBuild::Project.ProjectFleet": { "additionalProperties": false, "properties": { "FleetArn": { "markdownDescription": "Specifies the compute fleet ARN for the build project.", "title": "FleetArn", "type": "string" } }, "type": "object" }, "AWS::CodeBuild::Project.ProjectSourceVersion": { "additionalProperties": false, "properties": { "SourceIdentifier": { "markdownDescription": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", "title": "SourceIdentifier", "type": "string" }, "SourceVersion": { "markdownDescription": "The source version for the corresponding source identifier. If specified, must be one of:\n\n- For CodeCommit: the commit ID, branch, or Git tag to use.\n- For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format `pr/pull-request-ID` (for example, `pr/25` ). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For GitLab: the commit ID, branch, or Git tag to use.\n- For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.\n- For Amazon S3: the version ID of the object that represents the build input ZIP file to use.\n\nFor more information, see [Source Version Sample with CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-source-version.html) in the *AWS CodeBuild User Guide* .", "title": "SourceVersion", "type": "string" } }, "required": [ "SourceIdentifier" ], "type": "object" }, "AWS::CodeBuild::Project.ProjectTriggers": { "additionalProperties": false, "properties": { "BuildType": { "markdownDescription": "Specifies the type of build this webhook will trigger. Allowed values are:\n\n- **BUILD** - A single build\n- **BUILD_BATCH** - A batch build", "title": "BuildType", "type": "string" }, "FilterGroups": { "items": { "$ref": "#/definitions/AWS::CodeBuild::Project.FilterGroup" }, "markdownDescription": "A list of lists of `WebhookFilter` objects used to determine which webhook events are triggered. At least one `WebhookFilter` in the array must specify `EVENT` as its type.", "title": "FilterGroups", "type": "array" }, "Webhook": { "markdownDescription": "Specifies whether or not to begin automatically rebuilding the source code every time a code change is pushed to the repository.", "title": "Webhook", "type": "boolean" } }, "type": "object" }, "AWS::CodeBuild::Project.RegistryCredential": { "additionalProperties": false, "properties": { "Credential": { "markdownDescription": "The Amazon Resource Name (ARN) or name of credentials created using AWS Secrets Manager .\n\n> The `credential` can use the name of the credentials only if they exist in your current AWS Region .", "title": "Credential", "type": "string" }, "CredentialProvider": { "markdownDescription": "The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for AWS Secrets Manager .", "title": "CredentialProvider", "type": "string" } }, "required": [ "Credential", "CredentialProvider" ], "type": "object" }, "AWS::CodeBuild::Project.S3LogsConfig": { "additionalProperties": false, "properties": { "EncryptionDisabled": { "markdownDescription": "Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.", "title": "EncryptionDisabled", "type": "boolean" }, "Location": { "markdownDescription": "The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is `my-bucket` , and your path prefix is `build-log` , then acceptable formats are `my-bucket/build-log` or `arn:aws:s3:::my-bucket/build-log` .", "title": "Location", "type": "string" }, "Status": { "markdownDescription": "The current status of the S3 build logs. Valid values are:\n\n- `ENABLED` : S3 build logs are enabled for this build project.\n- `DISABLED` : S3 build logs are not enabled for this build project.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::CodeBuild::Project.Source": { "additionalProperties": false, "properties": { "Auth": { "$ref": "#/definitions/AWS::CodeBuild::Project.SourceAuth", "markdownDescription": "Information about the authorization settings for AWS CodeBuild to access the source code to be built.\n\nThis information is for the AWS CodeBuild console's use only. Your code should not get or set `Auth` directly.", "title": "Auth" }, "BuildSpec": { "markdownDescription": "The build specification for the project. If this value is not provided, then the source code must contain a buildspec file named `buildspec.yml` at the root level. If this value is provided, it can be either a single string containing the entire build specification, or the path to an alternate buildspec file relative to the value of the built-in environment variable `CODEBUILD_SRC_DIR` . The alternate buildspec file can have a name other than `buildspec.yml` , for example `myspec.yml` or `build_spec_qa.yml` or similar. For more information, see the [Build Spec Reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-example) in the *AWS CodeBuild User Guide* .", "title": "BuildSpec", "type": "string" }, "BuildStatusConfig": { "$ref": "#/definitions/AWS::CodeBuild::Project.BuildStatusConfig", "markdownDescription": "Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is `GITHUB` , `GITHUB_ENTERPRISE` , or `BITBUCKET` .", "title": "BuildStatusConfig" }, "GitCloneDepth": { "markdownDescription": "The depth of history to download. Minimum value is 0. If this value is 0, greater than 25, or not provided, then the full history is downloaded with each build project. If your source type is Amazon S3, this value is not supported.", "title": "GitCloneDepth", "type": "number" }, "GitSubmodulesConfig": { "$ref": "#/definitions/AWS::CodeBuild::Project.GitSubmodulesConfig", "markdownDescription": "Information about the Git submodules configuration for the build project.", "title": "GitSubmodulesConfig" }, "InsecureSsl": { "markdownDescription": "This is used with GitHub Enterprise only. Set to true to ignore SSL warnings while connecting to your GitHub Enterprise project repository. The default value is `false` . `InsecureSsl` should be used for testing purposes only. It should not be used in a production environment.", "title": "InsecureSsl", "type": "boolean" }, "Location": { "markdownDescription": "Information about the location of the source code to be built. Valid values include:\n\n- For source code settings that are specified in the source action of a pipeline in CodePipeline, `location` should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value.\n- For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example, `https://git-codecommit..amazonaws.com/v1/repos/` ).\n- For source code in an Amazon S3 input bucket, one of the following.\n\n- The path to the ZIP file that contains the source code (for example, `//.zip` ).\n- The path to the folder that contains the source code (for example, `///` ).\n- For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitHub account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub *Authorize application* page, for *Organization access* , choose *Request access* next to each repository you want to allow AWS CodeBuild to have access to, and then choose *Authorize application* . (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n- For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your GitLab account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections *Authorize application* page, choose *Authorize* . Then on the AWS CodeConnections *Create GitLab connection* page, choose *Connect to GitLab* . (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to override the default connection and use this connection instead, set the `auth` object's `type` value to `CODECONNECTIONS` in the `source` object.\n- For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your AWS account to your Bitbucket account. Use the AWS CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket *Confirm access to your account* page, choose *Grant access* . (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the AWS CodeBuild console.) To instruct AWS CodeBuild to use this connection, in the `source` object, set the `auth` object's `type` value to `OAUTH` .\n\nIf you specify `CODEPIPELINE` for the `Type` property, don't specify this property. For all of the other types, you must specify `Location` .", "title": "Location", "type": "string" }, "ReportBuildStatus": { "markdownDescription": "Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, or Bitbucket. If this is set and you use a different source provider, an `invalidInputException` is thrown.", "title": "ReportBuildStatus", "type": "boolean" }, "SourceIdentifier": { "markdownDescription": "An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.", "title": "SourceIdentifier", "type": "string" }, "Type": { "markdownDescription": "The type of repository that contains the source code to be built. Valid values include:\n\n- `BITBUCKET` : The source code is in a Bitbucket repository.\n- `CODECOMMIT` : The source code is in an CodeCommit repository.\n- `CODEPIPELINE` : The source code settings are specified in the source action of a pipeline in CodePipeline.\n- `GITHUB` : The source code is in a GitHub repository.\n- `GITHUB_ENTERPRISE` : The source code is in a GitHub Enterprise Server repository.\n- `GITLAB` : The source code is in a GitLab repository.\n- `GITLAB_SELF_MANAGED` : The source code is in a self-managed GitLab repository.\n- `NO_SOURCE` : The project does not have input source code.\n- `S3` : The source code is in an Amazon S3 bucket.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeBuild::Project.SourceAuth": { "additionalProperties": false, "properties": { "Resource": { "markdownDescription": "The resource value that applies to the specified authorization type.\n\n> This data type is used by the AWS CodeBuild console only.", "title": "Resource", "type": "string" }, "Type": { "markdownDescription": "The authorization type to use. The only valid value is `OAUTH` , which represents the OAuth authorization type.\n\n> This data type is used by the AWS CodeBuild console only.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeBuild::Project.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of one or more security groups IDs in your Amazon VPC. The maximum count is 5.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "A list of one or more subnet IDs in your Amazon VPC. The maximum count is 16.", "title": "Subnets", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the Amazon VPC.", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::CodeBuild::Project.WebhookFilter": { "additionalProperties": false, "properties": { "ExcludeMatchedPattern": { "markdownDescription": "Used to indicate that the `pattern` determines which webhook events do not trigger a build. If true, then a webhook event that does not match the `pattern` triggers a build. If false, then a webhook event that matches the `pattern` triggers a build.", "title": "ExcludeMatchedPattern", "type": "boolean" }, "Pattern": { "markdownDescription": "For a `WebHookFilter` that uses `EVENT` type, a comma-separated string that specifies one or more events. For example, the webhook filter `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` allows all push, pull request created, and pull request updated events to trigger a build.\n\nFor a `WebHookFilter` that uses any of the other filter types, a regular expression pattern. For example, a `WebHookFilter` that uses `HEAD_REF` for its `type` and the pattern `^refs/heads/` triggers a build when the head reference is a branch with a reference name `refs/heads/branch-name` .", "title": "Pattern", "type": "string" }, "Type": { "markdownDescription": "The type of webhook filter. There are nine webhook filter types: `EVENT` , `ACTOR_ACCOUNT_ID` , `HEAD_REF` , `BASE_REF` , `FILE_PATH` , `COMMIT_MESSAGE` , `TAG_NAME` , `RELEASE_NAME` , and `WORKFLOW_NAME` .\n\n- EVENT\n\n- A webhook event triggers a build when the provided `pattern` matches one of nine event types: `PUSH` , `PULL_REQUEST_CREATED` , `PULL_REQUEST_UPDATED` , `PULL_REQUEST_CLOSED` , `PULL_REQUEST_REOPENED` , `PULL_REQUEST_MERGED` , `RELEASED` , `PRERELEASED` , and `WORKFLOW_JOB_QUEUED` . The `EVENT` patterns are specified as a comma-separated string. For example, `PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED` filters all push, pull request created, and pull request updated events.\n\n> Types `PULL_REQUEST_REOPENED` and `WORKFLOW_JOB_QUEUED` work with GitHub and GitHub Enterprise only. Types `RELEASED` and `PRERELEASED` work with GitHub only.\n- ACTOR_ACCOUNT_ID\n\n- A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression `pattern` .\n- HEAD_REF\n\n- A webhook event triggers a build when the head reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` and `refs/tags/tag-name` .\n\n> Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.\n- BASE_REF\n\n- A webhook event triggers a build when the base reference matches the regular expression `pattern` . For example, `refs/heads/branch-name` .\n\n> Works with pull request events only.\n- FILE_PATH\n\n- A webhook triggers a build when the path of a changed file matches the regular expression `pattern` .\n\n> Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.\n- COMMIT_MESSAGE\n\n- A webhook triggers a build when the head commit message matches the regular expression `pattern` .\n\n> Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.\n- TAG_NAME\n\n- A webhook triggers a build when the tag name of the release matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- RELEASE_NAME\n\n- A webhook triggers a build when the release name matches the regular expression `pattern` .\n\n> Works with `RELEASED` and `PRERELEASED` events only.\n- REPOSITORY_NAME\n\n- A webhook triggers a build when the repository name matches the regular expression pattern.\n\n> Works with GitHub global or organization webhooks only.\n- WORKFLOW_NAME\n\n- A webhook triggers a build when the workflow name matches the regular expression `pattern` .\n\n> Works with `WORKFLOW_JOB_QUEUED` events only.", "title": "Type", "type": "string" } }, "required": [ "Pattern", "Type" ], "type": "object" }, "AWS::CodeBuild::ReportGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeleteReports": { "markdownDescription": "When deleting a report group, specifies if reports within the report group should be deleted.\n\n- **true** - Deletes any reports that belong to the report group before deleting the report group.\n- **false** - You must delete any reports in the report group. This is the default value. If you delete a report group that contains one or more reports, an exception is thrown.", "title": "DeleteReports", "type": "boolean" }, "ExportConfig": { "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.ReportExportConfig", "markdownDescription": "Information about the destination where the raw data of this `ReportGroup` is exported.", "title": "ExportConfig" }, "Name": { "markdownDescription": "The name of the `ReportGroup` .", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tag key and value pairs associated with this report group.\n\nThese tags are available for use by AWS services that support AWS CodeBuild report group tags.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the `ReportGroup` . This can be one of the following values:\n\n- **CODE_COVERAGE** - The report group contains code coverage reports.\n- **TEST** - The report group contains test reports.", "title": "Type", "type": "string" } }, "required": [ "ExportConfig", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeBuild::ReportGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeBuild::ReportGroup.ReportExportConfig": { "additionalProperties": false, "properties": { "ExportConfigType": { "markdownDescription": "The export configuration type. Valid values are:\n\n- `S3` : The report results are exported to an S3 bucket.\n- `NO_EXPORT` : The report results are not exported.", "title": "ExportConfigType", "type": "string" }, "S3Destination": { "$ref": "#/definitions/AWS::CodeBuild::ReportGroup.S3ReportExportConfig", "markdownDescription": "A `S3ReportExportConfig` object that contains information about the S3 bucket where the run of a report is exported.", "title": "S3Destination" } }, "required": [ "ExportConfigType" ], "type": "object" }, "AWS::CodeBuild::ReportGroup.S3ReportExportConfig": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket where the raw data of a report are exported.", "title": "Bucket", "type": "string" }, "BucketOwner": { "markdownDescription": "The AWS account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.", "title": "BucketOwner", "type": "string" }, "EncryptionDisabled": { "markdownDescription": "A boolean value that specifies if the results of a report are encrypted.", "title": "EncryptionDisabled", "type": "boolean" }, "EncryptionKey": { "markdownDescription": "The encryption key for the report's encrypted raw data.", "title": "EncryptionKey", "type": "string" }, "Packaging": { "markdownDescription": "The type of build output artifact to create. Valid values include:\n\n- `NONE` : CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified.\n- `ZIP` : CodeBuild creates a ZIP file with the raw data in the output bucket.", "title": "Packaging", "type": "string" }, "Path": { "markdownDescription": "The path to the exported report's raw data results.", "title": "Path", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::CodeBuild::SourceCredential": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthType": { "markdownDescription": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, or CODECONNECTIONS.", "title": "AuthType", "type": "string" }, "ServerType": { "markdownDescription": "The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.", "title": "ServerType", "type": "string" }, "Token": { "markdownDescription": "For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the `authType` CODECONNECTIONS, this is the `connectionArn` .", "title": "Token", "type": "string" }, "Username": { "markdownDescription": "The Bitbucket username when the `authType` is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.", "title": "Username", "type": "string" } }, "required": [ "AuthType", "ServerType", "Token" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeBuild::SourceCredential" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeCommit::Repository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Code": { "$ref": "#/definitions/AWS::CodeCommit::Repository.Code", "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack. Information about code is only used in resource creation. Updates to a stack will not reflect changes made to code properties after initial resource creation.\n\n> You can only use this property to add code when creating a repository with a AWS CloudFormation template at creation time. This property cannot be used for updating code to an existing repository.", "title": "Code" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service encryption key used to encrypt and decrypt the repository.\n\n> The input can be the full ARN, the key ID, or the key alias. For more information, see [Finding the key ID and key ARN](https://docs.aws.amazon.com/kms/latest/developerguide/find-cmk-id-arn.html) .", "title": "KmsKeyId", "type": "string" }, "RepositoryDescription": { "markdownDescription": "A comment or description about the new repository.\n\n> The description field for a repository accepts all HTML characters and all valid Unicode characters. Applications that do not HTML-encode the description and display it in a webpage can expose users to potentially malicious code. Make sure that you HTML-encode the description field in any application that uses this API to display the repository description on a webpage.", "title": "RepositoryDescription", "type": "string" }, "RepositoryName": { "markdownDescription": "The name of the new repository to be created.\n\n> The repository name must be unique across the calling AWS account . Repository names are limited to 100 alphanumeric, dash, and underscore characters, and cannot include certain characters. For more information about the limits on repository names, see [Quotas](https://docs.aws.amazon.com/codecommit/latest/userguide/limits.html) in the *AWS CodeCommit User Guide* . The suffix .git is prohibited.", "title": "RepositoryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tag key-value pairs to use when tagging this repository.", "title": "Tags", "type": "array" }, "Triggers": { "items": { "$ref": "#/definitions/AWS::CodeCommit::Repository.RepositoryTrigger" }, "markdownDescription": "The JSON block of configuration information for each trigger.", "title": "Triggers", "type": "array" } }, "required": [ "RepositoryName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeCommit::Repository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeCommit::Repository.Code": { "additionalProperties": false, "properties": { "BranchName": { "markdownDescription": "Optional. Specifies a branch name to be used as the default branch when importing code into a repository on initial creation. If this property is not set, the name *main* will be used for the default branch for the repository. Changes to this property are ignored after initial resource creation. We recommend using this parameter to set the name to *main* to align with the default behavior of CodeCommit unless another name is needed.", "title": "BranchName", "type": "string" }, "S3": { "$ref": "#/definitions/AWS::CodeCommit::Repository.S3", "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository. Changes to this property are ignored after initial resource creation.", "title": "S3" } }, "required": [ "S3" ], "type": "object" }, "AWS::CodeCommit::Repository.RepositoryTrigger": { "additionalProperties": false, "properties": { "Branches": { "items": { "type": "string" }, "markdownDescription": "The branches to be included in the trigger configuration. If you specify an empty array, the trigger applies to all branches.\n\n> Although no content is required in the array, you must include the array itself.", "title": "Branches", "type": "array" }, "CustomData": { "markdownDescription": "Any custom data associated with the trigger to be included in the information sent to the target of the trigger.", "title": "CustomData", "type": "string" }, "DestinationArn": { "markdownDescription": "The ARN of the resource that is the target for a trigger (for example, the ARN of a topic in Amazon SNS).", "title": "DestinationArn", "type": "string" }, "Events": { "items": { "type": "string" }, "markdownDescription": "The repository events that cause the trigger to run actions in another service, such as sending a notification through Amazon SNS.\n\n> The valid value \"all\" cannot be used with any other values.", "title": "Events", "type": "array" }, "Name": { "markdownDescription": "The name of the trigger.", "title": "Name", "type": "string" } }, "required": [ "DestinationArn", "Events", "Name" ], "type": "object" }, "AWS::CodeCommit::Repository.S3": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content that will be committed to the new repository. This can be specified using the name of the bucket in the AWS account . Changes to this property are ignored after initial resource creation.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The key to use for accessing the Amazon S3 bucket. Changes to this property are ignored after initial resource creation. For more information, see [Creating object key names](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html) and [Uploading objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/upload-objects.html) in the Amazon S3 User Guide.", "title": "Key", "type": "string" }, "ObjectVersion": { "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket. Changes to this property are ignored after initial resource creation.", "title": "ObjectVersion", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::CodeConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", "title": "ConnectionName", "type": "string" }, "HostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", "title": "HostArn", "type": "string" }, "ProviderType": { "markdownDescription": "The name of the external provider where your third-party code repository is configured.", "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "ConnectionName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeConnections::Connection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeDeploy::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "A name for the application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> Updates to `ApplicationName` are not supported.", "title": "ApplicationName", "type": "string" }, "ComputePlatform": { "markdownDescription": "The compute platform that CodeDeploy deploys the application to.", "title": "ComputePlatform", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to CodeDeploy applications to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::CodeDeploy::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComputePlatform": { "markdownDescription": "The destination platform type for the deployment ( `Lambda` , `Server` , or `ECS` ).", "title": "ComputePlatform", "type": "string" }, "DeploymentConfigName": { "markdownDescription": "A name for the deployment configuration. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment configuration name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "DeploymentConfigName", "type": "string" }, "MinimumHealthyHosts": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts", "markdownDescription": "The minimum number of healthy instances that should be available at any time during the deployment. There are two parameters expected in the input: type and value.\n\nThe type parameter takes either of the following values:\n\n- HOST_COUNT: The value parameter represents the minimum number of healthy instances as an absolute value.\n- FLEET_PERCENT: The value parameter represents the minimum number of healthy instances as a percentage of the total number of instances in the deployment. If you specify FLEET_PERCENT, at the start of the deployment, AWS CodeDeploy converts the percentage to the equivalent number of instance and rounds up fractional instances.\n\nThe value parameter takes an integer.\n\nFor example, to set a minimum of 95% healthy instance, specify a type of FLEET_PERCENT and a value of 95.\n\nFor more information about instance health, see [CodeDeploy Instance Health](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-health.html) in the AWS CodeDeploy User Guide.", "title": "MinimumHealthyHosts" }, "TrafficRoutingConfig": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig", "markdownDescription": "The configuration that specifies how the deployment traffic is routed.", "title": "TrafficRoutingConfig" }, "ZonalConfig": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.ZonalConfig", "markdownDescription": "Configure the `ZonalConfig` object if you want AWS CodeDeploy to deploy your application to one [Availability Zone](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-availability-zones) at a time, within an AWS Region.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", "title": "ZonalConfig" } }, "type": "object" }, "Type": { "enum": [ "AWS::CodeDeploy::DeploymentConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHosts": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The minimum healthy instance type:\n\n- HOST_COUNT: The minimum number of healthy instance as an absolute value.\n- FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment.\n\nIn an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails.\n\n> In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. \n\nFor more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The minimum healthy instance value.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The `type` associated with the `MinimumHealthyHostsPerZone` option.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The `value` associated with the `MinimumHealthyHostsPerZone` option.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary": { "additionalProperties": false, "properties": { "CanaryInterval": { "markdownDescription": "The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment.", "title": "CanaryInterval", "type": "number" }, "CanaryPercentage": { "markdownDescription": "The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment.", "title": "CanaryPercentage", "type": "number" } }, "required": [ "CanaryInterval", "CanaryPercentage" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear": { "additionalProperties": false, "properties": { "LinearInterval": { "markdownDescription": "The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment.", "title": "LinearInterval", "type": "number" }, "LinearPercentage": { "markdownDescription": "The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment.", "title": "LinearPercentage", "type": "number" } }, "required": [ "LinearInterval", "LinearPercentage" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.TrafficRoutingConfig": { "additionalProperties": false, "properties": { "TimeBasedCanary": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedCanary", "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file.", "title": "TimeBasedCanary" }, "TimeBasedLinear": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.TimeBasedLinear", "markdownDescription": "A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file.", "title": "TimeBasedLinear" }, "Type": { "markdownDescription": "The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::CodeDeploy::DeploymentConfig.ZonalConfig": { "additionalProperties": false, "properties": { "FirstZoneMonitorDurationInSeconds": { "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", "title": "FirstZoneMonitorDurationInSeconds", "type": "number" }, "MinimumHealthyHostsPerZone": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig.MinimumHealthyHostsPerZone", "markdownDescription": "The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* .\n\nIf you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", "title": "MinimumHealthyHostsPerZone" }, "MonitorDurationInSeconds": { "markdownDescription": "The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately.\n\nFor more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* .", "title": "MonitorDurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlarmConfiguration": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration", "markdownDescription": "Information about the Amazon CloudWatch alarms that are associated with the deployment group.", "title": "AlarmConfiguration" }, "ApplicationName": { "markdownDescription": "The name of an existing CodeDeploy application to associate this deployment group with.", "title": "ApplicationName", "type": "string" }, "AutoRollbackConfiguration": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration", "markdownDescription": "Information about the automatic rollback configuration that is associated with the deployment group. If you specify this property, don't specify the `Deployment` property.", "title": "AutoRollbackConfiguration" }, "AutoScalingGroups": { "items": { "type": "string" }, "markdownDescription": "A list of associated Auto Scaling groups that CodeDeploy automatically deploys revisions to when new instances are created. Duplicates are not allowed.", "title": "AutoScalingGroups", "type": "array" }, "BlueGreenDeploymentConfiguration": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration", "markdownDescription": "Information about blue/green deployment options for a deployment group.", "title": "BlueGreenDeploymentConfiguration" }, "Deployment": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Deployment", "markdownDescription": "The application revision to deploy to this deployment group. If you specify this property, your target application revision is deployed as soon as the provisioning process is complete. If you specify this property, don't specify the `AutoRollbackConfiguration` property.", "title": "Deployment" }, "DeploymentConfigName": { "markdownDescription": "A deployment configuration name or a predefined configuration name. With predefined configurations, you can deploy application revisions to one instance at a time ( `CodeDeployDefault.OneAtATime` ), half of the instances at a time ( `CodeDeployDefault.HalfAtATime` ), or all the instances at once ( `CodeDeployDefault.AllAtOnce` ). For more information and valid values, see [Working with Deployment Configurations](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations.html) in the *AWS CodeDeploy User Guide* .", "title": "DeploymentConfigName", "type": "string" }, "DeploymentGroupName": { "markdownDescription": "A name for the deployment group. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the deployment group name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "DeploymentGroupName", "type": "string" }, "DeploymentStyle": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentStyle", "markdownDescription": "Attributes that determine the type of deployment to run and whether to route deployment traffic behind a load balancer.\n\nIf you specify this property with a blue/green deployment type, don't specify the `AutoScalingGroups` , `LoadBalancerInfo` , or `Deployment` properties.\n\n> For blue/green deployments, AWS CloudFormation supports deployments on Lambda compute platforms only. You can perform Amazon ECS blue/green deployments using `AWS::CodeDeploy::BlueGreen` hook. See [Perform Amazon ECS blue/green deployments through CodeDeploy using AWS CloudFormation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/blue-green.html) for more information.", "title": "DeploymentStyle" }, "ECSServices": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ECSService" }, "markdownDescription": "The target Amazon ECS services in the deployment group. This applies only to deployment groups that use the Amazon ECS compute platform. A target Amazon ECS service is specified as an Amazon ECS cluster and service name pair using the format `:` .", "title": "ECSServices", "type": "array" }, "Ec2TagFilters": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. Duplicates are not allowed.\n\nYou can specify `EC2TagFilters` or `Ec2TagSet` , but not both.", "title": "Ec2TagFilters", "type": "array" }, "Ec2TagSet": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSet", "markdownDescription": "Information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same call as `ec2TagFilter` .", "title": "Ec2TagSet" }, "LoadBalancerInfo": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo", "markdownDescription": "Information about the load balancer to use in a deployment. For more information, see [Integrating CodeDeploy with Elastic Load Balancing](https://docs.aws.amazon.com/codedeploy/latest/userguide/integrations-aws-elastic-load-balancing.html) in the *AWS CodeDeploy User Guide* .", "title": "LoadBalancerInfo" }, "OnPremisesInstanceTagFilters": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" }, "markdownDescription": "The on-premises instance tags already applied to on-premises instances that you want to include in the deployment group. CodeDeploy includes all on-premises instances identified by any of the tags you specify in this deployment group. To register on-premises instances with CodeDeploy , see [Working with On-Premises Instances for CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-on-premises.html) in the *AWS CodeDeploy User Guide* . Duplicates are not allowed.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", "title": "OnPremisesInstanceTagFilters", "type": "array" }, "OnPremisesTagSet": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet", "markdownDescription": "Information about groups of tags applied to on-premises instances. The deployment group includes only on-premises instances identified by all the tag groups.\n\nYou can specify `OnPremisesInstanceTagFilters` or `OnPremisesInstanceTagSet` , but not both.", "title": "OnPremisesTagSet" }, "OutdatedInstancesStrategy": { "markdownDescription": "Indicates what happens when new Amazon EC2 instances are launched mid-deployment and do not receive the deployed application revision.\n\nIf this option is set to `UPDATE` or is unspecified, CodeDeploy initiates one or more 'auto-update outdated instances' deployments to apply the deployed application revision to the new Amazon EC2 instances.\n\nIf this option is set to `IGNORE` , CodeDeploy does not initiate a deployment to update the new Amazon EC2 instances. This may result in instances having different revisions.", "title": "OutdatedInstancesStrategy", "type": "string" }, "ServiceRoleArn": { "markdownDescription": "A service role Amazon Resource Name (ARN) that grants CodeDeploy permission to make calls to AWS services on your behalf. For more information, see [Create a Service Role for AWS CodeDeploy](https://docs.aws.amazon.com/codedeploy/latest/userguide/getting-started-create-service-role.html) in the *AWS CodeDeploy User Guide* .\n\n> In some cases, you might need to add a dependency on the service role's policy. For more information, see IAM role policy in [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", "title": "ServiceRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to CodeDeploy deployment groups to help you organize and categorize them. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" }, "TerminationHookEnabled": { "markdownDescription": "Indicates whether the deployment group was configured to have CodeDeploy install a termination hook into an Auto Scaling group.\n\nFor more information about the termination hook, see [How Amazon EC2 Auto Scaling works with CodeDeploy](https://docs.aws.amazon.com//codedeploy/latest/userguide/integrations-aws-auto-scaling.html#integrations-aws-auto-scaling-behaviors) in the *AWS CodeDeploy User Guide* .", "title": "TerminationHookEnabled", "type": "boolean" }, "TriggerConfigurations": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" }, "markdownDescription": "Information about triggers associated with the deployment group. Duplicates are not allowed", "title": "TriggerConfigurations", "type": "array" } }, "required": [ "ApplicationName", "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeDeploy::DeploymentGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.Alarm": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.AlarmConfiguration": { "additionalProperties": false, "properties": { "Alarms": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.Alarm" }, "markdownDescription": "A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added.", "title": "Alarms", "type": "array" }, "Enabled": { "markdownDescription": "Indicates whether the alarm configuration is enabled.", "title": "Enabled", "type": "boolean" }, "IgnorePollAlarmFailure": { "markdownDescription": "Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch . The default value is `false` .\n\n- `true` : The deployment proceeds even if alarm status information can't be retrieved from CloudWatch .\n- `false` : The deployment stops if alarm status information can't be retrieved from CloudWatch .", "title": "IgnorePollAlarmFailure", "type": "boolean" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.AutoRollbackConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether a defined automatic rollback configuration is currently enabled.", "title": "Enabled", "type": "boolean" }, "Events": { "items": { "type": "string" }, "markdownDescription": "The event type or types that trigger a rollback. Valid values are `DEPLOYMENT_FAILURE` , `DEPLOYMENT_STOP_ON_ALARM` , or `DEPLOYMENT_STOP_ON_REQUEST` .", "title": "Events", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.BlueGreenDeploymentConfiguration": { "additionalProperties": false, "properties": { "DeploymentReadyOption": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption", "markdownDescription": "Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment.", "title": "DeploymentReadyOption" }, "GreenFleetProvisioningOption": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption", "markdownDescription": "Information about how instances are provisioned for a replacement environment in a blue/green deployment.", "title": "GreenFleetProvisioningOption" }, "TerminateBlueInstancesOnDeploymentSuccess": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption", "markdownDescription": "Information about whether to terminate instances in the original fleet during a blue/green deployment.", "title": "TerminateBlueInstancesOnDeploymentSuccess" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.BlueInstanceTerminationOption": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to take on instances in the original environment after a successful blue/green deployment.\n\n- `TERMINATE` : Instances are terminated after a specified wait time.\n- `KEEP_ALIVE` : Instances are left running after they are deregistered from the load balancer and removed from the deployment group.", "title": "Action", "type": "string" }, "TerminationWaitTimeInMinutes": { "markdownDescription": "For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment.\n\nFor an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set.\n\nThe maximum setting is 2880 minutes (2 days).", "title": "TerminationWaitTimeInMinutes", "type": "number" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.Deployment": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A comment about the deployment.", "title": "Description", "type": "string" }, "IgnoreApplicationStopFailures": { "markdownDescription": "If true, then if an `ApplicationStop` , `BeforeBlockTraffic` , or `AfterBlockTraffic` deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. For example, if `ApplicationStop` fails, the deployment continues with DownloadBundle. If `BeforeBlockTraffic` fails, the deployment continues with `BlockTraffic` . If `AfterBlockTraffic` fails, the deployment continues with `ApplicationStop` .\n\nIf false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted.\n\nDuring a deployment, the AWS CodeDeploy agent runs the scripts specified for `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` in the AppSpec file from the previous successful deployment. (All other scripts are run from the AppSpec file in the current deployment.) If one of these scripts contains an error and does not run successfully, the deployment can fail.\n\nIf the cause of the failure is a script from the last successful deployment that will never run successfully, create a new deployment and use `ignoreApplicationStopFailures` to specify that the `ApplicationStop` , `BeforeBlockTraffic` , and `AfterBlockTraffic` failures should be ignored.", "title": "IgnoreApplicationStopFailures", "type": "boolean" }, "Revision": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.RevisionLocation", "markdownDescription": "Information about the location of stored application artifacts and the service from which to retrieve them.", "title": "Revision" } }, "required": [ "Revision" ], "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.DeploymentReadyOption": { "additionalProperties": false, "properties": { "ActionOnTimeout": { "markdownDescription": "Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment.\n\n- CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment.\n- STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using [ContinueDeployment](https://docs.aws.amazon.com/codedeploy/latest/APIReference/API_ContinueDeployment.html) . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped.", "title": "ActionOnTimeout", "type": "string" }, "WaitTimeInMinutes": { "markdownDescription": "The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the `STOP_DEPLOYMENT` option for `actionOnTimeout` .", "title": "WaitTimeInMinutes", "type": "number" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.DeploymentStyle": { "additionalProperties": false, "properties": { "DeploymentOption": { "markdownDescription": "Indicates whether to route deployment traffic behind a load balancer.\n\n> An Amazon EC2 Application Load Balancer or Network Load Balancer is required for an Amazon ECS deployment.", "title": "DeploymentOption", "type": "string" }, "DeploymentType": { "markdownDescription": "Indicates whether to run an in-place or blue/green deployment.", "title": "DeploymentType", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.EC2TagFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag filter key.", "title": "Key", "type": "string" }, "Type": { "markdownDescription": "The tag filter type:\n\n- `KEY_ONLY` : Key only.\n- `VALUE_ONLY` : Value only.\n- `KEY_AND_VALUE` : Key and value.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The tag filter value.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.EC2TagSet": { "additionalProperties": false, "properties": { "Ec2TagSetList": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject" }, "markdownDescription": "The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group.\n\nDuplicates are not allowed.", "title": "Ec2TagSetList", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.EC2TagSetListObject": { "additionalProperties": false, "properties": { "Ec2TagGroup": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.EC2TagFilter" }, "markdownDescription": "A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.", "title": "Ec2TagGroup", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.ECSService": { "additionalProperties": false, "properties": { "ClusterName": { "markdownDescription": "The name of the cluster that the Amazon ECS service is associated with.", "title": "ClusterName", "type": "string" }, "ServiceName": { "markdownDescription": "The name of the target Amazon ECS service.", "title": "ServiceName", "type": "string" } }, "required": [ "ClusterName", "ServiceName" ], "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.ELBInfo": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.GitHubLocation": { "additionalProperties": false, "properties": { "CommitId": { "markdownDescription": "The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision.", "title": "CommitId", "type": "string" }, "Repository": { "markdownDescription": "The GitHub account and repository pair that stores a reference to the commit that represents the bundled artifacts for the application revision.\n\nSpecify the value as `account/repository` .", "title": "Repository", "type": "string" } }, "required": [ "CommitId", "Repository" ], "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.GreenFleetProvisioningOption": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The method used to add instances to a replacement environment.\n\n- `DISCOVER_EXISTING` : Use instances that already exist or will be created manually.\n- `COPY_AUTO_SCALING_GROUP` : Use settings from a specified Auto Scaling group to define and create instances in a new Auto Scaling group.", "title": "Action", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.LoadBalancerInfo": { "additionalProperties": false, "properties": { "ElbInfoList": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.ELBInfo" }, "markdownDescription": "An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array.\n\n> You can add up to 10 load balancers to the array. > If you're using Application Load Balancers or Network Load Balancers, use the `targetGroupInfoList` array instead of this one.", "title": "ElbInfoList", "type": "array" }, "TargetGroupInfoList": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, "markdownDescription": "An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array.\n\n> You can add up to 10 target groups to the array. > If you're using Classic Load Balancers, use the `elbInfoList` array instead of this one.", "title": "TargetGroupInfoList", "type": "array" }, "TargetGroupPairInfoList": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo" }, "markdownDescription": "The target group pair information. This is an array of `TargeGroupPairInfo` objects with a maximum size of one.", "title": "TargetGroupPairInfoList", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSet": { "additionalProperties": false, "properties": { "OnPremisesTagSetList": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject" }, "markdownDescription": "A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list.\n\nDuplicates are not allowed.", "title": "OnPremisesTagSetList", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.OnPremisesTagSetListObject": { "additionalProperties": false, "properties": { "OnPremisesTagGroup": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TagFilter" }, "markdownDescription": "Information about groups of on-premises instance tags.", "title": "OnPremisesTagGroup", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.RevisionLocation": { "additionalProperties": false, "properties": { "GitHubLocation": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.GitHubLocation", "markdownDescription": "Information about the location of application artifacts stored in GitHub.", "title": "GitHubLocation" }, "RevisionType": { "markdownDescription": "The type of application revision:\n\n- S3: An application revision stored in Amazon S3.\n- GitHub: An application revision stored in GitHub (EC2/On-premises deployments only).\n- String: A YAML-formatted or JSON-formatted string ( AWS Lambda deployments only).\n- AppSpecContent: An `AppSpecContent` object that contains the contents of an AppSpec file for an AWS Lambda or Amazon ECS deployment. The content is formatted as JSON or YAML stored as a RawString.", "title": "RevisionType", "type": "string" }, "S3Location": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.S3Location", "markdownDescription": "Information about the location of a revision stored in Amazon S3.", "title": "S3Location" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where the application revision is stored.", "title": "Bucket", "type": "string" }, "BundleType": { "markdownDescription": "The file type of the application revision. Must be one of the following:\n\n- JSON\n- tar: A tar archive file.\n- tgz: A compressed tar archive file.\n- YAML\n- zip: A zip archive file.", "title": "BundleType", "type": "string" }, "ETag": { "markdownDescription": "The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the ETag is not specified as an input parameter, ETag validation of the object is skipped.", "title": "ETag", "type": "string" }, "Key": { "markdownDescription": "The name of the Amazon S3 object that represents the bundled artifacts for the application revision.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision.\n\nIf the version is not specified, the system uses the most recent version by default.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.TagFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The on-premises instance tag filter key.", "title": "Key", "type": "string" }, "Type": { "markdownDescription": "The on-premises instance tag filter type:\n\n- KEY_ONLY: Key only.\n- VALUE_ONLY: Value only.\n- KEY_AND_VALUE: Key and value.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The on-premises instance tag filter value.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed.\n\n> AWS CloudFormation supports blue/green deployments on AWS Lambda compute platforms only. \n\nThis value cannot exceed 32 characters, so you should use the `Name` property of the target group, or the `TargetGroupName` attribute with the `Fn::GetAtt` intrinsic function, as shown in the following example. Don't use the group's Amazon Resource Name (ARN) or `TargetGroupFullName` attribute.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.TargetGroupPairInfo": { "additionalProperties": false, "properties": { "ProdTrafficRoute": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", "markdownDescription": "The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete.", "title": "ProdTrafficRoute" }, "TargetGroups": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TargetGroupInfo" }, "markdownDescription": "One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete.", "title": "TargetGroups", "type": "array" }, "TestTrafficRoute": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TrafficRoute", "markdownDescription": "An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment.", "title": "TestTrafficRoute" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.TrafficRoute": { "additionalProperties": false, "properties": { "ListenerArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one.", "title": "ListenerArns", "type": "array" } }, "type": "object" }, "AWS::CodeDeploy::DeploymentGroup.TriggerConfig": { "additionalProperties": false, "properties": { "TriggerEvents": { "items": { "type": "string" }, "markdownDescription": "The event type or types that trigger notifications.", "title": "TriggerEvents", "type": "array" }, "TriggerName": { "markdownDescription": "The name of the notification trigger.", "title": "TriggerName", "type": "string" }, "TriggerTargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent.", "title": "TriggerTargetArn", "type": "string" } }, "type": "object" }, "AWS::CodeGuruProfiler::ProfilingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentPermissions": { "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions", "markdownDescription": "The agent permissions attached to this profiling group. This action group grants `ConfigureAgent` and `PostAgentProfile` permissions to perform actions required by the profiling agent. The Json consists of key `Principals` .\n\n*Principals* : A list of string ARNs for the roles and users you want to grant access to the profiling group. Wildcards are not supported in the ARNs. You are allowed to provide up to 50 ARNs. An empty list is not permitted. This is a required key.\n\nFor more information, see [Resource-based policies in CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/resource-based-policies.html) in the *Amazon CodeGuru Profiler user guide* , [ConfigureAgent](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_ConfigureAgent.html) , and [PostAgentProfile](https://docs.aws.amazon.com/codeguru/latest/profiler-api/API_PostAgentProfile.html) .", "title": "AgentPermissions" }, "AnomalyDetectionNotificationConfiguration": { "items": { "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup.Channel" }, "markdownDescription": "Adds anomaly notifications for a profiling group.", "title": "AnomalyDetectionNotificationConfiguration", "type": "array" }, "ComputePlatform": { "markdownDescription": "The compute platform of the profiling group. Use `AWSLambda` if your application runs on AWS Lambda. Use `Default` if your application runs on a compute platform that is not AWS Lambda , such an Amazon EC2 instance, an on-premises server, or a different platform. If not specified, `Default` is used. This property is immutable.", "title": "ComputePlatform", "type": "string" }, "ProfilingGroupName": { "markdownDescription": "The name of the profiling group.", "title": "ProfilingGroupName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to add to the created profiling group.", "title": "Tags", "type": "array" } }, "required": [ "ProfilingGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeGuruProfiler::ProfilingGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeGuruProfiler::ProfilingGroup.AgentPermissions": { "additionalProperties": false, "properties": { "Principals": { "items": { "type": "string" }, "markdownDescription": "", "title": "Principals", "type": "array" } }, "required": [ "Principals" ], "type": "object" }, "AWS::CodeGuruProfiler::ProfilingGroup.Channel": { "additionalProperties": false, "properties": { "channelId": { "markdownDescription": "The channel ID.", "title": "channelId", "type": "string" }, "channelUri": { "markdownDescription": "The channel URI.", "title": "channelUri", "type": "string" } }, "required": [ "channelUri" ], "type": "object" }, "AWS::CodeGuruReviewer::RepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the bucket. This is required for your S3Bucket repository. The name must start with the prefix `codeguru-reviewer-*` .", "title": "BucketName", "type": "string" }, "ConnectionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS CodeStar Connections connection. Its format is `arn:aws:codestar-connections:region-id:aws-account_id:connection/connection-id` . For more information, see [Connection](https://docs.aws.amazon.com/codestar-connections/latest/APIReference/API_Connection.html) in the *AWS CodeStar Connections API Reference* .\n\n`ConnectionArn` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", "title": "ConnectionArn", "type": "string" }, "Name": { "markdownDescription": "The name of the repository.", "title": "Name", "type": "string" }, "Owner": { "markdownDescription": "The owner of the repository. For a GitHub Enterprise Server or Bitbucket repository, this is the username for the account that owns the repository.\n\n`Owner` must be specified for Bitbucket and GitHub Enterprise Server repositories. It has no effect if it is specified for an AWS CodeCommit repository.", "title": "Owner", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs used to tag an associated repository. A tag is a custom attribute label with two parts:\n\n- A *tag key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag keys are case sensitive.\n- An optional field known as a *tag value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag value is the same as using an empty string. Like tag keys, tag values are case sensitive.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of repository that contains the source code to be reviewed. The valid values are:\n\n- `CodeCommit`\n- `Bitbucket`\n- `GitHubEnterpriseServer`\n- `S3Bucket`", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeGuruReviewer::RepositoryAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodePipeline::CustomActionType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Category": { "markdownDescription": "The category of the custom action, such as a build action or a test action.", "title": "Category", "type": "string" }, "ConfigurationProperties": { "items": { "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ConfigurationProperties" }, "markdownDescription": "The configuration properties for the custom action.\n\n> You can refer to a name in the configuration properties of the custom action within the URL templates by following the format of {Config:name}, as long as the configuration property is both required and not secret. For more information, see [Create a Custom Action for a Pipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-create-custom-action.html) .", "title": "ConfigurationProperties", "type": "array" }, "InputArtifactDetails": { "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", "markdownDescription": "The details of the input artifact for the action, such as its commit ID.", "title": "InputArtifactDetails" }, "OutputArtifactDetails": { "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.ArtifactDetails", "markdownDescription": "The details of the output artifact of the action, such as its commit ID.", "title": "OutputArtifactDetails" }, "Provider": { "markdownDescription": "The provider of the service used in the custom action, such as CodeDeploy.", "title": "Provider", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::CodePipeline::CustomActionType.Settings", "markdownDescription": "URLs that provide users information about this custom action.", "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the custom action.", "title": "Tags", "type": "array" }, "Version": { "markdownDescription": "The version identifier of the custom action.", "title": "Version", "type": "string" } }, "required": [ "Category", "InputArtifactDetails", "OutputArtifactDetails", "Provider", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::CodePipeline::CustomActionType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodePipeline::CustomActionType.ArtifactDetails": { "additionalProperties": false, "properties": { "MaximumCount": { "markdownDescription": "The maximum number of artifacts allowed for the action type.", "title": "MaximumCount", "type": "number" }, "MinimumCount": { "markdownDescription": "The minimum number of artifacts allowed for the action type.", "title": "MinimumCount", "type": "number" } }, "required": [ "MaximumCount", "MinimumCount" ], "type": "object" }, "AWS::CodePipeline::CustomActionType.ConfigurationProperties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the action configuration property that is displayed to users.", "title": "Description", "type": "string" }, "Key": { "markdownDescription": "Whether the configuration property is a key.", "title": "Key", "type": "boolean" }, "Name": { "markdownDescription": "The name of the action configuration property.", "title": "Name", "type": "string" }, "Queryable": { "markdownDescription": "Indicates that the property is used with `PollForJobs` . When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.\n\nIf you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens.", "title": "Queryable", "type": "boolean" }, "Required": { "markdownDescription": "Whether the configuration property is a required value.", "title": "Required", "type": "boolean" }, "Secret": { "markdownDescription": "Whether the configuration property is secret. Secrets are hidden from all calls except for `GetJobDetails` , `GetThirdPartyJobDetails` , `PollForJobs` , and `PollForThirdPartyJobs` .\n\nWhen updating a pipeline, passing * * * * * without changing any other values of the action preserves the previous value of the secret.", "title": "Secret", "type": "boolean" }, "Type": { "markdownDescription": "The type of the configuration property.", "title": "Type", "type": "string" } }, "required": [ "Key", "Name", "Required", "Secret" ], "type": "object" }, "AWS::CodePipeline::CustomActionType.Settings": { "additionalProperties": false, "properties": { "EntityUrlTemplate": { "markdownDescription": "The URL returned to the CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for a CodeDeploy deployment group. This link is provided as part of the action display in the pipeline.", "title": "EntityUrlTemplate", "type": "string" }, "ExecutionUrlTemplate": { "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for CodeDeploy. This link is shown on the pipeline view page in the CodePipeline console and provides a link to the execution entity of the external action.", "title": "ExecutionUrlTemplate", "type": "string" }, "RevisionUrlTemplate": { "markdownDescription": "The URL returned to the CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action.", "title": "RevisionUrlTemplate", "type": "string" }, "ThirdPartyConfigurationUrl": { "markdownDescription": "The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service.", "title": "ThirdPartyConfigurationUrl", "type": "string" } }, "type": "object" }, "AWS::CodePipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ArtifactStore": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", "markdownDescription": "The S3 bucket where artifacts for the pipeline are stored.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", "title": "ArtifactStore" }, "ArtifactStores": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStoreMap" }, "markdownDescription": "A mapping of `artifactStore` objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", "title": "ArtifactStores", "type": "array" }, "DisableInboundStageTransitions": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageTransition" }, "markdownDescription": "Represents the input of a `DisableStageTransition` action.", "title": "DisableInboundStageTransitions", "type": "array" }, "ExecutionMode": { "markdownDescription": "The method that the pipeline will use to handle multiple executions. The default mode is SUPERSEDED.", "title": "ExecutionMode", "type": "string" }, "Name": { "markdownDescription": "The name of the pipeline.", "title": "Name", "type": "string" }, "PipelineType": { "markdownDescription": "CodePipeline provides the following pipeline types, which differ in characteristics and price, so that you can tailor your pipeline features and cost to the needs of your applications.\n\n- V1 type pipelines have a JSON structure that contains standard pipeline, stage, and action-level parameters.\n- V2 type pipelines have the same structure as a V1 type, along with additional parameters for release safety and trigger configuration.\n\n> Including V2 parameters, such as triggers on Git tags, in the pipeline JSON when creating or updating a pipeline will result in the pipeline having the V2 type of pipeline and the associated costs. \n\nFor information about pricing for CodePipeline, see [Pricing](https://docs.aws.amazon.com/codepipeline/pricing/) .\n\nFor information about which type of pipeline to choose, see [What type of pipeline is right for me?](https://docs.aws.amazon.com/codepipeline/latest/userguide/pipeline-types-planning.html) .", "title": "PipelineType", "type": "string" }, "RestartExecutionOnUpdate": { "markdownDescription": "Indicates whether to rerun the CodePipeline pipeline after you update it.", "title": "RestartExecutionOnUpdate", "type": "boolean" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) for CodePipeline to use to either perform actions with no `actionRoleArn` , or to use to assume roles for actions with an `actionRoleArn` .", "title": "RoleArn", "type": "string" }, "Stages": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.StageDeclaration" }, "markdownDescription": "Represents information about a stage and its definition.", "title": "Stages", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the tags applied to the pipeline.", "title": "Tags", "type": "array" }, "Triggers": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration" }, "markdownDescription": "The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline.\n\n> When a trigger configuration is specified, default change detection for repository and branch commits is disabled.", "title": "Triggers", "type": "array" }, "Variables": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.VariableDeclaration" }, "markdownDescription": "A list that defines the pipeline variables for a pipeline resource. Variable names can have alphanumeric and underscore characters, and the values must match `[A-Za-z0-9@\\-_]+` .", "title": "Variables", "type": "array" } }, "required": [ "RoleArn", "Stages" ], "type": "object" }, "Type": { "enum": [ "AWS::CodePipeline::Pipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodePipeline::Pipeline.ActionDeclaration": { "additionalProperties": false, "properties": { "ActionTypeId": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionTypeId", "markdownDescription": "Specifies the action type and the provider of the action.", "title": "ActionTypeId" }, "Configuration": { "markdownDescription": "The action's configuration. These are key-value pairs that specify input values for an action. For more information, see [Action Structure Requirements in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) . For the list of configuration properties for the AWS CloudFormation action type in CodePipeline, see [Configuration Properties Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-action-reference.html) in the *AWS CloudFormation User Guide* . For template snippets with examples, see [Using Parameter Override Functions with CodePipeline Pipelines](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/continuous-delivery-codepipeline-parameter-override-functions.html) in the *AWS CloudFormation User Guide* .\n\nThe values can be represented in either JSON or YAML format. For example, the JSON configuration item format is as follows:\n\n*JSON:*\n\n`\"Configuration\" : { Key : Value },`", "title": "Configuration", "type": "object" }, "InputArtifacts": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.InputArtifact" }, "markdownDescription": "The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .\n\n> For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* .", "title": "InputArtifacts", "type": "array" }, "Name": { "markdownDescription": "The action declaration's name.", "title": "Name", "type": "string" }, "Namespace": { "markdownDescription": "The variable namespace associated with the action. All variables produced as output by this action fall under this namespace.", "title": "Namespace", "type": "string" }, "OutputArtifacts": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.OutputArtifact" }, "markdownDescription": "The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* .", "title": "OutputArtifacts", "type": "array" }, "Region": { "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", "title": "Region", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline.", "title": "RoleArn", "type": "string" }, "RunOrder": { "markdownDescription": "The order in which actions are run.", "title": "RunOrder", "type": "number" }, "TimeoutInMinutes": { "markdownDescription": "A timeout duration in minutes that can be applied against the ActionType\u2019s default timeout value specified in [Quotas for AWS CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/limits.html) . This attribute is available only to the manual approval ActionType.", "title": "TimeoutInMinutes", "type": "number" } }, "required": [ "ActionTypeId", "Name" ], "type": "object" }, "AWS::CodePipeline::Pipeline.ActionTypeId": { "additionalProperties": false, "properties": { "Category": { "markdownDescription": "A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below.\n\n- `Source`\n- `Build`\n- `Test`\n- `Deploy`\n- `Invoke`\n- `Approval`", "title": "Category", "type": "string" }, "Owner": { "markdownDescription": "The creator of the action being called. There are three valid values for the `Owner` field in the action category section within your pipeline structure: `AWS` , `ThirdParty` , and `Custom` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", "title": "Owner", "type": "string" }, "Provider": { "markdownDescription": "The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as `CodeDeploy` . For more information, see [Valid Action Types and Providers in CodePipeline](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#actions-valid-providers) .", "title": "Provider", "type": "string" }, "Version": { "markdownDescription": "A string that describes the action version.", "title": "Version", "type": "string" } }, "required": [ "Category", "Owner", "Provider", "Version" ], "type": "object" }, "AWS::CodePipeline::Pipeline.ArtifactStore": { "additionalProperties": false, "properties": { "EncryptionKey": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.EncryptionKey", "markdownDescription": "The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) .", "title": "EncryptionKey" }, "Location": { "markdownDescription": "The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts.", "title": "Location", "type": "string" }, "Type": { "markdownDescription": "The type of the artifact store, such as S3.", "title": "Type", "type": "string" } }, "required": [ "Location", "Type" ], "type": "object" }, "AWS::CodePipeline::Pipeline.ArtifactStoreMap": { "additionalProperties": false, "properties": { "ArtifactStore": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ArtifactStore", "markdownDescription": "Represents information about the S3 bucket where artifacts are stored for the pipeline.\n\n> You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` .", "title": "ArtifactStore" }, "Region": { "markdownDescription": "The action declaration's AWS Region, such as us-east-1.", "title": "Region", "type": "string" } }, "required": [ "ArtifactStore", "Region" ], "type": "object" }, "AWS::CodePipeline::Pipeline.BlockerDeclaration": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Reserved for future use.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "Reserved for future use.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::CodePipeline::Pipeline.EncryptionKey": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN.\n\n> Aliases are recognized only in the account that created the AWS KMS key. For cross-account actions, you can only use the key ID or key ARN to identify the key. Cross-account actions involve using the role from the other account (AccountB), so specifying the key ID will use the key from the other account (AccountB).", "title": "Id", "type": "string" }, "Type": { "markdownDescription": "The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'.", "title": "Type", "type": "string" } }, "required": [ "Id", "Type" ], "type": "object" }, "AWS::CodePipeline::Pipeline.GitBranchFilterCriteria": { "additionalProperties": false, "properties": { "Excludes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline.", "title": "Excludes", "type": "array" }, "Includes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline.", "title": "Includes", "type": "array" } }, "type": "object" }, "AWS::CodePipeline::Pipeline.GitConfiguration": { "additionalProperties": false, "properties": { "PullRequest": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPullRequestFilter" }, "markdownDescription": "The field where the repository event that will start the pipeline is specified as pull requests.", "title": "PullRequest", "type": "array" }, "Push": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitPushFilter" }, "markdownDescription": "The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details.", "title": "Push", "type": "array" }, "SourceActionName": { "markdownDescription": "The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only.\n\n> You can only specify one trigger configuration per source action.", "title": "SourceActionName", "type": "string" } }, "required": [ "SourceActionName" ], "type": "object" }, "AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria": { "additionalProperties": false, "properties": { "Excludes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline.", "title": "Excludes", "type": "array" }, "Includes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline.", "title": "Includes", "type": "array" } }, "type": "object" }, "AWS::CodePipeline::Pipeline.GitPullRequestFilter": { "additionalProperties": false, "properties": { "Branches": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", "markdownDescription": "The field that specifies to filter on branches for the pull request trigger configuration.", "title": "Branches" }, "Events": { "items": { "type": "string" }, "markdownDescription": "The field that specifies which pull request events to filter on (opened, updated, closed) for the trigger configuration.", "title": "Events", "type": "array" }, "FilePaths": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", "markdownDescription": "The field that specifies to filter on file paths for the pull request trigger configuration.", "title": "FilePaths" } }, "type": "object" }, "AWS::CodePipeline::Pipeline.GitPushFilter": { "additionalProperties": false, "properties": { "Branches": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitBranchFilterCriteria", "markdownDescription": "The field that specifies to filter on branches for the push trigger configuration.", "title": "Branches" }, "FilePaths": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitFilePathFilterCriteria", "markdownDescription": "The field that specifies to filter on file paths for the push trigger configuration.", "title": "FilePaths" }, "Tags": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitTagFilterCriteria", "markdownDescription": "The field that contains the details for the Git tags trigger configuration.", "title": "Tags" } }, "type": "object" }, "AWS::CodePipeline::Pipeline.GitTagFilterCriteria": { "additionalProperties": false, "properties": { "Excludes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline.", "title": "Excludes", "type": "array" }, "Includes": { "items": { "type": "string" }, "markdownDescription": "The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline.", "title": "Includes", "type": "array" } }, "type": "object" }, "AWS::CodePipeline::Pipeline.InputArtifact": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the artifact to be worked on (for example, \"My App\").\n\nArtifacts are the files that are worked on by actions in the pipeline. See the action configuration for each action for details about artifact parameters. For example, the S3 source action input artifact is a file name (or file path), and the files are generally provided as a ZIP file. Example artifact name: SampleApp_Windows.zip\n\nThe input artifact of an action must exactly match the output artifact declared in a preceding action, but the input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::CodePipeline::Pipeline.OutputArtifact": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the output of an artifact, such as \"My App\".\n\nThe output artifact name must exactly match the input artifact declared for a downstream action. However, the downstream action's input artifact does not have to be the next action in strict sequence from the action that provided the output artifact. Actions in parallel can declare different output artifacts, which are in turn consumed by different following actions.\n\nOutput artifact names must be unique within a pipeline.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::CodePipeline::Pipeline.PipelineTriggerDeclaration": { "additionalProperties": false, "properties": { "GitConfiguration": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.GitConfiguration", "markdownDescription": "Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags.", "title": "GitConfiguration" }, "ProviderType": { "markdownDescription": "The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration.", "title": "ProviderType", "type": "string" } }, "required": [ "ProviderType" ], "type": "object" }, "AWS::CodePipeline::Pipeline.StageDeclaration": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.ActionDeclaration" }, "markdownDescription": "The actions included in a stage.", "title": "Actions", "type": "array" }, "Blockers": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Pipeline.BlockerDeclaration" }, "markdownDescription": "Reserved for future use.", "title": "Blockers", "type": "array" }, "Name": { "markdownDescription": "The name of the stage.", "title": "Name", "type": "string" } }, "required": [ "Actions", "Name" ], "type": "object" }, "AWS::CodePipeline::Pipeline.StageTransition": { "additionalProperties": false, "properties": { "Reason": { "markdownDescription": "The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI.", "title": "Reason", "type": "string" }, "StageName": { "markdownDescription": "The name of the stage where you want to disable the inbound or outbound transition of artifacts.", "title": "StageName", "type": "string" } }, "required": [ "Reason", "StageName" ], "type": "object" }, "AWS::CodePipeline::Pipeline.VariableDeclaration": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "The value of a pipeline-level variable.", "title": "DefaultValue", "type": "string" }, "Description": { "markdownDescription": "The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of a pipeline-level variable.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::CodePipeline::Webhook": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Authentication": { "markdownDescription": "Supported options are GITHUB_HMAC, IP, and UNAUTHENTICATED.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities. \n\n- For information about the authentication scheme implemented by GITHUB_HMAC, see [Securing your webhooks](https://docs.aws.amazon.com/https://developer.github.com/webhooks/securing/) on the GitHub Developer website.\n- IP rejects webhooks trigger requests unless they originate from an IP address in the IP range whitelisted in the authentication configuration.\n- UNAUTHENTICATED accepts all webhook trigger requests regardless of origin.", "title": "Authentication", "type": "string" }, "AuthenticationConfiguration": { "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookAuthConfiguration", "markdownDescription": "Properties that configure the authentication applied to incoming webhook trigger requests. The required properties depend on the authentication type. For GITHUB_HMAC, only the `SecretToken` property must be set. For IP, only the `AllowedIPRange` property must be set to a valid CIDR range. For UNAUTHENTICATED, no properties can be set.", "title": "AuthenticationConfiguration" }, "Filters": { "items": { "$ref": "#/definitions/AWS::CodePipeline::Webhook.WebhookFilterRule" }, "markdownDescription": "A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started.", "title": "Filters", "type": "array" }, "Name": { "markdownDescription": "The name of the webhook.", "title": "Name", "type": "string" }, "RegisterWithThirdParty": { "markdownDescription": "Configures a connection between the webhook that was created and the external tool with events to be detected.", "title": "RegisterWithThirdParty", "type": "boolean" }, "TargetAction": { "markdownDescription": "The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline.", "title": "TargetAction", "type": "string" }, "TargetPipeline": { "markdownDescription": "The name of the pipeline you want to connect to the webhook.", "title": "TargetPipeline", "type": "string" }, "TargetPipelineVersion": { "markdownDescription": "The version number of the pipeline to be connected to the trigger request.\n\nRequired: Yes\n\nType: Integer\n\nUpdate requires: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)", "title": "TargetPipelineVersion", "type": "number" } }, "required": [ "Authentication", "AuthenticationConfiguration", "Filters", "TargetAction", "TargetPipeline", "TargetPipelineVersion" ], "type": "object" }, "Type": { "enum": [ "AWS::CodePipeline::Webhook" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodePipeline::Webhook.WebhookAuthConfiguration": { "additionalProperties": false, "properties": { "AllowedIPRange": { "markdownDescription": "The property used to configure acceptance of webhooks in an IP address range. For IP, only the `AllowedIPRange` property must be set. This property must be set to a valid CIDR range.", "title": "AllowedIPRange", "type": "string" }, "SecretToken": { "markdownDescription": "The property used to configure GitHub authentication. For GITHUB_HMAC, only the `SecretToken` property must be set.\n\n> When creating CodePipeline webhooks, do not use your own credentials or reuse the same secret token across multiple webhooks. For optimal security, generate a unique secret token for each webhook you create. The secret token is an arbitrary string that you provide, which GitHub uses to compute and sign the webhook payloads sent to CodePipeline, for protecting the integrity and authenticity of the webhook payloads. Using your own credentials or reusing the same token across multiple webhooks can lead to security vulnerabilities.", "title": "SecretToken", "type": "string" } }, "type": "object" }, "AWS::CodePipeline::Webhook.WebhookFilterRule": { "additionalProperties": false, "properties": { "JsonPath": { "markdownDescription": "A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the `MatchEquals` field. Otherwise, the request is ignored. For more information, see [Java JsonPath implementation](https://docs.aws.amazon.com/https://github.com/json-path/JsonPath) in GitHub.", "title": "JsonPath", "type": "string" }, "MatchEquals": { "markdownDescription": "The value selected by the `JsonPath` expression must match what is supplied in the `MatchEquals` field. Otherwise, the request is ignored. Properties from the target action configuration can be included as placeholders in this value by surrounding the action configuration key with curly brackets. For example, if the value supplied here is \"refs/heads/{Branch}\" and the target action has an action configuration property called \"Branch\" with a value of \"main\", the `MatchEquals` value is evaluated as \"refs/heads/main\". For a list of action configuration properties for built-in action types, see [Pipeline Structure Reference Action Requirements](https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#action-requirements) .", "title": "MatchEquals", "type": "string" } }, "required": [ "JsonPath" ], "type": "object" }, "AWS::CodeStar::GitHubRepository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Code": { "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.Code", "markdownDescription": "Information about code to be committed to a repository after it is created in an AWS CloudFormation stack.", "title": "Code" }, "ConnectionArn": { "markdownDescription": "", "title": "ConnectionArn", "type": "string" }, "EnableIssues": { "markdownDescription": "Indicates whether to enable issues for the GitHub repository. You can use GitHub issues to track information and bugs for your repository.", "title": "EnableIssues", "type": "boolean" }, "IsPrivate": { "markdownDescription": "Indicates whether the GitHub repository is a private repository. If so, you choose who can see and commit to this repository.", "title": "IsPrivate", "type": "boolean" }, "RepositoryAccessToken": { "markdownDescription": "The GitHub user's personal access token for the GitHub repository.", "title": "RepositoryAccessToken", "type": "string" }, "RepositoryDescription": { "markdownDescription": "A comment or description about the new repository. This description is displayed in GitHub after the repository is created.", "title": "RepositoryDescription", "type": "string" }, "RepositoryName": { "markdownDescription": "The name of the repository you want to create in GitHub with AWS CloudFormation stack creation.", "title": "RepositoryName", "type": "string" }, "RepositoryOwner": { "markdownDescription": "The GitHub user name for the owner of the GitHub repository to be created. If this repository should be owned by a GitHub organization, provide its name.", "title": "RepositoryOwner", "type": "string" } }, "required": [ "RepositoryName", "RepositoryOwner" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeStar::GitHubRepository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeStar::GitHubRepository.Code": { "additionalProperties": false, "properties": { "S3": { "$ref": "#/definitions/AWS::CodeStar::GitHubRepository.S3", "markdownDescription": "Information about the Amazon S3 bucket that contains a ZIP file of code to be committed to the repository.", "title": "S3" } }, "required": [ "S3" ], "type": "object" }, "AWS::CodeStar::GitHubRepository.S3": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket that contains the ZIP file with the content to be committed to the new repository.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The S3 object key or file name for the ZIP file.", "title": "Key", "type": "string" }, "ObjectVersion": { "markdownDescription": "The object version of the ZIP file, if versioning is enabled for the Amazon S3 bucket.", "title": "ObjectVersion", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::CodeStarConnections::Connection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection. Connection names must be unique in an AWS account .", "title": "ConnectionName", "type": "string" }, "HostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the host associated with the connection.", "title": "HostArn", "type": "string" }, "ProviderType": { "markdownDescription": "The name of the external provider where your third-party code repository is configured.", "title": "ProviderType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the tags applied to the resource.", "title": "Tags", "type": "array" } }, "required": [ "ConnectionName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeStarConnections::Connection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeStarConnections::RepositoryLink": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the connection associated with the repository link.", "title": "ConnectionArn", "type": "string" }, "EncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the encryption key for the repository associated with the repository link.", "title": "EncryptionKeyArn", "type": "string" }, "OwnerId": { "markdownDescription": "The owner ID for the repository associated with the repository link, such as the owner ID in GitHub.", "title": "OwnerId", "type": "string" }, "RepositoryName": { "markdownDescription": "The name of the repository associated with the repository link.", "title": "RepositoryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the repository to be associated with the repository link.", "title": "Tags", "type": "array" } }, "required": [ "ConnectionArn", "OwnerId", "RepositoryName" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeStarConnections::RepositoryLink" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeStarConnections::SyncConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Branch": { "markdownDescription": "The branch associated with a specific sync configuration.", "title": "Branch", "type": "string" }, "ConfigFile": { "markdownDescription": "The file path to the configuration file associated with a specific sync configuration. The path should point to an actual file in the sync configurations linked repository.", "title": "ConfigFile", "type": "string" }, "PublishDeploymentStatus": { "markdownDescription": "Whether to enable or disable publishing of deployment status to source providers.", "title": "PublishDeploymentStatus", "type": "string" }, "RepositoryLinkId": { "markdownDescription": "The ID of the repository link associated with a specific sync configuration.", "title": "RepositoryLinkId", "type": "string" }, "ResourceName": { "markdownDescription": "The name of the connection resource associated with a specific sync configuration.", "title": "ResourceName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role associated with a specific sync configuration.", "title": "RoleArn", "type": "string" }, "SyncType": { "markdownDescription": "The type of sync for a specific sync configuration.", "title": "SyncType", "type": "string" }, "TriggerResourceUpdateOn": { "markdownDescription": "When to trigger Git sync to begin the stack update.", "title": "TriggerResourceUpdateOn", "type": "string" } }, "required": [ "Branch", "ConfigFile", "RepositoryLinkId", "ResourceName", "RoleArn", "SyncType" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeStarConnections::SyncConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeStarNotifications::NotificationRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CreatedBy": { "markdownDescription": "The name or email alias of the person who created the notification rule.", "title": "CreatedBy", "type": "string" }, "DetailType": { "markdownDescription": "The level of detail to include in the notifications for this resource. `BASIC` will include only the contents of the event as it would appear in Amazon CloudWatch. `FULL` will include any supplemental information provided by AWS CodeStar Notifications and/or the service for the resource for which the notification is created.", "title": "DetailType", "type": "string" }, "EventTypeId": { "markdownDescription": "The event type associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", "title": "EventTypeId", "type": "string" }, "EventTypeIds": { "items": { "type": "string" }, "markdownDescription": "A list of event types associated with this notification rule. For a complete list of event types and IDs, see [Notification concepts](https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api) in the *Developer Tools Console User Guide* .", "title": "EventTypeIds", "type": "array" }, "Name": { "markdownDescription": "The name for the notification rule. Notification rule names must be unique in your AWS account .", "title": "Name", "type": "string" }, "Resource": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the notification rule. Supported resources include pipelines in AWS CodePipeline , repositories in AWS CodeCommit , and build projects in AWS CodeBuild .", "title": "Resource", "type": "string" }, "Status": { "markdownDescription": "The status of the notification rule. The default value is `ENABLED` . If the status is set to `DISABLED` , notifications aren't sent for the notification rule.", "title": "Status", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "A list of tags to apply to this notification rule. Key names cannot start with \" `aws` \".", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TargetAddress": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic or AWS Chatbot client.", "title": "TargetAddress", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule.Target" }, "markdownDescription": "A list of Amazon Resource Names (ARNs) of Amazon SNS topics and AWS Chatbot clients to associate with the notification rule.", "title": "Targets", "type": "array" } }, "required": [ "DetailType", "EventTypeIds", "Name", "Resource", "Targets" ], "type": "object" }, "Type": { "enum": [ "AWS::CodeStarNotifications::NotificationRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CodeStarNotifications::NotificationRule.Target": { "additionalProperties": false, "properties": { "TargetAddress": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Chatbot topic or AWS Chatbot client.", "title": "TargetAddress", "type": "string" }, "TargetType": { "markdownDescription": "The target type. Can be an Amazon Simple Notification Service topic or AWS Chatbot client.\n\n- Amazon Simple Notification Service topics are specified as `SNS` .\n- AWS Chatbot clients are specified as `AWSChatbotSlack` .\n- AWS Chatbot clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` .", "title": "TargetType", "type": "string" } }, "required": [ "TargetAddress", "TargetType" ], "type": "object" }, "AWS::Cognito::IdentityPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowClassicFlow": { "markdownDescription": "Enables the Basic (Classic) authentication flow.", "title": "AllowClassicFlow", "type": "boolean" }, "AllowUnauthenticatedIdentities": { "markdownDescription": "Specifies whether the identity pool supports unauthenticated logins.", "title": "AllowUnauthenticatedIdentities", "type": "boolean" }, "CognitoEvents": { "markdownDescription": "The events to configure.", "title": "CognitoEvents", "type": "object" }, "CognitoIdentityProviders": { "items": { "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoIdentityProvider" }, "markdownDescription": "The Amazon Cognito user pools and their client IDs.", "title": "CognitoIdentityProviders", "type": "array" }, "CognitoStreams": { "$ref": "#/definitions/AWS::Cognito::IdentityPool.CognitoStreams", "markdownDescription": "Configuration options for configuring Amazon Cognito streams.", "title": "CognitoStreams" }, "DeveloperProviderName": { "markdownDescription": "The \"domain\" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).\n\n*Minimum length* : 1\n\n*Maximum length* : 100", "title": "DeveloperProviderName", "type": "string" }, "IdentityPoolName": { "markdownDescription": "The name of your Amazon Cognito identity pool.\n\n*Minimum length* : 1\n\n*Maximum length* : 128\n\n*Pattern* : `[\\w\\s+=,.@-]+`", "title": "IdentityPoolName", "type": "string" }, "OpenIdConnectProviderARNs": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the OpenID connect providers.", "title": "OpenIdConnectProviderARNs", "type": "array" }, "PushSync": { "$ref": "#/definitions/AWS::Cognito::IdentityPool.PushSync", "markdownDescription": "The configuration options to be applied to the identity pool.", "title": "PushSync" }, "SamlProviderARNs": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.", "title": "SamlProviderARNs", "type": "array" }, "SupportedLoginProviders": { "markdownDescription": "Key-value pairs that map provider names to provider app IDs.", "title": "SupportedLoginProviders", "type": "object" } }, "required": [ "AllowUnauthenticatedIdentities" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::IdentityPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::IdentityPool.CognitoIdentityProvider": { "additionalProperties": false, "properties": { "ClientId": { "markdownDescription": "The client ID for the Amazon Cognito user pool.", "title": "ClientId", "type": "string" }, "ProviderName": { "markdownDescription": "The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .", "title": "ProviderName", "type": "string" }, "ServerSideTokenCheck": { "markdownDescription": "TRUE if server-side token validation is enabled for the identity provider\u2019s token.\n\nAfter you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.\n\nIf the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.", "title": "ServerSideTokenCheck", "type": "boolean" } }, "required": [ "ClientId", "ProviderName" ], "type": "object" }, "AWS::Cognito::IdentityPool.CognitoStreams": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.", "title": "RoleArn", "type": "string" }, "StreamName": { "markdownDescription": "The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool.", "title": "StreamName", "type": "string" }, "StreamingStatus": { "markdownDescription": "Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` .", "title": "StreamingStatus", "type": "string" } }, "type": "object" }, "AWS::Cognito::IdentityPool.PushSync": { "additionalProperties": false, "properties": { "ApplicationArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the Amazon SNS platform applications that could be used by clients.", "title": "ApplicationArns", "type": "array" }, "RoleArn": { "markdownDescription": "An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::Cognito::IdentityPoolPrincipalTag": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IdentityPoolId": { "markdownDescription": "The identity pool that you want to associate with this principal tag map.", "title": "IdentityPoolId", "type": "string" }, "IdentityProviderName": { "markdownDescription": "The identity pool identity provider (IdP) that you want to associate with this principal tag map.", "title": "IdentityProviderName", "type": "string" }, "PrincipalTags": { "markdownDescription": "A JSON-formatted list of user claims and the principal tags that you want to associate with them. When Amazon Cognito requests credentials, it sets the value of the principal tag to the value of the user's claim.", "title": "PrincipalTags", "type": "object" }, "UseDefaults": { "markdownDescription": "Use a default set of mappings between claims and tags for this provider, instead of a custom map.", "title": "UseDefaults", "type": "boolean" } }, "required": [ "IdentityPoolId", "IdentityProviderName" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::IdentityPoolPrincipalTag" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::IdentityPoolRoleAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IdentityPoolId": { "markdownDescription": "An identity pool ID in the format `REGION:GUID` .", "title": "IdentityPoolId", "type": "string" }, "RoleMappings": { "additionalProperties": false, "markdownDescription": "How users for a specific identity provider are mapped to roles. This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .\n\nIf the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.\n\nFor more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping" } }, "title": "RoleMappings", "type": "object" }, "Roles": { "additionalProperties": true, "markdownDescription": "The map of the roles associated with this pool. For a given role, the key is either \"authenticated\" or \"unauthenticated\". The value is the role ARN.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Roles", "type": "object" } }, "required": [ "IdentityPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::IdentityPoolRoleAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::IdentityPoolRoleAttachment.MappingRule": { "additionalProperties": false, "properties": { "Claim": { "markdownDescription": "The claim name that must be present in the token. For example: \"isAdmin\" or \"paid\".", "title": "Claim", "type": "string" }, "MatchType": { "markdownDescription": "The match condition that specifies how closely the claim value in the IdP token must match `Value` .\n\nValid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .", "title": "MatchType", "type": "string" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the role.", "title": "RoleARN", "type": "string" }, "Value": { "markdownDescription": "A brief string that the claim must match. For example, \"paid\" or \"yes\".", "title": "Value", "type": "string" } }, "required": [ "Claim", "MatchType", "RoleARN", "Value" ], "type": "object" }, "AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping": { "additionalProperties": false, "properties": { "AmbiguousRoleResolution": { "markdownDescription": "If you specify Token or Rules as the `Type` , `AmbiguousRoleResolution` is required.\n\nSpecifies the action to be taken if either no rules match the claim value for the `Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.", "title": "AmbiguousRoleResolution", "type": "string" }, "IdentityProvider": { "markdownDescription": "Identifier for the identity provider for which the role is mapped. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.\n\nIf the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.", "title": "IdentityProvider", "type": "string" }, "RulesConfiguration": { "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType", "markdownDescription": "The rules to be used for mapping users to roles. If you specify \"Rules\" as the role-mapping type, RulesConfiguration is required.", "title": "RulesConfiguration" }, "Type": { "markdownDescription": "The role mapping type. Token will use `cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment.MappingRule" }, "markdownDescription": "The rules. You can specify up to 25 rules per identity provider.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::Cognito::LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogConfigurations": { "items": { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.LogConfiguration" }, "markdownDescription": "The detailed activity logging destination of a user pool.", "title": "LogConfigurations", "type": "array" }, "UserPoolId": { "markdownDescription": "The ID of the user pool where you configured detailed activity logging.", "title": "UserPoolId", "type": "string" } }, "required": [ "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::LogDeliveryConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { "LogGroupArn": { "markdownDescription": "The Amazon Resource Name (arn) of a CloudWatch Logs log group where your user pool sends logs. The log group must not be encrypted with AWS Key Management Service and must be in the same AWS account as your user pool.\n\nTo send logs to log groups with a resource policy of a size greater than 5120 characters, configure a log group with a path that starts with `/aws/vendedlogs` . For more information, see [Enabling logging from certain AWS services](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) .", "title": "LogGroupArn", "type": "string" } }, "type": "object" }, "AWS::Cognito::LogDeliveryConfiguration.LogConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLogsConfiguration": { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration.CloudWatchLogsConfiguration", "markdownDescription": "The CloudWatch logging destination of a user pool detailed activity logging configuration.", "title": "CloudWatchLogsConfiguration" }, "EventSource": { "markdownDescription": "The source of events that your user pool sends for detailed activity logging.", "title": "EventSource", "type": "string" }, "LogLevel": { "markdownDescription": "The `errorlevel` selection of logs that a user pool sends for detailed activity logging.", "title": "LogLevel", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountRecoverySetting": { "$ref": "#/definitions/AWS::Cognito::UserPool.AccountRecoverySetting", "markdownDescription": "Use this setting to define which verified available method a user can use to recover their password when they call `ForgotPassword` . It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.", "title": "AccountRecoverySetting" }, "AdminCreateUserConfig": { "$ref": "#/definitions/AWS::Cognito::UserPool.AdminCreateUserConfig", "markdownDescription": "The configuration for creating a new user profile.", "title": "AdminCreateUserConfig" }, "AliasAttributes": { "items": { "type": "string" }, "markdownDescription": "Attributes supported as an alias for this user pool. Possible values: *phone_number* , *email* , or *preferred_username* .\n\n> This user pool property cannot be updated.", "title": "AliasAttributes", "type": "array" }, "AutoVerifiedAttributes": { "items": { "type": "string" }, "markdownDescription": "The attributes to be auto-verified. Possible values: *email* , *phone_number* .", "title": "AutoVerifiedAttributes", "type": "array" }, "DeletionProtection": { "markdownDescription": "When active, `DeletionProtection` prevents accidental deletion of your user\npool. Before you can delete a user pool that you have protected against deletion, you\nmust deactivate this feature.\n\nWhen you try to delete a protected user pool in a `DeleteUserPool` API request, Amazon Cognito returns an `InvalidParameterException` error. To delete a protected user pool, send a new `DeleteUserPool` request after you deactivate deletion protection in an `UpdateUserPool` API request.", "title": "DeletionProtection", "type": "string" }, "DeviceConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPool.DeviceConfiguration", "markdownDescription": "The device-remembering configuration for a user pool. A null value indicates that you have deactivated device remembering in your user pool.\n\n> When you provide a value for any `DeviceConfiguration` field, you activate the Amazon Cognito device-remembering feature.", "title": "DeviceConfiguration" }, "EmailConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPool.EmailConfiguration", "markdownDescription": "The email configuration of your user pool. The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.", "title": "EmailConfiguration" }, "EmailVerificationMessage": { "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) .", "title": "EmailVerificationMessage", "type": "string" }, "EmailVerificationSubject": { "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) .", "title": "EmailVerificationSubject", "type": "string" }, "EnabledMfas": { "items": { "type": "string" }, "markdownDescription": "Enables MFA on a specified user pool. To disable all MFAs after it has been enabled, set MfaConfiguration to \u201cOFF\u201d and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF. Once SMS_MFA is enabled, SMS_MFA can only be disabled by setting MfaConfiguration to \u201cOFF\u201d. Can be one of the following values:\n\n- `SMS_MFA` - Enables SMS MFA for the user pool. SMS_MFA can only be enabled if SMS configuration is provided.\n- `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.\n\nAllowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA`", "title": "EnabledMfas", "type": "array" }, "LambdaConfig": { "$ref": "#/definitions/AWS::Cognito::UserPool.LambdaConfig", "markdownDescription": "The Lambda trigger configuration information for the new user pool.\n\n> In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.\n> \n> For more information on using the Lambda API to add permission, see [AddPermission](https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html) .\n> \n> For adding permission using the AWS CLI , see [add-permission](https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html) .", "title": "LambdaConfig" }, "MfaConfiguration": { "markdownDescription": "The multi-factor authentication (MFA) configuration. Valid values include:\n\n- `OFF` MFA won't be used for any users.\n- `ON` MFA is required for all users to sign in.\n- `OPTIONAL` MFA will be required only for individual users who have an MFA factor activated.", "title": "MfaConfiguration", "type": "string" }, "Policies": { "$ref": "#/definitions/AWS::Cognito::UserPool.Policies", "markdownDescription": "The policy associated with a user pool.", "title": "Policies" }, "Schema": { "items": { "$ref": "#/definitions/AWS::Cognito::UserPool.SchemaAttribute" }, "markdownDescription": "The schema attributes for the new user pool. These attributes can be standard or custom attributes.\n\n> During a user pool update, you can add new schema attributes but you cannot modify or delete an existing schema attribute.", "title": "Schema", "type": "array" }, "SmsAuthenticationMessage": { "markdownDescription": "A string representing the SMS authentication message.", "title": "SmsAuthenticationMessage", "type": "string" }, "SmsConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPool.SmsConfiguration", "markdownDescription": "The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your AWS account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account .", "title": "SmsConfiguration" }, "SmsVerificationMessage": { "markdownDescription": "This parameter is no longer used. See [VerificationMessageTemplateType](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html) .", "title": "SmsVerificationMessage", "type": "string" }, "UserAttributeUpdateSettings": { "$ref": "#/definitions/AWS::Cognito::UserPool.UserAttributeUpdateSettings", "markdownDescription": "The settings for updates to user attributes. These settings include the property `AttributesRequireVerificationBeforeUpdate` ,\na user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For\nmore information, see [Verifying updates to email addresses and phone numbers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates) .", "title": "UserAttributeUpdateSettings" }, "UserPoolAddOns": { "$ref": "#/definitions/AWS::Cognito::UserPool.UserPoolAddOns", "markdownDescription": "User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to `AUDIT` . To configure automatic security responses to risky traffic to your user pool, set to `ENFORCED` .\n\nFor more information, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) .", "title": "UserPoolAddOns" }, "UserPoolName": { "markdownDescription": "A string used to name the user pool.", "title": "UserPoolName", "type": "string" }, "UserPoolTags": { "additionalProperties": true, "markdownDescription": "The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "UserPoolTags", "type": "object" }, "UsernameAttributes": { "items": { "type": "string" }, "markdownDescription": "Determines whether email addresses or phone numbers can be specified as user names when a user signs up. Possible values: `phone_number` or `email` .\n\nThis user pool property cannot be updated.", "title": "UsernameAttributes", "type": "array" }, "UsernameConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPool.UsernameConfiguration", "markdownDescription": "You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to `False` , users will be able to sign in using either \"username\" or \"Username\". This configuration is immutable once it has been set.", "title": "UsernameConfiguration" }, "VerificationMessageTemplate": { "$ref": "#/definitions/AWS::Cognito::UserPool.VerificationMessageTemplate", "markdownDescription": "The template for the verification message that the user sees when the app requests permission to access the user's information.", "title": "VerificationMessageTemplate" } }, "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Cognito::UserPool.AccountRecoverySetting": { "additionalProperties": false, "properties": { "RecoveryMechanisms": { "items": { "$ref": "#/definitions/AWS::Cognito::UserPool.RecoveryOption" }, "markdownDescription": "The list of `RecoveryOptionTypes` .", "title": "RecoveryMechanisms", "type": "array" } }, "type": "object" }, "AWS::Cognito::UserPool.AdminCreateUserConfig": { "additionalProperties": false, "properties": { "AllowAdminCreateUserOnly": { "markdownDescription": "Set to `True` if only the administrator is allowed to create user profiles. Set to `False` if users can sign themselves up via an app.", "title": "AllowAdminCreateUserOnly", "type": "boolean" }, "InviteMessageTemplate": { "$ref": "#/definitions/AWS::Cognito::UserPool.InviteMessageTemplate", "markdownDescription": "The message template to be used for the welcome message to new users.\n\nSee also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .", "title": "InviteMessageTemplate" }, "UnusedAccountValidityDays": { "markdownDescription": "The user account expiration limit, in days, after which a new account that hasn't signed in is no longer usable. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `\"RESEND\"` for the `MessageAction` parameter. The default value for this parameter is 7.\n\n> If you set a value for `TemporaryPasswordValidityDays` in `PasswordPolicy` , that value will be used, and `UnusedAccountValidityDays` will be no longer be an available parameter for that user pool.", "title": "UnusedAccountValidityDays", "type": "number" } }, "type": "object" }, "AWS::Cognito::UserPool.CustomEmailSender": { "additionalProperties": false, "properties": { "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send email notifications to users.", "title": "LambdaArn", "type": "string" }, "LambdaVersion": { "markdownDescription": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information that Amazon Cognito passes to your custom email sender AWS Lambda function. The only supported value is `V1_0` .", "title": "LambdaVersion", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.CustomSMSSender": { "additionalProperties": false, "properties": { "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send SMS notifications to users.", "title": "LambdaArn", "type": "string" }, "LambdaVersion": { "markdownDescription": "The Lambda version represents the signature of the \"request\" attribute in the \"event\" information Amazon Cognito passes to your custom SMS sender Lambda function. The only supported value is `V1_0` .", "title": "LambdaVersion", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.DeviceConfiguration": { "additionalProperties": false, "properties": { "ChallengeRequiredOnNewDevice": { "markdownDescription": "When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).\n\n> Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA.", "title": "ChallengeRequiredOnNewDevice", "type": "boolean" }, "DeviceOnlyRememberedOnUserPrompt": { "markdownDescription": "When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a [ConfirmDevice](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an [UpdateDeviceStatus](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) API request.\n\nWhen `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request.", "title": "DeviceOnlyRememberedOnUserPrompt", "type": "boolean" } }, "type": "object" }, "AWS::Cognito::UserPool.EmailConfiguration": { "additionalProperties": false, "properties": { "ConfigurationSet": { "markdownDescription": "The set of configuration rules that can be applied to emails sent using Amazon SES. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:\n\n- Event publishing \u2013 Amazon SES can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as SNS and CloudWatch.\n- IP pool management \u2013 When leasing dedicated IP addresses with Amazon SES, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.", "title": "ConfigurationSet", "type": "string" }, "EmailSendingAccount": { "markdownDescription": "Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values:\n\n- **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.\n\nTo look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* .\n\nThe default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.\n- **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .\n\nIf you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.\n\nBefore Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .", "title": "EmailSendingAccount", "type": "string" }, "From": { "markdownDescription": "Identifies either the sender's email address or the sender's name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email.", "title": "From", "type": "string" }, "ReplyToEmailAddress": { "markdownDescription": "The destination to which the receiver of the email should reply.", "title": "ReplyToEmailAddress", "type": "string" }, "SourceArn": { "markdownDescription": "The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:\n\n- If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.\n- If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.\n\nThe Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) .", "title": "SourceArn", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.InviteMessageTemplate": { "additionalProperties": false, "properties": { "EmailMessage": { "markdownDescription": "The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", "title": "EmailMessage", "type": "string" }, "EmailSubject": { "markdownDescription": "The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.", "title": "EmailSubject", "type": "string" }, "SMSMessage": { "markdownDescription": "The message template for SMS messages.", "title": "SMSMessage", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.LambdaConfig": { "additionalProperties": false, "properties": { "CreateAuthChallenge": { "markdownDescription": "Creates an authentication challenge.", "title": "CreateAuthChallenge", "type": "string" }, "CustomEmailSender": { "$ref": "#/definitions/AWS::Cognito::UserPool.CustomEmailSender", "markdownDescription": "A custom email sender AWS Lambda trigger.", "title": "CustomEmailSender" }, "CustomMessage": { "markdownDescription": "A custom Message AWS Lambda trigger.", "title": "CustomMessage", "type": "string" }, "CustomSMSSender": { "$ref": "#/definitions/AWS::Cognito::UserPool.CustomSMSSender", "markdownDescription": "A custom SMS sender AWS Lambda trigger.", "title": "CustomSMSSender" }, "DefineAuthChallenge": { "markdownDescription": "Defines the authentication challenge.", "title": "DefineAuthChallenge", "type": "string" }, "KMSKeyID": { "markdownDescription": "The Amazon Resource Name of a AWS Key Management Service ( AWS KMS ) key. Amazon Cognito uses the key to encrypt codes and temporary passwords sent to `CustomEmailSender` and `CustomSMSSender` .", "title": "KMSKeyID", "type": "string" }, "PostAuthentication": { "markdownDescription": "A post-authentication AWS Lambda trigger.", "title": "PostAuthentication", "type": "string" }, "PostConfirmation": { "markdownDescription": "A post-confirmation AWS Lambda trigger.", "title": "PostConfirmation", "type": "string" }, "PreAuthentication": { "markdownDescription": "A pre-authentication AWS Lambda trigger.", "title": "PreAuthentication", "type": "string" }, "PreSignUp": { "markdownDescription": "A pre-registration AWS Lambda trigger.", "title": "PreSignUp", "type": "string" }, "PreTokenGeneration": { "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nSet this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` .\n\nYou can set ``", "title": "PreTokenGeneration", "type": "string" }, "PreTokenGenerationConfig": { "$ref": "#/definitions/AWS::Cognito::UserPool.PreTokenGenerationConfig", "markdownDescription": "The detailed configuration of a pre token generation trigger. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` .", "title": "PreTokenGenerationConfig" }, "UserMigration": { "markdownDescription": "The user migration Lambda config type.", "title": "UserMigration", "type": "string" }, "VerifyAuthChallengeResponse": { "markdownDescription": "Verifies the authentication challenge response.", "title": "VerifyAuthChallengeResponse", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.NumberAttributeConstraints": { "additionalProperties": false, "properties": { "MaxValue": { "markdownDescription": "The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", "title": "MaxValue", "type": "string" }, "MinValue": { "markdownDescription": "The minimum value of an attribute that is of the number data type.", "title": "MinValue", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.PasswordPolicy": { "additionalProperties": false, "properties": { "MinimumLength": { "markdownDescription": "The minimum length of the password in the policy that you have set. This value can't be less than 6.", "title": "MinimumLength", "type": "number" }, "RequireLowercase": { "markdownDescription": "In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.", "title": "RequireLowercase", "type": "boolean" }, "RequireNumbers": { "markdownDescription": "In the password policy that you have set, refers to whether you have required users to use at least one number in their password.", "title": "RequireNumbers", "type": "boolean" }, "RequireSymbols": { "markdownDescription": "In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.", "title": "RequireSymbols", "type": "boolean" }, "RequireUppercase": { "markdownDescription": "In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.", "title": "RequireUppercase", "type": "boolean" }, "TemporaryPasswordValidityDays": { "markdownDescription": "The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value.\n\n> When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool.", "title": "TemporaryPasswordValidityDays", "type": "number" } }, "type": "object" }, "AWS::Cognito::UserPool.Policies": { "additionalProperties": false, "properties": { "PasswordPolicy": { "$ref": "#/definitions/AWS::Cognito::UserPool.PasswordPolicy", "markdownDescription": "The password policy.", "title": "PasswordPolicy" } }, "type": "object" }, "AWS::Cognito::UserPool.PreTokenGenerationConfig": { "additionalProperties": false, "properties": { "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger.\n\nThis parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` .", "title": "LambdaArn", "type": "string" }, "LambdaVersion": { "markdownDescription": "The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features.", "title": "LambdaVersion", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.RecoveryOption": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Specifies the recovery method for a user.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "A positive integer specifying priority of a method with 1 being the highest priority.", "title": "Priority", "type": "number" } }, "type": "object" }, "AWS::Cognito::UserPool.SchemaAttribute": { "additionalProperties": false, "properties": { "AttributeDataType": { "markdownDescription": "The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `\"custom:isMember\" : \"true\"` or `\"custom:YearsAsMember\" : \"12\"` .", "title": "AttributeDataType", "type": "string" }, "DeveloperOnlyAttribute": { "markdownDescription": "> We recommend that you use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . \n\nSpecifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token.", "title": "DeveloperOnlyAttribute", "type": "boolean" }, "Mutable": { "markdownDescription": "Specifies whether the value of the attribute can be changed.\n\nAny user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", "title": "Mutable", "type": "boolean" }, "Name": { "markdownDescription": "The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes..", "title": "Name", "type": "string" }, "NumberAttributeConstraints": { "$ref": "#/definitions/AWS::Cognito::UserPool.NumberAttributeConstraints", "markdownDescription": "Specifies the constraints for an attribute of the number type.", "title": "NumberAttributeConstraints" }, "Required": { "markdownDescription": "Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.", "title": "Required", "type": "boolean" }, "StringAttributeConstraints": { "$ref": "#/definitions/AWS::Cognito::UserPool.StringAttributeConstraints", "markdownDescription": "Specifies the constraints for an attribute of the string type.", "title": "StringAttributeConstraints" } }, "type": "object" }, "AWS::Cognito::UserPool.SmsConfiguration": { "additionalProperties": false, "properties": { "ExternalId": { "markdownDescription": "The external ID is a value. We recommend you use `ExternalId` to add security to your IAM role, which is used to call Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , the Cognito User Pool uses it when attempting to assume your IAM role. You can also set your roles trust policy to require the `ExternalID` . If you use the Cognito Management Console to create a role for SMS MFA, Cognito creates a role with the required permissions and a trust policy that uses `ExternalId` .", "title": "ExternalId", "type": "string" }, "SnsCallerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .", "title": "SnsCallerArn", "type": "string" }, "SnsRegion": { "markdownDescription": "The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* .\n\nAmazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) .", "title": "SnsRegion", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.StringAttributeConstraints": { "additionalProperties": false, "properties": { "MaxLength": { "markdownDescription": "The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer.", "title": "MaxLength", "type": "string" }, "MinLength": { "markdownDescription": "The minimum length.", "title": "MinLength", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.UserAttributeUpdateSettings": { "additionalProperties": false, "properties": { "AttributesRequireVerificationBeforeUpdate": { "items": { "type": "string" }, "markdownDescription": "Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn\u2019t change the value of the attribute until your user responds to the verification message and confirms the new value.\n\nYou can verify an updated email address or phone number with a [VerifyUserAttribute](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerifyUserAttribute.html) API request. You can also call the [AdminUpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) API and set `email_verified` or `phone_number_verified` to true.\n\nWhen `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user\u2019s `email` or `phone_number` attribute.", "title": "AttributesRequireVerificationBeforeUpdate", "type": "array" } }, "required": [ "AttributesRequireVerificationBeforeUpdate" ], "type": "object" }, "AWS::Cognito::UserPool.UserPoolAddOns": { "additionalProperties": false, "properties": { "AdvancedSecurityMode": { "markdownDescription": "The operating mode of advanced security features in your user pool.", "title": "AdvancedSecurityMode", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPool.UsernameConfiguration": { "additionalProperties": false, "properties": { "CaseSensitive": { "markdownDescription": "Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name.\n\nValid values include:\n\n- **True** - Enables case sensitivity for all username input. When this option is set to `True` , users must sign in using the exact capitalization of their given username, such as \u201cUserName\u201d. This is the default value.\n- **False** - Enables case insensitivity for all username input. For example, when this option is set to `False` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.", "title": "CaseSensitive", "type": "boolean" } }, "type": "object" }, "AWS::Cognito::UserPool.VerificationMessageTemplate": { "additionalProperties": false, "properties": { "DefaultEmailOption": { "markdownDescription": "The default email option.", "title": "DefaultEmailOption", "type": "string" }, "EmailMessage": { "markdownDescription": "The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", "title": "EmailMessage", "type": "string" }, "EmailMessageByLink": { "markdownDescription": "The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", "title": "EmailMessageByLink", "type": "string" }, "EmailSubject": { "markdownDescription": "The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", "title": "EmailSubject", "type": "string" }, "EmailSubjectByLink": { "markdownDescription": "The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration.", "title": "EmailSubjectByLink", "type": "string" }, "SmsMessage": { "markdownDescription": "The template for SMS messages that Amazon Cognito sends to your users.", "title": "SmsMessage", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPoolClient": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessTokenValidity": { "markdownDescription": "The access token time limit. After this limit expires, your user can't use their access token. To specify the time unit for `AccessTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `AccessTokenValidity` to `10` and `TokenValidityUnits` to `hours` , your user can authorize access with their access token for 10 hours.\n\nThe default time unit for `AccessTokenValidity` in an API request is hours.", "title": "AccessTokenValidity", "type": "number" }, "AllowedOAuthFlows": { "items": { "type": "string" }, "markdownDescription": "The OAuth grant types that you want your app client to generate. To create an app client that generates client credentials grants, you must add `client_credentials` as the only allowed OAuth flow.\n\n- **code** - Use a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the `/oauth2/token` endpoint.\n- **implicit** - Issue the access token (and, optionally, ID token, based on scopes) directly to your user.\n- **client_credentials** - Issue the access token from the `/oauth2/token` endpoint directly to a non-person user using a combination of the client ID and client secret.", "title": "AllowedOAuthFlows", "type": "array" }, "AllowedOAuthFlowsUserPoolClient": { "markdownDescription": "Set to `true` to use OAuth 2.0 features in your user pool app client.\n\n`AllowedOAuthFlowsUserPoolClient` must be `true` before you can configure the following features in your app client.\n\n- `CallBackURLs` : Callback URLs.\n- `LogoutURLs` : Sign-out redirect URLs.\n- `AllowedOAuthScopes` : OAuth 2.0 scopes.\n- `AllowedOAuthFlows` : Support for authorization code, implicit, and client credentials OAuth 2.0 grants.\n\nTo use OAuth 2.0 features, configure one of these features in the Amazon Cognito console or set `AllowedOAuthFlowsUserPoolClient` to `true` in a `CreateUserPoolClient` or `UpdateUserPoolClient` API request. If you don't set a value for `AllowedOAuthFlowsUserPoolClient` in a request with the AWS CLI or SDKs, it defaults to `false` .", "title": "AllowedOAuthFlowsUserPoolClient", "type": "boolean" }, "AllowedOAuthScopes": { "items": { "type": "string" }, "markdownDescription": "The allowed OAuth scopes. Possible values provided by OAuth are `phone` , `email` , `openid` , and `profile` . Possible values provided by AWS are `aws.cognito.signin.user.admin` . Custom scopes created in Resource Servers are also supported.", "title": "AllowedOAuthScopes", "type": "array" }, "AnalyticsConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPoolClient.AnalyticsConfiguration", "markdownDescription": "The user pool analytics configuration for collecting metrics and sending them to your Amazon Pinpoint campaign.\n\n> In AWS Regions where Amazon Pinpoint isn't available, user pools only support sending events to Amazon Pinpoint projects in AWS Region us-east-1. In Regions where Amazon Pinpoint is available, user pools support sending events to Amazon Pinpoint projects within that same Region.", "title": "AnalyticsConfiguration" }, "AuthSessionValidity": { "markdownDescription": "Amazon Cognito creates a session token for each API request in an authentication flow. `AuthSessionValidity` is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires.", "title": "AuthSessionValidity", "type": "number" }, "CallbackURLs": { "items": { "type": "string" }, "markdownDescription": "A list of allowed redirect (callback) URLs for the IdPs.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nSee [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", "title": "CallbackURLs", "type": "array" }, "ClientName": { "markdownDescription": "The client name for the user pool client you would like to create.", "title": "ClientName", "type": "string" }, "DefaultRedirectURI": { "markdownDescription": "The default redirect URI. In app clients with one assigned IdP, replaces `redirect_uri` in authentication requests. Must be in the `CallbackURLs` list.\n\nA redirect URI must:\n\n- Be an absolute URI.\n- Be registered with the authorization server.\n- Not include a fragment component.\n\nFor more information, see [Default redirect URI](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html#cognito-user-pools-app-idp-settings-about) .\n\nAmazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.\n\nApp callback URLs such as myapp://example are also supported.", "title": "DefaultRedirectURI", "type": "string" }, "EnablePropagateAdditionalUserContextData": { "markdownDescription": "Activates the propagation of additional user context data. For more information about propagation of user context data, see [Adding advanced security to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html) . If you don\u2019t include this parameter, you can't send device fingerprint information, including source IP address, to Amazon Cognito advanced security. You can only activate `EnablePropagateAdditionalUserContextData` in an app client that has a client secret.", "title": "EnablePropagateAdditionalUserContextData", "type": "boolean" }, "EnableTokenRevocation": { "markdownDescription": "Activates or deactivates token revocation. For more information about revoking tokens, see [RevokeToken](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html) .\n\nIf you don't include this parameter, token revocation is automatically activated for the new user pool client.", "title": "EnableTokenRevocation", "type": "boolean" }, "ExplicitAuthFlows": { "items": { "type": "string" }, "markdownDescription": "The authentication flows that you want your user pool client to support. For each app client in your user pool, you can sign in your users with any combination of one or more flows, including with a user name and Secure Remote Password (SRP), a user name and password, or a custom authentication process that you define with Lambda functions.\n\n> If you don't specify a value for `ExplicitAuthFlows` , your user client supports `ALLOW_REFRESH_TOKEN_AUTH` , `ALLOW_USER_SRP_AUTH` , and `ALLOW_CUSTOM_AUTH` . \n\nValid values include:\n\n- `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, your app passes a user name and password to Amazon Cognito in the request, instead of using the Secure Remote Password (SRP) protocol to securely transmit the password.\n- `ALLOW_CUSTOM_AUTH` : Enable Lambda trigger based authentication.\n- `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.\n- `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.\n- `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.\n\nIn some environments, you will see the values `ADMIN_NO_SRP_AUTH` , `CUSTOM_AUTH_FLOW_ONLY` , or `USER_PASSWORD_AUTH` . You can't assign these legacy `ExplicitAuthFlows` values to user pool clients at the same time as values that begin with `ALLOW_` ,\nlike `ALLOW_USER_SRP_AUTH` .", "title": "ExplicitAuthFlows", "type": "array" }, "GenerateSecret": { "markdownDescription": "Boolean to specify whether you want to generate a secret for the user pool client being created.", "title": "GenerateSecret", "type": "boolean" }, "IdTokenValidity": { "markdownDescription": "The ID token time limit. After this limit expires, your user can't use their ID token. To specify the time unit for `IdTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `IdTokenValidity` as `10` and `TokenValidityUnits` as `hours` , your user can authenticate their session with their ID token for 10 hours.\n\nThe default time unit for `IdTokenValidity` in an API request is hours.", "title": "IdTokenValidity", "type": "number" }, "LogoutURLs": { "items": { "type": "string" }, "markdownDescription": "A list of allowed logout URLs for the IdPs.", "title": "LogoutURLs", "type": "array" }, "PreventUserExistenceErrors": { "markdownDescription": "Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.", "title": "PreventUserExistenceErrors", "type": "string" }, "ReadAttributes": { "items": { "type": "string" }, "markdownDescription": "The list of user attributes that you want your app client to have read-only access to. After your user authenticates in your app, their access token authorizes them to read their own attribute value for any attribute in this list. An example of this kind of activity is when your user selects a link to view their profile information. Your app makes a [GetUser](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUser.html) API request to retrieve and display your user's profile data.\n\nWhen you don't specify the `ReadAttributes` for your app client, your app can read the values of `email_verified` , `phone_number_verified` , and the Standard attributes of your user pool. When your user pool has read access to these default attributes, `ReadAttributes` doesn't return any information. Amazon Cognito only populates `ReadAttributes` in the API response if you have specified your own custom set of read attributes.", "title": "ReadAttributes", "type": "array" }, "RefreshTokenValidity": { "markdownDescription": "The refresh token time limit. After this limit expires, your user can't use their refresh token. To specify the time unit for `RefreshTokenValidity` as `seconds` , `minutes` , `hours` , or `days` , set a `TokenValidityUnits` value in your API request.\n\nFor example, when you set `RefreshTokenValidity` as `10` and `TokenValidityUnits` as `days` , your user can refresh their session and retrieve new access and ID tokens for 10 days.\n\nThe default time unit for `RefreshTokenValidity` in an API request is days. You can't set `RefreshTokenValidity` to 0. If you do, Amazon Cognito overrides the value with the default value of 30 days.", "title": "RefreshTokenValidity", "type": "number" }, "SupportedIdentityProviders": { "items": { "type": "string" }, "markdownDescription": "A list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: `COGNITO` , `Facebook` , `Google` , `SignInWithApple` , and `LoginWithAmazon` . You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example `MySAMLIdP` or `MyOIDCIdP` .", "title": "SupportedIdentityProviders", "type": "array" }, "TokenValidityUnits": { "$ref": "#/definitions/AWS::Cognito::UserPoolClient.TokenValidityUnits", "markdownDescription": "The units in which the validity times are represented. The default unit for RefreshToken is days, and default for ID and access tokens are hours.", "title": "TokenValidityUnits" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool where you want to create a user pool client.", "title": "UserPoolId", "type": "string" }, "WriteAttributes": { "items": { "type": "string" }, "markdownDescription": "The list of user attributes that you want your app client to have write access to. After your user authenticates in your app, their access token authorizes them to set or modify their own attribute value for any attribute in this list. An example of this kind of activity is when you present your user with a form to update their profile information and they change their last name. Your app then makes an [UpdateUserAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserAttributes.html) API request and sets `family_name` to the new value.\n\nWhen you don't specify the `WriteAttributes` for your app client, your app can write the values of the Standard attributes of your user pool. When your user pool has write access to these default attributes, `WriteAttributes` doesn't return any information. Amazon Cognito only populates `WriteAttributes` in the API response if you have specified your own custom set of write attributes.\n\nIf your app client allows users to sign in through an IdP, this array must include all attributes that you have mapped to IdP attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If your app client does not have write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying IdP Attribute Mappings for Your user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .", "title": "WriteAttributes", "type": "array" } }, "required": [ "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolClient" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolClient.AnalyticsConfiguration": { "additionalProperties": false, "properties": { "ApplicationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Pinpoint project. You can use the Amazon Pinpoint project for integration with the chosen user pool client. Amazon Cognito publishes events to the Amazon Pinpoint project that the app ARN declares.", "title": "ApplicationArn", "type": "string" }, "ApplicationId": { "markdownDescription": "The application ID for an Amazon Pinpoint application.", "title": "ApplicationId", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID.", "title": "ExternalId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of an AWS Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.", "title": "RoleArn", "type": "string" }, "UserDataShared": { "markdownDescription": "If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics.", "title": "UserDataShared", "type": "boolean" } }, "type": "object" }, "AWS::Cognito::UserPoolClient.TokenValidityUnits": { "additionalProperties": false, "properties": { "AccessToken": { "markdownDescription": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is hours. `AccessTokenValidity` duration can range from five minutes to one day.", "title": "AccessToken", "type": "string" }, "IdToken": { "markdownDescription": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is hours. `IdTokenValidity` duration can range from five minutes to one day.", "title": "IdToken", "type": "string" }, "RefreshToken": { "markdownDescription": "A time unit of `seconds` , `minutes` , `hours` , or `days` for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is days. `RefreshTokenValidity` duration can range from 60 minutes to 10 years.", "title": "RefreshToken", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPoolDomain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomDomainConfig": { "$ref": "#/definitions/AWS::Cognito::UserPoolDomain.CustomDomainConfigType", "markdownDescription": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.", "title": "CustomDomainConfig" }, "Domain": { "markdownDescription": "The domain name for the domain that hosts the sign-up and sign-in pages for your application. For example: `auth.example.com` . If you're using a prefix domain, this field denotes the first part of the domain before `.auth.[region].amazoncognito.com` .\n\nThis string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names.", "title": "Domain", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool where you want to associate a user pool domain.", "title": "UserPoolId", "type": "string" } }, "required": [ "Domain", "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolDomain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolDomain.CustomDomainConfigType": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.", "title": "CertificateArn", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPoolGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A string containing the description of the group.", "title": "Description", "type": "string" }, "GroupName": { "markdownDescription": "The name of the group. Must be unique.", "title": "GroupName", "type": "string" }, "Precedence": { "markdownDescription": "A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.\n\nTwo groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.\n\nThe default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` .", "title": "Precedence", "type": "number" }, "RoleArn": { "markdownDescription": "The role Amazon Resource Name (ARN) for the group.", "title": "RoleArn", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool.", "title": "UserPoolId", "type": "string" } }, "required": [ "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolIdentityProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttributeMapping": { "markdownDescription": "A mapping of IdP attributes to standard and custom user pool attributes.", "title": "AttributeMapping", "type": "object" }, "IdpIdentifiers": { "items": { "type": "string" }, "markdownDescription": "A list of IdP identifiers.", "title": "IdpIdentifiers", "type": "array" }, "ProviderDetails": { "markdownDescription": "The scopes, URLs, and identifiers for your external identity provider. The following\nexamples describe the provider detail keys for each IdP type. These values and their\nschema are subject to change. Social IdP `authorize_scopes` values must match\nthe values listed here.\n\n- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .\n\nCreate or update request: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_request_method\": \"GET\", \"attributes_url\": \"https://auth.example.com/userInfo\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"openid profile email\", \"authorize_url\": \"https://auth.example.com/authorize\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"jwks_uri\": \"https://auth.example.com/.well-known/jwks.json\", \"oidc_issuer\": \"https://auth.example.com\", \"token_url\": \"https://example.com/token\" }`\n- **SAML** - Create or update request with Metadata URL: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nCreate or update request with Metadata file: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"MetadataFile\": \"[metadata XML]\", \"RequestSigningAlgorithm\": \"rsa-sha256\" }`\n\nThe value of `MetadataFile` must be the plaintext metadata document with all quote (\") characters escaped by backslashes.\n\nDescribe response: `\"ProviderDetails\": { \"IDPInit\": \"true\", \"IDPSignout\": \"true\", \"EncryptedResponses\" : \"true\", \"ActiveEncryptionCertificate\": \"[certificate]\", \"MetadataURL\": \"https://auth.example.com/sso/saml/metadata\", \"RequestSigningAlgorithm\": \"rsa-sha256\", \"SLORedirectBindingURI\": \"https://auth.example.com/slo/saml\", \"SSORedirectBindingURI\": \"https://auth.example.com/sso/saml\" }`\n- **LoginWithAmazon** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"profile postal_code\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\"`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://api.amazon.com/user/profile\", \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"profile postal_code\", \"authorize_url\": \"https://www.amazon.com/ap/oa\", \"client_id\": \"amzn1.application-oa2-client.1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"POST\", \"token_url\": \"https://api.amazon.com/auth/o2/token\" }`\n- **Google** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email profile openid\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url\": \"https://people.googleapis.com/v1/people/me?personFields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"email profile openid\", \"authorize_url\": \"https://accounts.google.com/o/oauth2/v2/auth\", \"client_id\": \"1example23456789.apps.googleusercontent.com\", \"client_secret\": \"provider-app-client-secret\", \"oidc_issuer\": \"https://accounts.google.com\", \"token_request_method\": \"POST\", \"token_url\": \"https://www.googleapis.com/oauth2/v4/token\" }`\n- **SignInWithApple** - Create or update request: `\"ProviderDetails\": { \"authorize_scopes\": \"email name\", \"client_id\": \"com.example.cognito\", \"private_key\": \"1EXAMPLE\", \"key_id\": \"2EXAMPLE\", \"team_id\": \"3EXAMPLE\" }`\n\nDescribe response: `\"ProviderDetails\": { \"attributes_url_add_attributes\": \"false\", \"authorize_scopes\": \"email name\", \"authorize_url\": \"https://appleid.apple.com/auth/authorize\", \"client_id\": \"com.example.cognito\", \"key_id\": \"1EXAMPLE\", \"oidc_issuer\": \"https://appleid.apple.com\", \"team_id\": \"2EXAMPLE\", \"token_request_method\": \"POST\", \"token_url\": \"https://appleid.apple.com/auth/token\" }`\n- **Facebook** - Create or update request: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"authorize_scopes\": \"public_profile, email\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\" }`\n\nDescribe response: `\"ProviderDetails\": { \"api_version\": \"v17.0\", \"attributes_url\": \"https://graph.facebook.com/v17.0/me?fields=\", \"attributes_url_add_attributes\": \"true\", \"authorize_scopes\": \"public_profile, email\", \"authorize_url\": \"https://www.facebook.com/v17.0/dialog/oauth\", \"client_id\": \"1example23456789\", \"client_secret\": \"provider-app-client-secret\", \"token_request_method\": \"GET\", \"token_url\": \"https://graph.facebook.com/v17.0/oauth/access_token\" }`", "title": "ProviderDetails", "type": "object" }, "ProviderName": { "markdownDescription": "The IdP name.", "title": "ProviderName", "type": "string" }, "ProviderType": { "markdownDescription": "The IdP type.", "title": "ProviderType", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID.", "title": "UserPoolId", "type": "string" } }, "required": [ "ProviderName", "ProviderType", "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolIdentityProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolResourceServer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Identifier": { "markdownDescription": "A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: `https://my-weather-api.example.com` .", "title": "Identifier", "type": "string" }, "Name": { "markdownDescription": "A friendly name for the resource server.", "title": "Name", "type": "string" }, "Scopes": { "items": { "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType" }, "markdownDescription": "A list of scopes. Each scope is a map with keys `ScopeName` and `ScopeDescription` .", "title": "Scopes", "type": "array" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool.", "title": "UserPoolId", "type": "string" } }, "required": [ "Identifier", "Name", "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolResourceServer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType": { "additionalProperties": false, "properties": { "ScopeDescription": { "markdownDescription": "A description of the scope.", "title": "ScopeDescription", "type": "string" }, "ScopeName": { "markdownDescription": "The name of the scope.", "title": "ScopeName", "type": "string" } }, "required": [ "ScopeDescription", "ScopeName" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountTakeoverRiskConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType", "markdownDescription": "The account takeover risk configuration object, including the `NotifyConfiguration` object and `Actions` to take if there is an account takeover.", "title": "AccountTakeoverRiskConfiguration" }, "ClientId": { "markdownDescription": "The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to `ALL` ).", "title": "ClientId", "type": "string" }, "CompromisedCredentialsRiskConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType", "markdownDescription": "The compromised credentials risk configuration object, including the `EventFilter` and the `EventAction` .", "title": "CompromisedCredentialsRiskConfiguration" }, "RiskExceptionConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType", "markdownDescription": "The configuration to override the risk decision.", "title": "RiskExceptionConfiguration" }, "UserPoolId": { "markdownDescription": "The user pool ID.", "title": "UserPoolId", "type": "string" } }, "required": [ "ClientId", "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolRiskConfigurationAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType": { "additionalProperties": false, "properties": { "EventAction": { "markdownDescription": "The action to take in response to the account takeover action. Valid values are as follows:\n\n- `BLOCK` Choosing this action will block the request.\n- `MFA_IF_CONFIGURED` Present an MFA challenge if user has configured it, else allow the request.\n- `MFA_REQUIRED` Present an MFA challenge if user has configured it, else block the request.\n- `NO_ACTION` Allow the user to sign in.", "title": "EventAction", "type": "string" }, "Notify": { "markdownDescription": "Flag specifying whether to send a notification.", "title": "Notify", "type": "boolean" } }, "required": [ "EventAction", "Notify" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType": { "additionalProperties": false, "properties": { "HighAction": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", "markdownDescription": "Action to take for a high risk.", "title": "HighAction" }, "LowAction": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", "markdownDescription": "Action to take for a low risk.", "title": "LowAction" }, "MediumAction": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType", "markdownDescription": "Action to take for a medium risk.", "title": "MediumAction" } }, "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType": { "additionalProperties": false, "properties": { "Actions": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType", "markdownDescription": "Account takeover risk configuration actions.", "title": "Actions" }, "NotifyConfiguration": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType", "markdownDescription": "The notify configuration used to construct email notifications.", "title": "NotifyConfiguration" } }, "required": [ "Actions" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType": { "additionalProperties": false, "properties": { "EventAction": { "markdownDescription": "The event action.", "title": "EventAction", "type": "string" } }, "required": [ "EventAction" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType": { "additionalProperties": false, "properties": { "Actions": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType", "markdownDescription": "The compromised credentials risk configuration actions.", "title": "Actions" }, "EventFilter": { "items": { "type": "string" }, "markdownDescription": "Perform the action for these events. The default is to perform all events if no event filter is specified.", "title": "EventFilter", "type": "array" } }, "required": [ "Actions" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType": { "additionalProperties": false, "properties": { "BlockEmail": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", "markdownDescription": "Email template used when a detected risk event is blocked.", "title": "BlockEmail" }, "From": { "markdownDescription": "The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.", "title": "From", "type": "string" }, "MfaEmail": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", "markdownDescription": "The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.", "title": "MfaEmail" }, "NoActionEmail": { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType", "markdownDescription": "The email template used when a detected risk event is allowed.", "title": "NoActionEmail" }, "ReplyTo": { "markdownDescription": "The destination to which the receiver of an email should reply to.", "title": "ReplyTo", "type": "string" }, "SourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.", "title": "SourceArn", "type": "string" } }, "required": [ "SourceArn" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType": { "additionalProperties": false, "properties": { "HtmlBody": { "markdownDescription": "The email HTML body.", "title": "HtmlBody", "type": "string" }, "Subject": { "markdownDescription": "The email subject.", "title": "Subject", "type": "string" }, "TextBody": { "markdownDescription": "The email text body.", "title": "TextBody", "type": "string" } }, "required": [ "Subject" ], "type": "object" }, "AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType": { "additionalProperties": false, "properties": { "BlockedIPRangeList": { "items": { "type": "string" }, "markdownDescription": "Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.", "title": "BlockedIPRangeList", "type": "array" }, "SkippedIPRangeList": { "items": { "type": "string" }, "markdownDescription": "Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.", "title": "SkippedIPRangeList", "type": "array" } }, "type": "object" }, "AWS::Cognito::UserPoolUICustomizationAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CSS": { "markdownDescription": "The CSS values in the UI customization.", "title": "CSS", "type": "string" }, "ClientId": { "markdownDescription": "The client ID for the client app. You can specify the UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to `ALL` ).", "title": "ClientId", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool.", "title": "UserPoolId", "type": "string" } }, "required": [ "ClientId", "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolUICustomizationAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolUser": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientMetadata": { "additionalProperties": true, "markdownDescription": "A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.\n\nYou create custom workflows by assigning AWS Lambda functions to user pool triggers. When you use the AdminCreateUser API action, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata parameter in your AdminCreateUser request. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.\n\nFor more information, see [Customizing user pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .\n\n> When you use the ClientMetadata parameter, remember that Amazon Cognito won't do the following:\n> \n> - Store the ClientMetadata value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration doesn't include triggers, the ClientMetadata parameter serves no purpose.\n> - Validate the ClientMetadata value.\n> - Encrypt the ClientMetadata value. Don't use Amazon Cognito to provide sensitive information.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ClientMetadata", "type": "object" }, "DesiredDeliveryMediums": { "items": { "type": "string" }, "markdownDescription": "Specify `\"EMAIL\"` if email will be used to send the welcome message. Specify `\"SMS\"` if the phone number will be used. The default value is `\"SMS\"` . You can specify more than one value.", "title": "DesiredDeliveryMediums", "type": "array" }, "ForceAliasCreation": { "markdownDescription": "This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` . Otherwise, it is ignored.\n\nIf this parameter is set to `True` and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.\n\nIf this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .", "title": "ForceAliasCreation", "type": "boolean" }, "MessageAction": { "markdownDescription": "Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to `SUPPRESS` to suppress sending the message. You can specify only one value.", "title": "MessageAction", "type": "string" }, "UserAttributes": { "items": { "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" }, "markdownDescription": "An array of name-value pairs that contain user attributes and attribute values.", "title": "UserAttributes", "type": "array" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool where the user will be created.", "title": "UserPoolId", "type": "string" }, "Username": { "markdownDescription": "The value that you want to set as the username sign-in attribute. The following conditions apply to the username parameter.\n\n- The username can't be a duplicate of another username in the same user pool.\n- You can't change the value of a username after you create it.\n- You can only provide a value if usernames are a valid sign-in attribute for your user pool. If your user pool only supports phone numbers or email addresses as sign-in attributes, Amazon Cognito automatically generates a username value. For more information, see [Customizing sign-in attributes](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-aliases) .", "title": "Username", "type": "string" }, "ValidationData": { "items": { "$ref": "#/definitions/AWS::Cognito::UserPoolUser.AttributeType" }, "markdownDescription": "Temporary user attributes that contribute to the outcomes of your pre sign-up Lambda trigger. This set of key-value pairs are for custom validation of information that you collect from your users but don't need to retain.\n\nYour Lambda function can analyze this additional data and act on it. Your function might perform external API operations like logging user attributes and validation data to Amazon CloudWatch Logs. Validation data might also affect the response that your function returns to Amazon Cognito, like automatically confirming the user if they sign up from within your network.\n\nFor more information about the pre sign-up Lambda trigger, see [Pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) .", "title": "ValidationData", "type": "array" } }, "required": [ "UserPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolUser" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Cognito::UserPoolUser.AttributeType": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the attribute.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the attribute.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Cognito::UserPoolUserToGroupAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the group that you want to add your user to.", "title": "GroupName", "type": "string" }, "UserPoolId": { "markdownDescription": "The user pool ID for the user pool.", "title": "UserPoolId", "type": "string" }, "Username": { "markdownDescription": "", "title": "Username", "type": "string" } }, "required": [ "GroupName", "UserPoolId", "Username" ], "type": "object" }, "Type": { "enum": [ "AWS::Cognito::UserPoolUserToGroupAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Comprehend::DocumentClassifier": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend read access to your input data.", "title": "DataAccessRoleArn", "type": "string" }, "DocumentClassifierName": { "markdownDescription": "The name of the document classifier.", "title": "DocumentClassifierName", "type": "string" }, "InputDataConfig": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig", "markdownDescription": "Specifies the format and location of the input data for the job.", "title": "InputDataConfig" }, "LanguageCode": { "markdownDescription": "The language of the input documents. You can specify any of the languages supported by Amazon Comprehend. All documents must be in the same language.", "title": "LanguageCode", "type": "string" }, "Mode": { "markdownDescription": "Indicates the mode in which the classifier will be trained. The classifier can be trained in multi-class (single-label) mode or multi-label mode. Multi-class mode identifies a single class label for each document and multi-label mode identifies one or more class labels for each document. Multiple labels for an individual document are separated by a delimiter. The default delimiter between labels is a pipe (|).", "title": "Mode", "type": "string" }, "ModelKmsKeyId": { "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", "title": "ModelKmsKeyId", "type": "string" }, "ModelPolicy": { "markdownDescription": "The resource-based policy to attach to your custom document classifier model. You can use this policy to allow another AWS account to import your custom model.\n\nProvide your policy as a JSON body that you enter as a UTF-8 encoded string without line breaks. To provide valid JSON, enclose the attribute names and values in double quotes. If the JSON body is also enclosed in double quotes, then you must escape the double quotes that are inside the policy:\n\n`\"{\\\"attribute\\\": \\\"value\\\", \\\"attribute\\\": [\\\"value\\\"]}\"`\n\nTo avoid escaping quotes, you can use single quotes to enclose the policy and double quotes to enclose the JSON names and values:\n\n`'{\"attribute\": \"value\", \"attribute\": [\"value\"]}'`", "title": "ModelPolicy", "type": "string" }, "OutputDataConfig": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig", "markdownDescription": "Provides output results configuration parameters for custom classifier jobs.", "title": "OutputDataConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to associate with the document classifier. A tag is a key-value pair that adds as a metadata to a resource used by Amazon Comprehend. For example, a tag with \"Sales\" as the key might be added to a resource to indicate its use by the sales department.", "title": "Tags", "type": "array" }, "VersionName": { "markdownDescription": "The version name given to the newly created classifier. Version names can have a maximum of 256 characters. Alphanumeric characters, hyphens (-) and underscores (_) are allowed. The version name must be unique among all models with the same classifier name in the AWS account / AWS Region .", "title": "VersionName", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt data on the storage volume attached to the ML compute instance(s) that process the analysis job. The VolumeKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", "title": "VolumeKmsKeyId", "type": "string" }, "VpcConfig": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.VpcConfig", "markdownDescription": "Configuration parameters for a private Virtual Private Cloud (VPC) containing the resources you are using for your custom classifier. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", "title": "VpcConfig" } }, "required": [ "DataAccessRoleArn", "DocumentClassifierName", "InputDataConfig", "LanguageCode" ], "type": "object" }, "Type": { "enum": [ "AWS::Comprehend::DocumentClassifier" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem": { "additionalProperties": false, "properties": { "AttributeNames": { "items": { "type": "string" }, "markdownDescription": "The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job.\n\nIf your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth.\n\nIf your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job.", "title": "AttributeNames", "type": "array" }, "S3Uri": { "markdownDescription": "The Amazon S3 location of the augmented manifest file.", "title": "S3Uri", "type": "string" }, "Split": { "markdownDescription": "The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train.\n\nTRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing.\n\nTEST - all of the documents in the manifest will be used for testing.", "title": "Split", "type": "string" } }, "required": [ "AttributeNames", "S3Uri" ], "type": "object" }, "AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The S3 URI location of the training documents specified in the S3Uri CSV file.", "title": "S3Uri", "type": "string" }, "TestS3Uri": { "markdownDescription": "The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file.", "title": "TestS3Uri", "type": "string" } }, "required": [ "S3Uri" ], "type": "object" }, "AWS::Comprehend::DocumentClassifier.DocumentClassifierInputDataConfig": { "additionalProperties": false, "properties": { "AugmentedManifests": { "items": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.AugmentedManifestsListItem" }, "markdownDescription": "A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth.\n\nThis parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` .", "title": "AugmentedManifests", "type": "array" }, "DataFormat": { "markdownDescription": "The format of your training data:\n\n- `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request.\n- `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels.\n\nIf you use this value, you must provide the `AugmentedManifests` parameter in your request.\n\nIf you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default.", "title": "DataFormat", "type": "string" }, "DocumentReaderConfig": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentReaderConfig", "markdownDescription": "", "title": "DocumentReaderConfig" }, "DocumentType": { "markdownDescription": "The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model.", "title": "DocumentType", "type": "string" }, "Documents": { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier.DocumentClassifierDocuments", "markdownDescription": "The S3 location of the training documents. This parameter is required in a request to create a native document model.", "title": "Documents" }, "LabelDelimiter": { "markdownDescription": "Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL.", "title": "LabelDelimiter", "type": "string" }, "S3Uri": { "markdownDescription": "The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files.\n\nFor example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input.\n\nThis parameter is required if you set `DataFormat` to `COMPREHEND_CSV` .", "title": "S3Uri", "type": "string" }, "TestS3Uri": { "markdownDescription": "This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling.", "title": "TestS3Uri", "type": "string" } }, "type": "object" }, "AWS::Comprehend::DocumentClassifier.DocumentClassifierOutputDataConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- KMS Key Alias: `\"alias/ExampleAlias\"`\n- ARN of a KMS Key Alias: `\"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias\"`", "title": "KmsKeyId", "type": "string" }, "S3Uri": { "markdownDescription": "When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file.\n\nWhen the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::Comprehend::DocumentClassifier.DocumentReaderConfig": { "additionalProperties": false, "properties": { "DocumentReadAction": { "markdownDescription": "This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values:\n\n- `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation.\n- `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation.", "title": "DocumentReadAction", "type": "string" }, "DocumentReadMode": { "markdownDescription": "Determines the text extraction actions for PDF files. Enter one of the following values:\n\n- `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files.\n- `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files.", "title": "DocumentReadMode", "type": "string" }, "FeatureTypes": { "items": { "type": "string" }, "markdownDescription": "Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values:\n\n- `TABLES` - Returns additional information about any tables that are detected in the input document.\n- `FORMS` - Returns additional information about any forms that are detected in the input document.", "title": "FeatureTypes", "type": "array" } }, "required": [ "DocumentReadAction" ], "type": "object" }, "AWS::Comprehend::DocumentClassifier.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::Comprehend::Flywheel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActiveModelArn": { "markdownDescription": "The Amazon Resource Number (ARN) of the active model version.", "title": "ActiveModelArn", "type": "string" }, "DataAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants Amazon Comprehend permission to access the flywheel data.", "title": "DataAccessRoleArn", "type": "string" }, "DataLakeS3Uri": { "markdownDescription": "Amazon S3 URI of the data lake location.", "title": "DataLakeS3Uri", "type": "string" }, "DataSecurityConfig": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.DataSecurityConfig", "markdownDescription": "Data security configuration.", "title": "DataSecurityConfig" }, "FlywheelName": { "markdownDescription": "Name for the flywheel.", "title": "FlywheelName", "type": "string" }, "ModelType": { "markdownDescription": "Model type of the flywheel's model.", "title": "ModelType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags associated with the endpoint being created. A tag is a key-value pair that adds metadata to the endpoint. For example, a tag with \"Sales\" as the key might be added to an endpoint to indicate its use by the sales department.", "title": "Tags", "type": "array" }, "TaskConfig": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.TaskConfig", "markdownDescription": "Configuration about the model associated with a flywheel.", "title": "TaskConfig" } }, "required": [ "DataAccessRoleArn", "DataLakeS3Uri", "FlywheelName" ], "type": "object" }, "Type": { "enum": [ "AWS::Comprehend::Flywheel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Comprehend::Flywheel.DataSecurityConfig": { "additionalProperties": false, "properties": { "DataLakeKmsKeyId": { "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the data in the data lake.", "title": "DataLakeKmsKeyId", "type": "string" }, "ModelKmsKeyId": { "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats:\n\n- KMS Key ID: `\"1234abcd-12ab-34cd-56ef-1234567890ab\"`\n- Amazon Resource Name (ARN) of a KMS Key: `\"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab\"`", "title": "ModelKmsKeyId", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "ID for the AWS KMS key that Amazon Comprehend uses to encrypt the volume.", "title": "VolumeKmsKeyId", "type": "string" }, "VpcConfig": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.VpcConfig", "markdownDescription": "Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) .", "title": "VpcConfig" } }, "type": "object" }, "AWS::Comprehend::Flywheel.DocumentClassificationConfig": { "additionalProperties": false, "properties": { "Labels": { "items": { "type": "string" }, "markdownDescription": "One or more labels to associate with the custom classifier.", "title": "Labels", "type": "array" }, "Mode": { "markdownDescription": "Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` .", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::Comprehend::Flywheel.EntityRecognitionConfig": { "additionalProperties": false, "properties": { "EntityTypes": { "items": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityTypesListItem" }, "markdownDescription": "Up to 25 entity types that the model is trained to recognize.", "title": "EntityTypes", "type": "array" } }, "type": "object" }, "AWS::Comprehend::Flywheel.EntityTypesListItem": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer.\n\nEntity types must not contain the following invalid characters: \\n (line break), \\\\n (escaped line break, \\r (carriage return), \\\\r (escaped carriage return), \\t (tab), \\\\t (escaped tab), and , (comma).", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Comprehend::Flywheel.TaskConfig": { "additionalProperties": false, "properties": { "DocumentClassificationConfig": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.DocumentClassificationConfig", "markdownDescription": "Configuration required for a document classification model.", "title": "DocumentClassificationConfig" }, "EntityRecognitionConfig": { "$ref": "#/definitions/AWS::Comprehend::Flywheel.EntityRecognitionConfig", "markdownDescription": "Configuration required for an entity recognition model.", "title": "EntityRecognitionConfig" }, "LanguageCode": { "markdownDescription": "Language code for the language that the model supports.", "title": "LanguageCode", "type": "string" } }, "required": [ "LanguageCode" ], "type": "object" }, "AWS::Comprehend::Flywheel.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you\u2019ll be accessing on the VPC. This ID number is preceded by \"sg-\", for instance: \"sg-03b388029b0a285ea\". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) .", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC\u2019s Region. This ID number is preceded by \"subnet-\", for instance: \"subnet-04ccf456919e69055\". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::Config::AggregationAuthorization": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthorizedAccountId": { "markdownDescription": "The 12-digit account ID of the account authorized to aggregate data.", "title": "AuthorizedAccountId", "type": "string" }, "AuthorizedAwsRegion": { "markdownDescription": "The region authorized to collect aggregated data.", "title": "AuthorizedAwsRegion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of tag object.", "title": "Tags", "type": "array" } }, "required": [ "AuthorizedAccountId", "AuthorizedAwsRegion" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::AggregationAuthorization" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::ConfigRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Compliance": { "$ref": "#/definitions/AWS::Config::ConfigRule.Compliance", "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant and provides the number of contributors that affect the compliance.", "title": "Compliance" }, "ConfigRuleName": { "markdownDescription": "A name for the AWS Config rule. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .", "title": "ConfigRuleName", "type": "string" }, "Description": { "markdownDescription": "The description that you provide for the AWS Config rule.", "title": "Description", "type": "string" }, "EvaluationModes": { "items": { "$ref": "#/definitions/AWS::Config::ConfigRule.EvaluationModeConfiguration" }, "markdownDescription": "The modes the AWS Config rule can be evaluated in. The valid values are distinct objects. By default, the value is Detective evaluation mode only.", "title": "EvaluationModes", "type": "array" }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to the AWS Config rule Lambda function.", "title": "InputParameters", "type": "object" }, "MaximumExecutionFrequency": { "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. You can specify a value for `MaximumExecutionFrequency` when:\n\n- You are using an AWS managed rule that is triggered at a periodic frequency.\n- Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see [ConfigSnapshotDeliveryProperties](https://docs.aws.amazon.com/config/latest/APIReference/API_ConfigSnapshotDeliveryProperties.html) .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", "title": "MaximumExecutionFrequency", "type": "string" }, "Scope": { "$ref": "#/definitions/AWS::Config::ConfigRule.Scope", "markdownDescription": "Defines which resources can trigger an evaluation for the rule. The scope can include one or more resource types, a combination of one resource type and one resource ID, or a combination of a tag key and value. Specify a scope to constrain the resources that can trigger an evaluation for the rule. If you do not specify a scope, evaluations are triggered when any resource in the recording group changes.\n\n> The scope can be empty.", "title": "Scope" }, "Source": { "$ref": "#/definitions/AWS::Config::ConfigRule.Source", "markdownDescription": "Provides the rule owner ( `AWS` for managed rules, `CUSTOM_POLICY` for Custom Policy rules, and `CUSTOM_LAMBDA` for Custom Lambda rules), the rule identifier, and the notifications that cause the function to evaluate your AWS resources.", "title": "Source" } }, "required": [ "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::ConfigRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::ConfigRule.Compliance": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Indicates whether an AWS resource or AWS Config rule is compliant.\n\nA resource is compliant if it complies with all of the AWS Config rules that evaluate it. A resource is noncompliant if it does not comply with one or more of these rules.\n\nA rule is compliant if all of the resources that the rule evaluates comply with it. A rule is noncompliant if any of these resources do not comply.\n\nAWS Config returns the `INSUFFICIENT_DATA` value when no evaluation results are available for the AWS resource or AWS Config rule.\n\nFor the `Compliance` data type, AWS Config supports only `COMPLIANT` , `NON_COMPLIANT` , and `INSUFFICIENT_DATA` values. AWS Config does not support the `NOT_APPLICABLE` value for the `Compliance` data type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Config::ConfigRule.CustomPolicyDetails": { "additionalProperties": false, "properties": { "EnableDebugLogDelivery": { "markdownDescription": "The boolean expression for enabling debug logging for your AWS Config Custom Policy rule. The default value is `false` .", "title": "EnableDebugLogDelivery", "type": "boolean" }, "PolicyRuntime": { "markdownDescription": "The runtime system for your AWS Config Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", "title": "PolicyRuntime", "type": "string" }, "PolicyText": { "markdownDescription": "The policy definition containing the logic for your AWS Config Custom Policy rule.", "title": "PolicyText", "type": "string" } }, "type": "object" }, "AWS::Config::ConfigRule.EvaluationModeConfiguration": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The mode of an evaluation. The valid values are Detective or Proactive.", "title": "Mode", "type": "string" } }, "type": "object" }, "AWS::Config::ConfigRule.Scope": { "additionalProperties": false, "properties": { "ComplianceResourceId": { "markdownDescription": "The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for `ComplianceResourceTypes` .", "title": "ComplianceResourceId", "type": "string" }, "ComplianceResourceTypes": { "items": { "type": "string" }, "markdownDescription": "The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for `ComplianceResourceId` .", "title": "ComplianceResourceTypes", "type": "array" }, "TagKey": { "markdownDescription": "The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule.", "title": "TagKey", "type": "string" }, "TagValue": { "markdownDescription": "The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for `TagValue` , you must also specify a value for `TagKey` .", "title": "TagValue", "type": "string" } }, "type": "object" }, "AWS::Config::ConfigRule.Source": { "additionalProperties": false, "properties": { "CustomPolicyDetails": { "$ref": "#/definitions/AWS::Config::ConfigRule.CustomPolicyDetails", "markdownDescription": "Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to `CUSTOM_POLICY` .", "title": "CustomPolicyDetails" }, "Owner": { "markdownDescription": "Indicates whether AWS or the customer owns and manages the AWS Config rule.\n\nAWS Config Managed Rules are predefined rules owned by AWS . For more information, see [AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *AWS Config developer guide* .\n\nAWS Config Custom Rules are rules that you can develop either with Guard ( `CUSTOM_POLICY` ) or AWS Lambda ( `CUSTOM_LAMBDA` ). For more information, see [AWS Config Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *AWS Config developer guide* .", "title": "Owner", "type": "string" }, "SourceDetails": { "items": { "$ref": "#/definitions/AWS::Config::ConfigRule.SourceDetail" }, "markdownDescription": "Provides the source and the message types that cause AWS Config to evaluate your AWS resources against a rule. It also provides the frequency with which you want AWS Config to run evaluations for the rule if the trigger type is periodic.\n\nIf the owner is set to `CUSTOM_POLICY` , the only acceptable values for the AWS Config rule trigger message type are `ConfigurationItemChangeNotification` and `OversizedConfigurationItemChangeNotification` .", "title": "SourceDetails", "type": "array" }, "SourceIdentifier": { "markdownDescription": "For AWS Config Managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [List of AWS Config Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html) .\n\nFor AWS Config Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's AWS Lambda function, such as `arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name` .\n\nFor AWS Config Custom Policy rules, this field will be ignored.", "title": "SourceIdentifier", "type": "string" } }, "required": [ "Owner" ], "type": "object" }, "AWS::Config::ConfigRule.SourceDetail": { "additionalProperties": false, "properties": { "EventSource": { "markdownDescription": "The source of the event, such as an AWS service, that triggers AWS Config to evaluate your AWS resources.", "title": "EventSource", "type": "string" }, "MaximumExecutionFrequency": { "markdownDescription": "The frequency at which you want AWS Config to run evaluations for a custom rule with a periodic trigger. If you specify a value for `MaximumExecutionFrequency` , then `MessageType` must use the `ScheduledNotification` value.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.\n> \n> Based on the valid value you choose, AWS Config runs evaluations once for each valid value. For example, if you choose `Three_Hours` , AWS Config runs evaluations once every three hours. In this case, `Three_Hours` is the frequency of this rule.", "title": "MaximumExecutionFrequency", "type": "string" }, "MessageType": { "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .\n- `ConfigurationSnapshotDeliveryCompleted` - Triggers a periodic evaluation when AWS Config delivers a configuration snapshot.\n\nIf you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for `ConfigurationItemChangeNotification` and one for `OversizedConfigurationItemChangeNotification` .", "title": "MessageType", "type": "string" } }, "required": [ "EventSource", "MessageType" ], "type": "object" }, "AWS::Config::ConfigurationAggregator": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountAggregationSources": { "items": { "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.AccountAggregationSource" }, "markdownDescription": "Provides a list of source accounts and regions to be aggregated.", "title": "AccountAggregationSources", "type": "array" }, "ConfigurationAggregatorName": { "markdownDescription": "The name of the aggregator.", "title": "ConfigurationAggregatorName", "type": "string" }, "OrganizationAggregationSource": { "$ref": "#/definitions/AWS::Config::ConfigurationAggregator.OrganizationAggregationSource", "markdownDescription": "Provides an organization and list of regions to be aggregated.", "title": "OrganizationAggregationSource" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of tag object.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Config::ConfigurationAggregator" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Config::ConfigurationAggregator.AccountAggregationSource": { "additionalProperties": false, "properties": { "AccountIds": { "items": { "type": "string" }, "markdownDescription": "The 12-digit account ID of the account being aggregated.", "title": "AccountIds", "type": "array" }, "AllAwsRegions": { "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", "title": "AllAwsRegions", "type": "boolean" }, "AwsRegions": { "items": { "type": "string" }, "markdownDescription": "The source regions being aggregated.", "title": "AwsRegions", "type": "array" } }, "required": [ "AccountIds" ], "type": "object" }, "AWS::Config::ConfigurationAggregator.OrganizationAggregationSource": { "additionalProperties": false, "properties": { "AllAwsRegions": { "markdownDescription": "If true, aggregate existing AWS Config regions and future regions.", "title": "AllAwsRegions", "type": "boolean" }, "AwsRegions": { "items": { "type": "string" }, "markdownDescription": "The source regions being aggregated.", "title": "AwsRegions", "type": "array" }, "RoleArn": { "markdownDescription": "ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account.", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::Config::ConfigurationRecorder": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the configuration recorder. AWS Config automatically assigns the name of \"default\" when creating the configuration recorder.\n\nYou cannot change the name of the configuration recorder after it has been created. To change the configuration recorder name, you must delete it and create a new configuration recorder with a new name.", "title": "Name", "type": "string" }, "RecordingGroup": { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingGroup", "markdownDescription": "Specifies which resource types AWS Config records for configuration changes.\n\n> *High Number of AWS Config Evaluations*\n> \n> You may notice increased activity in your account during your initial month recording with AWS Config when compared to subsequent months. During the initial bootstrapping process, AWS Config runs evaluations on all the resources in your account that you have selected for AWS Config to record.\n> \n> If you are running ephemeral workloads, you may see increased activity from AWS Config as it records configuration changes associated with creating and deleting these temporary resources. An *ephemeral workload* is a temporary use of computing resources that are loaded and run when needed. Examples include Amazon Elastic Compute Cloud ( Amazon EC2 ) Spot Instances, Amazon EMR jobs, and AWS Auto Scaling . If you want to avoid the increased activity from running ephemeral workloads, you can run these types of workloads in a separate account with AWS Config turned off to avoid increased configuration recording and rule evaluations.", "title": "RecordingGroup" }, "RecordingMode": { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingMode", "markdownDescription": "Specifies the default recording frequency that AWS Config uses to record configuration changes. AWS Config supports *Continuous recording* and *Daily recording* .\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous. \n\nYou can also override the recording frequency for specific resource types.", "title": "RecordingMode" }, "RoleARN": { "markdownDescription": "Amazon Resource Name (ARN) of the IAM role assumed by AWS Config and used by the configuration recorder. For more information, see [Permissions for the IAM Role Assigned](https://docs.aws.amazon.com/config/latest/developerguide/iamrole-permissions.html) to AWS Config in the AWS Config Developer Guide.\n\n> *Pre-existing AWS Config role*\n> \n> If you have used an AWS service that uses AWS Config , such as AWS Security Hub or AWS Control Tower , and an AWS Config role has already been created, make sure that the IAM role that you use when setting up AWS Config keeps the same minimum permissions as the already created AWS Config role. You must do this so that the other AWS service continues to run as expected.\n> \n> For example, if AWS Control Tower has an IAM role that allows AWS Config to read Amazon Simple Storage Service ( Amazon S3 ) objects, make sure that the same permissions are granted within the IAM role you use when setting up AWS Config . Otherwise, it may interfere with how AWS Control Tower operates. For more information about IAM roles for AWS Config , see [*Identity and Access Management for AWS Config*](https://docs.aws.amazon.com/config/latest/developerguide/security-iam.html) in the *AWS Config Developer Guide* .", "title": "RoleARN", "type": "string" } }, "required": [ "RoleARN" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::ConfigurationRecorder" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes": { "additionalProperties": false, "properties": { "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "A comma-separated list of resource types to exclude from recording by the configuration recorder.", "title": "ResourceTypes", "type": "array" } }, "required": [ "ResourceTypes" ], "type": "object" }, "AWS::Config::ConfigurationRecorder.RecordingGroup": { "additionalProperties": false, "properties": { "AllSupported": { "markdownDescription": "Specifies whether AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types.\n\nIf you set this field to `true` , when AWS Config adds support for a new resource type, AWS Config starts recording resources of that type automatically.\n\nIf you set this field to `true` , you cannot enumerate specific resource types to record in the `resourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , or to exclude in the `resourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Region availability*\n> \n> Check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if a resource type is supported in the AWS Region where you set up AWS Config .", "title": "AllSupported", "type": "boolean" }, "ExclusionByResourceTypes": { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.ExclusionByResourceTypes", "markdownDescription": "An object that specifies how AWS Config excludes resource types from being recorded by the configuration recorder.\n\nTo use this option, you must set the `useOnly` field of [AWS::Config::ConfigurationRecorder RecordingStrategy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-config-configurationrecorder-recordingstrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` .", "title": "ExclusionByResourceTypes" }, "IncludeGlobalResourceTypes": { "markdownDescription": "This option is a bundle which only applies to the global IAM resource types: IAM users, groups, roles, and customer managed policies. These global IAM resource types can only be recorded by AWS Config in Regions where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n\n- Asia Pacific (Hyderabad)\n- Asia Pacific (Melbourne)\n- Canada West (Calgary)\n- Europe (Spain)\n- Europe (Zurich)\n- Israel (Tel Aviv)\n- Middle East (UAE)\n\n> *Aurora global clusters are recorded in all enabled Regions*\n> \n> The `AWS::RDS::GlobalCluster` resource type will be recorded in all supported AWS Config Regions where the configuration recorder is enabled, even if `IncludeGlobalResourceTypes` is set to `false` . The `IncludeGlobalResourceTypes` option is a bundle which only applies to IAM users, groups, roles, and customer managed policies.\n> \n> If you do not want to record `AWS::RDS::GlobalCluster` in all enabled Regions, use one of the following recording strategies:\n> \n> - *Record all current and future resource types with exclusions* ( `EXCLUSION_BY_RESOURCE_TYPES` ), or\n> - *Record specific resource types* ( `INCLUSION_BY_RESOURCE_TYPES` ).\n> \n> For more information, see [Selecting Which Resources are Recorded](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html#select-resources-all) in the *AWS Config developer guide* . > *IncludeGlobalResourceTypes and the exclusion recording strategy*\n> \n> The `IncludeGlobalResourceTypes` field has no impact on the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy. This means that the global IAM resource types ( IAM users, groups, roles, and customer managed policies) will not be automatically added as exclusions for `ExclusionByResourceTypes` when `IncludeGlobalResourceTypes` is set to `false` .\n> \n> The `IncludeGlobalResourceTypes` field should only be used to modify the `AllSupported` field, as the default for the `AllSupported` field is to record configuration changes for all supported resource types excluding the global IAM resource types. To include the global IAM resource types when `AllSupported` is set to `true` , make sure to set `IncludeGlobalResourceTypes` to `true` .\n> \n> To exclude the global IAM resource types for the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, you need to manually add them to the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Required and optional fields*\n> \n> Before you set this field to `true` , set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` . > *Overriding fields*\n> \n> If you set this field to `false` but list global IAM resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) , AWS Config will still record configuration changes for those specified resource types *regardless* of if you set the `IncludeGlobalResourceTypes` field to false.\n> \n> If you do not want to record configuration changes to the global IAM resource types (IAM users, groups, roles, and customer managed policies), make sure to not list them in the `ResourceTypes` field in addition to setting the `IncludeGlobalResourceTypes` field to false.", "title": "IncludeGlobalResourceTypes", "type": "boolean" }, "RecordingStrategy": { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingStrategy", "markdownDescription": "An object that specifies the recording strategy for the configuration recorder.\n\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type.\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resources types and the resource exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", "title": "RecordingStrategy" }, "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "A comma-separated list that specifies which resource types AWS Config records.\n\nFor a list of valid `ResourceTypes` values, see the *Resource Type Value* column in [Supported AWS resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n\n> *Required and optional fields*\n> \n> Optionally, you can set the `useOnly` field of [RecordingStrategy](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingStrategy.html) to `INCLUSION_BY_RESOURCE_TYPES` .\n> \n> To record all configuration changes, set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` , and either omit this field or don't specify any resource types in this field. If you set the `AllSupported` field to `false` and specify values for `ResourceTypes` , when AWS Config adds support for a new type of resource, it will not record resources of that type unless you manually add that type to your recording group. > *Region availability*\n> \n> Before specifying a resource type for AWS Config to track, check [Resource Coverage by Region Availability](https://docs.aws.amazon.com/config/latest/developerguide/what-is-resource-config-coverage.html) to see if the resource type is supported in the AWS Region where you set up AWS Config . If a resource type is supported by AWS Config in at least one Region, you can enable the recording of that resource type in all Regions supported by AWS Config , even if the specified resource type is not supported in the AWS Region where you set up AWS Config .", "title": "ResourceTypes", "type": "array" } }, "type": "object" }, "AWS::Config::ConfigurationRecorder.RecordingMode": { "additionalProperties": false, "properties": { "RecordingFrequency": { "markdownDescription": "The default recording frequency that AWS Config uses to record configuration changes.\n\n> Daily recording is not supported for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`\n> \n> For the *allSupported* ( `ALL_SUPPORTED_RESOURCE_TYPES` ) recording strategy, these resource types will be set to Continuous recording.", "title": "RecordingFrequency", "type": "string" }, "RecordingModeOverrides": { "items": { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder.RecordingModeOverride" }, "markdownDescription": "An array of `recordingModeOverride` objects for you to specify your overrides for the recording mode. The `recordingModeOverride` object in the `recordingModeOverrides` array consists of three fields: a `description` , the new `recordingFrequency` , and an array of `resourceTypes` to override.", "title": "RecordingModeOverrides", "type": "array" } }, "required": [ "RecordingFrequency" ], "type": "object" }, "AWS::Config::ConfigurationRecorder.RecordingModeOverride": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description that you provide for the override.", "title": "Description", "type": "string" }, "RecordingFrequency": { "markdownDescription": "The recording frequency that will be applied to all the resource types specified in the override.\n\n- Continuous recording allows you to record configuration changes continuously whenever a change occurs.\n- Daily recording allows you to receive a configuration item (CI) representing the most recent state of your resources over the last 24-hour period, only if it\u2019s different from the previous CI recorded.\n\n> AWS Firewall Manager depends on continuous recording to monitor your resources. If you are using Firewall Manager, it is recommended that you set the recording frequency to Continuous.", "title": "RecordingFrequency", "type": "string" }, "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "A comma-separated list that specifies which resource types AWS Config includes in the override.\n\n> Daily recording is not supported for the following resource types:\n> \n> - `AWS::Config::ResourceCompliance`\n> - `AWS::Config::ConformancePackCompliance`\n> - `AWS::Config::ConfigurationRecorder`", "title": "ResourceTypes", "type": "array" } }, "required": [ "RecordingFrequency", "ResourceTypes" ], "type": "object" }, "AWS::Config::ConfigurationRecorder.RecordingStrategy": { "additionalProperties": false, "properties": { "UseOnly": { "markdownDescription": "The recording strategy for the configuration recorder.\n\n- If you set this option to `ALL_SUPPORTED_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, excluding the global IAM resource types. You also must set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` . When AWS Config adds support for a new resource type, AWS Config automatically starts recording resources of that type. For a list of supported resource types, see [Supported Resource Types](https://docs.aws.amazon.com/config/latest/developerguide/resource-config-reference.html#supported-resources) in the *AWS Config developer guide* .\n- If you set this option to `INCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for only the resource types that you specify in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n- If you set this option to `EXCLUSION_BY_RESOURCE_TYPES` , AWS Config records configuration changes for all supported resource types, except the resource types that you specify to exclude from being recorded in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) .\n\n> *Required and optional fields*\n> \n> The `recordingStrategy` field is optional when you set the `AllSupported` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) to `true` .\n> \n> The `recordingStrategy` field is optional when you list resource types in the `ResourceTypes` field of [RecordingGroup](https://docs.aws.amazon.com/config/latest/APIReference/API_RecordingGroup.html) .\n> \n> The `recordingStrategy` field is required if you list resource types to exclude from recording in the `ResourceTypes` field of [ExclusionByResourceTypes](https://docs.aws.amazon.com/config/latest/APIReference/API_ExclusionByResourceTypes.html) . > *Overriding fields*\n> \n> If you choose `EXCLUSION_BY_RESOURCE_TYPES` for the recording strategy, the `ExclusionByResourceTypes` field will override other properties in the request.\n> \n> For example, even if you set `IncludeGlobalResourceTypes` to false, global IAM resource types will still be automatically recorded in this option unless those resource types are specifically listed as exclusions in the `ResourceTypes` field of `ExclusionByResourceTypes` . > *Global resource types and the exclusion recording strategy*\n> \n> By default, if you choose the `EXCLUSION_BY_RESOURCE_TYPES` recording strategy, when AWS Config adds support for a new resource type in the Region where you set up the configuration recorder, including global resource types, AWS Config starts recording resources of that type automatically.\n> \n> Unless specifically listed as exclusions, `AWS::RDS::GlobalCluster` will be recorded automatically in all supported AWS Config Regions were the configuration recorder is enabled.\n> \n> IAM users, groups, roles, and customer managed policies will be recorded in the Region where you set up the configuration recorder if that is a Region where AWS Config was available before February 2022. You cannot be record the global IAM resouce types in Regions supported by AWS Config after February 2022. This list where you cannot record the global IAM resource types includes the following Regions:\n> \n> - Asia Pacific (Hyderabad)\n> - Asia Pacific (Melbourne)\n> - Canada West (Calgary)\n> - Europe (Spain)\n> - Europe (Zurich)\n> - Israel (Tel Aviv)\n> - Middle East (UAE)", "title": "UseOnly", "type": "string" } }, "required": [ "UseOnly" ], "type": "object" }, "AWS::Config::ConformancePack": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConformancePackInputParameters": { "items": { "$ref": "#/definitions/AWS::Config::ConformancePack.ConformancePackInputParameter" }, "markdownDescription": "A list of ConformancePackInputParameter objects.", "title": "ConformancePackInputParameters", "type": "array" }, "ConformancePackName": { "markdownDescription": "Name of the conformance pack you want to create.", "title": "ConformancePackName", "type": "string" }, "DeliveryS3Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.", "title": "DeliveryS3Bucket", "type": "string" }, "DeliveryS3KeyPrefix": { "markdownDescription": "The prefix for the Amazon S3 bucket.", "title": "DeliveryS3KeyPrefix", "type": "string" }, "TemplateBody": { "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.\n\n> You can only use a YAML template with two resource types: config rule ( `AWS::Config::ConfigRule` ) and a remediation action ( `AWS::Config::RemediationConfiguration` ).", "title": "TemplateBody", "type": "string" }, "TemplateS3Uri": { "markdownDescription": "Location of file containing the template body (s3://bucketname/prefix). The uri must point to the conformance pack template (max size: 300 KB) that is located in an Amazon S3 bucket.\n\n> You must have access to read Amazon S3 bucket.", "title": "TemplateS3Uri", "type": "string" }, "TemplateSSMDocumentDetails": { "$ref": "#/definitions/AWS::Config::ConformancePack.TemplateSSMDocumentDetails", "markdownDescription": "An object that contains the name or Amazon Resource Name (ARN) of the AWS Systems Manager document (SSM document) and the version of the SSM document that is used to create a conformance pack.", "title": "TemplateSSMDocumentDetails" } }, "required": [ "ConformancePackName" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::ConformancePack" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::ConformancePack.ConformancePackInputParameter": { "additionalProperties": false, "properties": { "ParameterName": { "markdownDescription": "One part of a key-value pair.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "Another part of the key-value pair.", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterName", "ParameterValue" ], "type": "object" }, "AWS::Config::ConformancePack.TemplateSSMDocumentDetails": { "additionalProperties": false, "properties": { "DocumentName": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document.", "title": "DocumentName", "type": "string" }, "DocumentVersion": { "markdownDescription": "The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version.\n\n> This field is optional.", "title": "DocumentVersion", "type": "string" } }, "type": "object" }, "AWS::Config::DeliveryChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigSnapshotDeliveryProperties": { "$ref": "#/definitions/AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties", "markdownDescription": "The options for how often AWS Config delivers configuration snapshots to the Amazon S3 bucket.", "title": "ConfigSnapshotDeliveryProperties" }, "Name": { "markdownDescription": "A name for the delivery channel. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the delivery channel name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nUpdates are not supported. To change the name, you must run two separate updates. In the first update, delete this resource, and then recreate it with a new name in the second update.", "title": "Name", "type": "string" }, "S3BucketName": { "markdownDescription": "The name of the Amazon S3 bucket to which AWS Config delivers configuration snapshots and configuration history files.\n\nIf you specify a bucket that belongs to another AWS account , that bucket must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon S3 Bucket](https://docs.aws.amazon.com/config/latest/developerguide/s3-bucket-policy.html) in the *AWS Config Developer Guide* .", "title": "S3BucketName", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "The prefix for the specified Amazon S3 bucket.", "title": "S3KeyPrefix", "type": "string" }, "S3KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service ( AWS KMS ) AWS KMS key (KMS key) used to encrypt objects delivered by AWS Config . Must belong to the same Region as the destination S3 bucket.", "title": "S3KmsKeyArn", "type": "string" }, "SnsTopicARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which AWS Config sends notifications about configuration changes.\n\nIf you choose a topic from another account, the topic must have policies that grant access permissions to AWS Config . For more information, see [Permissions for the Amazon SNS Topic](https://docs.aws.amazon.com/config/latest/developerguide/sns-topic-policy.html) in the *AWS Config Developer Guide* .", "title": "SnsTopicARN", "type": "string" } }, "required": [ "S3BucketName" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::DeliveryChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::DeliveryChannel.ConfigSnapshotDeliveryProperties": { "additionalProperties": false, "properties": { "DeliveryFrequency": { "markdownDescription": "The frequency with which AWS Config delivers configuration snapshots.", "title": "DeliveryFrequency", "type": "string" } }, "type": "object" }, "AWS::Config::OrganizationConfigRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExcludedAccounts": { "items": { "type": "string" }, "markdownDescription": "A comma-separated list of accounts excluded from organization AWS Config rule.", "title": "ExcludedAccounts", "type": "array" }, "OrganizationConfigRuleName": { "markdownDescription": "The name that you assign to organization AWS Config rule.", "title": "OrganizationConfigRuleName", "type": "string" }, "OrganizationCustomPolicyRuleMetadata": { "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata", "markdownDescription": "An object that specifies metadata for your organization's AWS Config Custom Policy rule. The metadata includes the runtime system in use, which accounts have debug logging enabled, and other custom rule metadata, such as resource type, resource ID of AWS resource, and organization trigger types that initiate AWS Config to evaluate AWS resources against a rule.", "title": "OrganizationCustomPolicyRuleMetadata" }, "OrganizationCustomRuleMetadata": { "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata", "markdownDescription": "An `OrganizationCustomRuleMetadata` object.", "title": "OrganizationCustomRuleMetadata" }, "OrganizationManagedRuleMetadata": { "$ref": "#/definitions/AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata", "markdownDescription": "An `OrganizationManagedRuleMetadata` object.", "title": "OrganizationManagedRuleMetadata" } }, "required": [ "OrganizationConfigRuleName" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::OrganizationConfigRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::OrganizationConfigRule.OrganizationCustomPolicyRuleMetadata": { "additionalProperties": false, "properties": { "DebugLogDeliveryAccounts": { "items": { "type": "string" }, "markdownDescription": "A list of accounts that you can enable debug logging for your organization AWS Config Custom Policy rule. List is null when debug logging is enabled for all accounts.", "title": "DebugLogDeliveryAccounts", "type": "array" }, "Description": { "markdownDescription": "The description that you provide for your organization AWS Config Custom Policy rule.", "title": "Description", "type": "string" }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config Custom Policy rule.", "title": "InputParameters", "type": "string" }, "MaximumExecutionFrequency": { "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your AWS Config Custom Policy rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .", "title": "MaximumExecutionFrequency", "type": "string" }, "OrganizationConfigRuleTriggerTypes": { "items": { "type": "string" }, "markdownDescription": "The type of notification that initiates AWS Config to run an evaluation for a rule. For AWS Config Custom Policy rules, AWS Config supports change-initiated notification types:\n\n- `ConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Initiates an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.", "title": "OrganizationConfigRuleTriggerTypes", "type": "array" }, "PolicyText": { "markdownDescription": "The policy definition containing the logic for your organization AWS Config Custom Policy rule.", "title": "PolicyText", "type": "string" }, "ResourceIdScope": { "markdownDescription": "The ID of the AWS resource that was evaluated.", "title": "ResourceIdScope", "type": "string" }, "ResourceTypesScope": { "items": { "type": "string" }, "markdownDescription": "The type of the AWS resource that was evaluated.", "title": "ResourceTypesScope", "type": "array" }, "Runtime": { "markdownDescription": "The runtime system for your organization AWS Config Custom Policy rules. Guard is a policy-as-code language that allows you to write policies that are enforced by AWS Config Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard) .", "title": "Runtime", "type": "string" }, "TagKeyScope": { "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", "title": "TagKeyScope", "type": "string" }, "TagValueScope": { "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", "title": "TagValueScope", "type": "string" } }, "required": [ "PolicyText", "Runtime" ], "type": "object" }, "AWS::Config::OrganizationConfigRule.OrganizationCustomRuleMetadata": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description that you provide for your organization AWS Config rule.", "title": "Description", "type": "string" }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", "title": "InputParameters", "type": "string" }, "LambdaFunctionArn": { "markdownDescription": "The lambda function ARN.", "title": "LambdaFunctionArn", "type": "string" }, "MaximumExecutionFrequency": { "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. Your custom rule is triggered when AWS Config delivers the configuration snapshot. For more information, see `ConfigSnapshotDeliveryProperties` .\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", "title": "MaximumExecutionFrequency", "type": "string" }, "OrganizationConfigRuleTriggerTypes": { "items": { "type": "string" }, "markdownDescription": "The type of notification that triggers AWS Config to run an evaluation for a rule. You can specify the following notification types:\n\n- `ConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers a configuration item as a result of a resource change.\n- `OversizedConfigurationItemChangeNotification` - Triggers an evaluation when AWS Config delivers an oversized configuration item. AWS Config may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS.\n- `ScheduledNotification` - Triggers a periodic evaluation at the frequency specified for `MaximumExecutionFrequency` .", "title": "OrganizationConfigRuleTriggerTypes", "type": "array" }, "ResourceIdScope": { "markdownDescription": "The ID of the AWS resource that was evaluated.", "title": "ResourceIdScope", "type": "string" }, "ResourceTypesScope": { "items": { "type": "string" }, "markdownDescription": "The type of the AWS resource that was evaluated.", "title": "ResourceTypesScope", "type": "array" }, "TagKeyScope": { "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", "title": "TagKeyScope", "type": "string" }, "TagValueScope": { "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", "title": "TagValueScope", "type": "string" } }, "required": [ "LambdaFunctionArn", "OrganizationConfigRuleTriggerTypes" ], "type": "object" }, "AWS::Config::OrganizationConfigRule.OrganizationManagedRuleMetadata": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description that you provide for your organization AWS Config rule.", "title": "Description", "type": "string" }, "InputParameters": { "markdownDescription": "A string, in JSON format, that is passed to your organization AWS Config rule Lambda function.", "title": "InputParameters", "type": "string" }, "MaximumExecutionFrequency": { "markdownDescription": "The maximum frequency with which AWS Config runs evaluations for a rule. This is for an AWS Config managed rule that is triggered at a periodic frequency.\n\n> By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the `MaximumExecutionFrequency` parameter.", "title": "MaximumExecutionFrequency", "type": "string" }, "ResourceIdScope": { "markdownDescription": "The ID of the AWS resource that was evaluated.", "title": "ResourceIdScope", "type": "string" }, "ResourceTypesScope": { "items": { "type": "string" }, "markdownDescription": "The type of the AWS resource that was evaluated.", "title": "ResourceTypesScope", "type": "array" }, "RuleIdentifier": { "markdownDescription": "For organization config managed rules, a predefined identifier from a list. For example, `IAM_PASSWORD_POLICY` is a managed rule. To reference a managed rule, see [Using AWS Config managed rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) .", "title": "RuleIdentifier", "type": "string" }, "TagKeyScope": { "markdownDescription": "One part of a key-value pair that make up a tag. A key is a general label that acts like a category for more specific tag values.", "title": "TagKeyScope", "type": "string" }, "TagValueScope": { "markdownDescription": "The optional part of a key-value pair that make up a tag. A value acts as a descriptor within a tag category (key).", "title": "TagValueScope", "type": "string" } }, "required": [ "RuleIdentifier" ], "type": "object" }, "AWS::Config::OrganizationConformancePack": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConformancePackInputParameters": { "items": { "$ref": "#/definitions/AWS::Config::OrganizationConformancePack.ConformancePackInputParameter" }, "markdownDescription": "A list of `ConformancePackInputParameter` objects.", "title": "ConformancePackInputParameters", "type": "array" }, "DeliveryS3Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where AWS Config stores conformance pack templates.\n\n> This field is optional.", "title": "DeliveryS3Bucket", "type": "string" }, "DeliveryS3KeyPrefix": { "markdownDescription": "Any folder structure you want to add to an Amazon S3 bucket.\n\n> This field is optional.", "title": "DeliveryS3KeyPrefix", "type": "string" }, "ExcludedAccounts": { "items": { "type": "string" }, "markdownDescription": "A comma-separated list of accounts excluded from organization conformance pack.", "title": "ExcludedAccounts", "type": "array" }, "OrganizationConformancePackName": { "markdownDescription": "The name you assign to an organization conformance pack.", "title": "OrganizationConformancePackName", "type": "string" }, "TemplateBody": { "markdownDescription": "A string containing full conformance pack template body. Structure containing the template body with a minimum length of 1 byte and a maximum length of 51,200 bytes.", "title": "TemplateBody", "type": "string" }, "TemplateS3Uri": { "markdownDescription": "Location of file containing the template body. The uri must point to the conformance pack template (max size: 300 KB).", "title": "TemplateS3Uri", "type": "string" } }, "required": [ "OrganizationConformancePackName" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::OrganizationConformancePack" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::OrganizationConformancePack.ConformancePackInputParameter": { "additionalProperties": false, "properties": { "ParameterName": { "markdownDescription": "One part of a key-value pair.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "One part of a key-value pair.", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterName", "ParameterValue" ], "type": "object" }, "AWS::Config::RemediationConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Automatic": { "markdownDescription": "The remediation is triggered automatically.", "title": "Automatic", "type": "boolean" }, "ConfigRuleName": { "markdownDescription": "The name of the AWS Config rule.", "title": "ConfigRuleName", "type": "string" }, "ExecutionControls": { "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ExecutionControls", "markdownDescription": "An ExecutionControls object.", "title": "ExecutionControls" }, "MaximumAutomaticAttempts": { "markdownDescription": "The maximum number of failed attempts for auto-remediation. If you do not select a number, the default is 5.\n\nFor example, if you specify MaximumAutomaticAttempts as 5 with RetryAttemptSeconds as 50 seconds, AWS Config will put a RemediationException on your behalf for the failing resource after the 5th failed attempt within 50 seconds.", "title": "MaximumAutomaticAttempts", "type": "number" }, "Parameters": { "markdownDescription": "An object of the RemediationParameterValue. For more information, see [RemediationParameterValue](https://docs.aws.amazon.com/config/latest/APIReference/API_RemediationParameterValue.html) .\n\n> The type is a map of strings to RemediationParameterValue.", "title": "Parameters", "type": "object" }, "ResourceType": { "markdownDescription": "The type of a resource.", "title": "ResourceType", "type": "string" }, "RetryAttemptSeconds": { "markdownDescription": "Time window to determine whether or not to add a remediation exception to prevent infinite remediation attempts. If `MaximumAutomaticAttempts` remediation attempts have been made under `RetryAttemptSeconds` , a remediation exception will be added to the resource. If you do not select a number, the default is 60 seconds.\n\nFor example, if you specify `RetryAttemptSeconds` as 50 seconds and `MaximumAutomaticAttempts` as 5, AWS Config will run auto-remediations 5 times within 50 seconds before adding a remediation exception to the resource.", "title": "RetryAttemptSeconds", "type": "number" }, "TargetId": { "markdownDescription": "Target ID is the name of the SSM document.", "title": "TargetId", "type": "string" }, "TargetType": { "markdownDescription": "The type of the target. Target executes remediation. For example, SSM document.", "title": "TargetType", "type": "string" }, "TargetVersion": { "markdownDescription": "Version of the target. For example, version of the SSM document.\n\n> If you make backward incompatible changes to the SSM document, you must call PutRemediationConfiguration API again to ensure the remediations can run.", "title": "TargetVersion", "type": "string" } }, "required": [ "ConfigRuleName", "TargetId", "TargetType" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::RemediationConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Config::RemediationConfiguration.ExecutionControls": { "additionalProperties": false, "properties": { "SsmControls": { "$ref": "#/definitions/AWS::Config::RemediationConfiguration.SsmControls", "markdownDescription": "A SsmControls object.", "title": "SsmControls" } }, "type": "object" }, "AWS::Config::RemediationConfiguration.RemediationParameterValue": { "additionalProperties": false, "properties": { "ResourceValue": { "$ref": "#/definitions/AWS::Config::RemediationConfiguration.ResourceValue", "markdownDescription": "The value is dynamic and changes at run-time.", "title": "ResourceValue" }, "StaticValue": { "$ref": "#/definitions/AWS::Config::RemediationConfiguration.StaticValue", "markdownDescription": "The value is static and does not change at run-time.", "title": "StaticValue" } }, "type": "object" }, "AWS::Config::RemediationConfiguration.ResourceValue": { "additionalProperties": false, "properties": { "Value": { "type": "string" } }, "type": "object" }, "AWS::Config::RemediationConfiguration.SsmControls": { "additionalProperties": false, "properties": { "ConcurrentExecutionRatePercentage": { "markdownDescription": "The maximum percentage of remediation actions allowed to run in parallel on the non-compliant resources for that specific rule. You can specify a percentage, such as 10%. The default value is 10.", "title": "ConcurrentExecutionRatePercentage", "type": "number" }, "ErrorPercentage": { "markdownDescription": "The percentage of errors that are allowed before SSM stops running automations on non-compliant resources for that specific rule. You can specify a percentage of errors, for example 10%. If you do not specifiy a percentage, the default is 50%. For example, if you set the ErrorPercentage to 40% for 10 non-compliant resources, then SSM stops running the automations when the fifth error is received.", "title": "ErrorPercentage", "type": "number" } }, "type": "object" }, "AWS::Config::RemediationConfiguration.StaticValue": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "AWS::Config::StoredQuery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "QueryDescription": { "markdownDescription": "A unique description for the query.", "title": "QueryDescription", "type": "string" }, "QueryExpression": { "markdownDescription": "The expression of the query. For example, `SELECT resourceId, resourceType, supplementaryConfiguration.BucketVersioningConfiguration.status WHERE resourceType = 'AWS::S3::Bucket' AND supplementaryConfiguration.BucketVersioningConfiguration.status = 'Off'.`", "title": "QueryExpression", "type": "string" }, "QueryName": { "markdownDescription": "The name of the query.", "title": "QueryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ "QueryExpression", "QueryName" ], "type": "object" }, "Type": { "enum": [ "AWS::Config::StoredQuery" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::ApprovedOrigin": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceId": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", "title": "InstanceId", "type": "string" }, "Origin": { "markdownDescription": "Domain name to be added to the allow-list of the instance.\n\n*Maximum* : `267`", "title": "Origin", "type": "string" } }, "required": [ "InstanceId", "Origin" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::ApprovedOrigin" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::ContactFlow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content of the flow.\n\nFor more information, see [Amazon Connect Flow language](https://docs.aws.amazon.com/connect/latest/adminguide/flow-language.html) in the *Amazon Connect Administrator Guide* .", "title": "Content", "type": "string" }, "Description": { "markdownDescription": "The description of the flow.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the flow.", "title": "Name", "type": "string" }, "State": { "markdownDescription": "The state of the flow.", "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the flow. For descriptions of the available types, see [Choose a flow type](https://docs.aws.amazon.com/connect/latest/adminguide/create-contact-flow.html#contact-flow-types) in the *Amazon Connect Administrator Guide* .", "title": "Type", "type": "string" } }, "required": [ "Content", "InstanceArn", "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::ContactFlow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::ContactFlowModule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content of the flow module.", "title": "Content", "type": "string" }, "Description": { "markdownDescription": "The description of the flow module.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the flow module.", "title": "Name", "type": "string" }, "State": { "markdownDescription": "The state of the flow module.", "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Content", "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::ContactFlowModule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::EvaluationForm": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the evaluation form.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The identifier of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Items": { "items": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormBaseItem" }, "markdownDescription": "Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section.\n\n*Minimum size* : 1\n\n*Maximum size* : 100", "title": "Items", "type": "array" }, "ScoringStrategy": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.ScoringStrategy", "markdownDescription": "A scoring strategy of the evaluation form.", "title": "ScoringStrategy" }, "Status": { "markdownDescription": "The status of the evaluation form.\n\n*Allowed values* : `DRAFT` | `ACTIVE`", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, "Title": { "markdownDescription": "A title of the evaluation form.", "title": "Title", "type": "string" } }, "required": [ "InstanceArn", "Items", "Status", "Title" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::EvaluationForm" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormBaseItem": { "additionalProperties": false, "properties": { "Section": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", "markdownDescription": "A subsection or inner section of an item.", "title": "Section" } }, "required": [ "Section" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormItem": { "additionalProperties": false, "properties": { "Question": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestion", "markdownDescription": "The information of the question.", "title": "Question" }, "Section": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSection", "markdownDescription": "The information of the section.", "title": "Section" } }, "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation": { "additionalProperties": false, "properties": { "PropertyValue": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation", "markdownDescription": "The property value of the automation.", "title": "PropertyValue" } }, "required": [ "PropertyValue" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption": { "additionalProperties": false, "properties": { "AutomaticFail": { "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", "title": "AutomaticFail", "type": "boolean" }, "MaxValue": { "markdownDescription": "The maximum answer value of the range option.", "title": "MaxValue", "type": "number" }, "MinValue": { "markdownDescription": "The minimum answer value of the range option.", "title": "MinValue", "type": "number" }, "Score": { "markdownDescription": "The score assigned to answer values within the range option.\n\n*Minimum* : 0\n\n*Maximum* : 10", "title": "Score", "type": "number" } }, "required": [ "MaxValue", "MinValue" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties": { "additionalProperties": false, "properties": { "Automation": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionAutomation", "markdownDescription": "The automation properties of the numeric question.", "title": "Automation" }, "MaxValue": { "markdownDescription": "The maximum answer value.", "title": "MaxValue", "type": "number" }, "MinValue": { "markdownDescription": "The minimum answer value.", "title": "MinValue", "type": "number" }, "Options": { "items": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionOption" }, "markdownDescription": "The scoring options of the numeric question.", "title": "Options", "type": "array" } }, "required": [ "MaxValue", "MinValue" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormQuestion": { "additionalProperties": false, "properties": { "Instructions": { "markdownDescription": "The instructions of the section.\n\n*Length Constraints* : Minimum length of 0. Maximum length of 1024.", "title": "Instructions", "type": "string" }, "NotApplicableEnabled": { "markdownDescription": "The flag to enable not applicable answers to the question.", "title": "NotApplicableEnabled", "type": "boolean" }, "QuestionType": { "markdownDescription": "The type of the question.\n\n*Allowed values* : `NUMERIC` | `SINGLESELECT` | `TEXT`", "title": "QuestionType", "type": "string" }, "QuestionTypeProperties": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties", "markdownDescription": "The properties of the type of question. Text questions do not have to define question type properties.", "title": "QuestionTypeProperties" }, "RefId": { "markdownDescription": "The identifier of the question. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", "title": "RefId", "type": "string" }, "Title": { "markdownDescription": "The title of the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 350.", "title": "Title", "type": "string" }, "Weight": { "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", "title": "Weight", "type": "number" } }, "required": [ "QuestionType", "RefId", "Title" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormQuestionTypeProperties": { "additionalProperties": false, "properties": { "Numeric": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormNumericQuestionProperties", "markdownDescription": "The properties of the numeric question.", "title": "Numeric" }, "SingleSelect": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties", "markdownDescription": "The properties of the numeric question.", "title": "SingleSelect" } }, "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormSection": { "additionalProperties": false, "properties": { "Instructions": { "markdownDescription": "The instructions of the section.", "title": "Instructions", "type": "string" }, "Items": { "items": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormItem" }, "markdownDescription": "The items of the section.\n\n*Minimum* : 1", "title": "Items", "type": "array" }, "RefId": { "markdownDescription": "The identifier of the section. An identifier must be unique within the evaluation form.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", "title": "RefId", "type": "string" }, "Title": { "markdownDescription": "The title of the section.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", "title": "Title", "type": "string" }, "Weight": { "markdownDescription": "The scoring weight of the section.\n\n*Minimum* : 0\n\n*Maximum* : 100", "title": "Weight", "type": "number" } }, "required": [ "RefId", "Title" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation": { "additionalProperties": false, "properties": { "DefaultOptionRefId": { "markdownDescription": "The identifier of the default answer option, when none of the automation options match the criteria.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", "title": "DefaultOptionRefId", "type": "string" }, "Options": { "items": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption" }, "markdownDescription": "The automation options of the single select question.\n\n*Minimum* : 1\n\n*Maximum* : 20", "title": "Options", "type": "array" } }, "required": [ "Options" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomationOption": { "additionalProperties": false, "properties": { "RuleCategory": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation", "markdownDescription": "The automation option based on a rule category for the single select question.", "title": "RuleCategory" } }, "required": [ "RuleCategory" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption": { "additionalProperties": false, "properties": { "AutomaticFail": { "markdownDescription": "The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.", "title": "AutomaticFail", "type": "boolean" }, "RefId": { "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", "title": "RefId", "type": "string" }, "Score": { "markdownDescription": "The score assigned to the answer option.\n\n*Minimum* : 0\n\n*Maximum* : 10", "title": "Score", "type": "number" }, "Text": { "markdownDescription": "The title of the answer option.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.", "title": "Text", "type": "string" } }, "required": [ "RefId", "Text" ], "type": "object" }, "AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionProperties": { "additionalProperties": false, "properties": { "Automation": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionAutomation", "markdownDescription": "The display mode of the single select question.", "title": "Automation" }, "DisplayAs": { "markdownDescription": "The display mode of the single select question.\n\n*Allowed values* : `DROPDOWN` | `RADIO`", "title": "DisplayAs", "type": "string" }, "Options": { "items": { "$ref": "#/definitions/AWS::Connect::EvaluationForm.EvaluationFormSingleSelectQuestionOption" }, "markdownDescription": "The answer options of the single select question.\n\n*Minimum* : 2\n\n*Maximum* : 256", "title": "Options", "type": "array" } }, "required": [ "Options" ], "type": "object" }, "AWS::Connect::EvaluationForm.NumericQuestionPropertyValueAutomation": { "additionalProperties": false, "properties": { "Label": { "markdownDescription": "The property label of the automation.", "title": "Label", "type": "string" } }, "required": [ "Label" ], "type": "object" }, "AWS::Connect::EvaluationForm.ScoringStrategy": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The scoring mode of the evaluation form.\n\n*Allowed values* : `QUESTION_ONLY` | `SECTION_ONLY`", "title": "Mode", "type": "string" }, "Status": { "markdownDescription": "The scoring status of the evaluation form.\n\n*Allowed values* : `ENABLED` | `DISABLED`", "title": "Status", "type": "string" } }, "required": [ "Mode", "Status" ], "type": "object" }, "AWS::Connect::EvaluationForm.SingleSelectQuestionRuleCategoryAutomation": { "additionalProperties": false, "properties": { "Category": { "markdownDescription": "The category name, as defined in Rules.\n\n*Minimum* : 1\n\n*Maximum* : 50", "title": "Category", "type": "string" }, "Condition": { "markdownDescription": "The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category.\n\n*Allowed values* : `PRESENT` | `NOT_PRESENT`\n\n*Maximum* : 50", "title": "Condition", "type": "string" }, "OptionRefId": { "markdownDescription": "The identifier of the answer option. An identifier must be unique within the question.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 40.", "title": "OptionRefId", "type": "string" } }, "required": [ "Category", "Condition", "OptionRefId" ], "type": "object" }, "AWS::Connect::HoursOfOperation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Config": { "items": { "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationConfig" }, "markdownDescription": "Configuration information for the hours of operation.", "title": "Config", "type": "array" }, "Description": { "markdownDescription": "The description for the hours of operation.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name for the hours of operation.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, "TimeZone": { "markdownDescription": "The time zone for the hours of operation.", "title": "TimeZone", "type": "string" } }, "required": [ "Config", "InstanceArn", "Name", "TimeZone" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::HoursOfOperation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::HoursOfOperation.HoursOfOperationConfig": { "additionalProperties": false, "properties": { "Day": { "markdownDescription": "The day that the hours of operation applies to.", "title": "Day", "type": "string" }, "EndTime": { "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", "markdownDescription": "The end time that your contact center closes.", "title": "EndTime" }, "StartTime": { "$ref": "#/definitions/AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice", "markdownDescription": "The start time that your contact center opens.", "title": "StartTime" } }, "required": [ "Day", "EndTime", "StartTime" ], "type": "object" }, "AWS::Connect::HoursOfOperation.HoursOfOperationTimeSlice": { "additionalProperties": false, "properties": { "Hours": { "markdownDescription": "The hours.", "title": "Hours", "type": "number" }, "Minutes": { "markdownDescription": "The minutes.", "title": "Minutes", "type": "number" } }, "required": [ "Hours", "Minutes" ], "type": "object" }, "AWS::Connect::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Attributes": { "$ref": "#/definitions/AWS::Connect::Instance.Attributes", "markdownDescription": "A toggle for an individual feature at the instance level.", "title": "Attributes" }, "DirectoryId": { "markdownDescription": "The identifier for the directory.", "title": "DirectoryId", "type": "string" }, "IdentityManagementType": { "markdownDescription": "The identity management type.", "title": "IdentityManagementType", "type": "string" }, "InstanceAlias": { "markdownDescription": "The alias of instance. `InstanceAlias` is only required when `IdentityManagementType` is `CONNECT_MANAGED` or `SAML` . `InstanceAlias` is not required when `IdentityManagementType` is `EXISTING_DIRECTORY` .", "title": "InstanceAlias", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ "Attributes", "IdentityManagementType" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::Instance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::Instance.Attributes": { "additionalProperties": false, "properties": { "AutoResolveBestVoices": { "markdownDescription": "", "title": "AutoResolveBestVoices", "type": "boolean" }, "ContactLens": { "markdownDescription": "", "title": "ContactLens", "type": "boolean" }, "ContactflowLogs": { "markdownDescription": "", "title": "ContactflowLogs", "type": "boolean" }, "EarlyMedia": { "markdownDescription": "", "title": "EarlyMedia", "type": "boolean" }, "InboundCalls": { "markdownDescription": "", "title": "InboundCalls", "type": "boolean" }, "OutboundCalls": { "markdownDescription": "", "title": "OutboundCalls", "type": "boolean" }, "UseCustomTTSVoices": { "markdownDescription": "", "title": "UseCustomTTSVoices", "type": "boolean" } }, "required": [ "InboundCalls", "OutboundCalls" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "KinesisFirehoseConfig": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig", "markdownDescription": "The configuration of the Kinesis Firehose delivery stream.", "title": "KinesisFirehoseConfig" }, "KinesisStreamConfig": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisStreamConfig", "markdownDescription": "The configuration of the Kinesis data stream.", "title": "KinesisStreamConfig" }, "KinesisVideoStreamConfig": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig", "markdownDescription": "The configuration of the Kinesis video stream.", "title": "KinesisVideoStreamConfig" }, "ResourceType": { "markdownDescription": "A valid resource type. Following are the valid resource types: `CHAT_TRANSCRIPTS` | `CALL_RECORDINGS` | `SCHEDULED_REPORTS` | `MEDIA_STREAMS` | `CONTACT_TRACE_RECORDS` | `AGENT_EVENTS`", "title": "ResourceType", "type": "string" }, "S3Config": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.S3Config", "markdownDescription": "The S3 bucket configuration.", "title": "S3Config" }, "StorageType": { "markdownDescription": "A valid storage type.", "title": "StorageType", "type": "string" } }, "required": [ "InstanceArn", "ResourceType", "StorageType" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::InstanceStorageConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig.EncryptionConfig": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The type of encryption.", "title": "EncryptionType", "type": "string" }, "KeyId": { "markdownDescription": "The full ARN of the encryption key.\n\n> Be sure to provide the full ARN of the encryption key, not just the ID.\n> \n> Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) .", "title": "KeyId", "type": "string" } }, "required": [ "EncryptionType", "KeyId" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig.KinesisFirehoseConfig": { "additionalProperties": false, "properties": { "FirehoseArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", "title": "FirehoseArn", "type": "string" } }, "required": [ "FirehoseArn" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig.KinesisStreamConfig": { "additionalProperties": false, "properties": { "StreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the data stream.", "title": "StreamArn", "type": "string" } }, "required": [ "StreamArn" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig.KinesisVideoStreamConfig": { "additionalProperties": false, "properties": { "EncryptionConfig": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", "markdownDescription": "The encryption configuration.", "title": "EncryptionConfig" }, "Prefix": { "markdownDescription": "The prefix of the video stream.", "title": "Prefix", "type": "string" }, "RetentionPeriodHours": { "markdownDescription": "The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream.\n\nThe default value is 0, indicating that the stream does not persist data.", "title": "RetentionPeriodHours", "type": "number" } }, "required": [ "EncryptionConfig", "Prefix", "RetentionPeriodHours" ], "type": "object" }, "AWS::Connect::InstanceStorageConfig.S3Config": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The S3 bucket name.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The S3 bucket prefix.", "title": "BucketPrefix", "type": "string" }, "EncryptionConfig": { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig.EncryptionConfig", "markdownDescription": "The Amazon S3 encryption configuration.", "title": "EncryptionConfig" } }, "required": [ "BucketName", "BucketPrefix" ], "type": "object" }, "AWS::Connect::IntegrationAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceId": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", "title": "InstanceId", "type": "string" }, "IntegrationArn": { "markdownDescription": "ARN of the integration being associated with the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `140`", "title": "IntegrationArn", "type": "string" }, "IntegrationType": { "markdownDescription": "Specifies the integration type to be associated with the instance.\n\n*Allowed Values* : `LEX_BOT` | `LAMBDA_FUNCTION`", "title": "IntegrationType", "type": "string" } }, "required": [ "InstanceId", "IntegrationArn", "IntegrationType" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::IntegrationAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::PhoneNumber": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CountryCode": { "markdownDescription": "The ISO country code.", "title": "CountryCode", "type": "string" }, "Description": { "markdownDescription": "The description of the phone number.", "title": "Description", "type": "string" }, "Prefix": { "markdownDescription": "The prefix of the phone number. If provided, it must contain `+` as part of the country code.\n\n*Pattern* : `^\\\\+[0-9]{1,15}`", "title": "Prefix", "type": "string" }, "SourcePhoneNumberArn": { "markdownDescription": "The claimed phone number ARN that was previously imported from the external service, such as Amazon Pinpoint. If it is from Amazon Pinpoint, it looks like the ARN of the phone number that was imported from Amazon Pinpoint.", "title": "SourcePhoneNumberArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, "TargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution group that phone numbers are claimed to.", "title": "TargetArn", "type": "string" }, "Type": { "markdownDescription": "The type of phone number.", "title": "Type", "type": "string" } }, "required": [ "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::PhoneNumber" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::PredefinedAttribute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the predefined attribute.", "title": "Name", "type": "string" }, "Values": { "$ref": "#/definitions/AWS::Connect::PredefinedAttribute.Values", "markdownDescription": "The values of a predefined attribute.", "title": "Values" } }, "required": [ "InstanceArn", "Name", "Values" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::PredefinedAttribute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::PredefinedAttribute.Values": { "additionalProperties": false, "properties": { "StringList": { "items": { "type": "string" }, "markdownDescription": "Predefined attribute values of type string list.", "title": "StringList", "type": "array" } }, "type": "object" }, "AWS::Connect::Prompt": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the prompt.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The identifier of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the prompt.", "title": "Name", "type": "string" }, "S3Uri": { "markdownDescription": "The URI for the S3 bucket where the prompt is stored. This property is required when you create a prompt.", "title": "S3Uri", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::Prompt" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::Queue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the queue.", "title": "Description", "type": "string" }, "HoursOfOperationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the hours of operation.", "title": "HoursOfOperationArn", "type": "string" }, "InstanceArn": { "markdownDescription": "The identifier of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "MaxContacts": { "markdownDescription": "The maximum number of contacts that can be in the queue before it is considered full.", "title": "MaxContacts", "type": "number" }, "Name": { "markdownDescription": "The name of the queue.", "title": "Name", "type": "string" }, "OutboundCallerConfig": { "$ref": "#/definitions/AWS::Connect::Queue.OutboundCallerConfig", "markdownDescription": "The outbound caller ID name, number, and outbound whisper flow.", "title": "OutboundCallerConfig" }, "QuickConnectArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARN) of the of the quick connects available to agents who are working the queue.", "title": "QuickConnectArns", "type": "array" }, "Status": { "markdownDescription": "The status of the queue.", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "HoursOfOperationArn", "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::Queue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::Queue.OutboundCallerConfig": { "additionalProperties": false, "properties": { "OutboundCallerIdName": { "markdownDescription": "The caller ID name.", "title": "OutboundCallerIdName", "type": "string" }, "OutboundCallerIdNumberArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the outbound caller ID number.\n\n> Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API.", "title": "OutboundCallerIdNumberArn", "type": "string" }, "OutboundFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the outbound flow.", "title": "OutboundFlowArn", "type": "string" } }, "type": "object" }, "AWS::Connect::QuickConnect": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the quick connect.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the quick connect.", "title": "Name", "type": "string" }, "QuickConnectConfig": { "$ref": "#/definitions/AWS::Connect::QuickConnect.QuickConnectConfig", "markdownDescription": "Contains information about the quick connect.", "title": "QuickConnectConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "Name", "QuickConnectConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::QuickConnect" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig": { "additionalProperties": false, "properties": { "PhoneNumber": { "markdownDescription": "The phone number in E.164 format.", "title": "PhoneNumber", "type": "string" } }, "required": [ "PhoneNumber" ], "type": "object" }, "AWS::Connect::QuickConnect.QueueQuickConnectConfig": { "additionalProperties": false, "properties": { "ContactFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "ContactFlowArn", "type": "string" }, "QueueArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", "title": "QueueArn", "type": "string" } }, "required": [ "ContactFlowArn", "QueueArn" ], "type": "object" }, "AWS::Connect::QuickConnect.QuickConnectConfig": { "additionalProperties": false, "properties": { "PhoneConfig": { "$ref": "#/definitions/AWS::Connect::QuickConnect.PhoneNumberQuickConnectConfig", "markdownDescription": "The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER.", "title": "PhoneConfig" }, "QueueConfig": { "$ref": "#/definitions/AWS::Connect::QuickConnect.QueueQuickConnectConfig", "markdownDescription": "The queue configuration. This is required only if QuickConnectType is QUEUE.", "title": "QueueConfig" }, "QuickConnectType": { "markdownDescription": "The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE).", "title": "QuickConnectType", "type": "string" }, "UserConfig": { "$ref": "#/definitions/AWS::Connect::QuickConnect.UserQuickConnectConfig", "markdownDescription": "The user configuration. This is required only if QuickConnectType is USER.", "title": "UserConfig" } }, "required": [ "QuickConnectType" ], "type": "object" }, "AWS::Connect::QuickConnect.UserQuickConnectConfig": { "additionalProperties": false, "properties": { "ContactFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "ContactFlowArn", "type": "string" }, "UserArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the user.", "title": "UserArn", "type": "string" } }, "required": [ "ContactFlowArn", "UserArn" ], "type": "object" }, "AWS::Connect::RoutingProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentAvailabilityTimer": { "markdownDescription": "Whether agents with this routing profile will have their routing order calculated based on *time since their last inbound contact* or *longest idle time* .", "title": "AgentAvailabilityTimer", "type": "string" }, "DefaultOutboundQueueArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the default outbound queue for the routing profile.", "title": "DefaultOutboundQueueArn", "type": "string" }, "Description": { "markdownDescription": "The description of the routing profile.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The identifier of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "MediaConcurrencies": { "items": { "$ref": "#/definitions/AWS::Connect::RoutingProfile.MediaConcurrency" }, "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", "title": "MediaConcurrencies", "type": "array" }, "Name": { "markdownDescription": "The name of the routing profile.", "title": "Name", "type": "string" }, "QueueConfigs": { "items": { "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueConfig" }, "markdownDescription": "The inbound queues associated with the routing profile. If no queue is added, the agent can make only outbound calls.", "title": "QueueConfigs", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "DefaultOutboundQueueArn", "Description", "InstanceArn", "MediaConcurrencies", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::RoutingProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::RoutingProfile.CrossChannelBehavior": { "additionalProperties": false, "properties": { "BehaviorType": { "markdownDescription": "Specifies the other channels that can be routed to an agent handling their current channel.", "title": "BehaviorType", "type": "string" } }, "required": [ "BehaviorType" ], "type": "object" }, "AWS::Connect::RoutingProfile.MediaConcurrency": { "additionalProperties": false, "properties": { "Channel": { "markdownDescription": "The channels that agents can handle in the Contact Control Panel (CCP).", "title": "Channel", "type": "string" }, "Concurrency": { "markdownDescription": "The number of contacts an agent can have on a channel simultaneously.\n\nValid Range for `VOICE` : Minimum value of 1. Maximum value of 1.\n\nValid Range for `CHAT` : Minimum value of 1. Maximum value of 10.\n\nValid Range for `TASK` : Minimum value of 1. Maximum value of 10.", "title": "Concurrency", "type": "number" }, "CrossChannelBehavior": { "$ref": "#/definitions/AWS::Connect::RoutingProfile.CrossChannelBehavior", "markdownDescription": "Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel.", "title": "CrossChannelBehavior" } }, "required": [ "Channel", "Concurrency" ], "type": "object" }, "AWS::Connect::RoutingProfile.RoutingProfileQueueConfig": { "additionalProperties": false, "properties": { "Delay": { "markdownDescription": "The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* .", "title": "Delay", "type": "number" }, "Priority": { "markdownDescription": "The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) .", "title": "Priority", "type": "number" }, "QueueReference": { "$ref": "#/definitions/AWS::Connect::RoutingProfile.RoutingProfileQueueReference", "markdownDescription": "Contains information about a queue resource.", "title": "QueueReference" } }, "required": [ "Delay", "Priority", "QueueReference" ], "type": "object" }, "AWS::Connect::RoutingProfile.RoutingProfileQueueReference": { "additionalProperties": false, "properties": { "Channel": { "markdownDescription": "The channels agents can handle in the Contact Control Panel (CCP) for this routing profile.", "title": "Channel", "type": "string" }, "QueueArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", "title": "QueueArn", "type": "string" } }, "required": [ "Channel", "QueueArn" ], "type": "object" }, "AWS::Connect::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "$ref": "#/definitions/AWS::Connect::Rule.Actions", "markdownDescription": "A list of actions to be run when the rule is triggered.", "title": "Actions" }, "Function": { "markdownDescription": "The conditions of the rule.", "title": "Function", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, "PublishStatus": { "markdownDescription": "The publish status of the rule.\n\n*Allowed values* : `DRAFT` | `PUBLISHED`", "title": "PublishStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" }, "TriggerEventSource": { "$ref": "#/definitions/AWS::Connect::Rule.RuleTriggerEventSource", "markdownDescription": "The event source to trigger the rule.", "title": "TriggerEventSource" } }, "required": [ "Actions", "Function", "InstanceArn", "Name", "PublishStatus", "TriggerEventSource" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::Rule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::Rule.Actions": { "additionalProperties": false, "properties": { "AssignContactCategoryActions": { "items": { "type": "object" }, "markdownDescription": "Information about the contact category action. The syntax can be empty, for example, `{}` .", "title": "AssignContactCategoryActions", "type": "array" }, "CreateCaseActions": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.CreateCaseAction" }, "markdownDescription": "", "title": "CreateCaseActions", "type": "array" }, "EndAssociatedTasksActions": { "items": { "type": "object" }, "markdownDescription": "", "title": "EndAssociatedTasksActions", "type": "array" }, "EventBridgeActions": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.EventBridgeAction" }, "markdownDescription": "Information about the EventBridge action.", "title": "EventBridgeActions", "type": "array" }, "SendNotificationActions": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.SendNotificationAction" }, "markdownDescription": "Information about the send notification action.", "title": "SendNotificationActions", "type": "array" }, "TaskActions": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.TaskAction" }, "markdownDescription": "Information about the task action. This field is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", "title": "TaskActions", "type": "array" }, "UpdateCaseActions": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.UpdateCaseAction" }, "markdownDescription": "", "title": "UpdateCaseActions", "type": "array" } }, "type": "object" }, "AWS::Connect::Rule.CreateCaseAction": { "additionalProperties": false, "properties": { "Fields": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.Field" }, "markdownDescription": "", "title": "Fields", "type": "array" }, "TemplateId": { "markdownDescription": "", "title": "TemplateId", "type": "string" } }, "required": [ "Fields", "TemplateId" ], "type": "object" }, "AWS::Connect::Rule.EventBridgeAction": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Connect::Rule.Field": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "", "title": "Id", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::Connect::Rule.FieldValue", "markdownDescription": "", "title": "Value" } }, "required": [ "Id", "Value" ], "type": "object" }, "AWS::Connect::Rule.FieldValue": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "", "title": "BooleanValue", "type": "boolean" }, "DoubleValue": { "markdownDescription": "", "title": "DoubleValue", "type": "number" }, "EmptyValue": { "markdownDescription": "", "title": "EmptyValue", "type": "object" }, "StringValue": { "markdownDescription": "", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::Connect::Rule.NotificationRecipientType": { "additionalProperties": false, "properties": { "UserArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the user account.", "title": "UserArns", "type": "array" }, "UserTags": { "additionalProperties": true, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }. Amazon Connect users with the specified tags will be notified.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "UserTags", "type": "object" } }, "type": "object" }, "AWS::Connect::Rule.Reference": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of the reference. `DATE` must be of type Epoch timestamp.\n\n*Allowed values* : `URL` | `ATTACHMENT` | `NUMBER` | `STRING` | `DATE` | `EMAIL`", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP).", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::Connect::Rule.RuleTriggerEventSource": { "additionalProperties": false, "properties": { "EventSourceName": { "markdownDescription": "The name of the event source.", "title": "EventSourceName", "type": "string" }, "IntegrationAssociationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the integration association. `IntegrationAssociationArn` is required if `TriggerEventSource` is one of the following values: `OnZendeskTicketCreate` | `OnZendeskTicketStatusUpdate` | `OnSalesforceCaseCreate`", "title": "IntegrationAssociationArn", "type": "string" } }, "required": [ "EventSourceName" ], "type": "object" }, "AWS::Connect::Rule.SendNotificationAction": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", "title": "Content", "type": "string" }, "ContentType": { "markdownDescription": "Content type format.\n\n*Allowed value* : `PLAIN_TEXT`", "title": "ContentType", "type": "string" }, "DeliveryMethod": { "markdownDescription": "Notification delivery method.\n\n*Allowed value* : `EMAIL`", "title": "DeliveryMethod", "type": "string" }, "Recipient": { "$ref": "#/definitions/AWS::Connect::Rule.NotificationRecipientType", "markdownDescription": "Notification recipient.", "title": "Recipient" }, "Subject": { "markdownDescription": "The subject of the email if the delivery method is `EMAIL` . Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", "title": "Subject", "type": "string" } }, "required": [ "Content", "ContentType", "DeliveryMethod", "Recipient" ], "type": "object" }, "AWS::Connect::Rule.TaskAction": { "additionalProperties": false, "properties": { "ContactFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "ContactFlowArn", "type": "string" }, "Description": { "markdownDescription": "The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Amazon Connect Administrators Guide* .", "title": "Name", "type": "string" }, "References": { "additionalProperties": false, "markdownDescription": "Information about the reference when the `referenceType` is `URL` . Otherwise, null. `URL` is the only accepted type. (Supports variable injection in the `Value` field.)", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Connect::Rule.Reference" } }, "title": "References", "type": "object" } }, "required": [ "ContactFlowArn", "Name" ], "type": "object" }, "AWS::Connect::Rule.UpdateCaseAction": { "additionalProperties": false, "properties": { "Fields": { "items": { "$ref": "#/definitions/AWS::Connect::Rule.Field" }, "markdownDescription": "", "title": "Fields", "type": "array" } }, "required": [ "Fields" ], "type": "object" }, "AWS::Connect::SecurityKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceId": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.\n\n*Minimum* : `1`\n\n*Maximum* : `100`", "title": "InstanceId", "type": "string" }, "Key": { "markdownDescription": "A valid security key in PEM format. For example:\n\n`\"-----BEGIN PUBLIC KEY-----\\ [a lot of characters] ----END PUBLIC KEY-----\"`\n\n*Minimum* : `1`\n\n*Maximum* : `1024`", "title": "Key", "type": "string" } }, "required": [ "InstanceId", "Key" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::SecurityKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedAccessControlHierarchyGroupId": { "markdownDescription": "The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.", "title": "AllowedAccessControlHierarchyGroupId", "type": "string" }, "AllowedAccessControlTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tags that a security profile uses to restrict access to resources in Amazon Connect.", "title": "AllowedAccessControlTags", "type": "array" }, "Applications": { "items": { "$ref": "#/definitions/AWS::Connect::SecurityProfile.Application" }, "markdownDescription": "", "title": "Applications", "type": "array" }, "Description": { "markdownDescription": "The description of the security profile.", "title": "Description", "type": "string" }, "HierarchyRestrictedResources": { "items": { "type": "string" }, "markdownDescription": "The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames: `User` .", "title": "HierarchyRestrictedResources", "type": "array" }, "InstanceArn": { "markdownDescription": "The identifier of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "Permissions assigned to the security profile. For a list of valid permissions, see [List of security profile permissions](https://docs.aws.amazon.com/connect/latest/adminguide/security-profile-list.html) .", "title": "Permissions", "type": "array" }, "SecurityProfileName": { "markdownDescription": "The name for the security profile.", "title": "SecurityProfileName", "type": "string" }, "TagRestrictedResources": { "items": { "type": "string" }, "markdownDescription": "The list of resources that a security profile applies tag restrictions to in Amazon Connect.", "title": "TagRestrictedResources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"Tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "SecurityProfileName" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::SecurityProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::SecurityProfile.Application": { "additionalProperties": false, "properties": { "ApplicationPermissions": { "items": { "type": "string" }, "markdownDescription": "The permissions that the agent is granted on the application. Only the `ACCESS` permission is supported.", "title": "ApplicationPermissions", "type": "array" }, "Namespace": { "markdownDescription": "Namespace of the application that you want to give access to.", "title": "Namespace", "type": "string" } }, "required": [ "ApplicationPermissions", "Namespace" ], "type": "object" }, "AWS::Connect::TaskTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientToken": { "markdownDescription": "A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", "title": "ClientToken", "type": "string" }, "Constraints": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.Constraints", "markdownDescription": "Constraints that are applicable to the fields listed.\n\nThe values can be represented in either JSON or YAML format. For an example of the JSON configuration, see *Examples* at the bottom of this page.", "title": "Constraints" }, "ContactFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow that runs by default when a task is created by referencing this template. `ContactFlowArn` is not required when there is a field with `fieldType` = `QUICK_CONNECT` .", "title": "ContactFlowArn", "type": "string" }, "Defaults": { "items": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.DefaultFieldValue" }, "markdownDescription": "The default values for fields when a task is created by referencing this template.", "title": "Defaults", "type": "array" }, "Description": { "markdownDescription": "The description of the task template.", "title": "Description", "type": "string" }, "Fields": { "items": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.Field" }, "markdownDescription": "Fields that are part of the template. A template requires at least one field that has type `Name` .", "title": "Fields", "type": "array" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the task template.", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "The status of the task template.", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::TaskTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::TaskTemplate.Constraints": { "additionalProperties": false, "properties": { "InvisibleFields": { "items": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.InvisibleFieldInfo" }, "markdownDescription": "Lists the fields that are invisible to agents.", "title": "InvisibleFields", "type": "array" }, "ReadOnlyFields": { "items": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.ReadOnlyFieldInfo" }, "markdownDescription": "Lists the fields that are read-only to agents, and cannot be edited.", "title": "ReadOnlyFields", "type": "array" }, "RequiredFields": { "items": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.RequiredFieldInfo" }, "markdownDescription": "Lists the fields that are required to be filled by agents.", "title": "RequiredFields", "type": "array" } }, "type": "object" }, "AWS::Connect::TaskTemplate.DefaultFieldValue": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "Default value for the field.", "title": "DefaultValue", "type": "string" }, "Id": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", "markdownDescription": "Identifier of a field.", "title": "Id" } }, "required": [ "DefaultValue", "Id" ], "type": "object" }, "AWS::Connect::TaskTemplate.Field": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the field.", "title": "Description", "type": "string" }, "Id": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", "markdownDescription": "The unique identifier for the field.", "title": "Id" }, "SingleSelectOptions": { "items": { "type": "string" }, "markdownDescription": "A list of options for a single select field.", "title": "SingleSelectOptions", "type": "array" }, "Type": { "markdownDescription": "Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL`", "title": "Type", "type": "string" } }, "required": [ "Id", "Type" ], "type": "object" }, "AWS::Connect::TaskTemplate.FieldIdentifier": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the task template field.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Connect::TaskTemplate.InvisibleFieldInfo": { "additionalProperties": false, "properties": { "Id": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", "markdownDescription": "Identifier of the invisible field.", "title": "Id" } }, "required": [ "Id" ], "type": "object" }, "AWS::Connect::TaskTemplate.ReadOnlyFieldInfo": { "additionalProperties": false, "properties": { "Id": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", "markdownDescription": "Identifier of the read-only field.", "title": "Id" } }, "required": [ "Id" ], "type": "object" }, "AWS::Connect::TaskTemplate.RequiredFieldInfo": { "additionalProperties": false, "properties": { "Id": { "$ref": "#/definitions/AWS::Connect::TaskTemplate.FieldIdentifier", "markdownDescription": "The unique identifier for the field.", "title": "Id" } }, "required": [ "Id" ], "type": "object" }, "AWS::Connect::TrafficDistributionGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the traffic distribution group.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN).", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the traffic distribution group.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, {\"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::TrafficDistributionGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DirectoryUserId": { "markdownDescription": "The identifier of the user account in the directory used for identity management.", "title": "DirectoryUserId", "type": "string" }, "HierarchyGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the user's hierarchy group.", "title": "HierarchyGroupArn", "type": "string" }, "IdentityInfo": { "$ref": "#/definitions/AWS::Connect::User.UserIdentityInfo", "markdownDescription": "Information about the user identity.", "title": "IdentityInfo" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Password": { "markdownDescription": "The user's password.", "title": "Password", "type": "string" }, "PhoneConfig": { "$ref": "#/definitions/AWS::Connect::User.UserPhoneConfig", "markdownDescription": "Information about the phone configuration for the user.", "title": "PhoneConfig" }, "RoutingProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the user's routing profile.", "title": "RoutingProfileArn", "type": "string" }, "SecurityProfileArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the user's security profile.", "title": "SecurityProfileArns", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "UserProficiencies": { "items": { "$ref": "#/definitions/AWS::Connect::User.UserProficiency" }, "markdownDescription": "One or more predefined attributes assigned to a user, with a numeric value that indicates how their level of skill in a specified area.", "title": "UserProficiencies", "type": "array" }, "Username": { "markdownDescription": "The user name assigned to the user account.", "title": "Username", "type": "string" } }, "required": [ "InstanceArn", "PhoneConfig", "RoutingProfileArn", "SecurityProfileArns", "Username" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::User.UserIdentityInfo": { "additionalProperties": false, "properties": { "Email": { "markdownDescription": "The email address. If you are using SAML for identity management and include this parameter, an error is returned.", "title": "Email", "type": "string" }, "FirstName": { "markdownDescription": "The first name. This is required if you are using Amazon Connect or SAML for identity management.", "title": "FirstName", "type": "string" }, "LastName": { "markdownDescription": "The last name. This is required if you are using Amazon Connect or SAML for identity management.", "title": "LastName", "type": "string" }, "Mobile": { "markdownDescription": "The user's mobile number.", "title": "Mobile", "type": "string" }, "SecondaryEmail": { "markdownDescription": "The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address.\n\n*Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\\.[a-zA-Z]{2,63}`", "title": "SecondaryEmail", "type": "string" } }, "type": "object" }, "AWS::Connect::User.UserPhoneConfig": { "additionalProperties": false, "properties": { "AfterContactWorkTimeLimit": { "markdownDescription": "The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW.\n\n> When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds.", "title": "AfterContactWorkTimeLimit", "type": "number" }, "AutoAccept": { "markdownDescription": "The Auto accept setting.", "title": "AutoAccept", "type": "boolean" }, "DeskPhoneNumber": { "markdownDescription": "The phone number for the user's desk phone.", "title": "DeskPhoneNumber", "type": "string" }, "PhoneType": { "markdownDescription": "The phone type.", "title": "PhoneType", "type": "string" } }, "required": [ "PhoneType" ], "type": "object" }, "AWS::Connect::User.UserProficiency": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of user\u2019s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance.", "title": "AttributeName", "type": "string" }, "AttributeValue": { "markdownDescription": "The value of user\u2019s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance.", "title": "AttributeValue", "type": "string" }, "Level": { "markdownDescription": "The level of the proficiency. The valid values are 1, 2, 3, 4 and 5.", "title": "Level", "type": "number" } }, "required": [ "AttributeName", "AttributeValue", "Level" ], "type": "object" }, "AWS::Connect::UserHierarchyGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the user hierarchy group.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the user hierarchy group.", "title": "Name", "type": "string" }, "ParentGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the parent group.", "title": "ParentGroupArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::UserHierarchyGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::View": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "A list of actions possible from the view.", "title": "Actions", "type": "array" }, "Description": { "markdownDescription": "The description of the view.", "title": "Description", "type": "string" }, "InstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance.", "title": "InstanceArn", "type": "string" }, "Name": { "markdownDescription": "The name of the view.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the view resource (not specific to view version).", "title": "Tags", "type": "array" }, "Template": { "markdownDescription": "The view template representing the structure of the view.", "title": "Template", "type": "object" } }, "required": [ "Actions", "InstanceArn", "Name", "Template" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::View" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Connect::ViewVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "VersionDescription": { "markdownDescription": "The description of the view version.", "title": "VersionDescription", "type": "string" }, "ViewArn": { "markdownDescription": "The unqualified Amazon Resource Name (ARN) of the view.\n\nFor example:\n\n`arn::connect:::instance/00000000-0000-0000-0000-000000000000/view/00000000-0000-0000-0000-000000000000`", "title": "ViewArn", "type": "string" }, "ViewContentSha256": { "markdownDescription": "Indicates the checksum value of the latest published view content.", "title": "ViewContentSha256", "type": "string" } }, "required": [ "ViewArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Connect::ViewVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ConnectCampaigns::Campaign": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectInstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Connect instance.", "title": "ConnectInstanceArn", "type": "string" }, "DialerConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.DialerConfig", "markdownDescription": "Contains information about the dialer configuration.", "title": "DialerConfig" }, "Name": { "markdownDescription": "The name of the campaign.", "title": "Name", "type": "string" }, "OutboundCallConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.OutboundCallConfig", "markdownDescription": "Contains information about the outbound call configuration.", "title": "OutboundCallConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.", "title": "Tags", "type": "array" } }, "required": [ "ConnectInstanceArn", "DialerConfig", "Name", "OutboundCallConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::ConnectCampaigns::Campaign" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig": { "additionalProperties": false, "properties": { "DialingCapacity": { "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", "title": "DialingCapacity", "type": "number" } }, "type": "object" }, "AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig": { "additionalProperties": false, "properties": { "AwaitAnswerMachinePrompt": { "markdownDescription": "Whether waiting for answer machine prompt is enabled.", "title": "AwaitAnswerMachinePrompt", "type": "boolean" }, "EnableAnswerMachineDetection": { "markdownDescription": "Whether answering machine detection is enabled.", "title": "EnableAnswerMachineDetection", "type": "boolean" } }, "required": [ "EnableAnswerMachineDetection" ], "type": "object" }, "AWS::ConnectCampaigns::Campaign.DialerConfig": { "additionalProperties": false, "properties": { "AgentlessDialerConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AgentlessDialerConfig", "markdownDescription": "The configuration of the agentless dialer.", "title": "AgentlessDialerConfig" }, "PredictiveDialerConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig", "markdownDescription": "The configuration of the predictive dialer.", "title": "PredictiveDialerConfig" }, "ProgressiveDialerConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig", "markdownDescription": "The configuration of the progressive dialer.", "title": "ProgressiveDialerConfig" } }, "type": "object" }, "AWS::ConnectCampaigns::Campaign.OutboundCallConfig": { "additionalProperties": false, "properties": { "AnswerMachineDetectionConfig": { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign.AnswerMachineDetectionConfig", "markdownDescription": "Whether answering machine detection has been enabled.", "title": "AnswerMachineDetectionConfig" }, "ConnectContactFlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "ConnectContactFlowArn", "type": "string" }, "ConnectQueueArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the queue.", "title": "ConnectQueueArn", "type": "string" }, "ConnectSourcePhoneNumber": { "markdownDescription": "The phone number associated with the outbound call. This is the caller ID that is displayed to customers when an agent calls them.", "title": "ConnectSourcePhoneNumber", "type": "string" } }, "required": [ "ConnectContactFlowArn" ], "type": "object" }, "AWS::ConnectCampaigns::Campaign.PredictiveDialerConfig": { "additionalProperties": false, "properties": { "BandwidthAllocation": { "markdownDescription": "Bandwidth allocation for the predictive dialer.", "title": "BandwidthAllocation", "type": "number" }, "DialingCapacity": { "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", "title": "DialingCapacity", "type": "number" } }, "required": [ "BandwidthAllocation" ], "type": "object" }, "AWS::ConnectCampaigns::Campaign.ProgressiveDialerConfig": { "additionalProperties": false, "properties": { "BandwidthAllocation": { "markdownDescription": "Bandwidth allocation for the progressive dialer.", "title": "BandwidthAllocation", "type": "number" }, "DialingCapacity": { "markdownDescription": "The allocation of dialing capacity between multiple active campaigns.", "title": "DialingCapacity", "type": "number" } }, "required": [ "BandwidthAllocation" ], "type": "object" }, "AWS::ControlTower::EnabledBaseline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BaselineIdentifier": { "markdownDescription": "The specific `Baseline` enabled as part of the `EnabledBaseline` resource.", "title": "BaselineIdentifier", "type": "string" }, "BaselineVersion": { "markdownDescription": "The enabled version of the `Baseline` .", "title": "BaselineVersion", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline.Parameter" }, "markdownDescription": "Parameters that are applied when enabling this `Baseline` . These parameters configure the behavior of the baseline.", "title": "Parameters", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags associated with input to `EnableBaseline` .", "title": "Tags", "type": "array" }, "TargetIdentifier": { "markdownDescription": "The target on which to enable the `Baseline` .", "title": "TargetIdentifier", "type": "string" } }, "required": [ "BaselineIdentifier", "BaselineVersion", "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::ControlTower::EnabledBaseline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ControlTower::EnabledBaseline.Parameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A string denoting the parameter key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "A low-level `Document` object of any type (for example, a Java Object).", "title": "Value", "type": "object" } }, "type": "object" }, "AWS::ControlTower::EnabledControl": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ControlIdentifier": { "markdownDescription": "The ARN of the control. Only *Strongly recommended* and *Elective* controls are permitted, with the exception of the *Region deny* control. For information on how to find the `controlIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", "title": "ControlIdentifier", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ControlTower::EnabledControl.EnabledControlParameter" }, "markdownDescription": "Array of `EnabledControlParameter` objects.", "title": "Parameters", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to be applied to the enabled control.", "title": "Tags", "type": "array" }, "TargetIdentifier": { "markdownDescription": "The ARN of the organizational unit. For information on how to find the `targetIdentifier` , see [the overview page](https://docs.aws.amazon.com//controltower/latest/APIReference/Welcome.html) .", "title": "TargetIdentifier", "type": "string" } }, "required": [ "ControlIdentifier", "TargetIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::ControlTower::EnabledControl" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ControlTower::EnabledControl.EnabledControlParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of a key/value pair. It is of type `string` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.]", "title": "Value", "type": "object" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::ControlTower::LandingZone": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Manifest": { "markdownDescription": "The landing zone manifest JSON text file that specifies the landing zone configurations.", "title": "Manifest", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to be applied to the landing zone.", "title": "Tags", "type": "array" }, "Version": { "markdownDescription": "The landing zone's current deployed version.", "title": "Version", "type": "string" } }, "required": [ "Manifest", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::ControlTower::LandingZone" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttributeDetails": { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails", "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", "title": "AttributeDetails" }, "CalculatedAttributeName": { "markdownDescription": "The name of an attribute defined in a profile object type.", "title": "CalculatedAttributeName", "type": "string" }, "Conditions": { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions", "markdownDescription": "The conditions including range, object count, and threshold for the calculated attribute.", "title": "Conditions" }, "Description": { "markdownDescription": "The description of the calculated attribute.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the calculated attribute.", "title": "DisplayName", "type": "string" }, "DomainName": { "markdownDescription": "The unique name of the domain.", "title": "DomainName", "type": "string" }, "Statistic": { "markdownDescription": "The aggregation operation to perform for the calculated attribute.", "title": "Statistic", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ "AttributeDetails", "CalculatedAttributeName", "DomainName", "Statistic" ], "type": "object" }, "Type": { "enum": [ "AWS::CustomerProfiles::CalculatedAttributeDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeDetails": { "additionalProperties": false, "properties": { "Attributes": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem" }, "markdownDescription": "Mathematical expression and a list of attribute items specified in that expression.", "title": "Attributes", "type": "array" }, "Expression": { "markdownDescription": "Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \\\"{ObjectTypeName.AttributeName}\\\".", "title": "Expression", "type": "string" } }, "required": [ "Attributes", "Expression" ], "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition.AttributeItem": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The unique name of the calculated attribute.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition.Conditions": { "additionalProperties": false, "properties": { "ObjectCount": { "markdownDescription": "The number of profile objects used for the calculated attribute.", "title": "ObjectCount", "type": "number" }, "Range": { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Range", "markdownDescription": "The relative time period over which data is included in the aggregation.", "title": "Range" }, "Threshold": { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold", "markdownDescription": "The threshold for the calculated attribute.", "title": "Threshold" } }, "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition.Range": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "The unit of time.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "The amount of time of the specified unit.", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::CustomerProfiles::CalculatedAttributeDefinition.Threshold": { "additionalProperties": false, "properties": { "Operator": { "markdownDescription": "The operator of the threshold.", "title": "Operator", "type": "string" }, "Value": { "markdownDescription": "The value of the threshold.", "title": "Value", "type": "string" } }, "required": [ "Operator", "Value" ], "type": "object" }, "AWS::CustomerProfiles::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeadLetterQueueUrl": { "markdownDescription": "The URL of the SQS dead letter queue, which is used for reporting errors associated with ingesting data from third party applications. You must set up a policy on the `DeadLetterQueue` for the `SendMessage` operation to enable Amazon Connect Customer Profiles to send messages to the `DeadLetterQueue` .", "title": "DeadLetterQueueUrl", "type": "string" }, "DefaultEncryptionKey": { "markdownDescription": "The default encryption key, which is an AWS managed key, is used when no specific type of encryption key is specified. It is used to encrypt all data before it is placed in permanent or semi-permanent storage.", "title": "DefaultEncryptionKey", "type": "string" }, "DefaultExpirationDays": { "markdownDescription": "The default number of days until the data within the domain expires.", "title": "DefaultExpirationDays", "type": "number" }, "DomainName": { "markdownDescription": "The unique name of the domain.", "title": "DomainName", "type": "string" }, "Matching": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Matching", "markdownDescription": "The process of matching duplicate profiles.", "title": "Matching" }, "RuleBasedMatching": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.RuleBasedMatching", "markdownDescription": "The process of matching duplicate profiles using Rule-Based matching.", "title": "RuleBasedMatching" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "DefaultExpirationDays", "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::CustomerProfiles::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::Domain.AttributeTypesSelector": { "additionalProperties": false, "properties": { "Address": { "items": { "type": "string" }, "markdownDescription": "The `Address` type. You can choose from `Address` , `BusinessAddress` , `MaillingAddress` , and `ShippingAddress` . You only can use the `Address` type in the `MatchingRule` . For example, if you want to match a profile based on `BusinessAddress.City` or `MaillingAddress.City` , you can choose the `BusinessAddress` and the `MaillingAddress` to represent the `Address` type and specify the `Address.City` on the matching rule.", "title": "Address", "type": "array" }, "AttributeMatchingModel": { "markdownDescription": "Configures the `AttributeMatchingModel` , you can either choose `ONE_TO_ONE` or `MANY_TO_MANY` .", "title": "AttributeMatchingModel", "type": "string" }, "EmailAddress": { "items": { "type": "string" }, "markdownDescription": "The Email type. You can choose from `EmailAddress` , `BusinessEmailAddress` and `PersonalEmailAddress` . You only can use the `EmailAddress` type in the `MatchingRule` . For example, if you want to match profile based on `PersonalEmailAddress` or `BusinessEmailAddress` , you can choose the `PersonalEmailAddress` and the `BusinessEmailAddress` to represent the `EmailAddress` type and only specify the `EmailAddress` on the matching rule.", "title": "EmailAddress", "type": "array" }, "PhoneNumber": { "items": { "type": "string" }, "markdownDescription": "The `PhoneNumber` type. You can choose from `PhoneNumber` , `HomePhoneNumber` , and `MobilePhoneNumber` . You only can use the `PhoneNumber` type in the `MatchingRule` . For example, if you want to match a profile based on `Phone` or `HomePhone` , you can choose the `Phone` and the `HomePhone` to represent the `PhoneNumber` type and only specify the `PhoneNumber` on the matching rule.", "title": "PhoneNumber", "type": "array" } }, "required": [ "AttributeMatchingModel" ], "type": "object" }, "AWS::CustomerProfiles::Domain.AutoMerging": { "additionalProperties": false, "properties": { "ConflictResolution": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", "title": "ConflictResolution" }, "Consolidation": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.Consolidation", "markdownDescription": "A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged.", "title": "Consolidation" }, "Enabled": { "markdownDescription": "The flag that enables the auto-merging of duplicate profiles.", "title": "Enabled", "type": "boolean" }, "MinAllowedConfidenceScoreForMerging": { "markdownDescription": "A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means that a higher similarity is required to merge profiles.", "title": "MinAllowedConfidenceScoreForMerging", "type": "number" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::CustomerProfiles::Domain.ConflictResolution": { "additionalProperties": false, "properties": { "ConflictResolvingModel": { "markdownDescription": "How the auto-merging process should resolve conflicts between different profiles.", "title": "ConflictResolvingModel", "type": "string" }, "SourceName": { "markdownDescription": "The `ObjectType` name that is used to resolve profile merging conflicts when choosing `SOURCE` as the `ConflictResolvingModel` .", "title": "SourceName", "type": "string" } }, "required": [ "ConflictResolvingModel" ], "type": "object" }, "AWS::CustomerProfiles::Domain.Consolidation": { "additionalProperties": false, "properties": { "MatchingAttributesList": { "markdownDescription": "A list of matching criteria.", "title": "MatchingAttributesList", "type": "object" } }, "required": [ "MatchingAttributesList" ], "type": "object" }, "AWS::CustomerProfiles::Domain.DomainStats": { "additionalProperties": false, "properties": { "MeteringProfileCount": { "markdownDescription": "The number of profiles that you are currently paying for in the domain. If you have more than 100 objects associated with a single profile, that profile counts as two profiles. If you have more than 200 objects, that profile counts as three, and so on.", "title": "MeteringProfileCount", "type": "number" }, "ObjectCount": { "markdownDescription": "The total number of objects in domain.", "title": "ObjectCount", "type": "number" }, "ProfileCount": { "markdownDescription": "The total number of profiles currently in the domain.", "title": "ProfileCount", "type": "number" }, "TotalSize": { "markdownDescription": "The total size, in bytes, of all objects in the domain.", "title": "TotalSize", "type": "number" } }, "type": "object" }, "AWS::CustomerProfiles::Domain.ExportingConfig": { "additionalProperties": false, "properties": { "S3Exporting": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.S3ExportingConfig", "markdownDescription": "", "title": "S3Exporting" } }, "type": "object" }, "AWS::CustomerProfiles::Domain.JobSchedule": { "additionalProperties": false, "properties": { "DayOfTheWeek": { "markdownDescription": "The day when the Identity Resolution Job should run every week.", "title": "DayOfTheWeek", "type": "string" }, "Time": { "markdownDescription": "The time when the Identity Resolution Job should run every week.", "title": "Time", "type": "string" } }, "required": [ "DayOfTheWeek", "Time" ], "type": "object" }, "AWS::CustomerProfiles::Domain.Matching": { "additionalProperties": false, "properties": { "AutoMerging": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AutoMerging", "markdownDescription": "Configuration information about the auto-merging process.", "title": "AutoMerging" }, "Enabled": { "markdownDescription": "The flag that enables the matching process of duplicate profiles.", "title": "Enabled", "type": "boolean" }, "ExportingConfig": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", "title": "ExportingConfig" }, "JobSchedule": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.JobSchedule", "markdownDescription": "The day and time when do you want to start the Identity Resolution Job every week.", "title": "JobSchedule" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::CustomerProfiles::Domain.MatchingRule": { "additionalProperties": false, "properties": { "Rule": { "items": { "type": "string" }, "markdownDescription": "A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles.", "title": "Rule", "type": "array" } }, "required": [ "Rule" ], "type": "object" }, "AWS::CustomerProfiles::Domain.RuleBasedMatching": { "additionalProperties": false, "properties": { "AttributeTypesSelector": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.AttributeTypesSelector", "markdownDescription": "Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles.", "title": "AttributeTypesSelector" }, "ConflictResolution": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ConflictResolution", "markdownDescription": "Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used.", "title": "ConflictResolution" }, "Enabled": { "markdownDescription": "The flag that enables the matching process of duplicate profiles.", "title": "Enabled", "type": "boolean" }, "ExportingConfig": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.ExportingConfig", "markdownDescription": "The S3 location where Identity Resolution Jobs write result files.", "title": "ExportingConfig" }, "MatchingRules": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::Domain.MatchingRule" }, "markdownDescription": "Configures how the rule-based matching process should match profiles. You can have up to 15 `MatchingRule` in the `MatchingRules` .", "title": "MatchingRules", "type": "array" }, "MaxAllowedRuleLevelForMatching": { "markdownDescription": "Indicates the maximum allowed rule level for matching.", "title": "MaxAllowedRuleLevelForMatching", "type": "number" }, "MaxAllowedRuleLevelForMerging": { "markdownDescription": "Indicates the maximum allowed rule level for merging.", "title": "MaxAllowedRuleLevelForMerging", "type": "number" }, "Status": { "markdownDescription": "The status of rule-based matching rule.", "title": "Status", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::CustomerProfiles::Domain.S3ExportingConfig": { "additionalProperties": false, "properties": { "S3BucketName": { "markdownDescription": "The name of the S3 bucket where Identity Resolution Jobs write result files.", "title": "S3BucketName", "type": "string" }, "S3KeyName": { "markdownDescription": "The S3 key name of the location where Identity Resolution Jobs write result files.", "title": "S3KeyName", "type": "string" } }, "required": [ "S3BucketName" ], "type": "object" }, "AWS::CustomerProfiles::EventStream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The unique name of the domain.", "title": "DomainName", "type": "string" }, "EventStreamName": { "markdownDescription": "The name of the event stream.", "title": "EventStreamName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "Uri": { "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", "title": "Uri", "type": "string" } }, "required": [ "DomainName", "EventStreamName", "Uri" ], "type": "object" }, "Type": { "enum": [ "AWS::CustomerProfiles::EventStream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::EventStream.DestinationDetails": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The status of enabling the Kinesis stream as a destination for export.", "title": "Status", "type": "string" }, "Uri": { "markdownDescription": "The StreamARN of the destination to deliver profile events to. For example, arn:aws:kinesis:region:account-id:stream/stream-name.", "title": "Uri", "type": "string" } }, "required": [ "Status", "Uri" ], "type": "object" }, "AWS::CustomerProfiles::Integration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The unique name of the domain.", "title": "DomainName", "type": "string" }, "FlowDefinition": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.FlowDefinition", "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", "title": "FlowDefinition" }, "ObjectTypeName": { "markdownDescription": "The name of the profile object type mapping to use.", "title": "ObjectTypeName", "type": "string" }, "ObjectTypeNames": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ObjectTypeMapping" }, "markdownDescription": "The object type mapping.", "title": "ObjectTypeNames", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "Uri": { "markdownDescription": "The URI of the S3 bucket or any other type of data source.", "title": "Uri", "type": "string" } }, "required": [ "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::CustomerProfiles::Integration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::Integration.ConnectorOperator": { "additionalProperties": false, "properties": { "Marketo": { "markdownDescription": "The operation to be performed on the provided Marketo source fields.", "title": "Marketo", "type": "string" }, "S3": { "markdownDescription": "The operation to be performed on the provided Amazon S3 source fields.", "title": "S3", "type": "string" }, "Salesforce": { "markdownDescription": "The operation to be performed on the provided Salesforce source fields.", "title": "Salesforce", "type": "string" }, "ServiceNow": { "markdownDescription": "The operation to be performed on the provided ServiceNow source fields.", "title": "ServiceNow", "type": "string" }, "Zendesk": { "markdownDescription": "The operation to be performed on the provided Zendesk source fields.", "title": "Zendesk", "type": "string" } }, "type": "object" }, "AWS::CustomerProfiles::Integration.FlowDefinition": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the flow you want to create.", "title": "Description", "type": "string" }, "FlowName": { "markdownDescription": "The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed.", "title": "FlowName", "type": "string" }, "KmsArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption.", "title": "KmsArn", "type": "string" }, "SourceFlowConfig": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceFlowConfig", "markdownDescription": "The configuration that controls how Customer Profiles retrieves data from the source.", "title": "SourceFlowConfig" }, "Tasks": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.Task" }, "markdownDescription": "A list of tasks that Customer Profiles performs while transferring the data in the flow run.", "title": "Tasks", "type": "array" }, "TriggerConfig": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerConfig", "markdownDescription": "The trigger settings that determine how and when the flow runs.", "title": "TriggerConfig" } }, "required": [ "FlowName", "KmsArn", "SourceFlowConfig", "Tasks", "TriggerConfig" ], "type": "object" }, "AWS::CustomerProfiles::Integration.IncrementalPullConfig": { "additionalProperties": false, "properties": { "DatetimeTypeFieldName": { "markdownDescription": "A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.", "title": "DatetimeTypeFieldName", "type": "string" } }, "type": "object" }, "AWS::CustomerProfiles::Integration.MarketoSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Marketo flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::CustomerProfiles::Integration.ObjectTypeMapping": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::CustomerProfiles::Integration.S3SourceProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Amazon S3 bucket name where the source files are stored.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "The object key for the Amazon S3 bucket in which the source files are stored.", "title": "BucketPrefix", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::CustomerProfiles::Integration.SalesforceSourceProperties": { "additionalProperties": false, "properties": { "EnableDynamicFieldUpdate": { "markdownDescription": "The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.", "title": "EnableDynamicFieldUpdate", "type": "boolean" }, "IncludeDeletedRecords": { "markdownDescription": "Indicates whether Amazon AppFlow includes deleted files in the flow run.", "title": "IncludeDeletedRecords", "type": "boolean" }, "Object": { "markdownDescription": "The object specified in the Salesforce flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::CustomerProfiles::Integration.ScheduledTriggerProperties": { "additionalProperties": false, "properties": { "DataPullMode": { "markdownDescription": "Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.", "title": "DataPullMode", "type": "string" }, "FirstExecutionFrom": { "markdownDescription": "Specifies the date range for the records to import from the connector in the first flow run.", "title": "FirstExecutionFrom", "type": "number" }, "ScheduleEndTime": { "markdownDescription": "Specifies the scheduled end time for a scheduled-trigger flow.", "title": "ScheduleEndTime", "type": "number" }, "ScheduleExpression": { "markdownDescription": "The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes).", "title": "ScheduleExpression", "type": "string" }, "ScheduleOffset": { "markdownDescription": "Specifies the optional offset that is added to the time interval for a schedule-triggered flow.", "title": "ScheduleOffset", "type": "number" }, "ScheduleStartTime": { "markdownDescription": "Specifies the scheduled start time for a scheduled-trigger flow.", "title": "ScheduleStartTime", "type": "number" }, "Timezone": { "markdownDescription": "Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York.", "title": "Timezone", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::CustomerProfiles::Integration.ServiceNowSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the ServiceNow flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::CustomerProfiles::Integration.SourceConnectorProperties": { "additionalProperties": false, "properties": { "Marketo": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.MarketoSourceProperties", "markdownDescription": "The properties that are applied when Marketo is being used as a source.", "title": "Marketo" }, "S3": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.S3SourceProperties", "markdownDescription": "The properties that are applied when Amazon S3 is being used as the flow source.", "title": "S3" }, "Salesforce": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SalesforceSourceProperties", "markdownDescription": "The properties that are applied when Salesforce is being used as a source.", "title": "Salesforce" }, "ServiceNow": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ServiceNowSourceProperties", "markdownDescription": "The properties that are applied when ServiceNow is being used as a source.", "title": "ServiceNow" }, "Zendesk": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ZendeskSourceProperties", "markdownDescription": "The properties that are applied when using Zendesk as a flow source.", "title": "Zendesk" } }, "type": "object" }, "AWS::CustomerProfiles::Integration.SourceFlowConfig": { "additionalProperties": false, "properties": { "ConnectorProfileName": { "markdownDescription": "The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account .", "title": "ConnectorProfileName", "type": "string" }, "ConnectorType": { "markdownDescription": "The type of connector, such as Salesforce, Marketo, and so on.", "title": "ConnectorType", "type": "string" }, "IncrementalPullConfig": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.IncrementalPullConfig", "markdownDescription": "Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.", "title": "IncrementalPullConfig" }, "SourceConnectorProperties": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.SourceConnectorProperties", "markdownDescription": "Specifies the information that is required to query a particular source connector.", "title": "SourceConnectorProperties" } }, "required": [ "ConnectorType", "SourceConnectorProperties" ], "type": "object" }, "AWS::CustomerProfiles::Integration.Task": { "additionalProperties": false, "properties": { "ConnectorOperator": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ConnectorOperator", "markdownDescription": "The operation to be performed on the provided source fields.", "title": "ConnectorOperator" }, "DestinationField": { "markdownDescription": "A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.", "title": "DestinationField", "type": "string" }, "SourceFields": { "items": { "type": "string" }, "markdownDescription": "The source fields to which a particular task is applied.", "title": "SourceFields", "type": "array" }, "TaskProperties": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TaskPropertiesMap" }, "markdownDescription": "A map used to store task-related information. The service looks for particular information based on the TaskType.", "title": "TaskProperties", "type": "array" }, "TaskType": { "markdownDescription": "Specifies the particular task implementation that Amazon AppFlow performs.", "title": "TaskType", "type": "string" } }, "required": [ "SourceFields", "TaskType" ], "type": "object" }, "AWS::CustomerProfiles::Integration.TaskPropertiesMap": { "additionalProperties": false, "properties": { "OperatorPropertyKey": { "markdownDescription": "The task property key.", "title": "OperatorPropertyKey", "type": "string" }, "Property": { "markdownDescription": "The task property value.", "title": "Property", "type": "string" } }, "required": [ "OperatorPropertyKey", "Property" ], "type": "object" }, "AWS::CustomerProfiles::Integration.TriggerConfig": { "additionalProperties": false, "properties": { "TriggerProperties": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.TriggerProperties", "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type.", "title": "TriggerProperties" }, "TriggerType": { "markdownDescription": "Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event.", "title": "TriggerType", "type": "string" } }, "required": [ "TriggerType" ], "type": "object" }, "AWS::CustomerProfiles::Integration.TriggerProperties": { "additionalProperties": false, "properties": { "Scheduled": { "$ref": "#/definitions/AWS::CustomerProfiles::Integration.ScheduledTriggerProperties", "markdownDescription": "Specifies the configuration details of a schedule-triggered flow that you define.", "title": "Scheduled" } }, "type": "object" }, "AWS::CustomerProfiles::Integration.ZendeskSourceProperties": { "additionalProperties": false, "properties": { "Object": { "markdownDescription": "The object specified in the Zendesk flow source.", "title": "Object", "type": "string" } }, "required": [ "Object" ], "type": "object" }, "AWS::CustomerProfiles::ObjectType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowProfileCreation": { "markdownDescription": "Indicates whether a profile should be created when data is received if one doesn\u2019t exist for an object of this type. The default is `FALSE` . If the AllowProfileCreation flag is set to `FALSE` , then the service tries to fetch a standard profile and associate this object with the profile. If it is set to `TRUE` , and if no match is found, then the service creates a new standard profile.", "title": "AllowProfileCreation", "type": "boolean" }, "Description": { "markdownDescription": "The description of the profile object type mapping.", "title": "Description", "type": "string" }, "DomainName": { "markdownDescription": "The unique name of the domain.", "title": "DomainName", "type": "string" }, "EncryptionKey": { "markdownDescription": "The customer-provided key to encrypt the profile object that will be created in this profile object type mapping. If not specified the system will use the encryption key of the domain.", "title": "EncryptionKey", "type": "string" }, "ExpirationDays": { "markdownDescription": "The number of days until the data of this type expires.", "title": "ExpirationDays", "type": "number" }, "Fields": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.FieldMap" }, "markdownDescription": "A list of field definitions for the object type mapping.", "title": "Fields", "type": "array" }, "Keys": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.KeyMap" }, "markdownDescription": "A list of keys that can be used to map data to the profile or search for the profile.", "title": "Keys", "type": "array" }, "ObjectTypeName": { "markdownDescription": "The name of the profile object type.", "title": "ObjectTypeName", "type": "string" }, "SourceLastUpdatedTimestampFormat": { "markdownDescription": "The format of your sourceLastUpdatedTimestamp that was previously set up.", "title": "SourceLastUpdatedTimestampFormat", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "TemplateId": { "markdownDescription": "A unique identifier for the template mapping. This can be used instead of specifying the Keys and Fields properties directly.", "title": "TemplateId", "type": "string" } }, "required": [ "Description", "DomainName", "ObjectTypeName" ], "type": "object" }, "Type": { "enum": [ "AWS::CustomerProfiles::ObjectType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::CustomerProfiles::ObjectType.FieldMap": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the field.", "title": "Name", "type": "string" }, "ObjectTypeField": { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeField", "markdownDescription": "Represents a field in a ProfileObjectType.", "title": "ObjectTypeField" } }, "type": "object" }, "AWS::CustomerProfiles::ObjectType.KeyMap": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the key.", "title": "Name", "type": "string" }, "ObjectTypeKeyList": { "items": { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType.ObjectTypeKey" }, "markdownDescription": "A list of ObjectTypeKey.", "title": "ObjectTypeKeyList", "type": "array" } }, "type": "object" }, "AWS::CustomerProfiles::ObjectType.ObjectTypeField": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type of the field. Used for determining equality when searching.", "title": "ContentType", "type": "string" }, "Source": { "markdownDescription": "A field of a ProfileObject. For example: _source.FirstName, where \u201c_source\u201d is a ProfileObjectType of a Zendesk user and \u201cFirstName\u201d is a field in that ObjectType.", "title": "Source", "type": "string" }, "Target": { "markdownDescription": "The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode.", "title": "Target", "type": "string" } }, "type": "object" }, "AWS::CustomerProfiles::ObjectType.ObjectTypeKey": { "additionalProperties": false, "properties": { "FieldNames": { "items": { "type": "string" }, "markdownDescription": "The reference for the key name of the fields map.", "title": "FieldNames", "type": "array" }, "StandardIdentifiers": { "items": { "type": "string" }, "markdownDescription": "The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles.", "title": "StandardIdentifiers", "type": "array" } }, "type": "object" }, "AWS::DAX::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "The Availability Zones (AZs) in which the cluster nodes will reside after the cluster has been created or updated. If provided, the length of this list must equal the `ReplicationFactor` parameter. If you omit this parameter, DAX will spread the nodes across Availability Zones for the highest availability.", "title": "AvailabilityZones", "type": "array" }, "ClusterEndpointEncryptionType": { "markdownDescription": "The encryption type of the cluster's endpoint. Available values are:\n\n- `NONE` - The cluster's endpoint will be unencrypted.\n- `TLS` - The cluster's endpoint will be encrypted with Transport Layer Security, and will provide an x509 certificate for authentication.\n\nThe default value is `NONE` .", "title": "ClusterEndpointEncryptionType", "type": "string" }, "ClusterName": { "markdownDescription": "The name of the DAX cluster.", "title": "ClusterName", "type": "string" }, "Description": { "markdownDescription": "The description of the cluster.", "title": "Description", "type": "string" }, "IAMRoleARN": { "markdownDescription": "A valid Amazon Resource Name (ARN) that identifies an IAM role. At runtime, DAX will assume this role and use the role's permissions to access DynamoDB on your behalf.", "title": "IAMRoleARN", "type": "string" }, "NodeType": { "markdownDescription": "The node type for the nodes in the cluster. (All nodes in a DAX cluster are of the same type.)", "title": "NodeType", "type": "string" }, "NotificationTopicARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which notifications will be sent.\n\n> The Amazon SNS topic owner must be same as the DAX cluster owner.", "title": "NotificationTopicARN", "type": "string" }, "ParameterGroupName": { "markdownDescription": "The parameter group to be associated with the DAX cluster.", "title": "ParameterGroupName", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "A range of time when maintenance of DAX cluster software will be performed. For example: `sun:01:00-sun:09:00` . Cluster maintenance normally takes less than 30 minutes, and is performed automatically within the maintenance window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "ReplicationFactor": { "markdownDescription": "The number of nodes in the DAX cluster. A replication factor of 1 will create a single-node cluster, without any read replicas. For additional fault tolerance, you can create a multiple node cluster with one or more read replicas. To do this, set `ReplicationFactor` to a number between 3 (one primary and two read replicas) and 10 (one primary and nine read replicas). `If the AvailabilityZones` parameter is provided, its length must equal the `ReplicationFactor` .\n\n> AWS recommends that you have at least two read replicas per cluster.", "title": "ReplicationFactor", "type": "number" }, "SSESpecification": { "$ref": "#/definitions/AWS::DAX::Cluster.SSESpecification", "markdownDescription": "Represents the settings used to enable server-side encryption on the cluster.", "title": "SSESpecification" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group IDs to be assigned to each node in the DAX cluster. (Each of the security group ID is system-generated.)\n\nIf this parameter is not specified, DAX assigns the default VPC security group to each node.", "title": "SecurityGroupIds", "type": "array" }, "SubnetGroupName": { "markdownDescription": "The name of the subnet group to be used for the replication group.\n\n> DAX clusters can only run in an Amazon VPC environment. All of the subnets that you specify in a subnet group must exist in the same VPC.", "title": "SubnetGroupName", "type": "string" }, "Tags": { "markdownDescription": "A set of tags to associate with the DAX cluster.", "title": "Tags", "type": "object" } }, "required": [ "IAMRoleARN", "NodeType", "ReplicationFactor" ], "type": "object" }, "Type": { "enum": [ "AWS::DAX::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DAX::Cluster.SSESpecification": { "additionalProperties": false, "properties": { "SSEEnabled": { "markdownDescription": "Indicates whether server-side encryption is enabled (true) or disabled (false) on the cluster.", "title": "SSEEnabled", "type": "boolean" } }, "type": "object" }, "AWS::DAX::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the parameter group.", "title": "Description", "type": "string" }, "ParameterGroupName": { "markdownDescription": "The name of the parameter group.", "title": "ParameterGroupName", "type": "string" }, "ParameterNameValues": { "markdownDescription": "An array of name-value pairs for the parameters in the group. Each element in the array represents a single parameter.\n\n> `record-ttl-millis` and `query-ttl-millis` are the only supported parameter names. For more details, see [Configuring TTL Settings](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DAX.cluster-management.html#DAX.cluster-management.custom-settings.ttl) .", "title": "ParameterNameValues", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::DAX::ParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DAX::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the subnet group.", "title": "Description", "type": "string" }, "SubnetGroupName": { "markdownDescription": "The name of the subnet group.", "title": "SubnetGroupName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC subnet IDs for the subnet group.", "title": "SubnetIds", "type": "array" } }, "required": [ "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::DAX::SubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DLM::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CopyTags": { "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", "title": "CopyTags", "type": "boolean" }, "CreateInterval": { "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", "title": "CreateInterval", "type": "number" }, "CrossRegionCopyTargets": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", "title": "CrossRegionCopyTargets" }, "DefaultPolicy": { "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", "title": "DefaultPolicy", "type": "string" }, "Description": { "markdownDescription": "A description of the lifecycle policy. The characters ^[0-9A-Za-z _-]+$ are supported.", "title": "Description", "type": "string" }, "Exclusions": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", "title": "Exclusions" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to run the operations specified by the lifecycle policy.", "title": "ExecutionRoleArn", "type": "string" }, "ExtendDeletion": { "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", "title": "ExtendDeletion", "type": "boolean" }, "PolicyDetails": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.PolicyDetails", "markdownDescription": "The configuration details of the lifecycle policy.\n\n> If you create a default policy, you can specify the request parameters either in the request body, or in the PolicyDetails request structure, but not both.", "title": "PolicyDetails" }, "RetainInterval": { "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", "title": "RetainInterval", "type": "number" }, "State": { "markdownDescription": "The activation state of the lifecycle policy.", "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the lifecycle policy during creation.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::DLM::LifecyclePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { "CrossRegionCopy": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyAction" }, "markdownDescription": "The rule for copying shared snapshots across Regions.", "title": "CrossRegionCopy", "type": "array" }, "Name": { "markdownDescription": "A descriptive name for the action.", "title": "Name", "type": "string" } }, "required": [ "CrossRegionCopy", "Name" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.ArchiveRetainRule": { "additionalProperties": false, "properties": { "RetentionArchiveTier": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetentionArchiveTier", "markdownDescription": "Information about retention period in the Amazon EBS Snapshots Archive. For more information, see [Archive Amazon EBS snapshots](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/snapshot-archive.html) .", "title": "RetentionArchiveTier" } }, "required": [ "RetentionArchiveTier" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.ArchiveRule": { "additionalProperties": false, "properties": { "RetainRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRetainRule", "markdownDescription": "Information about the retention period for the snapshot archiving rule.", "title": "RetainRule" } }, "required": [ "RetainRule" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.CreateRule": { "additionalProperties": false, "properties": { "CronExpression": { "markdownDescription": "The schedule, as a Cron expression. The schedule interval must be between 1 hour and 1 year. For more information, see the [Cron expressions reference](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cron-expressions.html) in the *Amazon EventBridge User Guide* .", "title": "CronExpression", "type": "string" }, "Interval": { "markdownDescription": "The interval between snapshots. The supported values are 1, 2, 3, 4, 6, 8, 12, and 24.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The interval unit.", "title": "IntervalUnit", "type": "string" }, "Location": { "markdownDescription": "*[Custom snapshot policies only]* Specifies the destination for snapshots created by the policy. To create snapshots in the same Region as the source resource, specify `CLOUD` . To create snapshots on the same Outpost as the source resource, specify `OUTPOST_LOCAL` . If you omit this parameter, `CLOUD` is used by default.\n\nIf the policy targets resources in an AWS Region , then you must create snapshots in the same Region as the source resource. If the policy targets resources on an Outpost, then you can create snapshots on the same Outpost as the source resource, or in the Region of that Outpost.", "title": "Location", "type": "string" }, "Scripts": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Script" }, "markdownDescription": "*[Custom snapshot policies that target instances only]* Specifies pre and/or post scripts for a snapshot lifecycle policy that targets instances. This is useful for creating application-consistent snapshots, or for performing specific administrative tasks before or after Amazon Data Lifecycle Manager initiates snapshot creation.\n\nFor more information, see [Automating application-consistent snapshots with pre and post scripts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/automate-app-consistent-backups.html) .", "title": "Scripts", "type": "array" }, "Times": { "items": { "type": "string" }, "markdownDescription": "The time, in UTC, to start the operation. The supported format is hh:mm.\n\nThe operation occurs within a one-hour window following the specified time. If you do not specify a time, Amazon Data Lifecycle Manager selects a time within the next 24 hours.", "title": "Times", "type": "array" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyAction": { "additionalProperties": false, "properties": { "EncryptionConfiguration": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EncryptionConfiguration", "markdownDescription": "The encryption settings for the copied snapshot.", "title": "EncryptionConfiguration" }, "RetainRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", "markdownDescription": "Specifies a retention rule for cross-Region snapshot copies created by snapshot or event-based policies, or cross-Region AMI copies created by AMI policies. After the retention period expires, the cross-Region copy is deleted.", "title": "RetainRule" }, "Target": { "markdownDescription": "The target Region.", "title": "Target", "type": "string" } }, "required": [ "EncryptionConfiguration", "Target" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule": { "additionalProperties": false, "properties": { "Interval": { "markdownDescription": "The period after which to deprecate the cross-Region AMI copies. The period must be less than or equal to the cross-Region AMI copy retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to deprecate a cross-Region AMI copy after 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", "title": "IntervalUnit", "type": "string" } }, "required": [ "Interval", "IntervalUnit" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule": { "additionalProperties": false, "properties": { "Interval": { "markdownDescription": "The amount of time to retain a cross-Region snapshot or AMI copy. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time for time-based retention. For example, to retain a cross-Region copy for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` .", "title": "IntervalUnit", "type": "string" } }, "required": [ "Interval", "IntervalUnit" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyRule": { "additionalProperties": false, "properties": { "CmkArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", "title": "CmkArn", "type": "string" }, "CopyTags": { "markdownDescription": "Indicates whether to copy all user-defined tags from the source snapshot or AMI to the cross-Region copy.", "title": "CopyTags", "type": "boolean" }, "DeprecateRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyDeprecateRule", "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for cross-Region AMI copies created by the rule.", "title": "DeprecateRule" }, "Encrypted": { "markdownDescription": "To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or if encryption by default is not enabled.", "title": "Encrypted", "type": "boolean" }, "RetainRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRetainRule", "markdownDescription": "The retention rule that indicates how long the cross-Region snapshot or AMI copies are to be retained in the destination Region.", "title": "RetainRule" }, "Target": { "markdownDescription": "> Use this parameter for snapshot policies only. For AMI policies, use *TargetRegion* instead. \n\n*[Custom snapshot policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", "title": "Target", "type": "string" }, "TargetRegion": { "markdownDescription": "> Use this parameter for AMI policies only. For snapshot policies, use *Target* instead. For snapshot policies created before the *Target* parameter was introduced, this parameter indicates the target Region for snapshot copies. \n\n*[Custom AMI policies only]* The target Region or the Amazon Resource Name (ARN) of the target Outpost for the snapshot copies.", "title": "TargetRegion", "type": "string" } }, "required": [ "Encrypted" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyTarget": { "additionalProperties": false, "properties": { "TargetRegion": { "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::DLM::LifecyclePolicy.DeprecateRule": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "If the schedule has a count-based retention rule, this parameter specifies the number of oldest AMIs to deprecate. The count must be less than or equal to the schedule's retention count, and it can't be greater than 1000.", "title": "Count", "type": "number" }, "Interval": { "markdownDescription": "If the schedule has an age-based retention rule, this parameter specifies the period after which to deprecate AMIs created by the schedule. The period must be less than or equal to the schedule's retention period, and it can't be greater than 10 years. This is equivalent to 120 months, 520 weeks, or 3650 days.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time in which to measure the *Interval* .", "title": "IntervalUnit", "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.EncryptionConfiguration": { "additionalProperties": false, "properties": { "CmkArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use for EBS encryption. If this parameter is not specified, the default KMS key for the account is used.", "title": "CmkArn", "type": "string" }, "Encrypted": { "markdownDescription": "To encrypt a copy of an unencrypted snapshot when encryption by default is not enabled, enable encryption using this parameter. Copies of encrypted snapshots are encrypted, even if this parameter is false or when encryption by default is not enabled.", "title": "Encrypted", "type": "boolean" } }, "required": [ "Encrypted" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.EventParameters": { "additionalProperties": false, "properties": { "DescriptionRegex": { "markdownDescription": "The snapshot description that can trigger the policy. The description pattern is specified using a regular expression. The policy runs only if a snapshot with a description that matches the specified pattern is shared with your account.\n\nFor example, specifying `^.*Created for policy: policy-1234567890abcdef0.*$` configures the policy to run only if snapshots created by policy `policy-1234567890abcdef0` are shared with your account.", "title": "DescriptionRegex", "type": "string" }, "EventType": { "markdownDescription": "The type of event. Currently, only snapshot sharing events are supported.", "title": "EventType", "type": "string" }, "SnapshotOwner": { "items": { "type": "string" }, "markdownDescription": "The IDs of the AWS accounts that can trigger policy by sharing snapshots with your account. The policy only runs if one of the specified AWS accounts shares a snapshot with your account.", "title": "SnapshotOwner", "type": "array" } }, "required": [ "EventType", "SnapshotOwner" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.EventSource": { "additionalProperties": false, "properties": { "Parameters": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventParameters", "markdownDescription": "Information about the event.", "title": "Parameters" }, "Type": { "markdownDescription": "The source of the event. Currently only managed CloudWatch Events rules are supported.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DLM::LifecyclePolicy.ExcludeTags": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::DLM::LifecyclePolicy.Exclusions": { "additionalProperties": false, "properties": { "ExcludeBootVolumes": { "markdownDescription": "*[Default policies for EBS snapshots only]* Indicates whether to exclude volumes that are attached to instances as the boot volume. If you exclude boot volumes, only volumes attached as data (non-boot) volumes will be backed up by the policy. To exclude boot volumes, specify `true` .", "title": "ExcludeBootVolumes", "type": "boolean" }, "ExcludeTags": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeTags", "markdownDescription": "*[Default policies for EBS-backed AMIs only]* Specifies whether to exclude volumes that have specific tags.", "title": "ExcludeTags" }, "ExcludeVolumeTypes": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ExcludeVolumeTypesList", "markdownDescription": "*[Default policies for EBS snapshots only]* Specifies the volume types to exclude. Volumes of the specified types will not be targeted by the policy.", "title": "ExcludeVolumeTypes" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.FastRestoreRule": { "additionalProperties": false, "properties": { "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "The Availability Zones in which to enable fast snapshot restore.", "title": "AvailabilityZones", "type": "array" }, "Count": { "markdownDescription": "The number of snapshots to be enabled with fast snapshot restore.", "title": "Count", "type": "number" }, "Interval": { "markdownDescription": "The amount of time to enable fast snapshot restore. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time for enabling fast snapshot restore.", "title": "IntervalUnit", "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.Parameters": { "additionalProperties": false, "properties": { "ExcludeBootVolume": { "markdownDescription": "*[Custom snapshot policies that target instances only]* Indicates whether to exclude the root volume from multi-volume snapshot sets. The default is `false` . If you specify `true` , then the root volumes attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", "title": "ExcludeBootVolume", "type": "boolean" }, "ExcludeDataVolumeTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "*[Custom snapshot policies that target instances only]* The tags used to identify data (non-root) volumes to exclude from multi-volume snapshot sets.\n\nIf you create a snapshot lifecycle policy that targets instances and you specify tags for this parameter, then data volumes with the specified tags that are attached to targeted instances will be excluded from the multi-volume snapshot sets created by the policy.", "title": "ExcludeDataVolumeTags", "type": "array" }, "NoReboot": { "markdownDescription": "*[Custom AMI policies only]* Indicates whether targeted instances are rebooted when the lifecycle policy runs. `true` indicates that targeted instances are not rebooted when the policy runs. `false` indicates that target instances are rebooted when the policy runs. The default is `true` (instances are not rebooted).", "title": "NoReboot", "type": "boolean" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.PolicyDetails": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Action" }, "markdownDescription": "*[Event-based policies only]* The actions to be performed when the event-based policy is activated. You can specify only one action per policy.", "title": "Actions", "type": "array" }, "CopyTags": { "markdownDescription": "*[Default policies only]* Indicates whether the policy should copy tags from the source resource to the snapshot or AMI. If you do not specify a value, the default is `false` .\n\nDefault: false", "title": "CopyTags", "type": "boolean" }, "CreateInterval": { "markdownDescription": "*[Default policies only]* Specifies how often the policy should run and create snapshots or AMIs. The creation frequency can range from 1 to 7 days. If you do not specify a value, the default is 1.\n\nDefault: 1", "title": "CreateInterval", "type": "number" }, "CrossRegionCopyTargets": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyTargets", "markdownDescription": "*[Default policies only]* Specifies destination Regions for snapshot or AMI copies. You can specify up to 3 destination Regions. If you do not want to create cross-Region copies, omit this parameter.", "title": "CrossRegionCopyTargets" }, "EventSource": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.EventSource", "markdownDescription": "*[Event-based policies only]* The event that activates the event-based policy.", "title": "EventSource" }, "Exclusions": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Exclusions", "markdownDescription": "*[Default policies only]* Specifies exclusion parameters for volumes or instances for which you do not want to create snapshots or AMIs. The policy will not create snapshots or AMIs for target resources that match any of the specified exclusion parameters.", "title": "Exclusions" }, "ExtendDeletion": { "markdownDescription": "*[Default policies only]* Defines the snapshot or AMI retention behavior for the policy if the source volume or instance is deleted, or if the policy enters the error, disabled, or deleted state.\n\nBy default ( *ExtendDeletion=false* ):\n\n- If a source resource is deleted, Amazon Data Lifecycle Manager will continue to delete previously created snapshots or AMIs, up to but not including the last one, based on the specified retention period. If you want Amazon Data Lifecycle Manager to delete all snapshots or AMIs, including the last one, specify `true` .\n- If a policy enters the error, disabled, or deleted state, Amazon Data Lifecycle Manager stops deleting snapshots and AMIs. If you want Amazon Data Lifecycle Manager to continue deleting snapshots or AMIs, including the last one, if the policy enters one of these states, specify `true` .\n\nIf you enable extended deletion ( *ExtendDeletion=true* ), you override both default behaviors simultaneously.\n\nIf you do not specify a value, the default is `false` .\n\nDefault: false", "title": "ExtendDeletion", "type": "boolean" }, "Parameters": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Parameters", "markdownDescription": "*[Custom snapshot and AMI policies only]* A set of optional parameters for snapshot and AMI lifecycle policies.\n\n> If you are modifying a policy that was created or previously modified using the Amazon Data Lifecycle Manager console, then you must include this parameter and specify either the default values or the new values that you require. You can't omit this parameter or set its values to null.", "title": "Parameters" }, "PolicyLanguage": { "markdownDescription": "The type of policy to create. Specify one of the following:\n\n- `SIMPLIFIED` To create a default policy.\n- `STANDARD` To create a custom policy.", "title": "PolicyLanguage", "type": "string" }, "PolicyType": { "markdownDescription": "The type of policy. Specify `EBS_SNAPSHOT_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of Amazon EBS snapshots. Specify `IMAGE_MANAGEMENT` to create a lifecycle policy that manages the lifecycle of EBS-backed AMIs. Specify `EVENT_BASED_POLICY` to create an event-based policy that performs specific actions when a defined event occurs in your AWS account .\n\nThe default is `EBS_SNAPSHOT_MANAGEMENT` .", "title": "PolicyType", "type": "string" }, "ResourceLocations": { "items": { "type": "string" }, "markdownDescription": "*[Custom snapshot and AMI policies only]* The location of the resources to backup. If the source resources are located in an AWS Region , specify `CLOUD` . If the source resources are located on an Outpost in your account, specify `OUTPOST` .\n\nIf you specify `OUTPOST` , Amazon Data Lifecycle Manager backs up all resources of the specified type with matching target tags across all of the Outposts in your account.", "title": "ResourceLocations", "type": "array" }, "ResourceType": { "markdownDescription": "*[Default policies only]* Specify the type of default policy to create.\n\n- To create a default policy for EBS snapshots, that creates snapshots of all volumes in the Region that do not have recent backups, specify `VOLUME` .\n- To create a default policy for EBS-backed AMIs, that creates EBS-backed AMIs from all instances in the Region that do not have recent backups, specify `INSTANCE` .", "title": "ResourceType", "type": "string" }, "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "*[Custom snapshot policies only]* The target resource type for snapshot and AMI lifecycle policies. Use `VOLUME` to create snapshots of individual volumes or use `INSTANCE` to create multi-volume snapshots from the volumes for an instance.", "title": "ResourceTypes", "type": "array" }, "RetainInterval": { "markdownDescription": "*[Default policies only]* Specifies how long the policy should retain snapshots or AMIs before deleting them. The retention period can range from 2 to 14 days, but it must be greater than the creation frequency to ensure that the policy retains at least 1 snapshot or AMI at any given time. If you do not specify a value, the default is 7.\n\nDefault: 7", "title": "RetainInterval", "type": "number" }, "Schedules": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.Schedule" }, "markdownDescription": "*[Custom snapshot and AMI policies only]* The schedules of policy-defined actions for snapshot and AMI lifecycle policies. A policy can have up to four schedules\u2014one mandatory schedule and up to three optional schedules.", "title": "Schedules", "type": "array" }, "TargetTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "*[Custom snapshot and AMI policies only]* The single tag that identifies targeted resources for this policy.", "title": "TargetTags", "type": "array" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.RetainRule": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The number of snapshots to retain for each volume, up to a maximum of 1000. For example if you want to retain a maximum of three snapshots, specify `3` . When the fourth snapshot is created, the oldest retained snapshot is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", "title": "Count", "type": "number" }, "Interval": { "markdownDescription": "The amount of time to retain each snapshot. The maximum is 100 years. This is equivalent to 1200 months, 5200 weeks, or 36500 days.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time for time-based retention. For example, to retain snapshots for 3 months, specify `Interval=3` and `IntervalUnit=MONTHS` . Once the snapshot has been retained for 3 months, it is deleted, or it is moved to the archive tier if you have specified an [ArchiveRule](https://docs.aws.amazon.com/dlm/latest/APIReference/API_ArchiveRule.html) .", "title": "IntervalUnit", "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.RetentionArchiveTier": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The maximum number of snapshots to retain in the archive storage tier for each volume. The count must ensure that each snapshot remains in the archive tier for at least 90 days. For example, if the schedule creates snapshots every 30 days, you must specify a count of 3 or more to ensure that each snapshot is archived for at least 90 days.", "title": "Count", "type": "number" }, "Interval": { "markdownDescription": "Specifies the period of time to retain snapshots in the archive tier. After this period expires, the snapshot is permanently deleted.", "title": "Interval", "type": "number" }, "IntervalUnit": { "markdownDescription": "The unit of time in which to measure the *Interval* . For example, to retain a snapshots in the archive tier for 6 months, specify `Interval=6` and `IntervalUnit=MONTHS` .", "title": "IntervalUnit", "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.Schedule": { "additionalProperties": false, "properties": { "ArchiveRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ArchiveRule", "markdownDescription": "*[Custom snapshot policies that target volumes only]* The snapshot archiving rule for the schedule. When you specify an archiving rule, snapshots are automatically moved from the standard tier to the archive tier once the schedule's retention threshold is met. Snapshots are then retained in the archive tier for the archive retention period that you specify.\n\nFor more information about using snapshot archiving, see [Considerations for snapshot lifecycle policies](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-ami-policy.html#dlm-archive) .", "title": "ArchiveRule" }, "CopyTags": { "markdownDescription": "Copy all user-defined tags on a source volume to snapshots of the volume created by this policy.", "title": "CopyTags", "type": "boolean" }, "CreateRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CreateRule", "markdownDescription": "The creation rule.", "title": "CreateRule" }, "CrossRegionCopyRules": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.CrossRegionCopyRule" }, "markdownDescription": "Specifies a rule for copying snapshots or AMIs across regions.\n\n> You can't specify cross-Region copy rules for policies that create snapshots on an Outpost. If the policy creates snapshots in a Region, then snapshots can be copied to up to three Regions or Outposts.", "title": "CrossRegionCopyRules", "type": "array" }, "DeprecateRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.DeprecateRule", "markdownDescription": "*[Custom AMI policies only]* The AMI deprecation rule for the schedule.", "title": "DeprecateRule" }, "FastRestoreRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.FastRestoreRule", "markdownDescription": "*[Custom snapshot policies only]* The rule for enabling fast snapshot restore.", "title": "FastRestoreRule" }, "Name": { "markdownDescription": "The name of the schedule.", "title": "Name", "type": "string" }, "RetainRule": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.RetainRule", "markdownDescription": "The retention rule for snapshots or AMIs created by the policy.", "title": "RetainRule" }, "ShareRules": { "items": { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy.ShareRule" }, "markdownDescription": "*[Custom snapshot policies only]* The rule for sharing snapshots with other AWS accounts .", "title": "ShareRules", "type": "array" }, "TagsToAdd": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to policy-created resources. These user-defined tags are in addition to the AWS -added lifecycle tags.", "title": "TagsToAdd", "type": "array" }, "VariableTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "*[AMI policies and snapshot policies that target instances only]* A collection of key/value pairs with values determined dynamically when the policy is executed. Keys may be any valid Amazon EC2 tag key. Values must be in one of the two following formats: `$(instance-id)` or `$(timestamp)` . Variable tags are only valid for EBS Snapshot Management \u2013 Instance policies.", "title": "VariableTags", "type": "array" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.Script": { "additionalProperties": false, "properties": { "ExecuteOperationOnScriptFailure": { "markdownDescription": "Indicates whether Amazon Data Lifecycle Manager should default to crash-consistent snapshots if the pre script fails.\n\n- To default to crash consistent snapshot if the pre script fails, specify `true` .\n- To skip the instance for snapshot creation if the pre script fails, specify `false` .\n\nThis parameter is supported only if you run a pre script. If you run a post script only, omit this parameter.\n\nDefault: true", "title": "ExecuteOperationOnScriptFailure", "type": "boolean" }, "ExecutionHandler": { "markdownDescription": "The SSM document that includes the pre and/or post scripts to run.\n\n- If you are automating VSS backups, specify `AWS_VSS_BACKUP` . In this case, Amazon Data Lifecycle Manager automatically uses the `AWSEC2-CreateVssSnapshot` SSM document.\n- If you are automating application-consistent snapshots for SAP HANA workloads, specify `AWSSystemsManagerSAP-CreateDLMSnapshotForSAPHANA` .\n- If you are using a custom SSM document that you own, specify either the name or ARN of the SSM document. If you are using a custom SSM document that is shared with you, specify the ARN of the SSM document.", "title": "ExecutionHandler", "type": "string" }, "ExecutionHandlerService": { "markdownDescription": "Indicates the service used to execute the pre and/or post scripts.\n\n- If you are using custom SSM documents or automating application-consistent snapshots of SAP HANA workloads, specify `AWS_SYSTEMS_MANAGER` .\n- If you are automating VSS Backups, omit this parameter.\n\nDefault: AWS_SYSTEMS_MANAGER", "title": "ExecutionHandlerService", "type": "string" }, "ExecutionTimeout": { "markdownDescription": "Specifies a timeout period, in seconds, after which Amazon Data Lifecycle Manager fails the script run attempt if it has not completed. If a script does not complete within its timeout period, Amazon Data Lifecycle Manager fails the attempt. The timeout period applies to the pre and post scripts individually.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: 10", "title": "ExecutionTimeout", "type": "number" }, "MaximumRetryCount": { "markdownDescription": "Specifies the number of times Amazon Data Lifecycle Manager should retry scripts that fail.\n\n- If the pre script fails, Amazon Data Lifecycle Manager retries the entire snapshot creation process, including running the pre and post scripts.\n- If the post script fails, Amazon Data Lifecycle Manager retries the post script only; in this case, the pre script will have completed and the snapshot might have been created.\n\nIf you do not want Amazon Data Lifecycle Manager to retry failed scripts, specify `0` .\n\nDefault: 0", "title": "MaximumRetryCount", "type": "number" }, "Stages": { "items": { "type": "string" }, "markdownDescription": "Indicate which scripts Amazon Data Lifecycle Manager should run on target instances. Pre scripts run before Amazon Data Lifecycle Manager initiates snapshot creation. Post scripts run after Amazon Data Lifecycle Manager initiates snapshot creation.\n\n- To run a pre script only, specify `PRE` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation.\n- To run a post script only, specify `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `post-script` parameter after initiating snapshot creation.\n- To run both pre and post scripts, specify both `PRE` and `POST` . In this case, Amazon Data Lifecycle Manager calls the SSM document with the `pre-script` parameter before initiating snapshot creation, and then it calls the SSM document again with the `post-script` parameter after initiating snapshot creation.\n\nIf you are automating VSS Backups, omit this parameter.\n\nDefault: PRE and POST", "title": "Stages", "type": "array" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.ShareRule": { "additionalProperties": false, "properties": { "TargetAccounts": { "items": { "type": "string" }, "markdownDescription": "The IDs of the AWS accounts with which to share the snapshots.", "title": "TargetAccounts", "type": "array" }, "UnshareInterval": { "markdownDescription": "The period after which snapshots that are shared with other AWS accounts are automatically unshared.", "title": "UnshareInterval", "type": "number" }, "UnshareIntervalUnit": { "markdownDescription": "The unit of time for the automatic unsharing interval.", "title": "UnshareIntervalUnit", "type": "string" } }, "type": "object" }, "AWS::DLM::LifecyclePolicy.VolumeTypeValues": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::DMS::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateIdentifier": { "markdownDescription": "A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.", "title": "CertificateIdentifier", "type": "string" }, "CertificatePem": { "markdownDescription": "The contents of a `.pem` file, which contains an X.509 certificate.", "title": "CertificatePem", "type": "string" }, "CertificateWallet": { "markdownDescription": "The location of an imported Oracle Wallet certificate for use with SSL. An example is: `filebase64(\"${path.root}/rds-ca-2019-root.sso\")`", "title": "CertificateWallet", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::DMS::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DMS::DataProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataProviderIdentifier": { "markdownDescription": "The identifier of the data provider. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", "title": "DataProviderIdentifier", "type": "string" }, "DataProviderName": { "markdownDescription": "The name of the data provider.", "title": "DataProviderName", "type": "string" }, "Description": { "markdownDescription": "A description of the data provider. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", "title": "Description", "type": "string" }, "Engine": { "markdownDescription": "The type of database engine for the data provider. Valid values include `\"aurora\"` , `\"aurora-postgresql\"` , `\"mysql\"` , `\"oracle\"` , `\"postgres\"` , `\"sqlserver\"` , `redshift` , `mariadb` , `mongodb` , and `docdb` . A value of `\"aurora\"` represents Amazon Aurora MySQL-Compatible Edition.", "title": "Engine", "type": "string" }, "ExactSettings": { "markdownDescription": "", "title": "ExactSettings", "type": "boolean" }, "Settings": { "$ref": "#/definitions/AWS::DMS::DataProvider.Settings", "markdownDescription": "The settings in JSON format for a data provider.", "title": "Settings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Engine" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::DataProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DMS::DataProvider.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "", "title": "CertificateArn", "type": "string" }, "DatabaseName": { "markdownDescription": "Database name for the endpoint.", "title": "DatabaseName", "type": "string" }, "Port": { "markdownDescription": "Endpoint TCP port.", "title": "Port", "type": "number" }, "ServerName": { "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", "title": "ServerName", "type": "string" }, "SslMode": { "markdownDescription": "", "title": "SslMode", "type": "string" } }, "required": [ "DatabaseName", "Port", "ServerName", "SslMode" ], "type": "object" }, "AWS::DMS::DataProvider.MySqlSettings": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "", "title": "CertificateArn", "type": "string" }, "Port": { "markdownDescription": "Endpoint TCP port.", "title": "Port", "type": "number" }, "ServerName": { "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS MySQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora MySQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", "title": "ServerName", "type": "string" }, "SslMode": { "markdownDescription": "", "title": "SslMode", "type": "string" } }, "required": [ "Port", "ServerName", "SslMode" ], "type": "object" }, "AWS::DMS::DataProvider.OracleSettings": { "additionalProperties": false, "properties": { "AsmServer": { "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", "title": "AsmServer", "type": "string" }, "CertificateArn": { "markdownDescription": "", "title": "CertificateArn", "type": "string" }, "DatabaseName": { "markdownDescription": "Database name for the endpoint.", "title": "DatabaseName", "type": "string" }, "Port": { "markdownDescription": "Endpoint TCP port.", "title": "Port", "type": "number" }, "SecretsManagerOracleAsmAccessRoleArn": { "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both. For more information on creating this `SecretsManagerOracleAsmSecret` and the `SecretsManagerOracleAsmAccessRoleArn` and `SecretsManagerOracleAsmSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerOracleAsmAccessRoleArn", "type": "string" }, "SecretsManagerOracleAsmSecretId": { "markdownDescription": "Required only if your Oracle endpoint uses Automatic Storage Management (ASM). The full ARN, partial ARN, or friendly name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", "title": "SecretsManagerOracleAsmSecretId", "type": "string" }, "SecretsManagerSecurityDbEncryptionAccessRoleArn": { "markdownDescription": "", "title": "SecretsManagerSecurityDbEncryptionAccessRoleArn", "type": "string" }, "SecretsManagerSecurityDbEncryptionSecretId": { "markdownDescription": "", "title": "SecretsManagerSecurityDbEncryptionSecretId", "type": "string" }, "ServerName": { "markdownDescription": "Fully qualified domain name of the endpoint.\n\nFor an Amazon RDS Oracle instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", "title": "ServerName", "type": "string" }, "SslMode": { "markdownDescription": "", "title": "SslMode", "type": "string" } }, "required": [ "DatabaseName", "Port", "ServerName", "SslMode" ], "type": "object" }, "AWS::DMS::DataProvider.PostgreSqlSettings": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "", "title": "CertificateArn", "type": "string" }, "DatabaseName": { "markdownDescription": "Database name for the endpoint.", "title": "DatabaseName", "type": "string" }, "Port": { "markdownDescription": "Endpoint TCP port. The default is 5432.", "title": "Port", "type": "number" }, "ServerName": { "markdownDescription": "The host name of the endpoint database.\n\nFor an Amazon RDS PostgreSQL instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.\n\nFor an Aurora PostgreSQL instance, this is the output of [DescribeDBClusters](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBClusters.html) , in the `Endpoint` field.", "title": "ServerName", "type": "string" }, "SslMode": { "markdownDescription": "", "title": "SslMode", "type": "string" } }, "required": [ "DatabaseName", "Port", "ServerName", "SslMode" ], "type": "object" }, "AWS::DMS::DataProvider.Settings": { "additionalProperties": false, "properties": { "MicrosoftSqlServerSettings": { "$ref": "#/definitions/AWS::DMS::DataProvider.MicrosoftSqlServerSettings", "markdownDescription": "", "title": "MicrosoftSqlServerSettings" }, "MySqlSettings": { "$ref": "#/definitions/AWS::DMS::DataProvider.MySqlSettings", "markdownDescription": "", "title": "MySqlSettings" }, "OracleSettings": { "$ref": "#/definitions/AWS::DMS::DataProvider.OracleSettings", "markdownDescription": "", "title": "OracleSettings" }, "PostgreSqlSettings": { "$ref": "#/definitions/AWS::DMS::DataProvider.PostgreSqlSettings", "markdownDescription": "", "title": "PostgreSqlSettings" } }, "type": "object" }, "AWS::DMS::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the certificate.", "title": "CertificateArn", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the endpoint database. For a MySQL source or target endpoint, don't specify `DatabaseName` . To migrate to a specific database, use this setting and `targetDbType` .", "title": "DatabaseName", "type": "string" }, "DocDbSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.DocDbSettings", "markdownDescription": "Settings in JSON format for the source and target DocumentDB endpoint. For more information about other available settings, see [Using extra connections attributes with Amazon DocumentDB as a source](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DocumentDB.html#CHAP_Source.DocumentDB.ECAs) and [Using Amazon DocumentDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DocumentDB.html) in the *AWS Database Migration Service User Guide* .", "title": "DocDbSettings" }, "DynamoDbSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.DynamoDbSettings", "markdownDescription": "Settings in JSON format for the target Amazon DynamoDB endpoint. For information about other available settings, see [Using object mapping to migrate data to DynamoDB](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.DynamoDB.html#CHAP_Target.DynamoDB.ObjectMapping) in the *AWS Database Migration Service User Guide* .", "title": "DynamoDbSettings" }, "ElasticsearchSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.ElasticsearchSettings", "markdownDescription": "Settings in JSON format for the target OpenSearch endpoint. For more information about the available settings, see [Extra connection attributes when using OpenSearch as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Elasticsearch.html#CHAP_Target.Elasticsearch.Configuration) in the *AWS Database Migration Service User Guide* .", "title": "ElasticsearchSettings" }, "EndpointIdentifier": { "markdownDescription": "The database endpoint identifier. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", "title": "EndpointIdentifier", "type": "string" }, "EndpointType": { "markdownDescription": "The type of endpoint. Valid values are `source` and `target` .", "title": "EndpointType", "type": "string" }, "EngineName": { "markdownDescription": "The type of engine for the endpoint, depending on the `EndpointType` value.\n\n*Valid values* : `mysql` | `oracle` | `postgres` | `mariadb` | `aurora` | `aurora-postgresql` | `opensearch` | `redshift` | `redshift-serverless` | `s3` | `db2` | `azuredb` | `sybase` | `dynamodb` | `mongodb` | `kinesis` | `kafka` | `elasticsearch` | `docdb` | `sqlserver` | `neptune`", "title": "EngineName", "type": "string" }, "ExtraConnectionAttributes": { "markdownDescription": "Additional attributes associated with the connection. Each attribute is specified as a name-value pair associated by an equal sign (=). Multiple attributes are separated by a semicolon (;) with no additional white space. For information on the attributes available for connecting your source or target endpoint, see [Working with AWS DMS Endpoints](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Endpoints.html) in the *AWS Database Migration Service User Guide* .", "title": "ExtraConnectionAttributes", "type": "string" }, "GcpMySQLSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.GcpMySQLSettings", "markdownDescription": "Settings in JSON format for the source GCP MySQL endpoint. These settings are much the same as the settings for any MySQL-compatible endpoint. For more information, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "GcpMySQLSettings" }, "IbmDb2Settings": { "$ref": "#/definitions/AWS::DMS::Endpoint.IbmDb2Settings", "markdownDescription": "Settings in JSON format for the source IBM Db2 LUW endpoint. For information about other available settings, see [Extra connection attributes when using Db2 LUW as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.DB2.html#CHAP_Source.DB2.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "IbmDb2Settings" }, "KafkaSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.KafkaSettings", "markdownDescription": "Settings in JSON format for the target Apache Kafka endpoint. For more information about other available settings, see [Using object mapping to migrate data to a Kafka topic](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html#CHAP_Target.Kafka.ObjectMapping) in the *AWS Database Migration Service User Guide* .", "title": "KafkaSettings" }, "KinesisSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.KinesisSettings", "markdownDescription": "Settings in JSON format for the target endpoint for Amazon Kinesis Data Streams. For more information about other available settings, see [Using object mapping to migrate data to a Kinesis data stream](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kinesis.html#CHAP_Target.Kinesis.ObjectMapping) in the *AWS Database Migration Service User Guide* .", "title": "KinesisSettings" }, "KmsKeyId": { "markdownDescription": "An AWS KMS key identifier that is used to encrypt the connection parameters for the endpoint.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", "title": "KmsKeyId", "type": "string" }, "MicrosoftSqlServerSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.MicrosoftSqlServerSettings", "markdownDescription": "Settings in JSON format for the source and target Microsoft SQL Server endpoint. For information about other available settings, see [Extra connection attributes when using SQL Server as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SQLServer.html#CHAP_Source.SQLServer.ConnectionAttrib) and [Extra connection attributes when using SQL Server as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SQLServer.html#CHAP_Target.SQLServer.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "MicrosoftSqlServerSettings" }, "MongoDbSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.MongoDbSettings", "markdownDescription": "Settings in JSON format for the source MongoDB endpoint. For more information about the available settings, see [Using MongoDB as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MongoDB.html#CHAP_Source.MongoDB.Configuration) in the *AWS Database Migration Service User Guide* .", "title": "MongoDbSettings" }, "MySqlSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.MySqlSettings", "markdownDescription": "Settings in JSON format for the source and target MySQL endpoint. For information about other available settings, see [Extra connection attributes when using MySQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.MySQL.html#CHAP_Source.MySQL.ConnectionAttrib) and [Extra connection attributes when using a MySQL-compatible database as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.MySQL.html#CHAP_Target.MySQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "MySqlSettings" }, "NeptuneSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.NeptuneSettings", "markdownDescription": "Settings in JSON format for the target Amazon Neptune endpoint. For more information about the available settings, see [Specifying endpoint settings for Amazon Neptune as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.EndpointSettings) in the *AWS Database Migration Service User Guide* .", "title": "NeptuneSettings" }, "OracleSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.OracleSettings", "markdownDescription": "Settings in JSON format for the source and target Oracle endpoint. For information about other available settings, see [Extra connection attributes when using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.ConnectionAttrib) and [Extra connection attributes when using Oracle as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Oracle.html#CHAP_Target.Oracle.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "OracleSettings" }, "Password": { "markdownDescription": "The password to be used to log in to the endpoint database.", "title": "Password", "type": "string" }, "Port": { "markdownDescription": "The port used by the endpoint database.", "title": "Port", "type": "number" }, "PostgreSqlSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.PostgreSqlSettings", "markdownDescription": "Settings in JSON format for the source and target PostgreSQL endpoint.\n\nFor information about other available settings, see [Extra connection attributes when using PostgreSQL as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) and [Extra connection attributes when using PostgreSQL as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.PostgreSQL.html#CHAP_Target.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "PostgreSqlSettings" }, "RedisSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.RedisSettings", "markdownDescription": "Settings in JSON format for the target Redis endpoint. For information about other available settings, see [Specifying endpoint settings for Redis as a target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redis.html#CHAP_Target.Redis.EndpointSettings) in the *AWS Database Migration Service User Guide* .", "title": "RedisSettings" }, "RedshiftSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.RedshiftSettings", "markdownDescription": "Settings in JSON format for the Amazon Redshift endpoint.\n\nFor more information about other available settings, see [Extra connection attributes when using Amazon Redshift as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Redshift.html#CHAP_Target.Redshift.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "RedshiftSettings" }, "ResourceIdentifier": { "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", "title": "ResourceIdentifier", "type": "string" }, "S3Settings": { "$ref": "#/definitions/AWS::DMS::Endpoint.S3Settings", "markdownDescription": "Settings in JSON format for the source and target Amazon S3 endpoint. For more information about other available settings, see [Extra connection attributes when using Amazon S3 as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.S3.html#CHAP_Source.S3.Configuring) and [Extra connection attributes when using Amazon S3 as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring) in the *AWS Database Migration Service User Guide* .", "title": "S3Settings" }, "ServerName": { "markdownDescription": "The name of the server where the endpoint database resides.", "title": "ServerName", "type": "string" }, "SslMode": { "markdownDescription": "The Secure Sockets Layer (SSL) mode to use for the SSL connection. The default is `none` .\n\n> When `engine_name` is set to S3, the only allowed value is `none` .", "title": "SslMode", "type": "string" }, "SybaseSettings": { "$ref": "#/definitions/AWS::DMS::Endpoint.SybaseSettings", "markdownDescription": "Settings in JSON format for the source and target SAP ASE endpoint. For information about other available settings, see [Extra connection attributes when using SAP ASE as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.SAP.html#CHAP_Source.SAP.ConnectionAttrib) and [Extra connection attributes when using SAP ASE as a target for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.SAP.html#CHAP_Target.SAP.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "SybaseSettings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags to be assigned to the endpoint.", "title": "Tags", "type": "array" }, "Username": { "markdownDescription": "The user name to be used to log in to the endpoint database.", "title": "Username", "type": "string" } }, "required": [ "EndpointType", "EngineName" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::Endpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DMS::Endpoint.DocDbSettings": { "additionalProperties": false, "properties": { "DocsToInvestigate": { "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", "title": "DocsToInvestigate", "type": "number" }, "ExtractDocId": { "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", "title": "ExtractDocId", "type": "boolean" }, "NestingLevel": { "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", "title": "NestingLevel", "type": "string" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the DocumentDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the DocumentDB endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.DynamoDbSettings": { "additionalProperties": false, "properties": { "ServiceAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", "title": "ServiceAccessRoleArn", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.ElasticsearchSettings": { "additionalProperties": false, "properties": { "EndpointUri": { "markdownDescription": "The endpoint for the OpenSearch cluster. AWS DMS uses HTTPS if a transport protocol (either HTTP or HTTPS) isn't specified.", "title": "EndpointUri", "type": "string" }, "ErrorRetryDuration": { "markdownDescription": "The maximum number of seconds for which DMS retries failed API requests to the OpenSearch cluster.", "title": "ErrorRetryDuration", "type": "number" }, "FullLoadErrorPercentage": { "markdownDescription": "The maximum percentage of records that can fail to be written before a full load operation stops.\n\nTo avoid early failure, this counter is only effective after 1,000 records are transferred. OpenSearch also has the concept of error monitoring during the last 10 minutes of an Observation Window. If transfer of all records fail in the last 10 minutes, the full load operation stops.", "title": "FullLoadErrorPercentage", "type": "number" }, "ServiceAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action.", "title": "ServiceAccessRoleArn", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.GcpMySQLSettings": { "additionalProperties": false, "properties": { "AfterConnectScript": { "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", "title": "AfterConnectScript", "type": "string" }, "CleanSourceMetadataOnMismatch": { "markdownDescription": "Adjusts the behavior of AWS DMS when migrating from an SQL Server source database that is hosted as part of an Always On availability group cluster. If you need AWS DMS to poll all the nodes in the Always On cluster for transaction backups, set this attribute to `false` .", "title": "CleanSourceMetadataOnMismatch", "type": "boolean" }, "DatabaseName": { "markdownDescription": "Database name for the endpoint. For a MySQL source or target endpoint, don't explicitly specify the database using the `DatabaseName` request parameter on either the `CreateEndpoint` or `ModifyEndpoint` API call. Specifying `DatabaseName` when you create or modify a MySQL endpoint replicates all the task tables to this single database. For MySQL endpoints, you specify the database only when you specify the schema in the table-mapping rules of the AWS DMS task.", "title": "DatabaseName", "type": "string" }, "EventsPollInterval": { "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", "title": "EventsPollInterval", "type": "number" }, "MaxFileSize": { "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", "title": "MaxFileSize", "type": "number" }, "ParallelLoadThreads": { "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", "title": "ParallelLoadThreads", "type": "number" }, "Password": { "markdownDescription": "Endpoint connection password.", "title": "Password", "type": "string" }, "Port": { "markdownDescription": "The port used by the endpoint database.", "title": "Port", "type": "number" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret.` The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "ServerName": { "markdownDescription": "The MySQL host name.", "title": "ServerName", "type": "string" }, "ServerTimezone": { "markdownDescription": "Specifies the time zone for the source MySQL database. Don't enclose time zones in single quotation marks.\n\nExample: `serverTimezone=US/Pacific;`", "title": "ServerTimezone", "type": "string" }, "Username": { "markdownDescription": "Endpoint connection user name.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.IbmDb2Settings": { "additionalProperties": false, "properties": { "CurrentLsn": { "markdownDescription": "For ongoing replication (CDC), use CurrentLSN to specify a log sequence number (LSN) where you want the replication to start.", "title": "CurrentLsn", "type": "string" }, "KeepCsvFiles": { "markdownDescription": "If true, AWS DMS saves any .csv files to the Db2 LUW target that were used to replicate data. DMS uses these files for analysis and troubleshooting.\n\nThe default value is false.", "title": "KeepCsvFiles", "type": "boolean" }, "LoadTimeout": { "markdownDescription": "The amount of time (in milliseconds) before AWS DMS times out operations performed by DMS on the Db2 target. The default value is 1200 (20 minutes).", "title": "LoadTimeout", "type": "number" }, "MaxFileSize": { "markdownDescription": "Specifies the maximum size (in KB) of .csv files used to transfer data to Db2 LUW.", "title": "MaxFileSize", "type": "number" }, "MaxKBytesPerRead": { "markdownDescription": "Maximum number of bytes per read, as a NUMBER value. The default is 64 KB.", "title": "MaxKBytesPerRead", "type": "number" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value ofthe AWS Secrets Manager secret that allows access to the Db2 LUW endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the IBMDB2 endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "SetDataCaptureChanges": { "markdownDescription": "Enables ongoing replication (CDC) as a BOOLEAN value. The default is true.", "title": "SetDataCaptureChanges", "type": "boolean" }, "WriteBufferSize": { "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk on the DMS replication instance. The default value is 1024 (1 MB).", "title": "WriteBufferSize", "type": "number" } }, "type": "object" }, "AWS::DMS::Endpoint.KafkaSettings": { "additionalProperties": false, "properties": { "Broker": { "markdownDescription": "A comma-separated list of one or more broker locations in your Kafka cluster that host your Kafka instance. Specify each broker location in the form `*broker-hostname-or-ip* : *port*` . For example, `\"ec2-12-345-678-901.compute-1.amazonaws.com:2345\"` . For more information and examples of specifying a list of broker locations, see [Using Apache Kafka as a target for AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Kafka.html) in the *AWS Database Migration Service User Guide* .", "title": "Broker", "type": "string" }, "IncludeControlDetails": { "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kafka message output. The default is `false` .", "title": "IncludeControlDetails", "type": "boolean" }, "IncludeNullAndEmpty": { "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", "title": "IncludeNullAndEmpty", "type": "boolean" }, "IncludePartitionValue": { "markdownDescription": "Shows the partition value within the Kafka message output unless the partition type is `schema-table-type` . The default is `false` .", "title": "IncludePartitionValue", "type": "boolean" }, "IncludeTableAlterOperations": { "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", "title": "IncludeTableAlterOperations", "type": "boolean" }, "IncludeTransactionDetails": { "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", "title": "IncludeTransactionDetails", "type": "boolean" }, "MessageFormat": { "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", "title": "MessageFormat", "type": "string" }, "MessageMaxBytes": { "markdownDescription": "The maximum size in bytes for records created on the endpoint The default is 1,000,000.", "title": "MessageMaxBytes", "type": "number" }, "NoHexPrefix": { "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to a Kafka target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", "title": "NoHexPrefix", "type": "boolean" }, "PartitionIncludeSchemaTable": { "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kafka partitions. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same partition, which causes throttling. The default is `false` .", "title": "PartitionIncludeSchemaTable", "type": "boolean" }, "SaslPassword": { "markdownDescription": "The secure password that you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", "title": "SaslPassword", "type": "string" }, "SaslUserName": { "markdownDescription": "The secure user name you created when you first set up your Amazon MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.", "title": "SaslUserName", "type": "string" }, "SecurityProtocol": { "markdownDescription": "Set secure connection to a Kafka target endpoint using Transport Layer Security (TLS). Options include `ssl-encryption` , `ssl-authentication` , and `sasl-ssl` . `sasl-ssl` requires `SaslUsername` and `SaslPassword` .", "title": "SecurityProtocol", "type": "string" }, "SslCaCertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that AWS DMS uses to securely connect to your Kafka target endpoint.", "title": "SslCaCertificateArn", "type": "string" }, "SslClientCertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the client certificate used to securely connect to a Kafka target endpoint.", "title": "SslClientCertificateArn", "type": "string" }, "SslClientKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.", "title": "SslClientKeyArn", "type": "string" }, "SslClientKeyPassword": { "markdownDescription": "The password for the client private key used to securely connect to a Kafka target endpoint.", "title": "SslClientKeyPassword", "type": "string" }, "Topic": { "markdownDescription": "The topic to which you migrate the data. If you don't specify a topic, AWS DMS specifies `\"kafka-default-topic\"` as the migration topic.", "title": "Topic", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.KinesisSettings": { "additionalProperties": false, "properties": { "IncludeControlDetails": { "markdownDescription": "Shows detailed control information for table definition, column definition, and table and column changes in the Kinesis message output. The default is `false` .", "title": "IncludeControlDetails", "type": "boolean" }, "IncludeNullAndEmpty": { "markdownDescription": "Include NULL and empty columns for records migrated to the endpoint. The default is `false` .", "title": "IncludeNullAndEmpty", "type": "boolean" }, "IncludePartitionValue": { "markdownDescription": "Shows the partition value within the Kinesis message output, unless the partition type is `schema-table-type` . The default is `false` .", "title": "IncludePartitionValue", "type": "boolean" }, "IncludeTableAlterOperations": { "markdownDescription": "Includes any data definition language (DDL) operations that change the table in the control data, such as `rename-table` , `drop-table` , `add-column` , `drop-column` , and `rename-column` . The default is `false` .", "title": "IncludeTableAlterOperations", "type": "boolean" }, "IncludeTransactionDetails": { "markdownDescription": "Provides detailed transaction information from the source database. This information includes a commit timestamp, a log position, and values for `transaction_id` , previous `transaction_id` , and `transaction_record_id` (the record offset within a transaction). The default is `false` .", "title": "IncludeTransactionDetails", "type": "boolean" }, "MessageFormat": { "markdownDescription": "The output format for the records created on the endpoint. The message format is `JSON` (default) or `JSON_UNFORMATTED` (a single line with no tab).", "title": "MessageFormat", "type": "string" }, "NoHexPrefix": { "markdownDescription": "Set this optional parameter to `true` to avoid adding a '0x' prefix to raw data in hexadecimal format. For example, by default, AWS DMS adds a '0x' prefix to the LOB column type in hexadecimal format moving from an Oracle source to an Amazon Kinesis target. Use the `NoHexPrefix` endpoint setting to enable migration of RAW data type columns without adding the '0x' prefix.", "title": "NoHexPrefix", "type": "boolean" }, "PartitionIncludeSchemaTable": { "markdownDescription": "Prefixes schema and table names to partition values, when the partition type is `primary-key-type` . Doing this increases data distribution among Kinesis shards. For example, suppose that a SysBench schema has thousands of tables and each table has only limited range for a primary key. In this case, the same primary key is sent from thousands of tables to the same shard, which causes throttling. The default is `false` .", "title": "PartitionIncludeSchemaTable", "type": "boolean" }, "ServiceAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that AWS DMS uses to write to the Kinesis data stream. The role must allow the `iam:PassRole` action.", "title": "ServiceAccessRoleArn", "type": "string" }, "StreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.", "title": "StreamArn", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.MicrosoftSqlServerSettings": { "additionalProperties": false, "properties": { "BcpPacketSize": { "markdownDescription": "The maximum size of the packets (in bytes) used to transfer data using BCP.", "title": "BcpPacketSize", "type": "number" }, "ControlTablesFileGroup": { "markdownDescription": "Specifies a file group for the AWS DMS internal tables. When the replication task starts, all the internal AWS DMS control tables (awsdms_ apply_exception, awsdms_apply, awsdms_changes) are created for the specified file group.", "title": "ControlTablesFileGroup", "type": "string" }, "DatabaseName": { "markdownDescription": "Database name for the endpoint.", "title": "DatabaseName", "type": "string" }, "ForceLobLookup": { "markdownDescription": "Forces LOB lookup on inline LOB.", "title": "ForceLobLookup", "type": "boolean" }, "Password": { "markdownDescription": "Endpoint connection password.", "title": "Password", "type": "string" }, "Port": { "markdownDescription": "Endpoint TCP port.", "title": "Port", "type": "number" }, "QuerySingleAlwaysOnNode": { "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. An example is a situation where running an alter DDL statement on a table might result in different information about the table cached in the replication instance.", "title": "QuerySingleAlwaysOnNode", "type": "boolean" }, "ReadBackupOnly": { "markdownDescription": "When this attribute is set to `Y` , AWS DMS only reads changes from transaction log backups and doesn't read from the active transaction log file during ongoing replication. Setting this parameter to `Y` enables you to control active transaction log file growth during full load and ongoing replication tasks. However, it can add some source latency to ongoing replication.", "title": "ReadBackupOnly", "type": "boolean" }, "SafeguardPolicy": { "markdownDescription": "Use this attribute to minimize the need to access the backup log and enable AWS DMS to prevent truncation using one of the following two methods.\n\n*Start transactions in the database:* This is the default method. When this method is used, AWS DMS prevents TLOG truncation by mimicking a transaction in the database. As long as such a transaction is open, changes that appear after the transaction started aren't truncated. If you need Microsoft Replication to be enabled in your database, then you must choose this method.\n\n*Exclusively use sp_repldone within a single task* : When this method is used, AWS DMS reads the changes and then uses sp_repldone to mark the TLOG transactions as ready for truncation. Although this method doesn't involve any transactional activities, it can only be used when Microsoft Replication isn't running. Also, when using this method, only one AWS DMS task can access the database at any given time. Therefore, if you need to run parallel AWS DMS tasks against the same database, use the default method.", "title": "SafeguardPolicy", "type": "string" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SQL Server endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MicrosoftSQLServer endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "ServerName": { "markdownDescription": "Fully qualified domain name of the endpoint. For an Amazon RDS SQL Server instance, this is the output of [DescribeDBInstances](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DescribeDBInstances.html) , in the `[Endpoint](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_Endpoint.html) .Address` field.", "title": "ServerName", "type": "string" }, "TlogAccessMode": { "markdownDescription": "Indicates the mode used to fetch CDC data.", "title": "TlogAccessMode", "type": "string" }, "TrimSpaceInChar": { "markdownDescription": "Use the `TrimSpaceInChar` source endpoint setting to right-trim data on CHAR and NCHAR data types during migration. Setting `TrimSpaceInChar` does not left-trim data. The default value is `true` .", "title": "TrimSpaceInChar", "type": "boolean" }, "UseBcpFullLoad": { "markdownDescription": "Use this to attribute to transfer data for full-load operations using BCP. When the target table contains an identity column that does not exist in the source table, you must disable the use BCP for loading table option.", "title": "UseBcpFullLoad", "type": "boolean" }, "UseThirdPartyBackupDevice": { "markdownDescription": "When this attribute is set to `Y` , DMS processes third-party transaction log backups if they are created in native format.", "title": "UseThirdPartyBackupDevice", "type": "boolean" }, "Username": { "markdownDescription": "Endpoint connection user name.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.MongoDbSettings": { "additionalProperties": false, "properties": { "AuthMechanism": { "markdownDescription": "The authentication mechanism you use to access the MongoDB source endpoint.\n\nFor the default value, in MongoDB version 2.x, `\"default\"` is `\"mongodb_cr\"` . For MongoDB version 3.x or later, `\"default\"` is `\"scram_sha_1\"` . This setting isn't used when `AuthType` is set to `\"no\"` .", "title": "AuthMechanism", "type": "string" }, "AuthSource": { "markdownDescription": "The MongoDB database name. This setting isn't used when `AuthType` is set to `\"no\"` .\n\nThe default is `\"admin\"` .", "title": "AuthSource", "type": "string" }, "AuthType": { "markdownDescription": "The authentication type you use to access the MongoDB source endpoint.\n\nWhen set to `\"no\"` , user name and password parameters are not used and can be empty.", "title": "AuthType", "type": "string" }, "DatabaseName": { "markdownDescription": "The database name on the MongoDB source endpoint.", "title": "DatabaseName", "type": "string" }, "DocsToInvestigate": { "markdownDescription": "Indicates the number of documents to preview to determine the document organization. Use this setting when `NestingLevel` is set to `\"one\"` .\n\nMust be a positive value greater than `0` . Default value is `1000` .", "title": "DocsToInvestigate", "type": "string" }, "ExtractDocId": { "markdownDescription": "Specifies the document ID. Use this setting when `NestingLevel` is set to `\"none\"` .\n\nDefault value is `\"false\"` .", "title": "ExtractDocId", "type": "string" }, "NestingLevel": { "markdownDescription": "Specifies either document or table mode.\n\nDefault value is `\"none\"` . Specify `\"none\"` to use document mode. Specify `\"one\"` to use table mode.", "title": "NestingLevel", "type": "string" }, "Password": { "markdownDescription": "The password for the user account you use to access the MongoDB source endpoint.", "title": "Password", "type": "string" }, "Port": { "markdownDescription": "The port value for the MongoDB source endpoint.", "title": "Port", "type": "number" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MongoDB endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MongoDB endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "ServerName": { "markdownDescription": "The name of the server on the MongoDB source endpoint.", "title": "ServerName", "type": "string" }, "Username": { "markdownDescription": "The user name you use to access the MongoDB source endpoint.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.MySqlSettings": { "additionalProperties": false, "properties": { "AfterConnectScript": { "markdownDescription": "Specifies a script to run immediately after AWS DMS connects to the endpoint. The migration task continues running regardless if the SQL statement succeeds or fails.\n\nFor this parameter, provide the code of the script itself, not the name of a file containing the script.", "title": "AfterConnectScript", "type": "string" }, "CleanSourceMetadataOnMismatch": { "markdownDescription": "Cleans and recreates table metadata information on the replication instance when a mismatch occurs. For example, in a situation where running an alter DDL on the table could result in different information about the table cached in the replication instance.", "title": "CleanSourceMetadataOnMismatch", "type": "boolean" }, "EventsPollInterval": { "markdownDescription": "Specifies how often to check the binary log for new changes/events when the database is idle. The default is five seconds.\n\nExample: `eventsPollInterval=5;`\n\nIn the example, AWS DMS checks for changes in the binary logs every five seconds.", "title": "EventsPollInterval", "type": "number" }, "MaxFileSize": { "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to a MySQL-compatible database.\n\nExample: `maxFileSize=512`", "title": "MaxFileSize", "type": "number" }, "ParallelLoadThreads": { "markdownDescription": "Improves performance when loading data into the MySQL-compatible target database. Specifies how many threads to use to load the data into the MySQL-compatible target database. Setting a large number of threads can have an adverse effect on database performance, because a separate connection is required for each thread. The default is one.\n\nExample: `parallelLoadThreads=1`", "title": "ParallelLoadThreads", "type": "number" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the MySQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the MySQL endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "ServerTimezone": { "markdownDescription": "Specifies the time zone for the source MySQL database.\n\nExample: `serverTimezone=US/Pacific;`\n\nNote: Do not enclose time zones in single quotes.", "title": "ServerTimezone", "type": "string" }, "TargetDbType": { "markdownDescription": "Specifies where to migrate source tables on the target, either to a single database or multiple databases. If you specify `SPECIFIC_DATABASE` , specify the database name using the `DatabaseName` parameter of the `Endpoint` object.\n\nExample: `targetDbType=MULTIPLE_DATABASES`", "title": "TargetDbType", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.NeptuneSettings": { "additionalProperties": false, "properties": { "ErrorRetryDuration": { "markdownDescription": "The number of milliseconds for AWS DMS to wait to retry a bulk-load of migrated graph data to the Neptune target database before raising an error. The default is 250.", "title": "ErrorRetryDuration", "type": "number" }, "IamAuthEnabled": { "markdownDescription": "If you want IAM authorization enabled for this endpoint, set this parameter to `true` . Then attach the appropriate IAM policy document to your service role specified by `ServiceAccessRoleArn` . The default is `false` .", "title": "IamAuthEnabled", "type": "boolean" }, "MaxFileSize": { "markdownDescription": "The maximum size in kilobytes of migrated graph data stored in a .csv file before AWS DMS bulk-loads the data to the Neptune target database. The default is 1,048,576 KB. If the bulk load is successful, AWS DMS clears the bucket, ready to store the next batch of migrated graph data.", "title": "MaxFileSize", "type": "number" }, "MaxRetryCount": { "markdownDescription": "The number of times for AWS DMS to retry a bulk load of migrated graph data to the Neptune target database before raising an error. The default is 5.", "title": "MaxRetryCount", "type": "number" }, "S3BucketFolder": { "markdownDescription": "A folder path where you want AWS DMS to store migrated graph data in the S3 bucket specified by `S3BucketName`", "title": "S3BucketFolder", "type": "string" }, "S3BucketName": { "markdownDescription": "The name of the Amazon S3 bucket where AWS DMS can temporarily store migrated graph data in .csv files before bulk-loading it to the Neptune target database. AWS DMS maps the SQL source data to graph data before storing it in these .csv files.", "title": "S3BucketName", "type": "string" }, "ServiceAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the service role that you created for the Neptune target endpoint. The role must allow the `iam:PassRole` action.\n\nFor more information, see [Creating an IAM Service Role for Accessing Amazon Neptune as a Target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.Neptune.html#CHAP_Target.Neptune.ServiceRole) in the *AWS Database Migration Service User Guide* .", "title": "ServiceAccessRoleArn", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.OracleSettings": { "additionalProperties": false, "properties": { "AccessAlternateDirectly": { "markdownDescription": "Set this attribute to `false` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to not access redo logs through any specified path prefix replacement using direct file access.", "title": "AccessAlternateDirectly", "type": "boolean" }, "AddSupplementalLogging": { "markdownDescription": "Set this attribute to set up table-level supplemental logging for the Oracle database. This attribute enables PRIMARY KEY supplemental logging on all tables selected for a migration task.\n\nIf you use this option, you still need to enable database-level supplemental logging.", "title": "AddSupplementalLogging", "type": "boolean" }, "AdditionalArchivedLogDestId": { "markdownDescription": "Set this attribute with `ArchivedLogDestId` in a primary/ standby setup. This attribute is useful in the case of a switchover. In this case, AWS DMS needs to know which destination to get archive redo logs from to read changes. This need arises because the previous primary instance is now a standby instance after switchover.\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless necessary. For additional information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", "title": "AdditionalArchivedLogDestId", "type": "number" }, "AllowSelectNestedTables": { "markdownDescription": "Set this attribute to `true` to enable replication of Oracle tables containing columns that are nested tables or defined types.", "title": "AllowSelectNestedTables", "type": "boolean" }, "ArchivedLogDestId": { "markdownDescription": "Specifies the ID of the destination for the archived redo logs. This value should be the same as a number in the dest_id column of the v$archived_log view. If you work with an additional redo log destination, use the `AdditionalArchivedLogDestId` option to specify the additional destination ID. Doing this improves performance by ensuring that the correct logs are accessed from the outset.", "title": "ArchivedLogDestId", "type": "number" }, "ArchivedLogsOnly": { "markdownDescription": "When this field is set to `True` , AWS DMS only accesses the archived redo logs. If the archived redo logs are stored on Automatic Storage Management (ASM) only, the AWS DMS user account needs to be granted ASM privileges.", "title": "ArchivedLogsOnly", "type": "boolean" }, "AsmPassword": { "markdownDescription": "For an Oracle source endpoint, your Oracle Automatic Storage Management (ASM) password. You can set this value from the `*asm_user_password*` value. You set this value as part of the comma-separated value that you set to the `Password` request parameter when you create the endpoint to access transaction logs using Binary Reader. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", "title": "AsmPassword", "type": "string" }, "AsmServer": { "markdownDescription": "For an Oracle source endpoint, your ASM server address. You can set this value from the `asm_server` value. You set `asm_server` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", "title": "AsmServer", "type": "string" }, "AsmUser": { "markdownDescription": "For an Oracle source endpoint, your ASM user name. You can set this value from the `asm_user` value. You set `asm_user` as part of the extra connection attribute string to access an Oracle server with Binary Reader that uses ASM. For more information, see [Configuration for change data capture (CDC) on an Oracle source database](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC.Configuration) .", "title": "AsmUser", "type": "string" }, "CharLengthSemantics": { "markdownDescription": "Specifies whether the length of a character column is in bytes or in characters. To indicate that the character column length is in characters, set this attribute to `CHAR` . Otherwise, the character column length is in bytes.\n\nExample: `charLengthSemantics=CHAR;`", "title": "CharLengthSemantics", "type": "string" }, "DirectPathNoLog": { "markdownDescription": "When set to `true` , this attribute helps to increase the commit rate on the Oracle target database by writing directly to tables and not writing a trail to database logs.", "title": "DirectPathNoLog", "type": "boolean" }, "DirectPathParallelLoad": { "markdownDescription": "When set to `true` , this attribute specifies a parallel load when `useDirectPathFullLoad` is set to `Y` . This attribute also only applies when you use the AWS DMS parallel load feature. Note that the target table cannot have any constraints or indexes.", "title": "DirectPathParallelLoad", "type": "boolean" }, "EnableHomogenousTablespace": { "markdownDescription": "Set this attribute to enable homogenous tablespace replication and create existing tables or indexes under the same tablespace on the target.", "title": "EnableHomogenousTablespace", "type": "boolean" }, "ExtraArchivedLogDestIds": { "items": { "type": "number" }, "markdownDescription": "Specifies the IDs of one more destinations for one or more archived redo logs. These IDs are the values of the `dest_id` column in the `v$archived_log` view. Use this setting with the `archivedLogDestId` extra connection attribute in a primary-to-single setup or a primary-to-multiple-standby setup.\n\nThis setting is useful in a switchover when you use an Oracle Data Guard database as a source. In this case, AWS DMS needs information about what destination to get archive redo logs from to read changes. AWS DMS needs this because after the switchover the previous primary is a standby instance. For example, in a primary-to-single standby setup you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2]`\n\nIn a primary-to-multiple-standby setup, you might apply the following settings.\n\n`archivedLogDestId=1; ExtraArchivedLogDestIds=[2,3,4]`\n\nAlthough AWS DMS supports the use of the Oracle `RESETLOGS` option to open the database, never use `RESETLOGS` unless it's necessary. For more information about `RESETLOGS` , see [RMAN Data Repair Concepts](https://docs.aws.amazon.com/https://docs.oracle.com/en/database/oracle/oracle-database/19/bradv/rman-data-repair-concepts.html#GUID-1805CCF7-4AF2-482D-B65A-998192F89C2B) in the *Oracle Database Backup and Recovery User's Guide* .", "title": "ExtraArchivedLogDestIds", "type": "array" }, "FailTasksOnLobTruncation": { "markdownDescription": "When set to `true` , this attribute causes a task to fail if the actual size of an LOB column is greater than the specified `LobMaxSize` .\n\nIf a task is set to limited LOB mode and this option is set to `true` , the task fails instead of truncating the LOB data.", "title": "FailTasksOnLobTruncation", "type": "boolean" }, "NumberDatatypeScale": { "markdownDescription": "Specifies the number scale. You can select a scale up to 38, or you can select FLOAT. By default, the NUMBER data type is converted to precision 38, scale 10.\n\nExample: `numberDataTypeScale=12`", "title": "NumberDatatypeScale", "type": "number" }, "OraclePathPrefix": { "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the default Oracle root used to access the redo logs.", "title": "OraclePathPrefix", "type": "string" }, "ParallelAsmReadThreads": { "markdownDescription": "Set this attribute to change the number of threads that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 2 (the default) and 8 (the maximum). Use this attribute together with the `readAheadBlocks` attribute.", "title": "ParallelAsmReadThreads", "type": "number" }, "ReadAheadBlocks": { "markdownDescription": "Set this attribute to change the number of read-ahead blocks that DMS configures to perform a change data capture (CDC) load using Oracle Automatic Storage Management (ASM). You can specify an integer value between 1000 (the default) and 200,000 (the maximum).", "title": "ReadAheadBlocks", "type": "number" }, "ReadTableSpaceName": { "markdownDescription": "When set to `true` , this attribute supports tablespace replication.", "title": "ReadTableSpaceName", "type": "boolean" }, "ReplacePathPrefix": { "markdownDescription": "Set this attribute to true in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This setting tells DMS instance to replace the default Oracle root with the specified `usePathPrefix` setting to access the redo logs.", "title": "ReplacePathPrefix", "type": "boolean" }, "RetryInterval": { "markdownDescription": "Specifies the number of seconds that the system waits before resending a query.\n\nExample: `retryInterval=6;`", "title": "RetryInterval", "type": "number" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Oracle endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerOracleAsmAccessRoleArn": { "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the `SecretsManagerOracleAsmSecret` . This `SecretsManagerOracleAsmSecret` has the secret value that allows access to the Oracle ASM of the endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerOracleAsmSecretId` . Or you can specify clear-text values for `AsmUser` , `AsmPassword` , and `AsmServerName` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerOracleAsmSecret` , the corresponding `SecretsManagerOracleAsmAccessRoleArn` , and the `SecretsManagerOracleAsmSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerOracleAsmAccessRoleArn", "type": "string" }, "SecretsManagerOracleAsmSecretId": { "markdownDescription": "Required only if your Oracle endpoint uses Advanced Storage Manager (ASM). The full ARN, partial ARN, or display name of the `SecretsManagerOracleAsmSecret` that contains the Oracle ASM connection details for the Oracle endpoint.", "title": "SecretsManagerOracleAsmSecretId", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Oracle endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "SecurityDbEncryption": { "markdownDescription": "For an Oracle source endpoint, the transparent data encryption (TDE) password required by AWM DMS to access Oracle redo logs encrypted by TDE using Binary Reader. It is also the `*TDE_Password*` part of the comma-separated value you set to the `Password` request parameter when you create the endpoint. The `SecurityDbEncryptian` setting is related to this `SecurityDbEncryptionName` setting. For more information, see [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", "title": "SecurityDbEncryption", "type": "string" }, "SecurityDbEncryptionName": { "markdownDescription": "For an Oracle source endpoint, the name of a key used for the transparent data encryption (TDE) of the columns and tablespaces in an Oracle source database that is encrypted using TDE. The key value is the value of the `SecurityDbEncryption` setting. For more information on setting the key name value of `SecurityDbEncryptionName` , see the information and example for setting the `securityDbEncryptionName` extra connection attribute in [Supported encryption methods for using Oracle as a source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.Encryption) in the *AWS Database Migration Service User Guide* .", "title": "SecurityDbEncryptionName", "type": "string" }, "SpatialDataOptionToGeoJsonFunctionName": { "markdownDescription": "Use this attribute to convert `SDO_GEOMETRY` to `GEOJSON` format. By default, DMS calls the `SDO2GEOJSON` custom function if present and accessible. Or you can create your own custom function that mimics the operation of `SDOGEOJSON` and set `SpatialDataOptionToGeoJsonFunctionName` to call it instead.", "title": "SpatialDataOptionToGeoJsonFunctionName", "type": "string" }, "StandbyDelayTime": { "markdownDescription": "Use this attribute to specify a time in minutes for the delay in standby sync. If the source is an Oracle Active Data Guard standby database, use this attribute to specify the time lag between primary and standby databases.\n\nIn AWS DMS , you can create an Oracle CDC task that uses an Active Data Guard standby instance as a source for replicating ongoing changes. Doing this eliminates the need to connect to an active database that might be in production.", "title": "StandbyDelayTime", "type": "number" }, "UseAlternateFolderForOnline": { "markdownDescription": "Set this attribute to `true` in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This tells the DMS instance to use any specified prefix replacement to access all online redo logs.", "title": "UseAlternateFolderForOnline", "type": "boolean" }, "UseBFile": { "markdownDescription": "Set this attribute to True to capture change data using the Binary Reader utility. Set `UseLogminerReader` to False to set this attribute to True. To use Binary Reader with Amazon RDS for Oracle as the source, you set additional attributes. For more information about using this setting with Oracle Automatic Storage Management (ASM), see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) .", "title": "UseBFile", "type": "boolean" }, "UseDirectPathFullLoad": { "markdownDescription": "Set this attribute to True to have AWS DMS use a direct path full load. Specify this value to use the direct path protocol in the Oracle Call Interface (OCI). By using this OCI protocol, you can bulk-load Oracle target tables during a full load.", "title": "UseDirectPathFullLoad", "type": "boolean" }, "UseLogminerReader": { "markdownDescription": "Set this attribute to True to capture change data using the Oracle LogMiner utility (the default). Set this attribute to False if you want to access the redo logs as a binary file. When you set `UseLogminerReader` to False, also set `UseBfile` to True. For more information on this setting and using Oracle ASM, see [Using Oracle LogMiner or AWS DMS Binary Reader for CDC](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.Oracle.html#CHAP_Source.Oracle.CDC) in the *AWS DMS User Guide* .", "title": "UseLogminerReader", "type": "boolean" }, "UsePathPrefix": { "markdownDescription": "Set this string attribute to the required value in order to use the Binary Reader to capture change data for an Amazon RDS for Oracle as the source. This value specifies the path prefix used to replace the default Oracle root to access the redo logs.", "title": "UsePathPrefix", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.PostgreSqlSettings": { "additionalProperties": false, "properties": { "AfterConnectScript": { "markdownDescription": "For use with change data capture (CDC) only, this attribute has AWS DMS bypass foreign keys and user triggers to reduce the time it takes to bulk load data.\n\nExample: `afterConnectScript=SET session_replication_role='replica'`", "title": "AfterConnectScript", "type": "string" }, "BabelfishDatabaseName": { "markdownDescription": "The Babelfish for Aurora PostgreSQL database name for the endpoint.", "title": "BabelfishDatabaseName", "type": "string" }, "CaptureDdls": { "markdownDescription": "To capture DDL events, AWS DMS creates various artifacts in the PostgreSQL database when the task starts. You can later remove these artifacts.\n\nIf this value is set to `True` , you don't have to create tables or triggers on the source database.", "title": "CaptureDdls", "type": "boolean" }, "DatabaseMode": { "markdownDescription": "Specifies the default behavior of the replication's handling of PostgreSQL- compatible endpoints that require some additional configuration, such as Babelfish endpoints.", "title": "DatabaseMode", "type": "string" }, "DdlArtifactsSchema": { "markdownDescription": "The schema in which the operational DDL database artifacts are created.\n\nThe default value is `public` .\n\nExample: `ddlArtifactsSchema=xyzddlschema;`", "title": "DdlArtifactsSchema", "type": "string" }, "ExecuteTimeout": { "markdownDescription": "Sets the client statement timeout for the PostgreSQL instance, in seconds. The default value is 60 seconds.\n\nExample: `executeTimeout=100;`", "title": "ExecuteTimeout", "type": "number" }, "FailTasksOnLobTruncation": { "markdownDescription": "When set to `true` , this value causes a task to fail if the actual size of a LOB column is greater than the specified `LobMaxSize` .\n\nThe default value is `false` .\n\nIf task is set to Limited LOB mode and this option is set to true, the task fails instead of truncating the LOB data.", "title": "FailTasksOnLobTruncation", "type": "boolean" }, "HeartbeatEnable": { "markdownDescription": "The write-ahead log (WAL) heartbeat feature mimics a dummy transaction. By doing this, it prevents idle logical replication slots from holding onto old WAL logs, which can result in storage full situations on the source. This heartbeat keeps `restart_lsn` moving and prevents storage full scenarios.\n\nThe default value is `false` .", "title": "HeartbeatEnable", "type": "boolean" }, "HeartbeatFrequency": { "markdownDescription": "Sets the WAL heartbeat frequency (in minutes).\n\nThe default value is 5 minutes.", "title": "HeartbeatFrequency", "type": "number" }, "HeartbeatSchema": { "markdownDescription": "Sets the schema in which the heartbeat artifacts are created.\n\nThe default value is `public` .", "title": "HeartbeatSchema", "type": "string" }, "MapBooleanAsBoolean": { "markdownDescription": "When true, lets PostgreSQL migrate the boolean type as boolean. By default, PostgreSQL migrates booleans as `varchar(5)` . You must set this setting on both the source and target endpoints for it to take effect.\n\nThe default value is `false` .", "title": "MapBooleanAsBoolean", "type": "boolean" }, "MaxFileSize": { "markdownDescription": "Specifies the maximum size (in KB) of any .csv file used to transfer data to PostgreSQL.\n\nThe default value is 32,768 KB (32 MB).\n\nExample: `maxFileSize=512`", "title": "MaxFileSize", "type": "number" }, "PluginName": { "markdownDescription": "Specifies the plugin to use to create a replication slot.\n\nThe default value is `pglogical` .", "title": "PluginName", "type": "string" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the PostgreSQL endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the PostgreSQL endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "SlotName": { "markdownDescription": "Sets the name of a previously created logical replication slot for a change data capture (CDC) load of the PostgreSQL source instance.\n\nWhen used with the `CdcStartPosition` request parameter for the AWS DMS API , this attribute also makes it possible to use native CDC start points. DMS verifies that the specified logical replication slot exists before starting the CDC load task. It also verifies that the task was created with a valid setting of `CdcStartPosition` . If the specified slot doesn't exist or the task doesn't have a valid `CdcStartPosition` setting, DMS raises an error.\n\nFor more information about setting the `CdcStartPosition` request parameter, see [Determining a CDC native start point](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Task.CDC.html#CHAP_Task.CDC.StartPoint.Native) in the *AWS Database Migration Service User Guide* . For more information about using `CdcStartPosition` , see [CreateReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_CreateReplicationTask.html) , [StartReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_StartReplicationTask.html) , and [ModifyReplicationTask](https://docs.aws.amazon.com/dms/latest/APIReference/API_ModifyReplicationTask.html) .", "title": "SlotName", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.RedisSettings": { "additionalProperties": false, "properties": { "AuthPassword": { "markdownDescription": "The password provided with the `auth-role` and `auth-token` options of the `AuthType` setting for a Redis target endpoint.", "title": "AuthPassword", "type": "string" }, "AuthType": { "markdownDescription": "The type of authentication to perform when connecting to a Redis target. Options include `none` , `auth-token` , and `auth-role` . The `auth-token` option requires an `AuthPassword` value to be provided. The `auth-role` option requires `AuthUserName` and `AuthPassword` values to be provided.", "title": "AuthType", "type": "string" }, "AuthUserName": { "markdownDescription": "The user name provided with the `auth-role` option of the `AuthType` setting for a Redis target endpoint.", "title": "AuthUserName", "type": "string" }, "Port": { "markdownDescription": "Transmission Control Protocol (TCP) port for the endpoint.", "title": "Port", "type": "number" }, "ServerName": { "markdownDescription": "Fully qualified domain name of the endpoint.", "title": "ServerName", "type": "string" }, "SslCaCertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the certificate authority (CA) that DMS uses to connect to your Redis target endpoint.", "title": "SslCaCertificateArn", "type": "string" }, "SslSecurityProtocol": { "markdownDescription": "The connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include `plaintext` and `ssl-encryption` . The default is `ssl-encryption` . The `ssl-encryption` option makes an encrypted connection. Optionally, you can identify an Amazon Resource Name (ARN) for an SSL certificate authority (CA) using the `SslCaCertificateArn` setting. If an ARN isn't given for a CA, DMS uses the Amazon root CA.\n\nThe `plaintext` option doesn't provide Transport Layer Security (TLS) encryption for traffic between endpoint and database.", "title": "SslSecurityProtocol", "type": "string" } }, "type": "object" }, "AWS::DMS::Endpoint.RedshiftSettings": { "additionalProperties": false, "properties": { "AcceptAnyDate": { "markdownDescription": "A value that indicates to allow any date format, including invalid formats such as 00/00/00 00:00:00, to be loaded without generating an error. You can choose `true` or `false` (the default).\n\nThis parameter applies only to TIMESTAMP and DATE columns. Always use ACCEPTANYDATE with the DATEFORMAT parameter. If the date format for the data doesn't match the DATEFORMAT specification, Amazon Redshift inserts a NULL value into that field.", "title": "AcceptAnyDate", "type": "boolean" }, "AfterConnectScript": { "markdownDescription": "Code to run after connecting. This parameter should contain the code itself, not the name of a file containing the code.", "title": "AfterConnectScript", "type": "string" }, "BucketFolder": { "markdownDescription": "An S3 folder where the comma-separated-value (.csv) files are stored before being uploaded to the target Redshift cluster.\n\nFor full load mode, AWS DMS converts source records into .csv files and loads them to the *BucketFolder/TableID* path. AWS DMS uses the Redshift `COPY` command to upload the .csv files to the target table. The files are deleted once the `COPY` operation has finished. For more information, see [COPY](https://docs.aws.amazon.com/redshift/latest/dg/r_COPY.html) in the *Amazon Redshift Database Developer Guide* .\n\nFor change-data-capture (CDC) mode, AWS DMS creates a *NetChanges* table, and loads the .csv files to this *BucketFolder/NetChangesTableID* path.", "title": "BucketFolder", "type": "string" }, "BucketName": { "markdownDescription": "The name of the intermediate S3 bucket used to store .csv files before uploading data to Redshift.", "title": "BucketName", "type": "string" }, "CaseSensitiveNames": { "markdownDescription": "If Amazon Redshift is configured to support case sensitive schema names, set `CaseSensitiveNames` to `true` . The default is `false` .", "title": "CaseSensitiveNames", "type": "boolean" }, "CompUpdate": { "markdownDescription": "If you set `CompUpdate` to `true` Amazon Redshift applies automatic compression if the table is empty. This applies even if the table columns already have encodings other than `RAW` . If you set `CompUpdate` to `false` , automatic compression is disabled and existing column encodings aren't changed. The default is `true` .", "title": "CompUpdate", "type": "boolean" }, "ConnectionTimeout": { "markdownDescription": "A value that sets the amount of time to wait (in milliseconds) before timing out, beginning from when you initially establish a connection.", "title": "ConnectionTimeout", "type": "number" }, "DateFormat": { "markdownDescription": "The date format that you are using. Valid values are `auto` (case-sensitive), your date format string enclosed in quotes, or NULL. If this parameter is left unset (NULL), it defaults to a format of 'YYYY-MM-DD'. Using `auto` recognizes most strings, even some that aren't supported when you use a date format string.\n\nIf your date and time values use formats different from each other, set this to `auto` .", "title": "DateFormat", "type": "string" }, "EmptyAsNull": { "markdownDescription": "A value that specifies whether AWS DMS should migrate empty CHAR and VARCHAR fields as NULL. A value of `true` sets empty CHAR and VARCHAR fields to null. The default is `false` .", "title": "EmptyAsNull", "type": "boolean" }, "EncryptionMode": { "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , create an AWS Identity and Access Management (IAM) role with a policy that allows `\"arn:aws:s3:::*\"` to use the following actions: `\"s3:PutObject\", \"s3:ListBucket\"`", "title": "EncryptionMode", "type": "string" }, "ExplicitIds": { "markdownDescription": "This setting is only valid for a full-load migration task. Set `ExplicitIds` to `true` to have tables with `IDENTITY` columns override their auto-generated values with explicit values loaded from the source data files used to populate the tables. The default is `false` .", "title": "ExplicitIds", "type": "boolean" }, "FileTransferUploadStreams": { "markdownDescription": "The number of threads used to upload a single file. This parameter accepts a value from 1 through 64. It defaults to 10.\n\nThe number of parallel streams used to upload a single .csv file to an S3 bucket using S3 Multipart Upload. For more information, see [Multipart upload overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) .\n\n`FileTransferUploadStreams` accepts a value from 1 through 64. It defaults to 10.", "title": "FileTransferUploadStreams", "type": "number" }, "LoadTimeout": { "markdownDescription": "The amount of time to wait (in milliseconds) before timing out of operations performed by AWS DMS on a Redshift cluster, such as Redshift COPY, INSERT, DELETE, and UPDATE.", "title": "LoadTimeout", "type": "number" }, "MapBooleanAsBoolean": { "markdownDescription": "When true, lets Redshift migrate the boolean type as boolean. By default, Redshift migrates booleans as `varchar(1)` . You must set this setting on both the source and target endpoints for it to take effect.", "title": "MapBooleanAsBoolean", "type": "boolean" }, "MaxFileSize": { "markdownDescription": "The maximum size (in KB) of any .csv file used to load data on an S3 bucket and transfer data to Amazon Redshift. It defaults to 1048576KB (1 GB).", "title": "MaxFileSize", "type": "number" }, "RemoveQuotes": { "markdownDescription": "A value that specifies to remove surrounding quotation marks from strings in the incoming data. All characters within the quotation marks, including delimiters, are retained. Choose `true` to remove quotation marks. The default is `false` .", "title": "RemoveQuotes", "type": "boolean" }, "ReplaceChars": { "markdownDescription": "A value that specifies to replaces the invalid characters specified in `ReplaceInvalidChars` , substituting the specified characters instead. The default is `\"?\"` .", "title": "ReplaceChars", "type": "string" }, "ReplaceInvalidChars": { "markdownDescription": "A list of characters that you want to replace. Use with `ReplaceChars` .", "title": "ReplaceInvalidChars", "type": "string" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the Amazon Redshift endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the Amazon Redshift endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" }, "ServerSideEncryptionKmsKeyId": { "markdownDescription": "The AWS KMS key ID. If you are using `SSE_KMS` for the `EncryptionMode` , provide this key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.", "title": "ServerSideEncryptionKmsKeyId", "type": "string" }, "ServiceAccessRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that has access to the Amazon Redshift service. The role must allow the `iam:PassRole` action.", "title": "ServiceAccessRoleArn", "type": "string" }, "TimeFormat": { "markdownDescription": "The time format that you want to use. Valid values are `auto` (case-sensitive), `'timeformat_string'` , `'epochsecs'` , or `'epochmillisecs'` . It defaults to 10. Using `auto` recognizes most strings, even some that aren't supported when you use a time format string.\n\nIf your date and time values use formats different from each other, set this parameter to `auto` .", "title": "TimeFormat", "type": "string" }, "TrimBlanks": { "markdownDescription": "A value that specifies to remove the trailing white space characters from a VARCHAR string. This parameter applies only to columns with a VARCHAR data type. Choose `true` to remove unneeded white space. The default is `false` .", "title": "TrimBlanks", "type": "boolean" }, "TruncateColumns": { "markdownDescription": "A value that specifies to truncate data in columns to the appropriate number of characters, so that the data fits in the column. This parameter applies only to columns with a VARCHAR or CHAR data type, and rows with a size of 4 MB or less. Choose `true` to truncate data. The default is `false` .", "title": "TruncateColumns", "type": "boolean" }, "WriteBufferSize": { "markdownDescription": "The size (in KB) of the in-memory file write buffer used when generating .csv files on the local disk at the DMS replication instance. The default value is 1000 (buffer size is 1000KB).", "title": "WriteBufferSize", "type": "number" } }, "type": "object" }, "AWS::DMS::Endpoint.S3Settings": { "additionalProperties": false, "properties": { "AddColumnName": { "markdownDescription": "An optional parameter that, when set to `true` or `y` , you can use to add column name information to the .csv output file.\n\nThe default value is `false` . Valid values are `true` , `false` , `y` , and `n` .", "title": "AddColumnName", "type": "boolean" }, "AddTrailingPaddingCharacter": { "markdownDescription": "Use the S3 target endpoint setting `AddTrailingPaddingCharacter` to add padding on string data. The default value is `false` .", "title": "AddTrailingPaddingCharacter", "type": "boolean" }, "BucketFolder": { "markdownDescription": "An optional parameter to set a folder name in the S3 bucket. If provided, tables are created in the path `*bucketFolder* / *schema_name* / *table_name* /` . If this parameter isn't specified, the path used is `*schema_name* / *table_name* /` .", "title": "BucketFolder", "type": "string" }, "BucketName": { "markdownDescription": "The name of the S3 bucket.", "title": "BucketName", "type": "string" }, "CannedAclForObjects": { "markdownDescription": "A value that enables AWS DMS to specify a predefined (canned) access control list (ACL) for objects created in an Amazon S3 bucket as .csv or .parquet files. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 Developer Guide* .\n\nThe default value is NONE. Valid values include NONE, PRIVATE, PUBLIC_READ, PUBLIC_READ_WRITE, AUTHENTICATED_READ, AWS_EXEC_READ, BUCKET_OWNER_READ, and BUCKET_OWNER_FULL_CONTROL.", "title": "CannedAclForObjects", "type": "string" }, "CdcInsertsAndUpdates": { "markdownDescription": "A value that enables a change data capture (CDC) load to write INSERT and UPDATE operations to .csv or .parquet (columnar storage) output files. The default setting is `false` , but when `CdcInsertsAndUpdates` is set to `true` or `y` , only INSERTs and UPDATEs from the source database are migrated to the .csv or .parquet file.\n\nFor .csv file format only, how these INSERTs and UPDATEs are recorded depends on the value of the `IncludeOpForFullLoad` parameter. If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to either `I` or `U` to indicate INSERT and UPDATE operations at the source. But if `IncludeOpForFullLoad` is set to `false` , CDC records are written without an indication of INSERT or UPDATE operations at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the use of the `CdcInsertsAndUpdates` parameter in versions 3.3.1 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", "title": "CdcInsertsAndUpdates", "type": "boolean" }, "CdcInsertsOnly": { "markdownDescription": "A value that enables a change data capture (CDC) load to write only INSERT operations to .csv or columnar storage (.parquet) output files. By default (the `false` setting), the first field in a .csv or .parquet record contains the letter I (INSERT), U (UPDATE), or D (DELETE). These values indicate whether the row was inserted, updated, or deleted at the source database for a CDC load to the target.\n\nIf `CdcInsertsOnly` is set to `true` or `y` , only INSERTs from the source database are migrated to the .csv or .parquet file. For .csv format only, how these INSERTs are recorded depends on the value of `IncludeOpForFullLoad` . If `IncludeOpForFullLoad` is set to `true` , the first field of every CDC record is set to I to indicate the INSERT operation at the source. If `IncludeOpForFullLoad` is set to `false` , every CDC record is written without a first field to indicate the INSERT operation at the source. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .\n\n> AWS DMS supports the interaction described preceding between the `CdcInsertsOnly` and `IncludeOpForFullLoad` parameters in versions 3.1.4 and later.\n> \n> `CdcInsertsOnly` and `CdcInsertsAndUpdates` can't both be set to `true` for the same endpoint. Set either `CdcInsertsOnly` or `CdcInsertsAndUpdates` to `true` for the same endpoint, but not both.", "title": "CdcInsertsOnly", "type": "boolean" }, "CdcMaxBatchInterval": { "markdownDescription": "Maximum length of the interval, defined in seconds, after which to output a file to Amazon S3.\n\nWhen `CdcMaxBatchInterval` and `CdcMinFileSize` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 60 seconds.", "title": "CdcMaxBatchInterval", "type": "number" }, "CdcMinFileSize": { "markdownDescription": "Minimum file size, defined in kilobytes, to reach for a file output to Amazon S3.\n\nWhen `CdcMinFileSize` and `CdcMaxBatchInterval` are both specified, the file write is triggered by whichever parameter condition is met first within an AWS DMS CloudFormation template.\n\nThe default value is 32 MB.", "title": "CdcMinFileSize", "type": "number" }, "CdcPath": { "markdownDescription": "Specifies the folder path of CDC files. For an S3 source, this setting is required if a task captures change data; otherwise, it's optional. If `CdcPath` is set, AWS DMS reads CDC files from this path and replicates the data changes to the target endpoint. For an S3 target if you set [`PreserveTransactions`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-PreserveTransactions) to `true` , AWS DMS verifies that you have set this parameter to a folder path on your S3 target where AWS DMS can save the transaction order for the CDC load. AWS DMS creates this CDC folder path in either your S3 target working directory or the S3 target location specified by [`BucketFolder`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketFolder) and [`BucketName`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-BucketName) .\n\nFor example, if you specify `CdcPath` as `MyChangedData` , and you specify `BucketName` as `MyTargetBucket` but do not specify `BucketFolder` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyChangedData` .\n\nIf you specify the same `CdcPath` , and you specify `BucketName` as `MyTargetBucket` and `BucketFolder` as `MyTargetData` , AWS DMS creates the CDC folder path following: `MyTargetBucket/MyTargetData/MyChangedData` .\n\nFor more information on CDC including transaction order on an S3 target, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", "title": "CdcPath", "type": "string" }, "CompressionType": { "markdownDescription": "An optional parameter. When set to GZIP it enables the service to compress the target files. To allow the service to write the target files uncompressed, either set this parameter to NONE (the default) or don't specify the parameter at all. This parameter applies to both .csv and .parquet file formats.", "title": "CompressionType", "type": "string" }, "CsvDelimiter": { "markdownDescription": "The delimiter used to separate columns in the .csv file for both source and target. The default is a comma.", "title": "CsvDelimiter", "type": "string" }, "CsvNoSupValue": { "markdownDescription": "This setting only applies if your Amazon S3 output files during a change data capture (CDC) load are written in .csv format. If [`UseCsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-UseCsvNoSupValue) is set to true, specify a string value that you want AWS DMS to use for all columns not included in the supplemental log. If you do not specify a string value, AWS DMS uses the null value for these columns regardless of the `UseCsvNoSupValue` setting.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", "title": "CsvNoSupValue", "type": "string" }, "CsvNullValue": { "markdownDescription": "An optional parameter that specifies how AWS DMS treats null values. While handling the null value, you can use this parameter to pass a user-defined string as null when writing to the target. For example, when target columns are not nullable, you can use this option to differentiate between the empty string value and the null value. So, if you set this parameter value to the empty string (\"\" or ''), AWS DMS treats the empty string as the null value instead of `NULL` .\n\nThe default value is `NULL` . Valid values include any valid string.", "title": "CsvNullValue", "type": "string" }, "CsvRowDelimiter": { "markdownDescription": "The delimiter used to separate rows in the .csv file for both source and target.\n\nThe default is a carriage return ( `\\n` ).", "title": "CsvRowDelimiter", "type": "string" }, "DataFormat": { "markdownDescription": "The format of the data that you want to use for output. You can choose one of the following:\n\n- `csv` : This is a row-based file format with comma-separated values (.csv).\n- `parquet` : Apache Parquet (.parquet) is a columnar storage file format that features efficient compression and provides faster query response.", "title": "DataFormat", "type": "string" }, "DataPageSize": { "markdownDescription": "The size of one data page in bytes. This parameter defaults to 1024 * 1024 bytes (1 MiB). This number is used for .parquet file format only.", "title": "DataPageSize", "type": "number" }, "DatePartitionDelimiter": { "markdownDescription": "Specifies a date separating delimiter to use during folder partitioning. The default value is `SLASH` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", "title": "DatePartitionDelimiter", "type": "string" }, "DatePartitionEnabled": { "markdownDescription": "When set to `true` , this parameter partitions S3 bucket folders based on transaction commit dates. The default value is `false` . For more information about date-based folder partitioning, see [Using date-based folder partitioning](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.DatePartitioning) .", "title": "DatePartitionEnabled", "type": "boolean" }, "DatePartitionSequence": { "markdownDescription": "Identifies the sequence of the date format to use during folder partitioning. The default value is `YYYYMMDD` . Use this parameter when `DatePartitionedEnabled` is set to `true` .", "title": "DatePartitionSequence", "type": "string" }, "DatePartitionTimezone": { "markdownDescription": "When creating an S3 target endpoint, set `DatePartitionTimezone` to convert the current UTC time into a specified time zone. The conversion occurs when a date partition folder is created and a change data capture (CDC) file name is generated. The time zone format is Area/Location. Use this parameter when `DatePartitionedEnabled` is set to `true` , as shown in the following example.\n\n`s3-settings='{\"DatePartitionEnabled\": true, \"DatePartitionSequence\": \"YYYYMMDDHH\", \"DatePartitionDelimiter\": \"SLASH\", \"DatePartitionTimezone\":\" *Asia/Seoul* \", \"BucketName\": \"dms-nattarat-test\"}'`", "title": "DatePartitionTimezone", "type": "string" }, "DictPageSizeLimit": { "markdownDescription": "The maximum size of an encoded dictionary page of a column. If the dictionary page exceeds this, this column is stored using an encoding type of `PLAIN` . This parameter defaults to 1024 * 1024 bytes (1 MiB), the maximum size of a dictionary page before it reverts to `PLAIN` encoding. This size is used for .parquet file format only.", "title": "DictPageSizeLimit", "type": "number" }, "EnableStatistics": { "markdownDescription": "A value that enables statistics for Parquet pages and row groups. Choose `true` to enable statistics, `false` to disable. Statistics include `NULL` , `DISTINCT` , `MAX` , and `MIN` values. This parameter defaults to `true` . This value is used for .parquet file format only.", "title": "EnableStatistics", "type": "boolean" }, "EncodingType": { "markdownDescription": "The type of encoding that you're using:\n\n- `RLE_DICTIONARY` uses a combination of bit-packing and run-length encoding to store repeated values more efficiently. This is the default.\n- `PLAIN` doesn't use encoding at all. Values are stored as they are.\n- `PLAIN_DICTIONARY` builds a dictionary of the values encountered in a given column. The dictionary is stored in a dictionary page for each column chunk.", "title": "EncodingType", "type": "string" }, "EncryptionMode": { "markdownDescription": "The type of server-side encryption that you want to use for your data. This encryption type is part of the endpoint settings or the extra connections attributes for Amazon S3. You can choose either `SSE_S3` (the default) or `SSE_KMS` .\n\n> For the `ModifyEndpoint` operation, you can change the existing value of the `EncryptionMode` parameter from `SSE_KMS` to `SSE_S3` . But you can\u2019t change the existing value from `SSE_S3` to `SSE_KMS` . \n\nTo use `SSE_S3` , you need an IAM role with permission to allow `\"arn:aws:s3:::dms-*\"` to use the following actions:\n\n- `s3:CreateBucket`\n- `s3:ListBucket`\n- `s3:DeleteBucket`\n- `s3:GetBucketLocation`\n- `s3:GetObject`\n- `s3:PutObject`\n- `s3:DeleteObject`\n- `s3:GetObjectVersion`\n- `s3:GetBucketPolicy`\n- `s3:PutBucketPolicy`\n- `s3:DeleteBucketPolicy`", "title": "EncryptionMode", "type": "string" }, "ExpectedBucketOwner": { "markdownDescription": "To specify a bucket owner and prevent sniping, you can use the `ExpectedBucketOwner` endpoint setting.\n\nExample: `--s3-settings='{\"ExpectedBucketOwner\": \" *AWS_Account_ID* \"}'`\n\nWhen you make a request to test a connection or perform a migration, S3 checks the account ID of the bucket owner against the specified parameter.", "title": "ExpectedBucketOwner", "type": "string" }, "ExternalTableDefinition": { "markdownDescription": "The external table definition.\n\nConditional: If `S3` is used as a source then `ExternalTableDefinition` is required.", "title": "ExternalTableDefinition", "type": "string" }, "GlueCatalogGeneration": { "markdownDescription": "When true, allows AWS Glue to catalog your S3 bucket. Creating an AWS Glue catalog lets you use Athena to query your data.", "title": "GlueCatalogGeneration", "type": "boolean" }, "IgnoreHeaderRows": { "markdownDescription": "When this value is set to 1, AWS DMS ignores the first row header in a .csv file. A value of 1 turns on the feature; a value of 0 turns off the feature.\n\nThe default is 0.", "title": "IgnoreHeaderRows", "type": "number" }, "IncludeOpForFullLoad": { "markdownDescription": "A value that enables a full load to write INSERT operations to the comma-separated value (.csv) output files only to indicate how the rows were added to the source database.\n\n> AWS DMS supports the `IncludeOpForFullLoad` parameter in versions 3.1.4 and later. \n\nFor full load, records can only be inserted. By default (the `false` setting), no information is recorded in these output files for a full load to indicate that the rows were inserted at the source database. If `IncludeOpForFullLoad` is set to `true` or `y` , the INSERT is recorded as an I annotation in the first field of the .csv file. This allows the format of your target records from a full load to be consistent with the target records from a CDC load.\n\n> This setting works together with the `CdcInsertsOnly` and the `CdcInsertsAndUpdates` parameters for output to .csv files only. For more information about how these settings work together, see [Indicating Source DB Operations in Migrated S3 Data](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.Configuring.InsertOps) in the *AWS Database Migration Service User Guide* .", "title": "IncludeOpForFullLoad", "type": "boolean" }, "MaxFileSize": { "markdownDescription": "A value that specifies the maximum size (in KB) of any .csv file to be created while migrating to an S3 target during full load.\n\nThe default value is 1,048,576 KB (1 GB). Valid values include 1 to 1,048,576.", "title": "MaxFileSize", "type": "number" }, "ParquetTimestampInMillisecond": { "markdownDescription": "A value that specifies the precision of any `TIMESTAMP` column values that are written to an Amazon S3 object file in .parquet format.\n\n> AWS DMS supports the `ParquetTimestampInMillisecond` parameter in versions 3.1.4 and later. \n\nWhen `ParquetTimestampInMillisecond` is set to `true` or `y` , AWS DMS writes all `TIMESTAMP` columns in a .parquet formatted file with millisecond precision. Otherwise, DMS writes them with microsecond precision.\n\nCurrently, Amazon Athena and AWS Glue can handle only millisecond precision for `TIMESTAMP` values. Set this parameter to `true` for S3 endpoint object files that are .parquet formatted only if you plan to query or process the data with Athena or AWS Glue .\n\n> AWS DMS writes any `TIMESTAMP` column values written to an S3 file in .csv format with microsecond precision.\n> \n> Setting `ParquetTimestampInMillisecond` has no effect on the string format of the timestamp column value that is inserted by setting the `TimestampColumnName` parameter.", "title": "ParquetTimestampInMillisecond", "type": "boolean" }, "ParquetVersion": { "markdownDescription": "The version of the Apache Parquet format that you want to use: `parquet_1_0` (the default) or `parquet_2_0` .", "title": "ParquetVersion", "type": "string" }, "PreserveTransactions": { "markdownDescription": "If this setting is set to `true` , AWS DMS saves the transaction order for a change data capture (CDC) load on the Amazon S3 target specified by [`CdcPath`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CdcPath) . For more information, see [Capturing data changes (CDC) including transaction order on the S3 target](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Target.S3.html#CHAP_Target.S3.EndpointSettings.CdcPath) .\n\n> This setting is supported in AWS DMS versions 3.4.2 and later.", "title": "PreserveTransactions", "type": "boolean" }, "Rfc4180": { "markdownDescription": "For an S3 source, when this value is set to `true` or `y` , each leading double quotation mark has to be followed by an ending double quotation mark. This formatting complies with RFC 4180. When this value is set to `false` or `n` , string literals are copied to the target as is. In this case, a delimiter (row or column) signals the end of the field. Thus, you can't use a delimiter as part of the string, because it signals the end of the value.\n\nFor an S3 target, an optional parameter used to set behavior to comply with RFC 4180 for data migrated to Amazon S3 using .csv file format only. When this value is set to `true` or `y` using Amazon S3 as a target, if the data has quotation marks or newline characters in it, AWS DMS encloses the entire column with an additional pair of double quotation marks (\"). Every quotation mark within the data is repeated twice.\n\nThe default value is `true` . Valid values include `true` , `false` , `y` , and `n` .", "title": "Rfc4180", "type": "boolean" }, "RowGroupLength": { "markdownDescription": "The number of rows in a row group. A smaller row group size provides faster reads. But as the number of row groups grows, the slower writes become. This parameter defaults to 10,000 rows. This number is used for .parquet file format only.\n\nIf you choose a value larger than the maximum, `RowGroupLength` is set to the max row group length in bytes (64 * 1024 * 1024).", "title": "RowGroupLength", "type": "number" }, "ServerSideEncryptionKmsKeyId": { "markdownDescription": "If you are using `SSE_KMS` for the `EncryptionMode` , provide the AWS KMS key ID. The key that you use needs an attached policy that enables IAM user permissions and allows use of the key.\n\nHere is a CLI example: `aws dms create-endpoint --endpoint-identifier *value* --endpoint-type target --engine-name s3 --s3-settings ServiceAccessRoleArn= *value* ,BucketFolder= *value* ,BucketName= *value* ,EncryptionMode=SSE_KMS,ServerSideEncryptionKmsKeyId= *value*`", "title": "ServerSideEncryptionKmsKeyId", "type": "string" }, "ServiceAccessRoleArn": { "markdownDescription": "A required parameter that specifies the Amazon Resource Name (ARN) used by the service to access the IAM role. The role must allow the `iam:PassRole` action. It enables AWS DMS to read and write objects from an S3 bucket.", "title": "ServiceAccessRoleArn", "type": "string" }, "TimestampColumnName": { "markdownDescription": "A value that when nonblank causes AWS DMS to add a column with timestamp information to the endpoint data for an Amazon S3 target.\n\n> AWS DMS supports the `TimestampColumnName` parameter in versions 3.1.4 and later. \n\nAWS DMS includes an additional `STRING` column in the .csv or .parquet object files of your migrated data when you set `TimestampColumnName` to a nonblank value.\n\nFor a full load, each row of this timestamp column contains a timestamp for when the data was transferred from the source to the target by DMS.\n\nFor a change data capture (CDC) load, each row of the timestamp column contains the timestamp for the commit of that row in the source database.\n\nThe string format for this timestamp column value is `yyyy-MM-dd HH:mm:ss.SSSSSS` . By default, the precision of this value is in microseconds. For a CDC load, the rounding of the precision depends on the commit timestamp supported by DMS for the source database.\n\nWhen the `AddColumnName` parameter is set to `true` , DMS also includes a name for the timestamp column that you set with `TimestampColumnName` .", "title": "TimestampColumnName", "type": "string" }, "UseCsvNoSupValue": { "markdownDescription": "This setting applies if the S3 output files during a change data capture (CDC) load are written in .csv format. If this setting is set to `true` for columns not included in the supplemental log, AWS DMS uses the value specified by [`CsvNoSupValue`](https://docs.aws.amazon.com/dms/latest/APIReference/API_S3Settings.html#DMS-Type-S3Settings-CsvNoSupValue) . If this setting isn't set or is set to `false` , AWS DMS uses the null value for these columns.\n\n> This setting is supported in AWS DMS versions 3.4.1 and later.", "title": "UseCsvNoSupValue", "type": "boolean" }, "UseTaskStartTimeForFullLoadTimestamp": { "markdownDescription": "When set to true, this parameter uses the task start time as the timestamp column value instead of the time data is written to target. For full load, when `useTaskStartTimeForFullLoadTimestamp` is set to `true` , each row of the timestamp column contains the task start time. For CDC loads, each row of the timestamp column contains the transaction commit time.\n\nWhen `useTaskStartTimeForFullLoadTimestamp` is set to `false` , the full load timestamp in the timestamp column increments with the time data arrives at the target.", "title": "UseTaskStartTimeForFullLoadTimestamp", "type": "boolean" } }, "type": "object" }, "AWS::DMS::Endpoint.SybaseSettings": { "additionalProperties": false, "properties": { "SecretsManagerAccessRoleArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the IAM role that specifies AWS DMS as the trusted entity and grants the required permissions to access the value in `SecretsManagerSecret` . The role must allow the `iam:PassRole` action. `SecretsManagerSecret` has the value of the AWS Secrets Manager secret that allows access to the SAP ASE endpoint.\n\n> You can specify one of two sets of values for these permissions. You can specify the values for this setting and `SecretsManagerSecretId` . Or you can specify clear-text values for `UserName` , `Password` , `ServerName` , and `Port` . You can't specify both.\n> \n> For more information on creating this `SecretsManagerSecret` , the corresponding `SecretsManagerAccessRoleArn` , and the `SecretsManagerSecretId` that is required to access it, see [Using secrets to access AWS Database Migration Service resources](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#security-iam-secretsmanager) in the *AWS Database Migration Service User Guide* .", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The full ARN, partial ARN, or display name of the `SecretsManagerSecret` that contains the SAP SAE endpoint connection details.", "title": "SecretsManagerSecretId", "type": "string" } }, "type": "object" }, "AWS::DMS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether to activate the subscription. If you don't specify this property, AWS CloudFormation activates the subscription.", "title": "Enabled", "type": "boolean" }, "EventCategories": { "items": { "type": "string" }, "markdownDescription": "A list of event categories for a source type that you want to subscribe to. If you don't specify this property, you are notified about all event categories. For more information, see [Working with Events and Notifications](https://docs.aws.amazon.com//dms/latest/userguide/CHAP_Events.html) in the *AWS DMS User Guide* .", "title": "EventCategories", "type": "array" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic created for event notification. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", "title": "SnsTopicArn", "type": "string" }, "SourceIds": { "items": { "type": "string" }, "markdownDescription": "A list of identifiers for which AWS DMS provides notification events.\n\nIf you don't specify a value, notifications are provided for all sources.\n\nIf you specify multiple values, they must be of the same type. For example, if you specify a database instance ID, then all of the other values must be database instance IDs.", "title": "SourceIds", "type": "array" }, "SourceType": { "markdownDescription": "The type of AWS DMS resource that generates the events. For example, if you want to be notified of events generated by a replication instance, you set this parameter to `replication-instance` . If this value isn't specified, all events are returned.\n\n*Valid values* : `replication-instance` | `replication-task`", "title": "SourceType", "type": "string" }, "SubscriptionName": { "markdownDescription": "The name of the AWS DMS event notification subscription. This name must be less than 255 characters.", "title": "SubscriptionName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags to be assigned to the event subscription.", "title": "Tags", "type": "array" } }, "required": [ "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::EventSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DMS::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone where the instance profile runs.", "title": "AvailabilityZone", "type": "string" }, "Description": { "markdownDescription": "A description of the instance profile. Descriptions can have up to 31 characters. A description can contain only ASCII letters, digits, and hyphens ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter.", "title": "Description", "type": "string" }, "InstanceProfileIdentifier": { "markdownDescription": "The identifier of the instance profile. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", "title": "InstanceProfileIdentifier", "type": "string" }, "InstanceProfileName": { "markdownDescription": "The user-friendly name for the instance profile.", "title": "InstanceProfileName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the connection parameters for the instance profile.\n\nIf you don't specify a value for the `KmsKeyArn` parameter, then AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", "title": "KmsKeyArn", "type": "string" }, "NetworkType": { "markdownDescription": "Specifies the network type for the instance profile. A value of `IPV4` represents an instance profile with IPv4 network type and only supports IPv4 addressing. A value of `IPV6` represents an instance profile with IPv6 network type and only supports IPv6 addressing. A value of `DUAL` represents an instance profile with dual network type that supports IPv4 and IPv6 addressing.", "title": "NetworkType", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "Specifies the accessibility options for the instance profile. A value of `true` represents an instance profile with a public IP address. A value of `false` represents an instance profile with a private IP address. The default value is `true` .", "title": "PubliclyAccessible", "type": "boolean" }, "SubnetGroupIdentifier": { "markdownDescription": "The identifier of the subnet group that is associated with the instance profile.", "title": "SubnetGroupIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "VpcSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The VPC security groups that are used with the instance profile. The VPC security group must work with the VPC containing the instance profile.", "title": "VpcSecurityGroups", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::DMS::InstanceProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DMS::MigrationProject": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A user-friendly description of the migration project.", "title": "Description", "type": "string" }, "InstanceProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile for your migration project.", "title": "InstanceProfileArn", "type": "string" }, "InstanceProfileIdentifier": { "markdownDescription": "The identifier of the instance profile for your migration project.", "title": "InstanceProfileIdentifier", "type": "string" }, "InstanceProfileName": { "markdownDescription": "The name of the associated instance profile.", "title": "InstanceProfileName", "type": "string" }, "MigrationProjectIdentifier": { "markdownDescription": "The identifier of the migration project. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen, or contain two consecutive hyphens.", "title": "MigrationProjectIdentifier", "type": "string" }, "MigrationProjectName": { "markdownDescription": "The name of the migration project.", "title": "MigrationProjectName", "type": "string" }, "SchemaConversionApplicationAttributes": { "$ref": "#/definitions/AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes", "markdownDescription": "The schema conversion application attributes, including the Amazon S3 bucket name and Amazon S3 role ARN.", "title": "SchemaConversionApplicationAttributes" }, "SourceDataProviderDescriptors": { "items": { "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, "markdownDescription": "Information about the source data provider, including the name or ARN, and AWS Secrets Manager parameters.", "title": "SourceDataProviderDescriptors", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "TargetDataProviderDescriptors": { "items": { "$ref": "#/definitions/AWS::DMS::MigrationProject.DataProviderDescriptor" }, "markdownDescription": "Information about the target data provider, including the name or ARN, and AWS Secrets Manager parameters.", "title": "TargetDataProviderDescriptors", "type": "array" }, "TransformationRules": { "markdownDescription": "The settings in JSON format for migration rules. Migration rules make it possible for you to change the object names according to the rules that you specify. For example, you can change an object name to lowercase or uppercase, add or remove a prefix or suffix, or rename objects.", "title": "TransformationRules", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::DMS::MigrationProject" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DMS::MigrationProject.DataProviderDescriptor": { "additionalProperties": false, "properties": { "DataProviderArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the data provider.", "title": "DataProviderArn", "type": "string" }, "DataProviderIdentifier": { "markdownDescription": "", "title": "DataProviderIdentifier", "type": "string" }, "DataProviderName": { "markdownDescription": "The user-friendly name of the data provider.", "title": "DataProviderName", "type": "string" }, "SecretsManagerAccessRoleArn": { "markdownDescription": "The ARN of the role used to access AWS Secrets Manager.", "title": "SecretsManagerAccessRoleArn", "type": "string" }, "SecretsManagerSecretId": { "markdownDescription": "The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider.", "title": "SecretsManagerSecretId", "type": "string" } }, "type": "object" }, "AWS::DMS::MigrationProject.SchemaConversionApplicationAttributes": { "additionalProperties": false, "properties": { "S3BucketPath": { "markdownDescription": "", "title": "S3BucketPath", "type": "string" }, "S3BucketRoleArn": { "markdownDescription": "", "title": "S3BucketRoleArn", "type": "string" } }, "type": "object" }, "AWS::DMS::ReplicationConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComputeConfig": { "$ref": "#/definitions/AWS::DMS::ReplicationConfig.ComputeConfig", "markdownDescription": "Configuration parameters for provisioning an AWS DMS Serverless replication.", "title": "ComputeConfig" }, "ReplicationConfigArn": { "type": "string" }, "ReplicationConfigIdentifier": { "markdownDescription": "A unique identifier that you want to use to create a `ReplicationConfigArn` that is returned as part of the output from this action. You can then pass this output `ReplicationConfigArn` as the value of the `ReplicationConfigArn` option for other actions to identify both AWS DMS Serverless replications and replication configurations that you want those actions to operate on. For some actions, you can also use either this unique identifier or a corresponding ARN in action filters to identify the specific replication and replication configuration to operate on.", "title": "ReplicationConfigIdentifier", "type": "string" }, "ReplicationSettings": { "markdownDescription": "Optional JSON settings for AWS DMS Serverless replications that are provisioned using this replication configuration. For example, see [Change processing tuning settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.ChangeProcessingTuning.html) .", "title": "ReplicationSettings", "type": "object" }, "ReplicationType": { "markdownDescription": "The type of AWS DMS Serverless replication to provision using this replication configuration.\n\nPossible values:\n\n- `\"full-load\"`\n- `\"cdc\"`\n- `\"full-load-and-cdc\"`", "title": "ReplicationType", "type": "string" }, "ResourceIdentifier": { "markdownDescription": "Optional unique value or name that you set for a given resource that can be used to construct an Amazon Resource Name (ARN) for that resource. For more information, see [Fine-grained access control using resource names and tags](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Security.html#CHAP_Security.FineGrainedAccess) .", "title": "ResourceIdentifier", "type": "string" }, "SourceEndpointArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the source endpoint for this AWS DMS Serverless replication configuration.", "title": "SourceEndpointArn", "type": "string" }, "SupplementalSettings": { "markdownDescription": "Optional JSON settings for specifying supplemental data. For more information, see [Specifying supplemental data for task settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) .", "title": "SupplementalSettings", "type": "object" }, "TableMappings": { "markdownDescription": "JSON table mappings for AWS DMS Serverless replications that are provisioned using this replication configuration. For more information, see [Specifying table selection and transformations rules using JSON](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.SelectionTransformation.html) .", "title": "TableMappings", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more optional tags associated with resources used by the AWS DMS Serverless replication. For more information, see [Tagging resources in AWS Database Migration Service](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tagging.html) .", "title": "Tags", "type": "array" }, "TargetEndpointArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target endpoint for this AWS DMS serverless replication configuration.", "title": "TargetEndpointArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::DMS::ReplicationConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DMS::ReplicationConfig.ComputeConfig": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `\"us-west-2\"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` .", "title": "AvailabilityZone", "type": "string" }, "DnsNameServers": { "markdownDescription": "A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `\"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4\"`", "title": "DnsNameServers", "type": "string" }, "KmsKeyId": { "markdownDescription": "An AWS Key Management Service ( AWS KMS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region .", "title": "KmsKeyId", "type": "string" }, "MaxCapacityUnits": { "markdownDescription": "Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify.", "title": "MaxCapacityUnits", "type": "number" }, "MinCapacityUnits": { "markdownDescription": "Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` .", "title": "MinCapacityUnits", "type": "number" }, "MultiAZ": { "markdownDescription": "Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` .", "title": "MultiAZ", "type": "boolean" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` .\n\nThe default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` .\n\nConstraints include a minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "ReplicationSubnetGroupId": { "markdownDescription": "Specifies a subnet group identifier to associate with the AWS DMS Serverless replication.", "title": "ReplicationSubnetGroupId", "type": "string" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication.", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "MaxCapacityUnits" ], "type": "object" }, "AWS::DMS::ReplicationInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocatedStorage": { "markdownDescription": "The amount of storage (in gigabytes) to be initially allocated for the replication instance.", "title": "AllocatedStorage", "type": "number" }, "AllowMajorVersionUpgrade": { "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage, and the change is asynchronously applied as soon as possible.\n\nThis parameter must be set to `true` when specifying a value for the `EngineVersion` parameter that is a different major version than the replication instance's current version.", "title": "AllowMajorVersionUpgrade", "type": "boolean" }, "AutoMinorVersionUpgrade": { "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the replication instance during the maintenance window. This parameter defaults to `true` .\n\nDefault: `true`", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone that the replication instance will be created in.\n\nThe default value is a random, system-chosen Availability Zone in the endpoint's AWS Region , for example `us-east-1d` .", "title": "AvailabilityZone", "type": "string" }, "EngineVersion": { "markdownDescription": "The engine version number of the replication instance.\n\nIf an engine version number is not specified when a replication instance is created, the default is the latest engine version available.", "title": "EngineVersion", "type": "string" }, "KmsKeyId": { "markdownDescription": "An AWS KMS key identifier that is used to encrypt the data on the replication instance.\n\nIf you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Region .", "title": "KmsKeyId", "type": "string" }, "MultiAZ": { "markdownDescription": "Specifies whether the replication instance is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the Multi-AZ parameter is set to `true` .", "title": "MultiAZ", "type": "boolean" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur, in UTC.\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : A 30-minute window selected at random from an 8-hour block of time per AWS Region , occurring on a random day of the week.\n\n*Valid days* ( `ddd` ): `Mon` | `Tue` | `Wed` | `Thu` | `Fri` | `Sat` | `Sun`\n\n*Constraints* : Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "Specifies the accessibility options for the replication instance. A value of `true` represents an instance with a public IP address. A value of `false` represents an instance with a private IP address. The default value is `true` .", "title": "PubliclyAccessible", "type": "boolean" }, "ReplicationInstanceClass": { "markdownDescription": "The compute and memory capacity of the replication instance as defined for the specified replication instance class. For example, to specify the instance class dms.c4.large, set this parameter to `\"dms.c4.large\"` . For more information on the settings and capacities for the available replication instance classes, see [Selecting the right AWS DMS replication instance for your migration](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.html#CHAP_ReplicationInstance.InDepth) in the *AWS Database Migration Service User Guide* .", "title": "ReplicationInstanceClass", "type": "string" }, "ReplicationInstanceIdentifier": { "markdownDescription": "The replication instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain 1-63 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `myrepinstance`", "title": "ReplicationInstanceIdentifier", "type": "string" }, "ReplicationSubnetGroupIdentifier": { "markdownDescription": "A subnet group to associate with the replication instance.", "title": "ReplicationSubnetGroupIdentifier", "type": "string" }, "ResourceIdentifier": { "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` . For example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", "title": "ResourceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags to be assigned to the replication instance.", "title": "Tags", "type": "array" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "Specifies the virtual private cloud (VPC) security group to be used with the replication instance. The VPC security group must work with the VPC containing the replication instance.", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "ReplicationInstanceClass" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::ReplicationInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DMS::ReplicationSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ReplicationSubnetGroupDescription": { "markdownDescription": "The description for the subnet group.", "title": "ReplicationSubnetGroupDescription", "type": "string" }, "ReplicationSubnetGroupIdentifier": { "markdownDescription": "The identifier for the replication subnet group. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the identifier.", "title": "ReplicationSubnetGroupIdentifier", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "One or more subnet IDs to be assigned to the subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags to be assigned to the subnet group.", "title": "Tags", "type": "array" } }, "required": [ "ReplicationSubnetGroupDescription", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::ReplicationSubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DMS::ReplicationTask": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CdcStartPosition": { "markdownDescription": "Indicates when you want a change data capture (CDC) operation to start. Use either `CdcStartPosition` or `CdcStartTime` to specify when you want a CDC operation to start. Specifying both values results in an error.\n\nThe value can be in date, checkpoint, log sequence number (LSN), or system change number (SCN) format.\n\nHere is a date example: `--cdc-start-position \"2018-03-08T12:12:12\"`\n\nHere is a checkpoint example: `--cdc-start-position \"checkpoint:V1#27#mysql-bin-changelog.157832:1975:-1:2002:677883278264080:mysql-bin-changelog.157832:1876#0#0#*#0#93\"`\n\nHere is an LSN example: `--cdc-start-position \u201cmysql-bin-changelog.000024:373\u201d`\n\n> When you use this task setting with a source PostgreSQL database, a logical replication slot should already be created and associated with the source endpoint. You can verify this by setting the `slotName` extra connection attribute to the name of this logical replication slot. For more information, see [Extra Connection Attributes When Using PostgreSQL as a Source for AWS DMS](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Source.PostgreSQL.html#CHAP_Source.PostgreSQL.ConnectionAttrib) in the *AWS Database Migration Service User Guide* .", "title": "CdcStartPosition", "type": "string" }, "CdcStartTime": { "markdownDescription": "Indicates the start time for a change data capture (CDC) operation.", "title": "CdcStartTime", "type": "number" }, "CdcStopPosition": { "markdownDescription": "Indicates when you want a change data capture (CDC) operation to stop. The value can be either server time or commit time.\n\nHere is a server time example: `--cdc-stop-position \"server_time:2018-02-09T12:12:12\"`\n\nHere is a commit time example: `--cdc-stop-position \"commit_time: 2018-02-09T12:12:12\"`", "title": "CdcStopPosition", "type": "string" }, "MigrationType": { "markdownDescription": "The migration type. Valid values: `full-load` | `cdc` | `full-load-and-cdc`", "title": "MigrationType", "type": "string" }, "ReplicationInstanceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a replication instance.", "title": "ReplicationInstanceArn", "type": "string" }, "ReplicationTaskIdentifier": { "markdownDescription": "An identifier for the replication task.\n\nConstraints:\n\n- Must contain 1-255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", "title": "ReplicationTaskIdentifier", "type": "string" }, "ReplicationTaskSettings": { "markdownDescription": "Overall settings for the task, in JSON format. For more information, see [Specifying Task Settings for AWS Database Migration Service Tasks](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TaskSettings.html) in the *AWS Database Migration Service User Guide* .", "title": "ReplicationTaskSettings", "type": "string" }, "ResourceIdentifier": { "markdownDescription": "A display name for the resource identifier at the end of the `EndpointArn` response parameter that is returned in the created `Endpoint` object. The value for this parameter can have up to 31 characters. It can contain only ASCII letters, digits, and hyphen ('-'). Also, it can't end with a hyphen or contain two consecutive hyphens, and can only begin with a letter, such as `Example-App-ARN1` .\n\nFor example, this value might result in the `EndpointArn` value `arn:aws:dms:eu-west-1:012345678901:rep:Example-App-ARN1` . If you don't specify a `ResourceIdentifier` value, AWS DMS generates a default identifier value for the end of `EndpointArn` .", "title": "ResourceIdentifier", "type": "string" }, "SourceEndpointArn": { "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the source endpoint.", "title": "SourceEndpointArn", "type": "string" }, "TableMappings": { "markdownDescription": "The table mappings for the task, in JSON format. For more information, see [Using Table Mapping to Specify Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.CustomizingTasks.TableMapping.html) in the *AWS Database Migration Service User Guide* .", "title": "TableMappings", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags to be assigned to the replication task.", "title": "Tags", "type": "array" }, "TargetEndpointArn": { "markdownDescription": "An Amazon Resource Name (ARN) that uniquely identifies the target endpoint.", "title": "TargetEndpointArn", "type": "string" }, "TaskData": { "markdownDescription": "Supplemental information that the task requires to migrate the data for certain source and target endpoints. For more information, see [Specifying Supplemental Data for Task Settings](https://docs.aws.amazon.com/dms/latest/userguide/CHAP_Tasks.TaskData.html) in the *AWS Database Migration Service User Guide.*", "title": "TaskData", "type": "string" } }, "required": [ "MigrationType", "ReplicationInstanceArn", "SourceEndpointArn", "TableMappings", "TargetEndpointArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DMS::ReplicationTask" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Dataset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Format": { "markdownDescription": "The file format of a dataset that is created from an Amazon S3 file or folder.", "title": "Format", "type": "string" }, "FormatOptions": { "$ref": "#/definitions/AWS::DataBrew::Dataset.FormatOptions", "markdownDescription": "A set of options that define how DataBrew interprets the data in the dataset.", "title": "FormatOptions" }, "Input": { "$ref": "#/definitions/AWS::DataBrew::Dataset.Input", "markdownDescription": "Information on how DataBrew can find the dataset, in either the AWS Glue Data Catalog or Amazon S3 .", "title": "Input" }, "Name": { "markdownDescription": "The unique name of the dataset.", "title": "Name", "type": "string" }, "PathOptions": { "$ref": "#/definitions/AWS::DataBrew::Dataset.PathOptions", "markdownDescription": "A set of options that defines how DataBrew interprets an Amazon S3 path of the dataset.", "title": "PathOptions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata tags that have been applied to the dataset.", "title": "Tags", "type": "array" } }, "required": [ "Input", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Dataset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Dataset.CsvOptions": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "A single character that specifies the delimiter being used in the CSV file.", "title": "Delimiter", "type": "string" }, "HeaderRow": { "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", "title": "HeaderRow", "type": "boolean" } }, "type": "object" }, "AWS::DataBrew::Dataset.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of a database in the Data Catalog.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", "title": "TableName", "type": "string" }, "TempDirectory": { "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", "title": "TempDirectory" } }, "type": "object" }, "AWS::DataBrew::Dataset.DatabaseInputDefinition": { "additionalProperties": false, "properties": { "DatabaseTableName": { "markdownDescription": "The table within the target database.", "title": "DatabaseTableName", "type": "string" }, "GlueConnectionName": { "markdownDescription": "The AWS Glue Connection that stores the connection information for the target database.", "title": "GlueConnectionName", "type": "string" }, "QueryString": { "markdownDescription": "Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs.", "title": "QueryString", "type": "string" }, "TempDirectory": { "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", "markdownDescription": "An Amazon location that AWS Glue Data Catalog can use as a temporary directory.", "title": "TempDirectory" } }, "required": [ "GlueConnectionName" ], "type": "object" }, "AWS::DataBrew::Dataset.DatasetParameter": { "additionalProperties": false, "properties": { "CreateColumn": { "markdownDescription": "Optional boolean value that defines whether the captured value of this parameter should be loaded as an additional column in the dataset.", "title": "CreateColumn", "type": "boolean" }, "DatetimeOptions": { "$ref": "#/definitions/AWS::DataBrew::Dataset.DatetimeOptions", "markdownDescription": "Additional parameter options such as a format and a timezone. Required for datetime parameters.", "title": "DatetimeOptions" }, "Filter": { "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", "markdownDescription": "The optional filter expression structure to apply additional matching criteria to the parameter.", "title": "Filter" }, "Name": { "markdownDescription": "The name of the parameter that is used in the dataset's Amazon S3 path.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of the dataset parameter, can be one of a 'String', 'Number' or 'Datetime'.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::DataBrew::Dataset.DatetimeOptions": { "additionalProperties": false, "properties": { "Format": { "markdownDescription": "Required option, that defines the datetime format used for a date parameter in the Amazon S3 path. Should use only supported datetime specifiers and separation characters, all litera a-z or A-Z character should be escaped with single quotes. E.g. \"MM.dd.yyyy-'at'-HH:mm\".", "title": "Format", "type": "string" }, "LocaleCode": { "markdownDescription": "Optional value for a non-US locale code, needed for correct interpretation of some date formats.", "title": "LocaleCode", "type": "string" }, "TimezoneOffset": { "markdownDescription": "Optional value for a timezone offset of the datetime parameter value in the Amazon S3 path. Shouldn't be used if Format for this parameter includes timezone fields. If no offset specified, UTC is assumed.", "title": "TimezoneOffset", "type": "string" } }, "required": [ "Format" ], "type": "object" }, "AWS::DataBrew::Dataset.ExcelOptions": { "additionalProperties": false, "properties": { "HeaderRow": { "markdownDescription": "A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated.", "title": "HeaderRow", "type": "boolean" }, "SheetIndexes": { "items": { "type": "number" }, "markdownDescription": "One or more sheet numbers in the Excel file that will be included in the dataset.", "title": "SheetIndexes", "type": "array" }, "SheetNames": { "items": { "type": "string" }, "markdownDescription": "One or more named sheets in the Excel file that will be included in the dataset.", "title": "SheetNames", "type": "array" } }, "type": "object" }, "AWS::DataBrew::Dataset.FilesLimit": { "additionalProperties": false, "properties": { "MaxFiles": { "markdownDescription": "The number of Amazon S3 files to select.", "title": "MaxFiles", "type": "number" }, "Order": { "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses DESCENDING order, i.e. most recent files are selected first. Anotherpossible value is ASCENDING.", "title": "Order", "type": "string" }, "OrderedBy": { "markdownDescription": "A criteria to use for Amazon S3 files sorting before their selection. By default uses LAST_MODIFIED_DATE as a sorting criteria. Currently it's the only allowed value.", "title": "OrderedBy", "type": "string" } }, "required": [ "MaxFiles" ], "type": "object" }, "AWS::DataBrew::Dataset.FilterExpression": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression which includes condition names followed by substitution variables, possibly grouped and combined with other conditions. For example, \"(starts_with :prefix1 or starts_with :prefix2) and (ends_with :suffix1 or ends_with :suffix2)\". Substitution variables should start with ':' symbol.", "title": "Expression", "type": "string" }, "ValuesMap": { "items": { "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterValue" }, "markdownDescription": "The map of substitution variable names to their values used in this filter expression.", "title": "ValuesMap", "type": "array" } }, "required": [ "Expression", "ValuesMap" ], "type": "object" }, "AWS::DataBrew::Dataset.FilterValue": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The value to be associated with the substitution variable.", "title": "Value", "type": "string" }, "ValueReference": { "markdownDescription": "The substitution variable reference.", "title": "ValueReference", "type": "string" } }, "required": [ "Value", "ValueReference" ], "type": "object" }, "AWS::DataBrew::Dataset.FormatOptions": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::DataBrew::Dataset.CsvOptions", "markdownDescription": "Options that define how CSV input is to be interpreted by DataBrew.", "title": "Csv" }, "Excel": { "$ref": "#/definitions/AWS::DataBrew::Dataset.ExcelOptions", "markdownDescription": "Options that define how Excel input is to be interpreted by DataBrew.", "title": "Excel" }, "Json": { "$ref": "#/definitions/AWS::DataBrew::Dataset.JsonOptions", "markdownDescription": "Options that define how JSON input is to be interpreted by DataBrew.", "title": "Json" } }, "type": "object" }, "AWS::DataBrew::Dataset.Input": { "additionalProperties": false, "properties": { "DataCatalogInputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Dataset.DataCatalogInputDefinition", "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", "title": "DataCatalogInputDefinition" }, "DatabaseInputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Dataset.DatabaseInputDefinition", "markdownDescription": "Connection information for dataset input files stored in a database.", "title": "DatabaseInputDefinition" }, "Metadata": { "$ref": "#/definitions/AWS::DataBrew::Dataset.Metadata", "markdownDescription": "Contains additional resource information needed for specific datasets.", "title": "Metadata" }, "S3InputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Dataset.S3Location", "markdownDescription": "The Amazon S3 location where the data is stored.", "title": "S3InputDefinition" } }, "type": "object" }, "AWS::DataBrew::Dataset.JsonOptions": { "additionalProperties": false, "properties": { "MultiLine": { "markdownDescription": "A value that specifies whether JSON input contains embedded new line characters.", "title": "MultiLine", "type": "boolean" } }, "type": "object" }, "AWS::DataBrew::Dataset.Metadata": { "additionalProperties": false, "properties": { "SourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) associated with the dataset. Currently, DataBrew only supports ARNs from Amazon AppFlow.", "title": "SourceArn", "type": "string" } }, "type": "object" }, "AWS::DataBrew::Dataset.PathOptions": { "additionalProperties": false, "properties": { "FilesLimit": { "$ref": "#/definitions/AWS::DataBrew::Dataset.FilesLimit", "markdownDescription": "If provided, this structure imposes a limit on a number of files that should be selected.", "title": "FilesLimit" }, "LastModifiedDateCondition": { "$ref": "#/definitions/AWS::DataBrew::Dataset.FilterExpression", "markdownDescription": "If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 .", "title": "LastModifiedDateCondition" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::DataBrew::Dataset.PathParameter" }, "markdownDescription": "A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions.", "title": "Parameters", "type": "array" } }, "type": "object" }, "AWS::DataBrew::Dataset.PathParameter": { "additionalProperties": false, "properties": { "DatasetParameter": { "$ref": "#/definitions/AWS::DataBrew::Dataset.DatasetParameter", "markdownDescription": "The path parameter definition.", "title": "DatasetParameter" }, "PathParameterName": { "markdownDescription": "The name of the path parameter.", "title": "PathParameterName", "type": "string" } }, "required": [ "DatasetParameter", "PathParameterName" ], "type": "object" }, "AWS::DataBrew::Dataset.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The unique name of the object in the bucket.", "title": "Key", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::DataBrew::Job": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataCatalogOutputs": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.DataCatalogOutput" }, "markdownDescription": "One or more artifacts that represent the AWS Glue Data Catalog output from running the job.", "title": "DataCatalogOutputs", "type": "array" }, "DatabaseOutputs": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseOutput" }, "markdownDescription": "Represents a list of JDBC database output objects which defines the output destination for a DataBrew recipe job to write into.", "title": "DatabaseOutputs", "type": "array" }, "DatasetName": { "markdownDescription": "A dataset that the job is to process.", "title": "DatasetName", "type": "string" }, "EncryptionKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key that is used to protect the job output. For more information, see [Encrypting data written by DataBrew jobs](https://docs.aws.amazon.com/databrew/latest/dg/encryption-security-configuration.html)", "title": "EncryptionKeyArn", "type": "string" }, "EncryptionMode": { "markdownDescription": "The encryption mode for the job, which can be one of the following:\n\n- `SSE-KMS` - Server-side encryption with keys managed by AWS KMS .\n- `SSE-S3` - Server-side encryption with keys managed by Amazon S3.", "title": "EncryptionMode", "type": "string" }, "JobSample": { "$ref": "#/definitions/AWS::DataBrew::Job.JobSample", "markdownDescription": "A sample configuration for profile jobs only, which determines the number of rows on which the profile job is run. If a `JobSample` value isn't provided, the default value is used. The default value is CUSTOM_ROWS for the mode parameter and 20,000 for the size parameter.", "title": "JobSample" }, "LogSubscription": { "markdownDescription": "The current status of Amazon CloudWatch logging for the job.", "title": "LogSubscription", "type": "string" }, "MaxCapacity": { "markdownDescription": "The maximum number of nodes that can be consumed when the job processes data.", "title": "MaxCapacity", "type": "number" }, "MaxRetries": { "markdownDescription": "The maximum number of times to retry the job after a job run fails.", "title": "MaxRetries", "type": "number" }, "Name": { "markdownDescription": "The unique name of the job.", "title": "Name", "type": "string" }, "OutputLocation": { "$ref": "#/definitions/AWS::DataBrew::Job.OutputLocation", "markdownDescription": "The location in Amazon S3 where the job writes its output.", "title": "OutputLocation" }, "Outputs": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.Output" }, "markdownDescription": "One or more artifacts that represent output from running the job.", "title": "Outputs", "type": "array" }, "ProfileConfiguration": { "$ref": "#/definitions/AWS::DataBrew::Job.ProfileConfiguration", "markdownDescription": "Configuration for profile jobs. Configuration can be used to select columns, do evaluations, and override default parameters of evaluations. When configuration is undefined, the profile job will apply default settings to all supported columns.", "title": "ProfileConfiguration" }, "ProjectName": { "markdownDescription": "The name of the project that the job is associated with.", "title": "ProjectName", "type": "string" }, "Recipe": { "$ref": "#/definitions/AWS::DataBrew::Job.Recipe", "markdownDescription": "A series of data transformation steps that the job runs.", "title": "Recipe" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role to be assumed for this job.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata tags that have been applied to the job.", "title": "Tags", "type": "array" }, "Timeout": { "markdownDescription": "The job's timeout in minutes. A job that attempts to run longer than this timeout period ends with a status of `TIMEOUT` .", "title": "Timeout", "type": "number" }, "Type": { "markdownDescription": "The job type of the job, which must be one of the following:\n\n- `PROFILE` - A job to analyze a dataset, to determine its size, data types, data distribution, and more.\n- `RECIPE` - A job to apply one or more transformations to a dataset.", "title": "Type", "type": "string" }, "ValidationConfigurations": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.ValidationConfiguration" }, "markdownDescription": "List of validation configurations that are applied to the profile job.", "title": "ValidationConfigurations", "type": "array" } }, "required": [ "Name", "RoleArn", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Job" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Job.AllowedStatistics": { "additionalProperties": false, "properties": { "Statistics": { "items": { "type": "string" }, "markdownDescription": "One or more column statistics to allow for columns that contain detected entities.", "title": "Statistics", "type": "array" } }, "required": [ "Statistics" ], "type": "object" }, "AWS::DataBrew::Job.ColumnSelector": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of a column from a dataset.", "title": "Name", "type": "string" }, "Regex": { "markdownDescription": "A regular expression for selecting a column from a dataset.", "title": "Regex", "type": "string" } }, "type": "object" }, "AWS::DataBrew::Job.ColumnStatisticsConfiguration": { "additionalProperties": false, "properties": { "Selectors": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" }, "markdownDescription": "List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns.", "title": "Selectors", "type": "array" }, "Statistics": { "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", "markdownDescription": "Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations.", "title": "Statistics" } }, "required": [ "Statistics" ], "type": "object" }, "AWS::DataBrew::Job.CsvOutputOptions": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "A single character that specifies the delimiter used to create CSV job output.", "title": "Delimiter", "type": "string" } }, "type": "object" }, "AWS::DataBrew::Job.DataCatalogOutput": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of a database in the Data Catalog.", "title": "DatabaseName", "type": "string" }, "DatabaseOptions": { "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", "title": "DatabaseOptions" }, "Overwrite": { "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions.", "title": "Overwrite", "type": "boolean" }, "S3Options": { "$ref": "#/definitions/AWS::DataBrew::Job.S3TableOutputOptions", "markdownDescription": "Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs.", "title": "S3Options" }, "TableName": { "markdownDescription": "The name of a table in the Data Catalog.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "TableName" ], "type": "object" }, "AWS::DataBrew::Job.DatabaseOutput": { "additionalProperties": false, "properties": { "DatabaseOptions": { "$ref": "#/definitions/AWS::DataBrew::Job.DatabaseTableOutputOptions", "markdownDescription": "Represents options that specify how and where DataBrew writes the database output generated by recipe jobs.", "title": "DatabaseOptions" }, "DatabaseOutputMode": { "markdownDescription": "The output mode to write into the database. Currently supported option: NEW_TABLE.", "title": "DatabaseOutputMode", "type": "string" }, "GlueConnectionName": { "markdownDescription": "The AWS Glue connection that stores the connection information for the target database.", "title": "GlueConnectionName", "type": "string" } }, "required": [ "DatabaseOptions", "GlueConnectionName" ], "type": "object" }, "AWS::DataBrew::Job.DatabaseTableOutputOptions": { "additionalProperties": false, "properties": { "TableName": { "markdownDescription": "A prefix for the name of a table DataBrew will create in the database.", "title": "TableName", "type": "string" }, "TempDirectory": { "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results.", "title": "TempDirectory" } }, "required": [ "TableName" ], "type": "object" }, "AWS::DataBrew::Job.EntityDetectorConfiguration": { "additionalProperties": false, "properties": { "AllowedStatistics": { "$ref": "#/definitions/AWS::DataBrew::Job.AllowedStatistics", "markdownDescription": "Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities.", "title": "AllowedStatistics" }, "EntityTypes": { "items": { "type": "string" }, "markdownDescription": "Entity types to detect. Can be any of the following:\n\n- USA_SSN\n- EMAIL\n- USA_ITIN\n- USA_PASSPORT_NUMBER\n- PHONE_NUMBER\n- USA_DRIVING_LICENSE\n- BANK_ACCOUNT\n- CREDIT_CARD\n- IP_ADDRESS\n- MAC_ADDRESS\n- USA_DEA_NUMBER\n- USA_HCPCS_CODE\n- USA_NATIONAL_PROVIDER_IDENTIFIER\n- USA_NATIONAL_DRUG_CODE\n- USA_HEALTH_INSURANCE_CLAIM_NUMBER\n- USA_MEDICARE_BENEFICIARY_IDENTIFIER\n- USA_CPT_CODE\n- PERSON_NAME\n- DATE\n\nThe Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE.", "title": "EntityTypes", "type": "array" } }, "required": [ "EntityTypes" ], "type": "object" }, "AWS::DataBrew::Job.JobSample": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following:\n\n- FULL_DATASET - The profile job is run on the entire dataset.\n- CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter.", "title": "Mode", "type": "string" }, "Size": { "markdownDescription": "The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE.\n\nLong.MAX_VALUE = 9223372036854775807", "title": "Size", "type": "number" } }, "type": "object" }, "AWS::DataBrew::Job.Output": { "additionalProperties": false, "properties": { "CompressionFormat": { "markdownDescription": "The compression algorithm used to compress the output text of the job.", "title": "CompressionFormat", "type": "string" }, "Format": { "markdownDescription": "The data format of the output of the job.", "title": "Format", "type": "string" }, "FormatOptions": { "$ref": "#/definitions/AWS::DataBrew::Job.OutputFormatOptions", "markdownDescription": "Represents options that define how DataBrew formats job output files.", "title": "FormatOptions" }, "Location": { "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", "markdownDescription": "The location in Amazon S3 where the job writes its output.", "title": "Location" }, "MaxOutputFiles": { "markdownDescription": "The maximum number of files to be generated by the job and written to the output folder.", "title": "MaxOutputFiles", "type": "number" }, "Overwrite": { "markdownDescription": "A value that, if true, means that any data in the location specified for output is overwritten with new output.", "title": "Overwrite", "type": "boolean" }, "PartitionColumns": { "items": { "type": "string" }, "markdownDescription": "The names of one or more partition columns for the output of the job.", "title": "PartitionColumns", "type": "array" } }, "required": [ "Location" ], "type": "object" }, "AWS::DataBrew::Job.OutputFormatOptions": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::DataBrew::Job.CsvOutputOptions", "markdownDescription": "Represents a set of options that define the structure of comma-separated value (CSV) job output.", "title": "Csv" } }, "type": "object" }, "AWS::DataBrew::Job.OutputLocation": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "Bucket", "type": "string" }, "BucketOwner": { "markdownDescription": "", "title": "BucketOwner", "type": "string" }, "Key": { "markdownDescription": "The unique name of the object in the bucket.", "title": "Key", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::DataBrew::Job.ProfileConfiguration": { "additionalProperties": false, "properties": { "ColumnStatisticsConfigurations": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.ColumnStatisticsConfiguration" }, "markdownDescription": "List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations.", "title": "ColumnStatisticsConfigurations", "type": "array" }, "DatasetStatisticsConfiguration": { "$ref": "#/definitions/AWS::DataBrew::Job.StatisticsConfiguration", "markdownDescription": "Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations.", "title": "DatasetStatisticsConfiguration" }, "EntityDetectorConfiguration": { "$ref": "#/definitions/AWS::DataBrew::Job.EntityDetectorConfiguration", "markdownDescription": "Configuration of entity detection for a profile job. When undefined, entity detection is disabled.", "title": "EntityDetectorConfiguration" }, "ProfileColumns": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.ColumnSelector" }, "markdownDescription": "List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns.", "title": "ProfileColumns", "type": "array" } }, "type": "object" }, "AWS::DataBrew::Job.Recipe": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The unique name for the recipe.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The identifier for the version for the recipe.", "title": "Version", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::DataBrew::Job.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "Bucket", "type": "string" }, "BucketOwner": { "markdownDescription": "The AWS account ID of the bucket owner.", "title": "BucketOwner", "type": "string" }, "Key": { "markdownDescription": "The unique name of the object in the bucket.", "title": "Key", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::DataBrew::Job.S3TableOutputOptions": { "additionalProperties": false, "properties": { "Location": { "$ref": "#/definitions/AWS::DataBrew::Job.S3Location", "markdownDescription": "Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job.", "title": "Location" } }, "required": [ "Location" ], "type": "object" }, "AWS::DataBrew::Job.StatisticOverride": { "additionalProperties": false, "properties": { "Parameters": { "additionalProperties": true, "markdownDescription": "A map that includes overrides of an evaluation\u2019s parameters.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Statistic": { "markdownDescription": "The name of an evaluation", "title": "Statistic", "type": "string" } }, "required": [ "Parameters", "Statistic" ], "type": "object" }, "AWS::DataBrew::Job.StatisticsConfiguration": { "additionalProperties": false, "properties": { "IncludedStatistics": { "items": { "type": "string" }, "markdownDescription": "List of included evaluations. When the list is undefined, all supported evaluations will be included.", "title": "IncludedStatistics", "type": "array" }, "Overrides": { "items": { "$ref": "#/definitions/AWS::DataBrew::Job.StatisticOverride" }, "markdownDescription": "List of overrides for evaluations.", "title": "Overrides", "type": "array" } }, "type": "object" }, "AWS::DataBrew::Job.ValidationConfiguration": { "additionalProperties": false, "properties": { "RulesetArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the ruleset to be validated in the profile job. The TargetArn of the selected ruleset should be the same as the Amazon Resource Name (ARN) of the dataset that is associated with the profile job.", "title": "RulesetArn", "type": "string" }, "ValidationMode": { "markdownDescription": "Mode of data quality validation. Default mode is \u201cCHECK_ALL\u201d which verifies all rules defined in the selected ruleset.", "title": "ValidationMode", "type": "string" } }, "required": [ "RulesetArn" ], "type": "object" }, "AWS::DataBrew::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatasetName": { "markdownDescription": "The dataset that the project is to act upon.", "title": "DatasetName", "type": "string" }, "Name": { "markdownDescription": "The unique name of a project.", "title": "Name", "type": "string" }, "RecipeName": { "markdownDescription": "The name of a recipe that will be developed during a project session.", "title": "RecipeName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that will be assumed for this project.", "title": "RoleArn", "type": "string" }, "Sample": { "$ref": "#/definitions/AWS::DataBrew::Project.Sample", "markdownDescription": "The sample size and sampling type to apply to the data. If this parameter isn't specified, then the sample consists of the first 500 rows from the dataset.", "title": "Sample" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata tags that have been applied to the project.", "title": "Tags", "type": "array" } }, "required": [ "DatasetName", "Name", "RecipeName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Project.Sample": { "additionalProperties": false, "properties": { "Size": { "markdownDescription": "The number of rows in the sample.", "title": "Size", "type": "number" }, "Type": { "markdownDescription": "The way in which DataBrew obtains rows from a dataset.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DataBrew::Recipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the recipe.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The unique name for the recipe.", "title": "Name", "type": "string" }, "Steps": { "items": { "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeStep" }, "markdownDescription": "A list of steps that are defined by the recipe.", "title": "Steps", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata tags that have been applied to the recipe.", "title": "Tags", "type": "array" } }, "required": [ "Name", "Steps" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Recipe" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Recipe.Action": { "additionalProperties": false, "properties": { "Operation": { "markdownDescription": "The name of a valid DataBrew transformation to be performed on the data.", "title": "Operation", "type": "string" }, "Parameters": { "$ref": "#/definitions/AWS::DataBrew::Recipe.RecipeParameters", "markdownDescription": "Contextual parameters for the transformation.", "title": "Parameters" } }, "required": [ "Operation" ], "type": "object" }, "AWS::DataBrew::Recipe.ConditionExpression": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "A specific condition to apply to a recipe action. For more information, see [Recipe structure](https://docs.aws.amazon.com/databrew/latest/dg/recipe-structure.html) in the *AWS Glue DataBrew Developer Guide* .", "title": "Condition", "type": "string" }, "TargetColumn": { "markdownDescription": "A column to apply this condition to.", "title": "TargetColumn", "type": "string" }, "Value": { "markdownDescription": "A value that the condition must evaluate to for the condition to succeed.", "title": "Value", "type": "string" } }, "required": [ "Condition", "TargetColumn" ], "type": "object" }, "AWS::DataBrew::Recipe.DataCatalogInputDefinition": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The unique identifier of the AWS account that holds the Data Catalog that stores the data.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of a database in the Data Catalog.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The name of a database table in the Data Catalog. This table corresponds to a DataBrew dataset.", "title": "TableName", "type": "string" }, "TempDirectory": { "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", "markdownDescription": "Represents an Amazon location where DataBrew can store intermediate results.", "title": "TempDirectory" } }, "type": "object" }, "AWS::DataBrew::Recipe.Input": { "additionalProperties": false, "properties": { "DataCatalogInputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", "title": "DataCatalogInputDefinition" }, "S3InputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", "markdownDescription": "The Amazon S3 location where the data is stored.", "title": "S3InputDefinition" } }, "type": "object" }, "AWS::DataBrew::Recipe.RecipeParameters": { "additionalProperties": false, "properties": { "AggregateFunction": { "markdownDescription": "The name of an aggregation function to apply.", "title": "AggregateFunction", "type": "string" }, "Base": { "markdownDescription": "The number of digits used in a counting system.", "title": "Base", "type": "string" }, "CaseStatement": { "markdownDescription": "A case statement associated with a recipe.", "title": "CaseStatement", "type": "string" }, "CategoryMap": { "markdownDescription": "A category map used for one-hot encoding.", "title": "CategoryMap", "type": "string" }, "CharsToRemove": { "markdownDescription": "Characters to remove from a step that applies one-hot encoding or tokenization.", "title": "CharsToRemove", "type": "string" }, "CollapseConsecutiveWhitespace": { "markdownDescription": "Remove any non-word non-punctuation character.", "title": "CollapseConsecutiveWhitespace", "type": "string" }, "ColumnDataType": { "markdownDescription": "The data type of the column.", "title": "ColumnDataType", "type": "string" }, "ColumnRange": { "markdownDescription": "A range of columns to which a step is applied.", "title": "ColumnRange", "type": "string" }, "Count": { "markdownDescription": "The number of times a string needs to be repeated.", "title": "Count", "type": "string" }, "CustomCharacters": { "markdownDescription": "One or more characters that can be substituted or removed, depending on the context.", "title": "CustomCharacters", "type": "string" }, "CustomStopWords": { "markdownDescription": "A list of words to ignore in a step that applies word tokenization.", "title": "CustomStopWords", "type": "string" }, "CustomValue": { "markdownDescription": "A list of custom values to use in a step that requires that you provide a value to finish the operation.", "title": "CustomValue", "type": "string" }, "DatasetsColumns": { "markdownDescription": "A list of the dataset columns included in a project.", "title": "DatasetsColumns", "type": "string" }, "DateAddValue": { "markdownDescription": "A value that specifies how many units of time to add or subtract for a date math operation.", "title": "DateAddValue", "type": "string" }, "DateTimeFormat": { "markdownDescription": "A date format to apply to a date.", "title": "DateTimeFormat", "type": "string" }, "DateTimeParameters": { "markdownDescription": "A set of parameters associated with a datetime.", "title": "DateTimeParameters", "type": "string" }, "DeleteOtherRows": { "markdownDescription": "Determines whether unmapped rows in a categorical mapping should be deleted", "title": "DeleteOtherRows", "type": "string" }, "Delimiter": { "markdownDescription": "The delimiter to use when parsing separated values in a text file.", "title": "Delimiter", "type": "string" }, "EndPattern": { "markdownDescription": "The end pattern to locate.", "title": "EndPattern", "type": "string" }, "EndPosition": { "markdownDescription": "The end position to locate.", "title": "EndPosition", "type": "string" }, "EndValue": { "markdownDescription": "The end value to locate.", "title": "EndValue", "type": "string" }, "ExpandContractions": { "markdownDescription": "A list of word contractions and what they expand to. For eample: *can't* ; *cannot* ; *can not* .", "title": "ExpandContractions", "type": "string" }, "Exponent": { "markdownDescription": "The exponent to apply in an exponential operation.", "title": "Exponent", "type": "string" }, "FalseString": { "markdownDescription": "A value that represents `FALSE` .", "title": "FalseString", "type": "string" }, "GroupByAggFunctionOptions": { "markdownDescription": "Specifies options to apply to the `GROUP BY` used in an aggregation.", "title": "GroupByAggFunctionOptions", "type": "string" }, "GroupByColumns": { "markdownDescription": "The columns to use in the `GROUP BY` clause.", "title": "GroupByColumns", "type": "string" }, "HiddenColumns": { "markdownDescription": "A list of columns to hide.", "title": "HiddenColumns", "type": "string" }, "IgnoreCase": { "markdownDescription": "Indicates that lower and upper case letters are treated equally.", "title": "IgnoreCase", "type": "string" }, "IncludeInSplit": { "markdownDescription": "Indicates if this column is participating in a split transform.", "title": "IncludeInSplit", "type": "string" }, "Input": { "$ref": "#/definitions/AWS::DataBrew::Recipe.Input", "markdownDescription": "The input location to load the dataset from - Amazon S3 or AWS Glue Data Catalog .", "title": "Input" }, "Interval": { "markdownDescription": "The number of characters to split by.", "title": "Interval", "type": "string" }, "IsText": { "markdownDescription": "Indicates if the content is text.", "title": "IsText", "type": "string" }, "JoinKeys": { "markdownDescription": "The keys or columns involved in a join.", "title": "JoinKeys", "type": "string" }, "JoinType": { "markdownDescription": "The type of join to use, for example, `INNER JOIN` , `OUTER JOIN` , and so on.", "title": "JoinType", "type": "string" }, "LeftColumns": { "markdownDescription": "The columns on the left side of the join.", "title": "LeftColumns", "type": "string" }, "Limit": { "markdownDescription": "The number of times to perform `split` or `replaceBy` in a string", "title": "Limit", "type": "string" }, "LowerBound": { "markdownDescription": "The lower boundary for a value.", "title": "LowerBound", "type": "string" }, "MapType": { "markdownDescription": "The type of mappings to apply to construct a new dynamic frame.", "title": "MapType", "type": "string" }, "ModeType": { "markdownDescription": "Determines the manner in which mode value is calculated, in case there is more than one mode value. Valid values: `NONE` | `AVERAGE` | `MINIMUM` | `MAXIMUM`", "title": "ModeType", "type": "string" }, "MultiLine": { "markdownDescription": "Specifies whether JSON input contains embedded new line characters.", "title": "MultiLine", "type": "boolean" }, "NumRows": { "markdownDescription": "The number of rows to consider in a window.", "title": "NumRows", "type": "string" }, "NumRowsAfter": { "markdownDescription": "The number of rows to consider after the current row in a window", "title": "NumRowsAfter", "type": "string" }, "NumRowsBefore": { "markdownDescription": "The number of rows to consider before the current row in a window", "title": "NumRowsBefore", "type": "string" }, "OrderByColumn": { "markdownDescription": "A column to sort the results by.", "title": "OrderByColumn", "type": "string" }, "OrderByColumns": { "markdownDescription": "The columns to sort the results by.", "title": "OrderByColumns", "type": "string" }, "Other": { "markdownDescription": "The value to assign to unmapped cells, in categorical mapping", "title": "Other", "type": "string" }, "Pattern": { "markdownDescription": "The pattern to locate.", "title": "Pattern", "type": "string" }, "PatternOption1": { "markdownDescription": "The starting pattern to split between.", "title": "PatternOption1", "type": "string" }, "PatternOption2": { "markdownDescription": "The ending pattern to split between.", "title": "PatternOption2", "type": "string" }, "PatternOptions": { "markdownDescription": "For splitting by multiple delimiters: A JSON-encoded string that lists the patterns in the format. For example: `[{\\\"pattern\\\":\\\"1\\\",\\\"includeInSplit\\\":true}]`", "title": "PatternOptions", "type": "string" }, "Period": { "markdownDescription": "The size of the rolling window.", "title": "Period", "type": "string" }, "Position": { "markdownDescription": "The character index within a string", "title": "Position", "type": "string" }, "RemoveAllPunctuation": { "markdownDescription": "If `true` , removes all of the following characters: `.` `.!` `.,` `.?`", "title": "RemoveAllPunctuation", "type": "string" }, "RemoveAllQuotes": { "markdownDescription": "If `true` , removes all single quotes and double quotes.", "title": "RemoveAllQuotes", "type": "string" }, "RemoveAllWhitespace": { "markdownDescription": "If `true` , removes all whitespaces from the value.", "title": "RemoveAllWhitespace", "type": "string" }, "RemoveCustomCharacters": { "markdownDescription": "If `true` , removes all chraracters specified by `CustomCharacters` .", "title": "RemoveCustomCharacters", "type": "string" }, "RemoveCustomValue": { "markdownDescription": "If `true` , removes all chraracters specified by `CustomValue` .", "title": "RemoveCustomValue", "type": "string" }, "RemoveLeadingAndTrailingPunctuation": { "markdownDescription": "If `true` , removes the following characters if they occur at the start or end of the value: `.` `!` `,` `?`", "title": "RemoveLeadingAndTrailingPunctuation", "type": "string" }, "RemoveLeadingAndTrailingQuotes": { "markdownDescription": "If `true` , removes single quotes and double quotes from the beginning and end of the value.", "title": "RemoveLeadingAndTrailingQuotes", "type": "string" }, "RemoveLeadingAndTrailingWhitespace": { "markdownDescription": "If `true` , removes all whitespaces from the beginning and end of the value.", "title": "RemoveLeadingAndTrailingWhitespace", "type": "string" }, "RemoveLetters": { "markdownDescription": "If `true` , removes all uppercase and lowercase alphabetic characters (A through Z; a through z).", "title": "RemoveLetters", "type": "string" }, "RemoveNumbers": { "markdownDescription": "If `true` , removes all numeric characters (0 through 9).", "title": "RemoveNumbers", "type": "string" }, "RemoveSourceColumn": { "markdownDescription": "If `true` , the source column will be removed after un-nesting that column. (Used with nested column types, such as Map, Struct, or Array.)", "title": "RemoveSourceColumn", "type": "string" }, "RemoveSpecialCharacters": { "markdownDescription": "If `true` , removes all of the following characters: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~`", "title": "RemoveSpecialCharacters", "type": "string" }, "RightColumns": { "markdownDescription": "The columns on the right side of a join.", "title": "RightColumns", "type": "string" }, "SampleSize": { "markdownDescription": "The number of rows in the sample.", "title": "SampleSize", "type": "string" }, "SampleType": { "markdownDescription": "The sampling type to apply to the dataset. Valid values: `FIRST_N` | `LAST_N` | `RANDOM`", "title": "SampleType", "type": "string" }, "SecondInput": { "markdownDescription": "A object value to indicate the second dataset used in a join.", "title": "SecondInput", "type": "string" }, "SecondaryInputs": { "items": { "$ref": "#/definitions/AWS::DataBrew::Recipe.SecondaryInput" }, "markdownDescription": "A list of secondary inputs in a UNION transform", "title": "SecondaryInputs", "type": "array" }, "SheetIndexes": { "items": { "type": "number" }, "markdownDescription": "One or more sheet numbers in the Excel file, which will be included in a dataset.", "title": "SheetIndexes", "type": "array" }, "SheetNames": { "items": { "type": "string" }, "markdownDescription": "Oone or more named sheets in the Excel file, which will be included in a dataset.", "title": "SheetNames", "type": "array" }, "SourceColumn": { "markdownDescription": "A source column needed for an operation, step, or transform.", "title": "SourceColumn", "type": "string" }, "SourceColumn1": { "markdownDescription": "A source column needed for an operation, step, or transform.", "title": "SourceColumn1", "type": "string" }, "SourceColumn2": { "markdownDescription": "A source column needed for an operation, step, or transform.", "title": "SourceColumn2", "type": "string" }, "SourceColumns": { "markdownDescription": "A list of source columns needed for an operation, step, or transform.", "title": "SourceColumns", "type": "string" }, "StartColumnIndex": { "markdownDescription": "The index number of the first column used by an operation, step, or transform.", "title": "StartColumnIndex", "type": "string" }, "StartPattern": { "markdownDescription": "The starting pattern to locate.", "title": "StartPattern", "type": "string" }, "StartPosition": { "markdownDescription": "The starting position to locate.", "title": "StartPosition", "type": "string" }, "StartValue": { "markdownDescription": "The starting value to locate.", "title": "StartValue", "type": "string" }, "StemmingMode": { "markdownDescription": "Indicates this operation uses stems and lemmas (base words) for word tokenization.", "title": "StemmingMode", "type": "string" }, "StepCount": { "markdownDescription": "The total number of transforms in this recipe.", "title": "StepCount", "type": "string" }, "StepIndex": { "markdownDescription": "The index ID of a step.", "title": "StepIndex", "type": "string" }, "StopWordsMode": { "markdownDescription": "Indicates this operation uses stop words as part of word tokenization.", "title": "StopWordsMode", "type": "string" }, "Strategy": { "markdownDescription": "The resolution strategy to apply in resolving ambiguities.", "title": "Strategy", "type": "string" }, "TargetColumn": { "markdownDescription": "The column targeted by this operation.", "title": "TargetColumn", "type": "string" }, "TargetColumnNames": { "markdownDescription": "The names to give columns altered by this operation.", "title": "TargetColumnNames", "type": "string" }, "TargetDateFormat": { "markdownDescription": "The date format to convert to.", "title": "TargetDateFormat", "type": "string" }, "TargetIndex": { "markdownDescription": "The index number of an object that is targeted by this operation.", "title": "TargetIndex", "type": "string" }, "TimeZone": { "markdownDescription": "The current timezone that you want to use for dates.", "title": "TimeZone", "type": "string" }, "TokenizerPattern": { "markdownDescription": "A regex expression to use when splitting text into terms, also called words or tokens.", "title": "TokenizerPattern", "type": "string" }, "TrueString": { "markdownDescription": "A value to use to represent `TRUE` .", "title": "TrueString", "type": "string" }, "UdfLang": { "markdownDescription": "The language that's used in the user-defined function.", "title": "UdfLang", "type": "string" }, "Units": { "markdownDescription": "Specifies a unit of time. For example: `MINUTES` ; `SECONDS` ; `HOURS` ; etc.", "title": "Units", "type": "string" }, "UnpivotColumn": { "markdownDescription": "Cast columns as rows, so that each value is a different row in a single column.", "title": "UnpivotColumn", "type": "string" }, "UpperBound": { "markdownDescription": "The upper boundary for a value.", "title": "UpperBound", "type": "string" }, "UseNewDataFrame": { "markdownDescription": "Create a new container to hold a dataset.", "title": "UseNewDataFrame", "type": "string" }, "Value": { "markdownDescription": "A static value that can be used in a comparison, a substitution, or in another context-specific way. A `Value` can be a number, string, or other datatype, depending on the recipe action in which it's used.", "title": "Value", "type": "string" }, "Value1": { "markdownDescription": "A value that's used by this operation.", "title": "Value1", "type": "string" }, "Value2": { "markdownDescription": "A value that's used by this operation.", "title": "Value2", "type": "string" }, "ValueColumn": { "markdownDescription": "The column that is provided as a value that's used by this operation.", "title": "ValueColumn", "type": "string" }, "ViewFrame": { "markdownDescription": "The subset of rows currently available for viewing.", "title": "ViewFrame", "type": "string" } }, "type": "object" }, "AWS::DataBrew::Recipe.RecipeStep": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::DataBrew::Recipe.Action", "markdownDescription": "The particular action to be performed in the recipe step.", "title": "Action" }, "ConditionExpressions": { "items": { "$ref": "#/definitions/AWS::DataBrew::Recipe.ConditionExpression" }, "markdownDescription": "One or more conditions that must be met for the recipe step to succeed.\n\n> All of the conditions in the array must be met. In other words, all of the conditions must be combined using a logical AND operation.", "title": "ConditionExpressions", "type": "array" } }, "required": [ "Action" ], "type": "object" }, "AWS::DataBrew::Recipe.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The unique name of the object in the bucket.", "title": "Key", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::DataBrew::Recipe.SecondaryInput": { "additionalProperties": false, "properties": { "DataCatalogInputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Recipe.DataCatalogInputDefinition", "markdownDescription": "The AWS Glue Data Catalog parameters for the data.", "title": "DataCatalogInputDefinition" }, "S3InputDefinition": { "$ref": "#/definitions/AWS::DataBrew::Recipe.S3Location", "markdownDescription": "The Amazon S3 location where the data is stored.", "title": "S3InputDefinition" } }, "type": "object" }, "AWS::DataBrew::Ruleset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the ruleset.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the ruleset.", "title": "Name", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::DataBrew::Ruleset.Rule" }, "markdownDescription": "Contains metadata about the ruleset.", "title": "Rules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "TargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a resource (dataset) that the ruleset is associated with.", "title": "TargetArn", "type": "string" } }, "required": [ "Name", "Rules", "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Ruleset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataBrew::Ruleset.ColumnSelector": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of a column from a dataset.", "title": "Name", "type": "string" }, "Regex": { "markdownDescription": "A regular expression for selecting a column from a dataset.", "title": "Regex", "type": "string" } }, "type": "object" }, "AWS::DataBrew::Ruleset.Rule": { "additionalProperties": false, "properties": { "CheckExpression": { "markdownDescription": "The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` .", "title": "CheckExpression", "type": "string" }, "ColumnSelectors": { "items": { "$ref": "#/definitions/AWS::DataBrew::Ruleset.ColumnSelector" }, "markdownDescription": "List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns.", "title": "ColumnSelectors", "type": "array" }, "Disabled": { "markdownDescription": "A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false.", "title": "Disabled", "type": "boolean" }, "Name": { "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, "SubstitutionMap": { "items": { "$ref": "#/definitions/AWS::DataBrew::Ruleset.SubstitutionValue" }, "markdownDescription": "The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `\":col1\": \"`Column A`\".`", "title": "SubstitutionMap", "type": "array" }, "Threshold": { "$ref": "#/definitions/AWS::DataBrew::Ruleset.Threshold", "markdownDescription": "The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds.", "title": "Threshold" } }, "required": [ "CheckExpression", "Name" ], "type": "object" }, "AWS::DataBrew::Ruleset.SubstitutionValue": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "Value or column name.", "title": "Value", "type": "string" }, "ValueReference": { "markdownDescription": "Variable name.", "title": "ValueReference", "type": "string" } }, "required": [ "Value", "ValueReference" ], "type": "object" }, "AWS::DataBrew::Ruleset.Threshold": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value.", "title": "Type", "type": "string" }, "Unit": { "markdownDescription": "Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "The value of a threshold.", "title": "Value", "type": "number" } }, "required": [ "Value" ], "type": "object" }, "AWS::DataBrew::Schedule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CronExpression": { "markdownDescription": "The dates and times when the job is to run. For more information, see [Working with cron expressions for recipe jobs](https://docs.aws.amazon.com/databrew/latest/dg/jobs.recipe.html#jobs.cron) in the *AWS Glue DataBrew Developer Guide* .", "title": "CronExpression", "type": "string" }, "JobNames": { "items": { "type": "string" }, "markdownDescription": "A list of jobs to be run, according to the schedule.", "title": "JobNames", "type": "array" }, "Name": { "markdownDescription": "The name of the schedule.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata tags that have been applied to the schedule.", "title": "Tags", "type": "array" } }, "required": [ "CronExpression", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::DataBrew::Schedule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataPipeline::Pipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Activate": { "markdownDescription": "Indicates whether to validate and start the pipeline or stop an active pipeline. By default, the value is set to `true` .", "title": "Activate", "type": "boolean" }, "Description": { "markdownDescription": "A description of the pipeline.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the pipeline.", "title": "Name", "type": "string" }, "ParameterObjects": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterObject" }, "markdownDescription": "The parameter objects used with the pipeline.", "title": "ParameterObjects", "type": "array" }, "ParameterValues": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterValue" }, "markdownDescription": "The parameter values used with the pipeline.", "title": "ParameterValues", "type": "array" }, "PipelineObjects": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineObject" }, "markdownDescription": "The objects that define the pipeline. These objects overwrite the existing pipeline definition. Not all objects, fields, and values can be updated. For information about restrictions, see [Editing Your Pipeline](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-manage-pipeline-modify-console.html) in the *AWS Data Pipeline Developer Guide* .", "title": "PipelineObjects", "type": "array" }, "PipelineTags": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.PipelineTag" }, "markdownDescription": "A list of arbitrary tags (key-value pairs) to associate with the pipeline, which you can use to control permissions. For more information, see [Controlling Access to Pipelines and Resources](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-control-access.html) in the *AWS Data Pipeline Developer Guide* .", "title": "PipelineTags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::DataPipeline::Pipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataPipeline::Pipeline.Field": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "Specifies the name of a field for a particular object. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .", "title": "Key", "type": "string" }, "RefValue": { "markdownDescription": "A field value that you specify as an identifier of another object in the same pipeline definition.\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", "title": "RefValue", "type": "string" }, "StringValue": { "markdownDescription": "A field value that you specify as a string. To view valid values for a particular field, see [Pipeline Object Reference](https://docs.aws.amazon.com/datapipeline/latest/DeveloperGuide/dp-pipeline-objects.html) in the *AWS Data Pipeline Developer Guide* .\n\n> You can specify the field value as either a string value ( `StringValue` ) or a reference to another object ( `RefValue` ), but not both. \n\nRequired if the key that you are using requires it.", "title": "StringValue", "type": "string" } }, "required": [ "Key" ], "type": "object" }, "AWS::DataPipeline::Pipeline.ParameterAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The field identifier.", "title": "Key", "type": "string" }, "StringValue": { "markdownDescription": "The field value, expressed as a String.", "title": "StringValue", "type": "string" } }, "required": [ "Key", "StringValue" ], "type": "object" }, "AWS::DataPipeline::Pipeline.ParameterObject": { "additionalProperties": false, "properties": { "Attributes": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.ParameterAttribute" }, "markdownDescription": "The attributes of the parameter object.", "title": "Attributes", "type": "array" }, "Id": { "markdownDescription": "The ID of the parameter object.", "title": "Id", "type": "string" } }, "required": [ "Attributes", "Id" ], "type": "object" }, "AWS::DataPipeline::Pipeline.ParameterValue": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the parameter value.", "title": "Id", "type": "string" }, "StringValue": { "markdownDescription": "The field value, expressed as a String.", "title": "StringValue", "type": "string" } }, "required": [ "Id", "StringValue" ], "type": "object" }, "AWS::DataPipeline::Pipeline.PipelineObject": { "additionalProperties": false, "properties": { "Fields": { "items": { "$ref": "#/definitions/AWS::DataPipeline::Pipeline.Field" }, "markdownDescription": "Key-value pairs that define the properties of the object.", "title": "Fields", "type": "array" }, "Id": { "markdownDescription": "The ID of the object.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the object.", "title": "Name", "type": "string" } }, "required": [ "Fields", "Id", "Name" ], "type": "object" }, "AWS::DataPipeline::Pipeline.PipelineTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key name of a tag.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value to associate with the key name.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::DataSync::Agent": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActivationKey": { "markdownDescription": "Specifies your DataSync agent's activation key. If you don't have an activation key, see [Activating your agent](https://docs.aws.amazon.com/datasync/latest/userguide/activate-agent.html) .", "title": "ActivationKey", "type": "string" }, "AgentName": { "markdownDescription": "Specifies a name for your agent. We recommend specifying a name that you can remember.", "title": "AgentName", "type": "string" }, "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups used to protect your data transfer task subnets. See [SecurityGroupArns](https://docs.aws.amazon.com/datasync/latest/userguide/API_Ec2Config.html#DataSync-Type-Ec2Config-SecurityGroupArns) .\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`", "title": "SecurityGroupArns", "type": "array" }, "SubnetArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the ARN of the subnet where your VPC service endpoint is located. You can only specify one ARN.", "title": "SubnetArns", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least one tag for your agent.", "title": "Tags", "type": "array" }, "VpcEndpointId": { "markdownDescription": "The ID of the virtual private cloud (VPC) endpoint that the agent has access to. This is the client-side VPC endpoint, powered by AWS PrivateLink . If you don't have an AWS PrivateLink VPC endpoint, see [AWS PrivateLink and VPC endpoints](https://docs.aws.amazon.com//vpc/latest/userguide/endpoint-services-overview.html) in the *Amazon VPC User Guide* .\n\nFor more information about activating your agent in a private network based on a VPC, see [Using AWS DataSync in a Virtual Private Cloud](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-in-vpc.html) in the *AWS DataSync User Guide.*\n\nA VPC endpoint ID looks like this: `vpce-01234d5aff67890e1` .", "title": "VpcEndpointId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::DataSync::Agent" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DataSync::LocationAzureBlob": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that can connect with your Azure Blob Storage container.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for your transfer](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .", "title": "AgentArns", "type": "array" }, "AzureAccessTier": { "markdownDescription": "Specifies the access tier that you want your objects or files transferred into. This only applies when using the location as a transfer destination. For more information, see [Access tiers](https://docs.aws.amazon.com/datasync/latest/userguide/creating-azure-blob-location.html#azure-blob-access-tiers) .", "title": "AzureAccessTier", "type": "string" }, "AzureBlobAuthenticationType": { "markdownDescription": "Specifies the authentication method DataSync uses to access your Azure Blob Storage. DataSync can access blob storage using a shared access signature (SAS).", "title": "AzureBlobAuthenticationType", "type": "string" }, "AzureBlobContainerUrl": { "markdownDescription": "Specifies the URL of the Azure Blob Storage container involved in your transfer.", "title": "AzureBlobContainerUrl", "type": "string" }, "AzureBlobSasConfiguration": { "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration", "markdownDescription": "Specifies the SAS configuration that allows DataSync to access your Azure Blob Storage.", "title": "AzureBlobSasConfiguration" }, "AzureBlobType": { "markdownDescription": "Specifies the type of blob that you want your objects or files to be when transferring them into Azure Blob Storage. Currently, DataSync only supports moving data into Azure Blob Storage as block blobs. For more information on blob types, see the [Azure Blob Storage documentation](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/rest/api/storageservices/understanding-block-blobs--append-blobs--and-page-blobs) .", "title": "AzureBlobType", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies path segments if you want to limit your transfer to a virtual directory in your container (for example, `/my/images` ).", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, "required": [ "AgentArns", "AzureBlobAuthenticationType" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationAzureBlob" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationAzureBlob.AzureBlobSasConfiguration": { "additionalProperties": false, "properties": { "AzureBlobSasToken": { "markdownDescription": "Specifies a SAS token that provides permissions to access your Azure Blob Storage.\n\nThe token is part of the SAS URI string that comes after the storage resource URI and a question mark. A token looks something like this:\n\n`sp=r&st=2023-12-20T14:54:52Z&se=2023-12-20T22:54:52Z&spr=https&sv=2021-06-08&sr=c&sig=aBBKDWQvyuVcTPH9EBp%2FXTI9E%2F%2Fmq171%2BZU178wcwqU%3D`", "title": "AzureBlobSasToken", "type": "string" } }, "required": [ "AzureBlobSasToken" ], "type": "object" }, "AWS::DataSync::LocationEFS": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPointArn": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the access point that DataSync uses to access the Amazon EFS file system.", "title": "AccessPointArn", "type": "string" }, "Ec2Config": { "$ref": "#/definitions/AWS::DataSync::LocationEFS.Ec2Config", "markdownDescription": "Specifies the subnet and security groups DataSync uses to access your Amazon EFS file system.", "title": "Ec2Config" }, "EfsFilesystemArn": { "markdownDescription": "Specifies the ARN for the Amazon EFS file system.", "title": "EfsFilesystemArn", "type": "string" }, "FileSystemAccessRoleArn": { "markdownDescription": "Specifies an AWS Identity and Access Management (IAM) role that DataSync assumes when mounting the Amazon EFS file system.", "title": "FileSystemAccessRoleArn", "type": "string" }, "InTransitEncryption": { "markdownDescription": "Specifies whether you want DataSync to use Transport Layer Security (TLS) 1.2 encryption when it copies data to or from the Amazon EFS file system.\n\nIf you specify an access point using `AccessPointArn` or an IAM role using `FileSystemAccessRoleArn` , you must set this parameter to `TLS1_2` .", "title": "InTransitEncryption", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies a mount path for your Amazon EFS file system. This is where DataSync reads or writes data (depending on if this is a source or destination location). By default, DataSync uses the root directory, but you can also include subdirectories.\n\n> You must specify a value with forward slashes (for example, `/path/to/folder` ).", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "Ec2Config" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationEFS" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationEFS.Ec2Config": { "additionalProperties": false, "properties": { "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups associated with an Amazon EFS file system's mount target.", "title": "SecurityGroupArns", "type": "array" }, "SubnetArn": { "markdownDescription": "Specifies the ARN of a subnet where DataSync creates the [network interfaces](https://docs.aws.amazon.com/datasync/latest/userguide/datasync-network.html#required-network-interfaces) for managing traffic during your transfer.\n\nThe subnet must be located:\n\n- In the same virtual private cloud (VPC) as the Amazon EFS file system.\n- In the same Availability Zone as at least one mount target for the Amazon EFS file system.\n\n> You don't need to specify a subnet that includes a file system mount target.", "title": "SubnetArn", "type": "string" } }, "required": [ "SecurityGroupArns", "SubnetArn" ], "type": "object" }, "AWS::DataSync::LocationFSxLustre": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FsxFilesystemArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the FSx for Lustre file system.", "title": "FsxFilesystemArn", "type": "string" }, "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for Lustre file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", "title": "SecurityGroupArns", "type": "array" }, "Subdirectory": { "markdownDescription": "A subdirectory in the location's path. This subdirectory in the FSx for Lustre file system is used to read data from the FSx for Lustre source location or write data to the FSx for Lustre destination.", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "SecurityGroupArns" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationFSxLustre" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationFSxONTAP": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Protocol": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.Protocol", "markdownDescription": "Specifies the data transfer protocol that DataSync uses to access your Amazon FSx file system.", "title": "Protocol" }, "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the security groups that DataSync can use to access your FSx for ONTAP file system. You must configure the security groups to allow outbound traffic on the following ports (depending on the protocol that you're using):\n\n- *Network File System (NFS)* : TCP ports 111, 635, and 2049\n- *Server Message Block (SMB)* : TCP port 445\n\nYour file system's security groups must also allow inbound traffic on the same port.", "title": "SecurityGroupArns", "type": "array" }, "StorageVirtualMachineArn": { "markdownDescription": "Specifies the ARN of the storage virtual machine (SVM) in your file system where you want to copy data to or from.", "title": "StorageVirtualMachineArn", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies a path to the file share in the SVM where you'll copy your data.\n\nYou can specify a junction path (also known as a mount point), qtree path (for NFS file shares), or share name (for SMB file shares). For example, your mount path might be `/vol1` , `/vol1/tree1` , or `/share1` .\n\n> Don't specify a junction path in the SVM's root volume. For more information, see [Managing FSx for ONTAP storage virtual machines](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) in the *Amazon FSx for NetApp ONTAP User Guide* .", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "SecurityGroupArns", "StorageVirtualMachineArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationFSxONTAP" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationFSxONTAP.NFS": { "additionalProperties": false, "properties": { "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NfsMountOptions", "markdownDescription": "Specifies how DataSync can access a location using the NFS protocol.", "title": "MountOptions" } }, "required": [ "MountOptions" ], "type": "object" }, "AWS::DataSync::LocationFSxONTAP.NfsMountOptions": { "additionalProperties": false, "properties": { "Version": { "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::DataSync::LocationFSxONTAP.Protocol": { "additionalProperties": false, "properties": { "NFS": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.NFS", "markdownDescription": "Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM).", "title": "NFS" }, "SMB": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SMB", "markdownDescription": "Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM.", "title": "SMB" } }, "type": "object" }, "AWS::DataSync::LocationFSxONTAP.SMB": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "Specifies the fully qualified domain name (FQDN) of the Microsoft Active Directory that your storage virtual machine (SVM) belongs to.\n\nIf you have multiple domains in your environment, configuring this setting makes sure that DataSync connects to the right SVM.", "title": "Domain", "type": "string" }, "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP.SmbMountOptions", "markdownDescription": "Specifies how DataSync can access a location using the SMB protocol.", "title": "MountOptions" }, "Password": { "markdownDescription": "Specifies the password of a user who has permission to access your SVM.", "title": "Password", "type": "string" }, "User": { "markdownDescription": "Specifies a user name that can mount the location and access the files, folders, and metadata that you need in the SVM.\n\nIf you provide a user in your Active Directory, note the following:\n\n- If you're using AWS Directory Service for Microsoft Active Directory , the user must be a member of the AWS Delegated FSx Administrators group.\n- If you're using a self-managed Active Directory, the user must be a member of either the Domain Admins group or a custom group that you specified for file system administration when you created your file system.\n\nMake sure that the user has the permissions it needs to copy the data you want:\n\n- `SE_TCB_NAME` : Required to set object ownership and file metadata. With this privilege, you also can copy NTFS discretionary access lists (DACLs).\n- `SE_SECURITY_NAME` : May be needed to copy NTFS system access control lists (SACLs). This operation specifically requires the Windows privilege, which is granted to members of the Domain Admins group. If you configure your task to copy SACLs, make sure that the user has the required privileges. For information about copying SACLs, see [Ownership and permissions-related options](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html#configure-ownership-and-permissions) .", "title": "User", "type": "string" } }, "required": [ "MountOptions", "Password", "User" ], "type": "object" }, "AWS::DataSync::LocationFSxONTAP.SmbMountOptions": { "additionalProperties": false, "properties": { "Version": { "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::DataSync::LocationFSxOpenZFS": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FsxFilesystemArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the FSx for OpenZFS file system.", "title": "FsxFilesystemArn", "type": "string" }, "Protocol": { "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.Protocol", "markdownDescription": "The type of protocol that AWS DataSync uses to access your file system.", "title": "Protocol" }, "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the security groups that are used to configure the FSx for OpenZFS file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", "title": "SecurityGroupArns", "type": "array" }, "Subdirectory": { "markdownDescription": "A subdirectory in the location's path that must begin with `/fsx` . DataSync uses this subdirectory to read or write data (depending on whether the file system is a source or destination location).", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key-value pair that represents a tag that you want to add to the resource. The value can be an empty string. This value helps you manage, filter, and search for your resources. We recommend that you create a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "Protocol", "SecurityGroupArns" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationFSxOpenZFS" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationFSxOpenZFS.MountOptions": { "additionalProperties": false, "properties": { "Version": { "markdownDescription": "The specific NFS version that you want DataSync to use to mount your NFS share. If the server refuses to use the version specified, the sync will fail. If you don't specify a version, DataSync defaults to `AUTOMATIC` . That is, DataSync automatically selects a version based on negotiation with the NFS server.\n\nYou can specify the following NFS versions:\n\n- *[NFSv3](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc1813)* : Stateless protocol version that allows for asynchronous writes on the server.\n- *[NFSv4.0](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3530)* : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- *[NFSv4.1](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5661)* : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. Version 4.1 also includes all features available in version 4.0.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::DataSync::LocationFSxOpenZFS.NFS": { "additionalProperties": false, "properties": { "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.MountOptions", "markdownDescription": "Represents the mount options that are available for DataSync to access an NFS location.", "title": "MountOptions" } }, "required": [ "MountOptions" ], "type": "object" }, "AWS::DataSync::LocationFSxOpenZFS.Protocol": { "additionalProperties": false, "properties": { "NFS": { "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS.NFS", "markdownDescription": "Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system.", "title": "NFS" } }, "type": "object" }, "AWS::DataSync::LocationFSxWindows": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "Specifies the name of the Microsoft Active Directory domain that the FSx for Windows File Server file system belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file system.", "title": "Domain", "type": "string" }, "FsxFilesystemArn": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) for the FSx for Windows File Server file system.", "title": "FsxFilesystemArn", "type": "string" }, "Password": { "markdownDescription": "Specifies the password of the user with the permissions to mount and access the files, folders, and file metadata in your FSx for Windows File Server file system.", "title": "Password", "type": "string" }, "SecurityGroupArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the security groups that are used to configure the FSx for Windows File Server file system.\n\n*Pattern* : `^arn:(aws|aws-cn|aws-us-gov|aws-iso|aws-iso-b):ec2:[a-z\\-0-9]*:[0-9]{12}:security-group/.*$`\n\n*Length constraints* : Maximum length of 128.", "title": "SecurityGroupArns", "type": "array" }, "Subdirectory": { "markdownDescription": "Specifies a mount path for your file system using forward slashes. This is where DataSync reads or writes data (depending on if this is a source or destination location).", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" }, "User": { "markdownDescription": "The user who has the permissions to access files and folders in the FSx for Windows File Server file system.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-fsx-location.html#FSxWuser) .", "title": "User", "type": "string" } }, "required": [ "SecurityGroupArns", "User" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationFSxWindows" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationHDFS": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the agents that are used to connect to the HDFS cluster.", "title": "AgentArns", "type": "array" }, "AuthenticationType": { "markdownDescription": "", "title": "AuthenticationType", "type": "string" }, "BlockSize": { "markdownDescription": "The size of data blocks to write into the HDFS cluster. The block size must be a multiple of 512 bytes. The default block size is 128 mebibytes (MiB).", "title": "BlockSize", "type": "number" }, "KerberosKeytab": { "markdownDescription": "The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. Provide the base64-encoded file text. If `KERBEROS` is specified for `AuthType` , this value is required.", "title": "KerberosKeytab", "type": "string" }, "KerberosKrb5Conf": { "markdownDescription": "The `krb5.conf` file that contains the Kerberos configuration information. You can load the `krb5.conf` by providing a string of the file's contents or an Amazon S3 presigned URL of the file. If `KERBEROS` is specified for `AuthType` , this value is required.", "title": "KerberosKrb5Conf", "type": "string" }, "KerberosPrincipal": { "markdownDescription": "The Kerberos principal with access to the files and folders on the HDFS cluster.\n\n> If `KERBEROS` is specified for `AuthenticationType` , this parameter is required.", "title": "KerberosPrincipal", "type": "string" }, "KmsKeyProviderUri": { "markdownDescription": "The URI of the HDFS cluster's Key Management Server (KMS).", "title": "KmsKeyProviderUri", "type": "string" }, "NameNodes": { "items": { "$ref": "#/definitions/AWS::DataSync::LocationHDFS.NameNode" }, "markdownDescription": "The NameNode that manages the HDFS namespace. The NameNode performs operations such as opening, closing, and renaming files and directories. The NameNode contains the information to map blocks of data to the DataNodes. You can use only one NameNode.", "title": "NameNodes", "type": "array" }, "QopConfiguration": { "$ref": "#/definitions/AWS::DataSync::LocationHDFS.QopConfiguration", "markdownDescription": "The Quality of Protection (QOP) configuration specifies the Remote Procedure Call (RPC) and data transfer protection settings configured on the Hadoop Distributed File System (HDFS) cluster. If `QopConfiguration` isn't specified, `RpcProtection` and `DataTransferProtection` default to `PRIVACY` . If you set `RpcProtection` or `DataTransferProtection` , the other parameter assumes the same value.", "title": "QopConfiguration" }, "ReplicationFactor": { "markdownDescription": "The number of DataNodes to replicate the data to when writing to the HDFS cluster. By default, data is replicated to three DataNodes.", "title": "ReplicationFactor", "type": "number" }, "SimpleUser": { "markdownDescription": "The user name used to identify the client on the host operating system.\n\n> If `SIMPLE` is specified for `AuthenticationType` , this parameter is required.", "title": "SimpleUser", "type": "string" }, "Subdirectory": { "markdownDescription": "A subdirectory in the HDFS cluster. This subdirectory is used to read data from or write data to the HDFS cluster. If the subdirectory isn't specified, it will default to `/` .", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key-value pair that represents the tag that you want to add to the location. The value can be an empty string. We recommend using tags to name your resources.", "title": "Tags", "type": "array" } }, "required": [ "AgentArns", "AuthenticationType", "NameNodes" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationHDFS" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationHDFS.NameNode": { "additionalProperties": false, "properties": { "Hostname": { "markdownDescription": "The hostname of the NameNode in the HDFS cluster. This value is the IP address or Domain Name Service (DNS) name of the NameNode. An agent that's installed on-premises uses this hostname to communicate with the NameNode in the network.", "title": "Hostname", "type": "string" }, "Port": { "markdownDescription": "The port that the NameNode uses to listen to client requests.", "title": "Port", "type": "number" } }, "required": [ "Hostname", "Port" ], "type": "object" }, "AWS::DataSync::LocationHDFS.QopConfiguration": { "additionalProperties": false, "properties": { "DataTransferProtection": { "markdownDescription": "The data transfer protection setting configured on the HDFS cluster. This setting corresponds to your `dfs.data.transfer.protection` setting in the `hdfs-site.xml` file on your Hadoop cluster.", "title": "DataTransferProtection", "type": "string" }, "RpcProtection": { "markdownDescription": "The Remote Procedure Call (RPC) protection setting configured on the HDFS cluster. This setting corresponds to your `hadoop.rpc.protection` setting in your `core-site.xml` file on your Hadoop cluster.", "title": "RpcProtection", "type": "string" } }, "type": "object" }, "AWS::DataSync::LocationNFS": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationNFS.MountOptions", "markdownDescription": "Specifies the options that DataSync can use to mount your NFS file server.", "title": "MountOptions" }, "OnPremConfig": { "$ref": "#/definitions/AWS::DataSync::LocationNFS.OnPremConfig", "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that want to connect to your NFS file server.\n\nYou can specify more than one agent. For more information, see [Using multiple agents for transfers](https://docs.aws.amazon.com/datasync/latest/userguide/multiple-agents.html) .", "title": "OnPremConfig" }, "ServerHostname": { "markdownDescription": "Specifies the Domain Name System (DNS) name or IP version 4 address of the NFS file server that your DataSync agent connects to.", "title": "ServerHostname", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies the export path in your NFS file server that you want DataSync to mount.\n\nThis path (or a subdirectory of the path) is where DataSync transfers data to or from. For information on configuring an export for DataSync, see [Accessing NFS file servers](https://docs.aws.amazon.com/datasync/latest/userguide/create-nfs-location.html#accessing-nfs) .", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "OnPremConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationNFS" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationNFS.MountOptions": { "additionalProperties": false, "properties": { "Version": { "markdownDescription": "Specifies the NFS version that you want DataSync to use when mounting your NFS share. If the server refuses to use the version specified, the task fails.\n\nYou can specify the following options:\n\n- `AUTOMATIC` (default): DataSync chooses NFS version 4.1.\n- `NFS3` : Stateless protocol version that allows for asynchronous writes on the server.\n- `NFSv4_0` : Stateful, firewall-friendly protocol version that supports delegations and pseudo file systems.\n- `NFSv4_1` : Stateful protocol version that supports sessions, directory delegations, and parallel data processing. NFS version 4.1 also includes all features available in version 4.0.\n\n> DataSync currently only supports NFS version 3 with Amazon FSx for NetApp ONTAP locations.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::DataSync::LocationNFS.OnPremConfig": { "additionalProperties": false, "properties": { "AgentArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the agents connecting to a transfer location.", "title": "AgentArns", "type": "array" } }, "required": [ "AgentArns" ], "type": "object" }, "AWS::DataSync::LocationObjectStorage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessKey": { "markdownDescription": "Specifies the access key (for example, a user name) if credentials are required to authenticate with the object storage server.", "title": "AccessKey", "type": "string" }, "AgentArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Resource Names (ARNs) of the DataSync agents that can securely connect with your location.", "title": "AgentArns", "type": "array" }, "BucketName": { "markdownDescription": "Specifies the name of the object storage bucket involved in the transfer.", "title": "BucketName", "type": "string" }, "SecretKey": { "markdownDescription": "Specifies the secret key (for example, a password) if credentials are required to authenticate with the object storage server.", "title": "SecretKey", "type": "string" }, "ServerCertificate": { "markdownDescription": "Specifies a certificate chain for DataSync to authenticate with your object storage system if the system uses a private or self-signed certificate authority (CA). You must specify a single `.pem` file with a full certificate chain (for example, `file:///home/user/.ssh/object_storage_certificates.pem` ).\n\nThe certificate chain might include:\n\n- The object storage system's certificate\n- All intermediate certificates (if there are any)\n- The root certificate of the signing CA\n\nYou can concatenate your certificates into a `.pem` file (which can be up to 32768 bytes before base64 encoding). The following example `cat` command creates an `object_storage_certificates.pem` file that includes three certificates:\n\n`cat object_server_certificate.pem intermediate_certificate.pem ca_root_certificate.pem > object_storage_certificates.pem`\n\nTo use this parameter, configure `ServerProtocol` to `HTTPS` .", "title": "ServerCertificate", "type": "string" }, "ServerHostname": { "markdownDescription": "Specifies the domain name or IP address of the object storage server. A DataSync agent uses this hostname to mount the object storage server in a network.", "title": "ServerHostname", "type": "string" }, "ServerPort": { "markdownDescription": "Specifies the port that your object storage server accepts inbound network traffic on (for example, port 443).", "title": "ServerPort", "type": "number" }, "ServerProtocol": { "markdownDescription": "Specifies the protocol that your object storage server uses to communicate.", "title": "ServerProtocol", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies the object prefix for your object storage server. If this is a source location, DataSync only copies objects with this prefix. If this is a destination location, DataSync writes all objects with this prefix.", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the key-value pair that represents a tag that you want to add to the resource. Tags can help you manage, filter, and search for your resources. We recommend creating a name tag for your location.", "title": "Tags", "type": "array" } }, "required": [ "AgentArns" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationObjectStorage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationS3": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "S3BucketArn": { "markdownDescription": "The ARN of the Amazon S3 bucket.", "title": "S3BucketArn", "type": "string" }, "S3Config": { "$ref": "#/definitions/AWS::DataSync::LocationS3.S3Config", "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that is used to access an Amazon S3 bucket.\n\nFor detailed information about using such a role, see [Creating a Location for Amazon S3](https://docs.aws.amazon.com/datasync/latest/userguide/working-with-locations.html#create-s3-location) in the *AWS DataSync User Guide* .", "title": "S3Config" }, "S3StorageClass": { "markdownDescription": "The Amazon S3 storage class that you want to store your files in when this location is used as a task destination. For buckets in AWS Regions , the storage class defaults to S3 Standard.\n\nFor more information about S3 storage classes, see [Amazon S3 Storage Classes](https://docs.aws.amazon.com/s3/storage-classes/) . Some storage classes have behaviors that can affect your S3 storage costs. For detailed information, see [Considerations When Working with Amazon S3 Storage Classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .", "title": "S3StorageClass", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies a prefix in the S3 bucket that DataSync reads from or writes to (depending on whether the bucket is a source or destination location).\n\n> DataSync can't transfer objects with a prefix that begins with a slash ( `/` ) or includes `//` , `/./` , or `/../` patterns. For example:\n> \n> - `/photos`\n> - `photos//2006/January`\n> - `photos/./2006/February`\n> - `photos/../2006/March`", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your transfer location.", "title": "Tags", "type": "array" } }, "required": [ "S3Config" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationS3" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationS3.S3Config": { "additionalProperties": false, "properties": { "BucketAccessRoleArn": { "markdownDescription": "Specifies the ARN of the IAM role that DataSync uses to access your S3 bucket.", "title": "BucketAccessRoleArn", "type": "string" } }, "required": [ "BucketAccessRoleArn" ], "type": "object" }, "AWS::DataSync::LocationSMB": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of agents to use for a Server Message Block (SMB) location.", "title": "AgentArns", "type": "array" }, "Domain": { "markdownDescription": "Specifies the name of the Active Directory domain that your SMB file server belongs to.\n\nIf you have multiple Active Directory domains in your environment, configuring this parameter makes sure that DataSync connects to the right file server.", "title": "Domain", "type": "string" }, "MountOptions": { "$ref": "#/definitions/AWS::DataSync::LocationSMB.MountOptions", "markdownDescription": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server.", "title": "MountOptions" }, "Password": { "markdownDescription": "The password of the user who can mount the share and has the permissions to access files and folders in the SMB share.", "title": "Password", "type": "string" }, "ServerHostname": { "markdownDescription": "Specifies the Domain Name Service (DNS) name or IP address of the SMB file server that your DataSync agent will mount.\n\n> You can't specify an IP version 6 (IPv6) address.", "title": "ServerHostname", "type": "string" }, "Subdirectory": { "markdownDescription": "The subdirectory in the SMB file system that is used to read data from the SMB source location or write data to the SMB destination. The SMB path should be a path that's exported by the SMB server, or a subdirectory of that path. The path should be such that it can be mounted by other SMB clients in your network.\n\n> `Subdirectory` must be specified with forward slashes. For example, `/path/to/folder` . \n\nTo transfer all the data in the folder you specified, DataSync must have permissions to mount the SMB share, as well as to access all the data in that share. To ensure this, either make sure that the user name and password specified belongs to the user who can mount the share, and who has the appropriate permissions for all of the files and directories that you want DataSync to access, or use credentials of a member of the Backup Operators group to mount the share. Doing either one enables the agent to access the data. For the agent to access directories, you must additionally enable all execute access.", "title": "Subdirectory", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your location.", "title": "Tags", "type": "array" }, "User": { "markdownDescription": "The user who can mount the share and has the permissions to access files and folders in the SMB share.\n\nFor information about choosing a user name that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .", "title": "User", "type": "string" } }, "required": [ "AgentArns", "User" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::LocationSMB" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::LocationSMB.MountOptions": { "additionalProperties": false, "properties": { "Version": { "markdownDescription": "By default, DataSync automatically chooses an SMB protocol version based on negotiation with your SMB file server. You also can configure DataSync to use a specific SMB version, but we recommend doing this only if DataSync has trouble negotiating with the SMB file server automatically.\n\nThese are the following options for configuring the SMB version:\n\n- `AUTOMATIC` (default): DataSync and the SMB file server negotiate the highest version of SMB that they mutually support between 2.1 and 3.1.1.\n\nThis is the recommended option. If you instead choose a specific version that your file server doesn't support, you may get an `Operation Not Supported` error.\n- `SMB3` : Restricts the protocol negotiation to only SMB version 3.0.2.\n- `SMB2` : Restricts the protocol negotiation to only SMB version 2.1.\n- `SMB2_0` : Restricts the protocol negotiation to only SMB version 2.0.\n- `SMB1` : Restricts the protocol negotiation to only SMB version 1.0.\n\n> The `SMB1` option isn't available when [creating an Amazon FSx for NetApp ONTAP location](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateLocationFsxOntap.html) .", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::DataSync::StorageSystem": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the DataSync agent that connects to and reads from your on-premises storage system's management interface. You can only specify one ARN.", "title": "AgentArns", "type": "array" }, "CloudWatchLogGroupArn": { "markdownDescription": "Specifies the ARN of the Amazon CloudWatch log group for monitoring and logging discovery job events.", "title": "CloudWatchLogGroupArn", "type": "string" }, "Name": { "markdownDescription": "Specifies a familiar name for your on-premises storage system.", "title": "Name", "type": "string" }, "ServerConfiguration": { "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerConfiguration", "markdownDescription": "Specifies the server name and network port required to connect with the management interface of your on-premises storage system.", "title": "ServerConfiguration" }, "ServerCredentials": { "$ref": "#/definitions/AWS::DataSync::StorageSystem.ServerCredentials", "markdownDescription": "Specifies the user name and password for accessing your on-premises storage system's management interface.", "title": "ServerCredentials" }, "SystemType": { "markdownDescription": "Specifies the type of on-premises storage system that you want DataSync Discovery to collect information about.\n\n> DataSync Discovery currently supports NetApp Fabric-Attached Storage (FAS) and All Flash FAS (AFF) systems running ONTAP 9.7 or later.", "title": "SystemType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies labels that help you categorize, filter, and search for your AWS resources. We recommend creating at least a name tag for your on-premises storage system.", "title": "Tags", "type": "array" } }, "required": [ "AgentArns", "ServerConfiguration", "SystemType" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::StorageSystem" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::StorageSystem.ServerConfiguration": { "additionalProperties": false, "properties": { "ServerHostname": { "markdownDescription": "The domain name or IP address of your storage system's management interface.", "title": "ServerHostname", "type": "string" }, "ServerPort": { "markdownDescription": "The network port for accessing the storage system's management interface.", "title": "ServerPort", "type": "number" } }, "required": [ "ServerHostname" ], "type": "object" }, "AWS::DataSync::StorageSystem.ServerCredentials": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "Specifies the password for your storage system's management interface.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "Specifies the user name for your storage system's management interface.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::DataSync::Task": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CloudWatchLogGroupArn": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) of an Amazon CloudWatch log group for monitoring your task.\n\nFor more information, see [Monitoring DataSync with Amazon CloudWatch](https://docs.aws.amazon.com/datasync/latest/userguide/monitor-datasync.html) .", "title": "CloudWatchLogGroupArn", "type": "string" }, "DestinationLocationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS storage resource's location.", "title": "DestinationLocationArn", "type": "string" }, "Excludes": { "items": { "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" }, "markdownDescription": "Specifies exclude filters that define the files, objects, and folders in your source location that you don't want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", "title": "Excludes", "type": "array" }, "Includes": { "items": { "$ref": "#/definitions/AWS::DataSync::Task.FilterRule" }, "markdownDescription": "Specifies include filters define the files, objects, and folders in your source location that you want DataSync to transfer. For more information and examples, see [Specifying what DataSync transfers by using filters](https://docs.aws.amazon.com/datasync/latest/userguide/filtering.html) .", "title": "Includes", "type": "array" }, "ManifestConfig": { "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfig", "markdownDescription": "The configuration of the manifest that lists the files or objects that you want DataSync to transfer. For more information, see [Specifying what DataSync transfers by using a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html) .", "title": "ManifestConfig" }, "Name": { "markdownDescription": "Specifies the name of your task.", "title": "Name", "type": "string" }, "Options": { "$ref": "#/definitions/AWS::DataSync::Task.Options", "markdownDescription": "Specifies your task's settings, such as preserving file metadata, verifying data integrity, among other options.", "title": "Options" }, "Schedule": { "$ref": "#/definitions/AWS::DataSync::Task.TaskSchedule", "markdownDescription": "Specifies a schedule for when you want your task to run. For more information, see [Scheduling your task](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html) .", "title": "Schedule" }, "SourceLocationArn": { "markdownDescription": "Specifies the ARN of your transfer's source location.", "title": "SourceLocationArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the tags that you want to apply to your task.\n\n*Tags* are key-value pairs that help you manage, filter, and search for your DataSync resources.", "title": "Tags", "type": "array" }, "TaskReportConfig": { "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfig", "markdownDescription": "Specifies how you want to configure a task report, which provides detailed information about your DataSync transfer. For more information, see [Monitoring your DataSync transfers with task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .\n\nWhen using this parameter, your caller identity (the role that you're using DataSync with) must have the `iam:PassRole` permission. The [AWSDataSyncFullAccess](https://docs.aws.amazon.com/datasync/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-awsdatasyncfullaccess) policy includes this permission.", "title": "TaskReportConfig" } }, "required": [ "DestinationLocationArn", "SourceLocationArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DataSync::Task" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataSync::Task.Deleted": { "additionalProperties": false, "properties": { "ReportLevel": { "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to delete.", "title": "ReportLevel", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Destination": { "additionalProperties": false, "properties": { "S3": { "$ref": "#/definitions/AWS::DataSync::Task.TaskReportConfigDestinationS3", "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report.", "title": "S3" } }, "type": "object" }, "AWS::DataSync::Task.FilterRule": { "additionalProperties": false, "properties": { "FilterType": { "markdownDescription": "The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type.", "title": "FilterType", "type": "string" }, "Value": { "markdownDescription": "A single filter string that consists of the patterns to include or exclude. The patterns are delimited by \"|\" (that is, a pipe), for example: `/folder1|/folder2`", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.ManifestConfig": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Specifies what DataSync uses the manifest for.", "title": "Action", "type": "string" }, "Format": { "markdownDescription": "Specifies the file format of your manifest. For more information, see [Creating a manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-create) .", "title": "Format", "type": "string" }, "Source": { "$ref": "#/definitions/AWS::DataSync::Task.Source", "markdownDescription": "Specifies the manifest that you want DataSync to use and where it's hosted.\n\n> You must specify this parameter if you're configuring a new manifest on or after February 7, 2024.\n> \n> If you don't, you'll get a 400 status code and `ValidationException` error stating that you're missing the IAM role for DataSync to access the S3 bucket where you're hosting your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", "title": "Source" } }, "required": [ "Source" ], "type": "object" }, "AWS::DataSync::Task.ManifestConfigSourceS3": { "additionalProperties": false, "properties": { "BucketAccessRoleArn": { "markdownDescription": "Specifies the AWS Identity and Access Management (IAM) role that allows DataSync to access your manifest. For more information, see [Providing DataSync access to your manifest](https://docs.aws.amazon.com/datasync/latest/userguide/transferring-with-manifest.html#transferring-with-manifest-access) .", "title": "BucketAccessRoleArn", "type": "string" }, "ManifestObjectPath": { "markdownDescription": "Specifies the Amazon S3 object key of your manifest. This can include a prefix (for example, `prefix/my-manifest.csv` ).", "title": "ManifestObjectPath", "type": "string" }, "ManifestObjectVersionId": { "markdownDescription": "Specifies the object version ID of the manifest that you want DataSync to use. If you don't set this, DataSync uses the latest version of the object.", "title": "ManifestObjectVersionId", "type": "string" }, "S3BucketArn": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the S3 bucket where you're hosting your manifest.", "title": "S3BucketArn", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Options": { "additionalProperties": false, "properties": { "Atime": { "markdownDescription": "A file metadata value that shows the last time that a file was accessed (that is, when the file was read or written to). If you set `Atime` to `BEST_EFFORT` , AWS DataSync attempts to preserve the original `Atime` attribute on all source files (that is, the version before the PREPARING phase). However, `Atime` 's behavior is not fully standard across platforms, so AWS DataSync can only do this on a best-effort basis.\n\nDefault value: `BEST_EFFORT`\n\n`BEST_EFFORT` : Attempt to preserve the per-file `Atime` value (recommended).\n\n`NONE` : Ignore `Atime` .\n\n> If `Atime` is set to `BEST_EFFORT` , `Mtime` must be set to `PRESERVE` .\n> \n> If `Atime` is set to `NONE` , `Mtime` must also be `NONE` .", "title": "Atime", "type": "string" }, "BytesPerSecond": { "markdownDescription": "A value that limits the bandwidth used by AWS DataSync . For example, if you want AWS DataSync to use a maximum of 1 MB, set this value to `1048576` (=1024*1024).", "title": "BytesPerSecond", "type": "number" }, "Gid": { "markdownDescription": "The group ID (GID) of the file's owners.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the user ID (UID) and group ID (GID) (recommended).\n\n`NAME` : Currently not supported.\n\n`NONE` : Ignore the UID and GID.", "title": "Gid", "type": "string" }, "LogLevel": { "markdownDescription": "Specifies the type of logs that DataSync publishes to a Amazon CloudWatch Logs log group. To specify the log group, see [CloudWatchLogGroupArn](https://docs.aws.amazon.com/datasync/latest/userguide/API_CreateTask.html#DataSync-CreateTask-request-CloudWatchLogGroupArn) .\n\n- `BASIC` - Publishes logs with only basic information (such as transfer errors).\n- `TRANSFER` - Publishes logs for all files or objects that your DataSync task transfers and performs data-integrity checks on.\n- `OFF` - No logs are published.", "title": "LogLevel", "type": "string" }, "Mtime": { "markdownDescription": "A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. This option is required for cases when you need to run the same task more than one time.\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve original `Mtime` (recommended)\n\n`NONE` : Ignore `Mtime` .\n\n> If `Mtime` is set to `PRESERVE` , `Atime` must be set to `BEST_EFFORT` .\n> \n> If `Mtime` is set to `NONE` , `Atime` must also be set to `NONE` .", "title": "Mtime", "type": "string" }, "ObjectTags": { "markdownDescription": "Specifies whether you want DataSync to `PRESERVE` object tags (default behavior) when transferring between object storage systems. If you want your DataSync task to ignore object tags, specify the `NONE` value.", "title": "ObjectTags", "type": "string" }, "OverwriteMode": { "markdownDescription": "Specifies whether DataSync should modify or preserve data at the destination location.\n\n- `ALWAYS` (default) - DataSync modifies data in the destination location when source data (including metadata) has changed.\n\nIf DataSync overwrites objects, you might incur additional charges for certain Amazon S3 storage classes (for example, for retrieval or early deletion). For more information, see [Storage class considerations with Amazon S3 transfers](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) .\n- `NEVER` - DataSync doesn't overwrite data in the destination location even if the source data has changed. You can use this option to protect against overwriting changes made to files or objects in the destination.", "title": "OverwriteMode", "type": "string" }, "PosixPermissions": { "markdownDescription": "A value that determines which users or groups can access a file for a specific purpose, such as reading, writing, or execution of the file. This option should be set only for Network File System (NFS), Amazon EFS, and Amazon S3 locations. For more information about what metadata is copied by DataSync, see [Metadata Copied by DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html#metadata-copied) .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Preserve POSIX-style permissions (recommended).\n\n`NONE` : Ignore permissions.\n\n> AWS DataSync can preserve extant permissions of a source location.", "title": "PosixPermissions", "type": "string" }, "PreserveDeletedFiles": { "markdownDescription": "A value that specifies whether files in the destination that don't exist in the source file system are preserved. This option can affect your storage costs. If your task deletes objects, you might incur minimum storage duration charges for certain storage classes. For detailed information, see [Considerations when working with Amazon S3 storage classes in DataSync](https://docs.aws.amazon.com/datasync/latest/userguide/create-s3-location.html#using-storage-classes) in the *AWS DataSync User Guide* .\n\nDefault value: `PRESERVE`\n\n`PRESERVE` : Ignore destination files that aren't present in the source (recommended).\n\n`REMOVE` : Delete destination files that aren't present in the source.", "title": "PreserveDeletedFiles", "type": "string" }, "PreserveDevices": { "markdownDescription": "A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and re-create the files with that device name and metadata on the destination. DataSync does not copy the contents of such devices, only the name and metadata.\n\n> AWS DataSync can't sync the actual contents of such devices, because they are nonterminal and don't return an end-of-file (EOF) marker. \n\nDefault value: `NONE`\n\n`NONE` : Ignore special devices (recommended).\n\n`PRESERVE` : Preserve character and block device metadata. This option isn't currently supported for Amazon EFS.", "title": "PreserveDevices", "type": "string" }, "SecurityDescriptorCopyFlags": { "markdownDescription": "A value that determines which components of the SMB security descriptor are copied from source to destination objects.\n\nThis value is only used for transfers between SMB and Amazon FSx for Windows File Server locations, or between two Amazon FSx for Windows File Server locations. For more information about how DataSync handles metadata, see [How DataSync Handles Metadata and Special Files](https://docs.aws.amazon.com/datasync/latest/userguide/special-files.html) .\n\nDefault value: `OWNER_DACL`\n\n`OWNER_DACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n\nWhen you use option, DataSync does NOT copy the NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\n`OWNER_DACL_SACL` : For each copied object, DataSync copies the following metadata:\n\n- Object owner.\n- NTFS discretionary access control lists (DACLs), which determine whether to grant access to an object.\n- NTFS system access control lists (SACLs), which are used by administrators to log attempts to access a secured object.\n\nCopying SACLs requires granting additional permissions to the Windows user that DataSync uses to access your SMB location. For information about choosing a user that ensures sufficient permissions to files, folders, and metadata, see [user](https://docs.aws.amazon.com/datasync/latest/userguide/create-smb-location.html#SMBuser) .\n\n`NONE` : None of the SMB security descriptor components are copied. Destination objects are owned by the user that was provided for accessing the destination location. DACLs and SACLs are set based on the destination server\u2019s configuration.", "title": "SecurityDescriptorCopyFlags", "type": "string" }, "TaskQueueing": { "markdownDescription": "Specifies whether your transfer tasks should be put into a queue during certain scenarios when [running multiple tasks](https://docs.aws.amazon.com/datasync/latest/userguide/run-task.html#running-multiple-tasks) . This is `ENABLED` by default.", "title": "TaskQueueing", "type": "string" }, "TransferMode": { "markdownDescription": "A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing it to the destination location.\n\n`CHANGED` : DataSync copies only data or metadata that is new or different from the source location to the destination location.\n\n`ALL` : DataSync copies all source location content to the destination, without comparing it to existing content on the destination.", "title": "TransferMode", "type": "string" }, "Uid": { "markdownDescription": "The user ID (UID) of the file's owner.\n\nDefault value: `INT_VALUE`\n\n`INT_VALUE` : Preserve the integer value of the UID and group ID (GID) (recommended).\n\n`NAME` : Currently not supported\n\n`NONE` : Ignore the UID and GID.", "title": "Uid", "type": "string" }, "VerifyMode": { "markdownDescription": "A value that determines whether a data integrity verification is performed at the end of a task execution after all data and metadata have been transferred. For more information, see [Configure task settings](https://docs.aws.amazon.com/datasync/latest/userguide/create-task.html) .\n\nDefault value: `POINT_IN_TIME_CONSISTENT`\n\n`ONLY_FILES_TRANSFERRED` (recommended): Perform verification only on files that were transferred.\n\n`POINT_IN_TIME_CONSISTENT` : Scan the entire source and entire destination at the end of the transfer to verify that the source and destination are fully synchronized. This option isn't supported when transferring to S3 Glacier or S3 Glacier Deep Archive storage classes.\n\n`NONE` : No additional verification is done at the end of the transfer, but all data transmissions are integrity-checked with checksum verification during the transfer.", "title": "VerifyMode", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Overrides": { "additionalProperties": false, "properties": { "Deleted": { "$ref": "#/definitions/AWS::DataSync::Task.Deleted", "markdownDescription": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to delete in your destination location. This only applies if you [configure your task](https://docs.aws.amazon.com/datasync/latest/userguide/configure-metadata.html) to delete data in the destination that isn't in the source.", "title": "Deleted" }, "Skipped": { "$ref": "#/definitions/AWS::DataSync::Task.Skipped", "markdownDescription": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to skip during your transfer.", "title": "Skipped" }, "Transferred": { "$ref": "#/definitions/AWS::DataSync::Task.Transferred", "markdownDescription": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to transfer.", "title": "Transferred" }, "Verified": { "$ref": "#/definitions/AWS::DataSync::Task.Verified", "markdownDescription": "Specifies the level of reporting for the files, objects, and directories that DataSync attempted to verify during your transfer.", "title": "Verified" } }, "type": "object" }, "AWS::DataSync::Task.Skipped": { "additionalProperties": false, "properties": { "ReportLevel": { "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to skip.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to skip.", "title": "ReportLevel", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Source": { "additionalProperties": false, "properties": { "S3": { "$ref": "#/definitions/AWS::DataSync::Task.ManifestConfigSourceS3", "markdownDescription": "Specifies the S3 bucket where you're hosting your manifest.", "title": "S3" } }, "type": "object" }, "AWS::DataSync::Task.TaskReportConfig": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::DataSync::Task.Destination", "markdownDescription": "Specifies the Amazon S3 bucket where DataSync uploads your task report. For more information, see [Task reports](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html#task-report-access) .", "title": "Destination" }, "ObjectVersionIds": { "markdownDescription": "Specifies whether your task report includes the new version of each object transferred into an S3 bucket. This only applies if you [enable versioning on your bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html) . Keep in mind that setting this to `INCLUDE` can increase the duration of your task execution.", "title": "ObjectVersionIds", "type": "string" }, "OutputType": { "markdownDescription": "Specifies the type of task report that you want:\n\n- `SUMMARY_ONLY` : Provides necessary details about your task, including the number of files, objects, and directories transferred and transfer duration.\n- `STANDARD` : Provides complete details about your task, including a full list of files, objects, and directories that were transferred, skipped, verified, and more.", "title": "OutputType", "type": "string" }, "Overrides": { "$ref": "#/definitions/AWS::DataSync::Task.Overrides", "markdownDescription": "Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that DataSync attempted to delete in your destination location.", "title": "Overrides" }, "ReportLevel": { "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer, skip, verify, and delete.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer, skip, verify, and delete.", "title": "ReportLevel", "type": "string" } }, "required": [ "Destination", "OutputType" ], "type": "object" }, "AWS::DataSync::Task.TaskReportConfigDestinationS3": { "additionalProperties": false, "properties": { "BucketAccessRoleArn": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the IAM policy that allows DataSync to upload a task report to your S3 bucket. For more information, see [Allowing DataSync to upload a task report to an Amazon S3 bucket](https://docs.aws.amazon.com/datasync/latest/userguide/task-reports.html) .", "title": "BucketAccessRoleArn", "type": "string" }, "S3BucketArn": { "markdownDescription": "Specifies the ARN of the S3 bucket where DataSync uploads your report.", "title": "S3BucketArn", "type": "string" }, "Subdirectory": { "markdownDescription": "Specifies a bucket prefix for your report.", "title": "Subdirectory", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.TaskSchedule": { "additionalProperties": false, "properties": { "ScheduleExpression": { "markdownDescription": "Specifies your task schedule by using a cron expression in UTC time. For information about cron expression syntax, see the [*Amazon EventBridge User Guide*](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cron-expressions.html) .", "title": "ScheduleExpression", "type": "string" }, "Status": { "markdownDescription": "Specifies whether to enable or disable your task schedule. Your schedule is enabled by default, but there can be situations where you need to disable it. For example, you might need to perform maintenance on a storage system before you can begin a recurring DataSync transfer.\n\nDataSync might disable your schedule automatically if your task fails repeatedly with the same error. For more information, see the [*DataSync User Guide*](https://docs.aws.amazon.com/datasync/latest/userguide/task-scheduling.html#pause-task-schedule) .", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Transferred": { "additionalProperties": false, "properties": { "ReportLevel": { "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to transfer.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to transfer.", "title": "ReportLevel", "type": "string" } }, "type": "object" }, "AWS::DataSync::Task.Verified": { "additionalProperties": false, "properties": { "ReportLevel": { "markdownDescription": "Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't.\n\n- `ERRORS_ONLY` : A report shows what DataSync was unable to verify.\n- `SUCCESSES_AND_ERRORS` : A report shows what DataSync was able and unable to verify.", "title": "ReportLevel", "type": "string" } }, "type": "object" }, "AWS::DataZone::DataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssetFormsInput": { "items": { "$ref": "#/definitions/AWS::DataZone::DataSource.FormInput" }, "markdownDescription": "The metadata forms attached to the assets that the data source works with.", "title": "AssetFormsInput", "type": "array" }, "Configuration": { "$ref": "#/definitions/AWS::DataZone::DataSource.DataSourceConfigurationInput", "markdownDescription": "The configuration of the data source.", "title": "Configuration" }, "Description": { "markdownDescription": "The description of the data source.", "title": "Description", "type": "string" }, "DomainIdentifier": { "markdownDescription": "The ID of the Amazon DataZone domain where the data source is created.", "title": "DomainIdentifier", "type": "string" }, "EnableSetting": { "markdownDescription": "Specifies whether the data source is enabled.", "title": "EnableSetting", "type": "string" }, "EnvironmentIdentifier": { "markdownDescription": "The unique identifier of the Amazon DataZone environment to which the data source publishes assets.", "title": "EnvironmentIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, "ProjectIdentifier": { "markdownDescription": "The identifier of the Amazon DataZone project in which you want to add this data source.", "title": "ProjectIdentifier", "type": "string" }, "PublishOnImport": { "markdownDescription": "Specifies whether the assets that this data source creates in the inventory are to be also automatically published to the catalog.", "title": "PublishOnImport", "type": "boolean" }, "Recommendation": { "$ref": "#/definitions/AWS::DataZone::DataSource.RecommendationConfiguration", "markdownDescription": "Specifies whether the business name generation is to be enabled for this data source.", "title": "Recommendation" }, "Schedule": { "$ref": "#/definitions/AWS::DataZone::DataSource.ScheduleConfiguration", "markdownDescription": "The schedule of the data source runs.", "title": "Schedule" }, "Type": { "markdownDescription": "The type of the data source.", "title": "Type", "type": "string" } }, "required": [ "DomainIdentifier", "EnvironmentIdentifier", "Name", "ProjectIdentifier", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::DataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::DataSource.DataSourceConfigurationInput": { "additionalProperties": false, "properties": { "GlueRunConfiguration": { "$ref": "#/definitions/AWS::DataZone::DataSource.GlueRunConfigurationInput", "markdownDescription": "The configuration of the AWS Glue data source.", "title": "GlueRunConfiguration" }, "RedshiftRunConfiguration": { "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftRunConfigurationInput", "markdownDescription": "The configuration of the Amazon Redshift data source.", "title": "RedshiftRunConfiguration" } }, "type": "object" }, "AWS::DataZone::DataSource.FilterExpression": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The search filter expression.", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The search filter explresison type.", "title": "Type", "type": "string" } }, "required": [ "Expression", "Type" ], "type": "object" }, "AWS::DataZone::DataSource.FormInput": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content of the metadata form.", "title": "Content", "type": "string" }, "FormName": { "markdownDescription": "The name of the metadata form.", "title": "FormName", "type": "string" }, "TypeIdentifier": { "markdownDescription": "The ID of the metadata form type.", "title": "TypeIdentifier", "type": "string" }, "TypeRevision": { "markdownDescription": "The revision of the metadata form type.", "title": "TypeRevision", "type": "string" } }, "required": [ "FormName" ], "type": "object" }, "AWS::DataZone::DataSource.GlueRunConfigurationInput": { "additionalProperties": false, "properties": { "AutoImportDataQualityResult": { "markdownDescription": "Specifies whether to automatically import data quality metrics as part of the data source run.", "title": "AutoImportDataQualityResult", "type": "boolean" }, "DataAccessRole": { "markdownDescription": "The data access role included in the configuration details of the AWS Glue data source.", "title": "DataAccessRole", "type": "string" }, "RelationalFilterConfigurations": { "items": { "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" }, "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", "title": "RelationalFilterConfigurations", "type": "array" } }, "required": [ "RelationalFilterConfigurations" ], "type": "object" }, "AWS::DataZone::DataSource.RecommendationConfiguration": { "additionalProperties": false, "properties": { "EnableBusinessNameGeneration": { "markdownDescription": "Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration.", "title": "EnableBusinessNameGeneration", "type": "boolean" } }, "type": "object" }, "AWS::DataZone::DataSource.RedshiftClusterStorage": { "additionalProperties": false, "properties": { "ClusterName": { "markdownDescription": "The name of an Amazon Redshift cluster.", "title": "ClusterName", "type": "string" } }, "required": [ "ClusterName" ], "type": "object" }, "AWS::DataZone::DataSource.RedshiftCredentialConfiguration": { "additionalProperties": false, "properties": { "SecretManagerArn": { "markdownDescription": "The ARN of a secret manager for an Amazon Redshift cluster.", "title": "SecretManagerArn", "type": "string" } }, "required": [ "SecretManagerArn" ], "type": "object" }, "AWS::DataZone::DataSource.RedshiftRunConfigurationInput": { "additionalProperties": false, "properties": { "DataAccessRole": { "markdownDescription": "The data access role included in the configuration details of the Amazon Redshift data source.", "title": "DataAccessRole", "type": "string" }, "RedshiftCredentialConfiguration": { "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftCredentialConfiguration", "markdownDescription": "The details of the credentials required to access an Amazon Redshift cluster.", "title": "RedshiftCredentialConfiguration" }, "RedshiftStorage": { "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftStorage", "markdownDescription": "The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run.", "title": "RedshiftStorage" }, "RelationalFilterConfigurations": { "items": { "$ref": "#/definitions/AWS::DataZone::DataSource.RelationalFilterConfiguration" }, "markdownDescription": "The relational filter configurations included in the configuration details of the AWS Glue data source.", "title": "RelationalFilterConfigurations", "type": "array" } }, "required": [ "RedshiftCredentialConfiguration", "RedshiftStorage", "RelationalFilterConfigurations" ], "type": "object" }, "AWS::DataZone::DataSource.RedshiftServerlessStorage": { "additionalProperties": false, "properties": { "WorkgroupName": { "markdownDescription": "The name of the Amazon Redshift Serverless workgroup.", "title": "WorkgroupName", "type": "string" } }, "required": [ "WorkgroupName" ], "type": "object" }, "AWS::DataZone::DataSource.RedshiftStorage": { "additionalProperties": false, "properties": { "RedshiftClusterSource": { "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftClusterStorage", "markdownDescription": "The details of the Amazon Redshift cluster source.", "title": "RedshiftClusterSource" }, "RedshiftServerlessSource": { "$ref": "#/definitions/AWS::DataZone::DataSource.RedshiftServerlessStorage", "markdownDescription": "The details of the Amazon Redshift Serverless workgroup source.", "title": "RedshiftServerlessSource" } }, "type": "object" }, "AWS::DataZone::DataSource.RelationalFilterConfiguration": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The database name specified in the relational filter configuration for the data source.", "title": "DatabaseName", "type": "string" }, "FilterExpressions": { "items": { "$ref": "#/definitions/AWS::DataZone::DataSource.FilterExpression" }, "markdownDescription": "The filter expressions specified in the relational filter configuration for the data source.", "title": "FilterExpressions", "type": "array" }, "SchemaName": { "markdownDescription": "The schema name specified in the relational filter configuration for the data source.", "title": "SchemaName", "type": "string" } }, "required": [ "DatabaseName" ], "type": "object" }, "AWS::DataZone::DataSource.ScheduleConfiguration": { "additionalProperties": false, "properties": { "Schedule": { "markdownDescription": "The schedule of the data source runs.", "title": "Schedule", "type": "string" }, "Timezone": { "markdownDescription": "The timezone of the data source run.", "title": "Timezone", "type": "string" } }, "type": "object" }, "AWS::DataZone::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the Amazon DataZone domain.", "title": "Description", "type": "string" }, "DomainExecutionRole": { "markdownDescription": "The domain execution role that is created when an Amazon DataZone domain is created. The domain execution role is created in the AWS account that houses the Amazon DataZone domain.", "title": "DomainExecutionRole", "type": "string" }, "KmsKeyIdentifier": { "markdownDescription": "The identifier of the AWS Key Management Service (KMS) key that is used to encrypt the Amazon DataZone domain, metadata, and reporting data.", "title": "KmsKeyIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the Amazon DataZone domain.", "title": "Name", "type": "string" }, "SingleSignOn": { "$ref": "#/definitions/AWS::DataZone::Domain.SingleSignOn", "markdownDescription": "The single sign-on details in Amazon DataZone.", "title": "SingleSignOn" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags specified for the Amazon DataZone domain.", "title": "Tags", "type": "array" } }, "required": [ "DomainExecutionRole", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::Domain.SingleSignOn": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of single sign-on in Amazon DataZone.", "title": "Type", "type": "string" }, "UserAssignment": { "markdownDescription": "The single sign-on user assignment in Amazon DataZone.", "title": "UserAssignment", "type": "string" } }, "type": "object" }, "AWS::DataZone::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the environment.", "title": "Description", "type": "string" }, "DomainIdentifier": { "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment is created.", "title": "DomainIdentifier", "type": "string" }, "EnvironmentProfileIdentifier": { "markdownDescription": "The identifier of the environment profile that is used to create this Amazon DataZone environment.", "title": "EnvironmentProfileIdentifier", "type": "string" }, "GlossaryTerms": { "items": { "type": "string" }, "markdownDescription": "The glossary terms that can be used in this Amazon DataZone environment.", "title": "GlossaryTerms", "type": "array" }, "Name": { "markdownDescription": "The name of the Amazon DataZone environment.", "title": "Name", "type": "string" }, "ProjectIdentifier": { "markdownDescription": "The identifier of the Amazon DataZone project in which this environment is created.", "title": "ProjectIdentifier", "type": "string" }, "UserParameters": { "items": { "$ref": "#/definitions/AWS::DataZone::Environment.EnvironmentParameter" }, "markdownDescription": "The user parameters of this Amazon DataZone environment.", "title": "UserParameters", "type": "array" } }, "required": [ "DomainIdentifier", "EnvironmentProfileIdentifier", "Name", "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::Environment.EnvironmentParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the environment parameter.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the environment parameter.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::DataZone::EnvironmentBlueprintConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainIdentifier": { "markdownDescription": "The identifier of the Amazon DataZone domain in which an environment blueprint exists.", "title": "DomainIdentifier", "type": "string" }, "EnabledRegions": { "items": { "type": "string" }, "markdownDescription": "The enabled AWS Regions specified in a blueprint configuration.", "title": "EnabledRegions", "type": "array" }, "EnvironmentBlueprintIdentifier": { "markdownDescription": "The identifier of the environment blueprint.\n\nIn the current release, only the following values are supported: `DefaultDataLake` and `DefaultDataWarehouse` .", "title": "EnvironmentBlueprintIdentifier", "type": "string" }, "ManageAccessRoleArn": { "markdownDescription": "The ARN of the manage access role.", "title": "ManageAccessRoleArn", "type": "string" }, "ProvisioningRoleArn": { "markdownDescription": "The ARN of the provisioning role.", "title": "ProvisioningRoleArn", "type": "string" }, "RegionalParameters": { "items": { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter" }, "markdownDescription": "The regional parameters of the environment blueprint.", "title": "RegionalParameters", "type": "array" } }, "required": [ "DomainIdentifier", "EnabledRegions", "EnvironmentBlueprintIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::EnvironmentBlueprintConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::EnvironmentBlueprintConfiguration.RegionalParameter": { "additionalProperties": false, "properties": { "Parameters": { "additionalProperties": true, "markdownDescription": "A string to string map containing parameters for the region.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Region": { "markdownDescription": "The region specified in the environment parameter.", "title": "Region", "type": "string" } }, "type": "object" }, "AWS::DataZone::EnvironmentProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The identifier of an AWS account in which an environment profile exists.", "title": "AwsAccountId", "type": "string" }, "AwsAccountRegion": { "markdownDescription": "The AWS Region in which an environment profile exists.", "title": "AwsAccountRegion", "type": "string" }, "Description": { "markdownDescription": "The description of the environment profile.", "title": "Description", "type": "string" }, "DomainIdentifier": { "markdownDescription": "The identifier of the Amazon DataZone domain in which the environment profile exists.", "title": "DomainIdentifier", "type": "string" }, "EnvironmentBlueprintIdentifier": { "markdownDescription": "The identifier of a blueprint with which an environment profile is created.", "title": "EnvironmentBlueprintIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the environment profile.", "title": "Name", "type": "string" }, "ProjectIdentifier": { "markdownDescription": "The identifier of a project in which an environment profile exists.", "title": "ProjectIdentifier", "type": "string" }, "UserParameters": { "items": { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile.EnvironmentParameter" }, "markdownDescription": "The user parameters of this Amazon DataZone environment profile.", "title": "UserParameters", "type": "array" } }, "required": [ "AwsAccountId", "AwsAccountRegion", "DomainIdentifier", "EnvironmentBlueprintIdentifier", "Name", "ProjectIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::EnvironmentProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::EnvironmentProfile.EnvironmentParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name specified in the environment parameter.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the environment profile.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::DataZone::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of a project.", "title": "Description", "type": "string" }, "DomainIdentifier": { "markdownDescription": "The identifier of a Amazon DataZone domain where the project exists.", "title": "DomainIdentifier", "type": "string" }, "GlossaryTerms": { "items": { "type": "string" }, "markdownDescription": "The glossary terms that can be used in this Amazon DataZone project.", "title": "GlossaryTerms", "type": "array" }, "Name": { "markdownDescription": "The name of a project.", "title": "Name", "type": "string" } }, "required": [ "DomainIdentifier", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::SubscriptionTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicableAssetTypes": { "items": { "type": "string" }, "markdownDescription": "The asset types included in the subscription target.", "title": "ApplicableAssetTypes", "type": "array" }, "AuthorizedPrincipals": { "items": { "type": "string" }, "markdownDescription": "The authorized principals included in the subscription target.", "title": "AuthorizedPrincipals", "type": "array" }, "DomainIdentifier": { "markdownDescription": "The ID of the Amazon DataZone domain in which subscription target is created.", "title": "DomainIdentifier", "type": "string" }, "EnvironmentIdentifier": { "markdownDescription": "The ID of the environment in which subscription target is created.", "title": "EnvironmentIdentifier", "type": "string" }, "ManageAccessRole": { "markdownDescription": "The manage access role that is used to create the subscription target.", "title": "ManageAccessRole", "type": "string" }, "Name": { "markdownDescription": "The name of the subscription target.", "title": "Name", "type": "string" }, "Provider": { "markdownDescription": "The provider of the subscription target.", "title": "Provider", "type": "string" }, "SubscriptionTargetConfig": { "items": { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm" }, "markdownDescription": "The configuration of the subscription target.", "title": "SubscriptionTargetConfig", "type": "array" }, "Type": { "markdownDescription": "The type of the subscription target.", "title": "Type", "type": "string" } }, "required": [ "ApplicableAssetTypes", "AuthorizedPrincipals", "DomainIdentifier", "EnvironmentIdentifier", "ManageAccessRole", "Name", "SubscriptionTargetConfig", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::DataZone::SubscriptionTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DataZone::SubscriptionTarget.SubscriptionTargetForm": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content of the subscription target configuration.", "title": "Content", "type": "string" }, "FormName": { "markdownDescription": "The form name included in the subscription target configuration.", "title": "FormName", "type": "string" } }, "required": [ "Content", "FormName" ], "type": "object" }, "AWS::Deadline::Farm": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the farm that helps identify what the farm is used for.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the farm.", "title": "DisplayName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The ARN for the KMS key.", "title": "KmsKeyArn", "type": "string" } }, "required": [ "DisplayName" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::Farm" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetConfiguration", "markdownDescription": "The configuration details for the fleet.", "title": "Configuration" }, "Description": { "markdownDescription": "A description that helps identify what the fleet is used for.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the fleet summary to update.", "title": "DisplayName", "type": "string" }, "FarmId": { "markdownDescription": "The farm ID.", "title": "FarmId", "type": "string" }, "MaxWorkerCount": { "markdownDescription": "The maximum number of workers specified in the fleet.", "title": "MaxWorkerCount", "type": "number" }, "MinWorkerCount": { "markdownDescription": "The minimum number of workers in the fleet.", "title": "MinWorkerCount", "type": "number" }, "RoleArn": { "markdownDescription": "The IAM role that workers in the fleet use when processing jobs.", "title": "RoleArn", "type": "string" } }, "required": [ "Configuration", "DisplayName", "MaxWorkerCount", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::Fleet.AcceleratorCountRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum GPU for the accelerator.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum GPU for the accelerator.", "title": "Min", "type": "number" } }, "required": [ "Min" ], "type": "object" }, "AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory to use for the accelerator, measured in MiB.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory to use for the accelerator, measured in MiB.", "title": "Min", "type": "number" } }, "required": [ "Min" ], "type": "object" }, "AWS::Deadline::Fleet.CustomerManagedFleetConfiguration": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The AWS Auto Scaling mode for the customer managed fleet configuration.", "title": "Mode", "type": "string" }, "StorageProfileId": { "markdownDescription": "The storage profile ID.", "title": "StorageProfileId", "type": "string" }, "WorkerCapabilities": { "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities", "markdownDescription": "The worker capabilities for a customer managed fleet configuration.", "title": "WorkerCapabilities" } }, "required": [ "Mode", "WorkerCapabilities" ], "type": "object" }, "AWS::Deadline::Fleet.CustomerManagedWorkerCapabilities": { "additionalProperties": false, "properties": { "AcceleratorCount": { "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorCountRange", "markdownDescription": "The range of the accelerator.", "title": "AcceleratorCount" }, "AcceleratorTotalMemoryMiB": { "$ref": "#/definitions/AWS::Deadline::Fleet.AcceleratorTotalMemoryMiBRange", "markdownDescription": "The total memory (MiB) for the customer managed worker capabilities.", "title": "AcceleratorTotalMemoryMiB" }, "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "The accelerator types for the customer managed worker capabilities.", "title": "AcceleratorTypes", "type": "array" }, "CpuArchitectureType": { "markdownDescription": "The CPU architecture type for the customer managed worker capabilities.", "title": "CpuArchitectureType", "type": "string" }, "CustomAmounts": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, "markdownDescription": "Custom requirement ranges for customer managed worker capabilities.", "title": "CustomAmounts", "type": "array" }, "CustomAttributes": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, "markdownDescription": "Custom attributes for the customer manged worker capabilities.", "title": "CustomAttributes", "type": "array" }, "MemoryMiB": { "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", "markdownDescription": "The memory (MiB).", "title": "MemoryMiB" }, "OsFamily": { "markdownDescription": "The operating system (OS) family.", "title": "OsFamily", "type": "string" }, "VCpuCount": { "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", "markdownDescription": "The vCPU count for the customer manged worker capabilities.", "title": "VCpuCount" } }, "required": [ "CpuArchitectureType", "MemoryMiB", "OsFamily", "VCpuCount" ], "type": "object" }, "AWS::Deadline::Fleet.Ec2EbsVolume": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The IOPS per volume.", "title": "Iops", "type": "number" }, "SizeGiB": { "markdownDescription": "The EBS volume size in GiB.", "title": "SizeGiB", "type": "number" }, "ThroughputMiB": { "markdownDescription": "The throughput per volume in MiB.", "title": "ThroughputMiB", "type": "number" } }, "type": "object" }, "AWS::Deadline::Fleet.FleetAmountCapability": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of the fleet worker capability.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of fleet worker capability.", "title": "Min", "type": "number" }, "Name": { "markdownDescription": "The name of the fleet capability.", "title": "Name", "type": "string" } }, "required": [ "Min", "Name" ], "type": "object" }, "AWS::Deadline::Fleet.FleetAttributeCapability": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the fleet attribute capability for the worker.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The number of fleet attribute capabilities.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::Deadline::Fleet.FleetCapabilities": { "additionalProperties": false, "properties": { "Amounts": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, "markdownDescription": "Amount capabilities of the fleet.", "title": "Amounts", "type": "array" }, "Attributes": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, "markdownDescription": "Attribute capabilities of the fleet.", "title": "Attributes", "type": "array" } }, "type": "object" }, "AWS::Deadline::Fleet.FleetConfiguration": { "additionalProperties": false, "properties": { "CustomerManaged": { "$ref": "#/definitions/AWS::Deadline::Fleet.CustomerManagedFleetConfiguration", "markdownDescription": "The customer managed fleets within a fleet configuration.", "title": "CustomerManaged" }, "ServiceManagedEc2": { "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration", "markdownDescription": "The service managed Amazon EC2 instances for a fleet configuration.", "title": "ServiceManagedEc2" } }, "type": "object" }, "AWS::Deadline::Fleet.MemoryMiBRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory (in MiB).", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory (in MiB).", "title": "Min", "type": "number" } }, "required": [ "Min" ], "type": "object" }, "AWS::Deadline::Fleet.ServiceManagedEc2FleetConfiguration": { "additionalProperties": false, "properties": { "InstanceCapabilities": { "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities", "markdownDescription": "The Amazon EC2 instance capabilities.", "title": "InstanceCapabilities" }, "InstanceMarketOptions": { "$ref": "#/definitions/AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions", "markdownDescription": "The Amazon EC2 market type.", "title": "InstanceMarketOptions" } }, "required": [ "InstanceCapabilities", "InstanceMarketOptions" ], "type": "object" }, "AWS::Deadline::Fleet.ServiceManagedEc2InstanceCapabilities": { "additionalProperties": false, "properties": { "AllowedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The allowable Amazon EC2 instance types.", "title": "AllowedInstanceTypes", "type": "array" }, "CpuArchitectureType": { "markdownDescription": "The CPU architecture type.", "title": "CpuArchitectureType", "type": "string" }, "CustomAmounts": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAmountCapability" }, "markdownDescription": "The custom capability amounts to require for instances in this fleet.", "title": "CustomAmounts", "type": "array" }, "CustomAttributes": { "items": { "$ref": "#/definitions/AWS::Deadline::Fleet.FleetAttributeCapability" }, "markdownDescription": "The custom capability attributes to require for instances in this fleet.", "title": "CustomAttributes", "type": "array" }, "ExcludedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to exclude from the fleet.", "title": "ExcludedInstanceTypes", "type": "array" }, "MemoryMiB": { "$ref": "#/definitions/AWS::Deadline::Fleet.MemoryMiBRange", "markdownDescription": "The memory, as MiB, for the Amazon EC2 instance type.", "title": "MemoryMiB" }, "OsFamily": { "markdownDescription": "The operating system (OS) family.", "title": "OsFamily", "type": "string" }, "RootEbsVolume": { "$ref": "#/definitions/AWS::Deadline::Fleet.Ec2EbsVolume", "markdownDescription": "The root EBS volume.", "title": "RootEbsVolume" }, "VCpuCount": { "$ref": "#/definitions/AWS::Deadline::Fleet.VCpuCountRange", "markdownDescription": "The amount of vCPU to require for instances in this fleet.", "title": "VCpuCount" } }, "required": [ "CpuArchitectureType", "MemoryMiB", "OsFamily", "VCpuCount" ], "type": "object" }, "AWS::Deadline::Fleet.ServiceManagedEc2InstanceMarketOptions": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The Amazon EC2 instance type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Deadline::Fleet.VCpuCountRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of vCPU.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of vCPU.", "title": "Min", "type": "number" } }, "required": [ "Min" ], "type": "object" }, "AWS::Deadline::LicenseEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The identifier of the Amazon EC2 security group that controls access to the license endpoint.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Identifies the VPC subnets that can connect to a license endpoint.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The VCP(virtual private cloud) ID associated with the license endpoint.", "title": "VpcId", "type": "string" } }, "required": [ "SecurityGroupIds", "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::LicenseEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::MeteredProduct": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Family": { "type": "string" }, "LicenseEndpointId": { "markdownDescription": "The Amazon EC2 identifier of the license endpoint.", "title": "LicenseEndpointId", "type": "string" }, "Port": { "type": "number" }, "ProductId": { "markdownDescription": "The product ID.", "title": "ProductId", "type": "string" }, "Vendor": { "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Deadline::MeteredProduct" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Deadline::Queue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedStorageProfileIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the storage profiles that this queue can use to share assets between workers using different operating systems.", "title": "AllowedStorageProfileIds", "type": "array" }, "DefaultBudgetAction": { "markdownDescription": "The default action taken on a queue summary if a budget wasn't configured.", "title": "DefaultBudgetAction", "type": "string" }, "Description": { "markdownDescription": "A description of the queue that helps identify what the queue is used for.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the queue summary to update.", "title": "DisplayName", "type": "string" }, "FarmId": { "markdownDescription": "The farm ID.", "title": "FarmId", "type": "string" }, "JobAttachmentSettings": { "$ref": "#/definitions/AWS::Deadline::Queue.JobAttachmentSettings", "markdownDescription": "The job attachment settings. These are the Amazon S3 bucket name and the Amazon S3 prefix.", "title": "JobAttachmentSettings" }, "JobRunAsUser": { "$ref": "#/definitions/AWS::Deadline::Queue.JobRunAsUser", "markdownDescription": "Identifies the user for a job.", "title": "JobRunAsUser" }, "RequiredFileSystemLocationNames": { "items": { "type": "string" }, "markdownDescription": "The file system location that the queue uses.", "title": "RequiredFileSystemLocationNames", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that workers use when running jobs in this queue.", "title": "RoleArn", "type": "string" } }, "required": [ "DisplayName" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::Queue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::Queue.JobAttachmentSettings": { "additionalProperties": false, "properties": { "RootPrefix": { "markdownDescription": "The root prefix.", "title": "RootPrefix", "type": "string" }, "S3BucketName": { "markdownDescription": "The Amazon S3 bucket name.", "title": "S3BucketName", "type": "string" } }, "required": [ "RootPrefix", "S3BucketName" ], "type": "object" }, "AWS::Deadline::Queue.JobRunAsUser": { "additionalProperties": false, "properties": { "Posix": { "$ref": "#/definitions/AWS::Deadline::Queue.PosixUser", "markdownDescription": "The user and group that the jobs in the queue run as.", "title": "Posix" }, "RunAs": { "markdownDescription": "Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user.", "title": "RunAs", "type": "string" }, "Windows": { "$ref": "#/definitions/AWS::Deadline::Queue.WindowsUser", "markdownDescription": "Identifies a Microsoft Windows user.", "title": "Windows" } }, "required": [ "RunAs" ], "type": "object" }, "AWS::Deadline::Queue.PosixUser": { "additionalProperties": false, "properties": { "Group": { "markdownDescription": "The name of the POSIX user's group.", "title": "Group", "type": "string" }, "User": { "markdownDescription": "The name of the POSIX user.", "title": "User", "type": "string" } }, "required": [ "Group", "User" ], "type": "object" }, "AWS::Deadline::Queue.WindowsUser": { "additionalProperties": false, "properties": { "PasswordArn": { "markdownDescription": "The password ARN for the Windows user.", "title": "PasswordArn", "type": "string" }, "User": { "markdownDescription": "The user.", "title": "User", "type": "string" } }, "required": [ "PasswordArn", "User" ], "type": "object" }, "AWS::Deadline::QueueEnvironment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FarmId": { "markdownDescription": "The identifier assigned to the farm that contains the queue.", "title": "FarmId", "type": "string" }, "Priority": { "markdownDescription": "The queue environment's priority.", "title": "Priority", "type": "number" }, "QueueId": { "markdownDescription": "The unique identifier of the queue that contains the environment.", "title": "QueueId", "type": "string" }, "Template": { "markdownDescription": "A JSON or YAML template that describes the processing environment for the queue.", "title": "Template", "type": "string" }, "TemplateType": { "markdownDescription": "Specifies whether the template for the queue environment is JSON or YAML.", "title": "TemplateType", "type": "string" } }, "required": [ "FarmId", "Priority", "QueueId", "Template", "TemplateType" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::QueueEnvironment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::QueueFleetAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FarmId": { "markdownDescription": "The identifier of the farm that contains the queue and the fleet.", "title": "FarmId", "type": "string" }, "FleetId": { "markdownDescription": "The fleet ID.", "title": "FleetId", "type": "string" }, "QueueId": { "markdownDescription": "The queue ID.", "title": "QueueId", "type": "string" } }, "required": [ "FarmId", "FleetId", "QueueId" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::QueueFleetAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::StorageProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DisplayName": { "markdownDescription": "The display name of the storage profile summary to update.", "title": "DisplayName", "type": "string" }, "FarmId": { "markdownDescription": "The unique identifier of the farm that contains the storage profile.", "title": "FarmId", "type": "string" }, "FileSystemLocations": { "items": { "$ref": "#/definitions/AWS::Deadline::StorageProfile.FileSystemLocation" }, "markdownDescription": "Operating system specific file system path to the storage location.", "title": "FileSystemLocations", "type": "array" }, "OsFamily": { "markdownDescription": "The operating system (OS) family.", "title": "OsFamily", "type": "string" } }, "required": [ "DisplayName", "OsFamily" ], "type": "object" }, "Type": { "enum": [ "AWS::Deadline::StorageProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Deadline::StorageProfile.FileSystemLocation": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The location name.", "title": "Name", "type": "string" }, "Path": { "markdownDescription": "The file path.", "title": "Path", "type": "string" }, "Type": { "markdownDescription": "The type of file.", "title": "Type", "type": "string" } }, "required": [ "Name", "Path", "Type" ], "type": "object" }, "AWS::Detective::Graph": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoEnableMembers": { "markdownDescription": "Indicates whether to automatically enable new organization accounts as member accounts in the organization behavior graph.\n\nBy default, this property is set to `false` . If you want to change the value of this property, you must be the Detective administrator for the organization. For more information on setting a Detective administrator account, see [AWS::Detective::OrganizationAdmin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-detective-organizationadmin.html)", "title": "AutoEnableMembers", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tag values to assign to the new behavior graph.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Detective::Graph" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Detective::MemberInvitation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DisableEmailNotification": { "markdownDescription": "Whether to send an invitation email to the member account. If set to true, the member account does not receive an invitation email.", "title": "DisableEmailNotification", "type": "boolean" }, "GraphArn": { "markdownDescription": "The ARN of the behavior graph to invite the account to contribute data to.", "title": "GraphArn", "type": "string" }, "MemberEmailAddress": { "markdownDescription": "The root user email address of the invited account. If the email address provided is not the root user email address for the provided account, the invitation creation fails.", "title": "MemberEmailAddress", "type": "string" }, "MemberId": { "markdownDescription": "The AWS account identifier of the invited account", "title": "MemberId", "type": "string" }, "Message": { "markdownDescription": "Customized text to include in the invitation email message.", "title": "Message", "type": "string" } }, "required": [ "GraphArn", "MemberEmailAddress", "MemberId" ], "type": "object" }, "Type": { "enum": [ "AWS::Detective::MemberInvitation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Detective::OrganizationAdmin": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The AWS account identifier of the account to designate as the Detective administrator account for the organization.", "title": "AccountId", "type": "string" } }, "required": [ "AccountId" ], "type": "object" }, "Type": { "enum": [ "AWS::Detective::OrganizationAdmin" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DevOpsGuru::LogAnomalyDetectionIntegration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": {}, "type": "object" }, "Type": { "enum": [ "AWS::DevOpsGuru::LogAnomalyDetectionIntegration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DevOpsGuru::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Config": { "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig", "markdownDescription": "A `NotificationChannelConfig` object that contains information about configured notification channels.", "title": "Config" } }, "required": [ "Config" ], "type": "object" }, "Type": { "enum": [ "AWS::DevOpsGuru::NotificationChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DevOpsGuru::NotificationChannel.NotificationChannelConfig": { "additionalProperties": false, "properties": { "Filters": { "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig", "markdownDescription": "The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity.", "title": "Filters" }, "Sns": { "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig", "markdownDescription": "Information about a notification channel configured in DevOps Guru to send notifications when insights are created.\n\nIf you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) .\n\nIf you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS\u2013encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) .", "title": "Sns" } }, "type": "object" }, "AWS::DevOpsGuru::NotificationChannel.NotificationFilterConfig": { "additionalProperties": false, "properties": { "MessageTypes": { "items": { "type": "string" }, "markdownDescription": "The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created.", "title": "MessageTypes", "type": "array" }, "Severities": { "items": { "type": "string" }, "markdownDescription": "The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) .", "title": "Severities", "type": "array" } }, "type": "object" }, "AWS::DevOpsGuru::NotificationChannel.SnsChannelConfig": { "additionalProperties": false, "properties": { "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic.", "title": "TopicArn", "type": "string" } }, "type": "object" }, "AWS::DevOpsGuru::ResourceCollection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceCollectionFilter": { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter", "markdownDescription": "Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru.", "title": "ResourceCollectionFilter" } }, "required": [ "ResourceCollectionFilter" ], "type": "object" }, "Type": { "enum": [ "AWS::DevOpsGuru::ResourceCollection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter": { "additionalProperties": false, "properties": { "StackNames": { "items": { "type": "string" }, "markdownDescription": "An array of CloudFormation stack names.", "title": "StackNames", "type": "array" } }, "type": "object" }, "AWS::DevOpsGuru::ResourceCollection.ResourceCollectionFilter": { "additionalProperties": false, "properties": { "CloudFormation": { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.CloudFormationCollectionFilter", "markdownDescription": "Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* .", "title": "CloudFormation" }, "Tags": { "items": { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection.TagCollection" }, "markdownDescription": "The AWS tags used to filter the resources in the resource collection.\n\nTags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper.\n\nEach AWS tag has two parts.\n\n- A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive.\n- A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified.\n\nTogether these are known as *key* - *value* pairs.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::DevOpsGuru::ResourceCollection.TagCollection": { "additionalProperties": false, "properties": { "AppBoundaryKey": { "markdownDescription": "An AWS tag *key* that is used to identify the AWS resources that DevOps Guru analyzes. All AWS resources in your account and Region tagged with this *key* make up your DevOps Guru application and analysis boundary.\n\n> The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` .", "title": "AppBoundaryKey", "type": "string" }, "TagValues": { "items": { "type": "string" }, "markdownDescription": "The values in an AWS tag collection.\n\nThe tag's *value* is a field used to associate a string with the tag *key* (for example, `111122223333` , `Production` , or a team name). The *key* and *value* are the tag's *key* pair. Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. You can specify a maximum of 256 characters for a tag value. The tag value is a required property when *AppBoundaryKey* is specified.", "title": "TagValues", "type": "array" } }, "type": "object" }, "AWS::DirectoryService::MicrosoftAD": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CreateAlias": { "markdownDescription": "Specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, AWS CloudFormation does not create an alias.\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", "title": "CreateAlias", "type": "boolean" }, "Edition": { "markdownDescription": "AWS Managed Microsoft AD is available in two editions: `Standard` and `Enterprise` . `Enterprise` is the default.", "title": "Edition", "type": "string" }, "EnableSso": { "markdownDescription": "Whether to enable single sign-on for a Microsoft Active Directory in AWS . Single sign-on allows users in your directory to access certain AWS services from a computer joined to the directory without having to enter their credentials separately. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", "title": "EnableSso", "type": "boolean" }, "Name": { "markdownDescription": "The fully qualified domain name for the AWS Managed Microsoft AD directory, such as `corp.example.com` . This name will resolve inside your VPC only. It does not need to be publicly resolvable.", "title": "Name", "type": "string" }, "Password": { "markdownDescription": "The password for the default administrative user named `Admin` .\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", "title": "Password", "type": "string" }, "ShortName": { "markdownDescription": "The NetBIOS name for your domain, such as `CORP` . If you don't specify a NetBIOS name, it will default to the first part of your directory DNS. For example, `CORP` for the directory DNS `corp.example.com` .", "title": "ShortName", "type": "string" }, "VpcSettings": { "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD.VpcSettings", "markdownDescription": "Specifies the VPC settings of the Microsoft AD directory server in AWS .", "title": "VpcSettings" } }, "required": [ "Name", "Password", "VpcSettings" ], "type": "object" }, "Type": { "enum": [ "AWS::DirectoryService::MicrosoftAD" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DirectoryService::MicrosoftAD.VpcSettings": { "additionalProperties": false, "properties": { "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The identifier of the VPC in which to create the directory.", "title": "VpcId", "type": "string" } }, "required": [ "SubnetIds", "VpcId" ], "type": "object" }, "AWS::DirectoryService::SimpleAD": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CreateAlias": { "markdownDescription": "If set to `true` , specifies an alias for a directory and assigns the alias to the directory. The alias is used to construct the access URL for the directory, such as `http://.awsapps.com` . By default, this property is set to `false` .\n\n> After an alias has been created, it cannot be deleted or reused, so this operation should only be used when absolutely necessary.", "title": "CreateAlias", "type": "boolean" }, "Description": { "markdownDescription": "A description for the directory.", "title": "Description", "type": "string" }, "EnableSso": { "markdownDescription": "Whether to enable single sign-on for a directory. If you don't specify a value, AWS CloudFormation disables single sign-on by default.", "title": "EnableSso", "type": "boolean" }, "Name": { "markdownDescription": "The fully qualified name for the directory, such as `corp.example.com` .", "title": "Name", "type": "string" }, "Password": { "markdownDescription": "The password for the directory administrator. The directory creation process creates a directory administrator account with the user name `Administrator` and this password.\n\nIf you need to change the password for the administrator account, see the [ResetUserPassword](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_ResetUserPassword.html) API call in the *AWS Directory Service API Reference* .", "title": "Password", "type": "string" }, "ShortName": { "markdownDescription": "The NetBIOS name of the directory, such as `CORP` .", "title": "ShortName", "type": "string" }, "Size": { "markdownDescription": "The size of the directory. For valid values, see [CreateDirectory](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_CreateDirectory.html) in the *AWS Directory Service API Reference* .", "title": "Size", "type": "string" }, "VpcSettings": { "$ref": "#/definitions/AWS::DirectoryService::SimpleAD.VpcSettings", "markdownDescription": "A [DirectoryVpcSettings](https://docs.aws.amazon.com/directoryservice/latest/devguide/API_DirectoryVpcSettings.html) object that contains additional information for the operation.", "title": "VpcSettings" } }, "required": [ "Name", "Size", "VpcSettings" ], "type": "object" }, "Type": { "enum": [ "AWS::DirectoryService::SimpleAD" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DirectoryService::SimpleAD.VpcSettings": { "additionalProperties": false, "properties": { "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The identifier of the VPC in which to create the directory.", "title": "VpcId", "type": "string" } }, "required": [ "SubnetIds", "VpcId" ], "type": "object" }, "AWS::DocDB::DBCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon EC2 Availability Zones that instances in the cluster can be created in.", "title": "AvailabilityZones", "type": "array" }, "BackupRetentionPeriod": { "markdownDescription": "The number of days for which automated backups are retained. You must specify a minimum value of 1.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35.", "title": "BackupRetentionPeriod", "type": "number" }, "CopyTagsToSnapshot": { "markdownDescription": "", "title": "CopyTagsToSnapshot", "type": "boolean" }, "DBClusterIdentifier": { "markdownDescription": "The cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster`", "title": "DBClusterIdentifier", "type": "string" }, "DBClusterParameterGroupName": { "markdownDescription": "The name of the cluster parameter group to associate with this cluster.", "title": "DBClusterParameterGroupName", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "A subnet group to associate with this cluster.\n\nConstraints: Must match the name of an existing `DBSubnetGroup` . Must not be default.\n\nExample: `mySubnetgroup`", "title": "DBSubnetGroupName", "type": "string" }, "DeletionProtection": { "markdownDescription": "Protects clusters from being accidentally deleted. If enabled, the cluster cannot be deleted unless it is modified and `DeletionProtection` is disabled.", "title": "DeletionProtection", "type": "boolean" }, "EnableCloudwatchLogsExports": { "items": { "type": "string" }, "markdownDescription": "The list of log types that need to be enabled for exporting to Amazon CloudWatch Logs. You can enable audit logs or profiler logs. For more information, see [Auditing Amazon DocumentDB Events](https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html) and [Profiling Amazon DocumentDB Operations](https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html) .", "title": "EnableCloudwatchLogsExports", "type": "array" }, "EngineVersion": { "markdownDescription": "The version number of the database engine to use. The `--engine-version` will default to the latest major engine version. For production workloads, we recommend explicitly declaring this parameter with the intended major engine version.", "title": "EngineVersion", "type": "string" }, "KmsKeyId": { "markdownDescription": "The AWS KMS key identifier for an encrypted cluster.\n\nThe AWS KMS key identifier is the Amazon Resource Name (ARN) for the AWS KMS encryption key. If you are creating a cluster using the same AWS account that owns the AWS KMS encryption key that is used to encrypt the new cluster, you can use the AWS KMS key alias instead of the ARN for the AWS KMS encryption key.\n\nIf an encryption key is not specified in `KmsKeyId` :\n\n- If the `StorageEncrypted` parameter is `true` , Amazon DocumentDB uses your default encryption key.\n\nAWS KMS creates the default encryption key for your AWS account . Your AWS account has a different default encryption key for each AWS Regions .", "title": "KmsKeyId", "type": "string" }, "MasterUserPassword": { "markdownDescription": "The password for the master database user. This password can contain any printable ASCII character except forward slash (/), double quote (\"), or the \"at\" symbol (@).\n\nConstraints: Must contain from 8 to 100 characters.", "title": "MasterUserPassword", "type": "string" }, "MasterUsername": { "markdownDescription": "The name of the master user for the cluster.\n\nConstraints:\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word for the chosen database engine.", "title": "MasterUsername", "type": "string" }, "Port": { "markdownDescription": "Specifies the port that the database engine is listening on.", "title": "Port", "type": "number" }, "PreferredBackupWindow": { "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled using the `BackupRetentionPeriod` parameter.\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region .\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "RestoreToTime": { "markdownDescription": "The date and time to restore the cluster to.\n\nValid values: A time in Universal Coordinated Time (UTC) format.\n\nConstraints:\n\n- Must be before the latest restorable time for the instance.\n- Must be specified if the `UseLatestRestorableTime` parameter is not provided.\n- Cannot be specified if the `UseLatestRestorableTime` parameter is `true` .\n- Cannot be specified if the `RestoreType` parameter is `copy-on-write` .\n\nExample: `2015-03-07T23:45:00Z`", "title": "RestoreToTime", "type": "string" }, "RestoreType": { "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nConstraints: You can't specify `copy-on-write` if the engine version of the source DB cluster is earlier than 1.11.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.", "title": "RestoreType", "type": "string" }, "SnapshotIdentifier": { "markdownDescription": "The identifier for the snapshot or cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a cluster snapshot. However, you can use only the ARN to specify a snapshot.\n\nConstraints:\n\n- Must match the identifier of an existing snapshot.", "title": "SnapshotIdentifier", "type": "string" }, "SourceDBClusterIdentifier": { "markdownDescription": "The identifier of the source cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing `DBCluster` .", "title": "SourceDBClusterIdentifier", "type": "string" }, "StorageEncrypted": { "markdownDescription": "Specifies whether the cluster is encrypted.", "title": "StorageEncrypted", "type": "boolean" }, "StorageType": { "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Amazon DocumentDB clusters, see Cluster storage configurations in the *Amazon DocumentDB Developer Guide* .\n\nValid values for storage type - `standard | iopt1`\n\nDefault value is `standard`\n\n> When you create a DocumentDB DB cluster with the storage type set to `iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `standard` .", "title": "StorageType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to be assigned to the cluster.", "title": "Tags", "type": "array" }, "UseLatestRestorableTime": { "markdownDescription": "A value that is set to `true` to restore the cluster to the latest restorable backup time, and `false` otherwise.\n\nDefault: `false`\n\nConstraints: Cannot be specified if the `RestoreToTime` parameter is provided.", "title": "UseLatestRestorableTime", "type": "boolean" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of EC2 VPC security groups to associate with this cluster.", "title": "VpcSecurityGroupIds", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::DocDB::DBCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::DocDB::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description for the cluster parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "The cluster parameter group family name.", "title": "Family", "type": "string" }, "Name": { "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing `DBClusterParameterGroup` .\n\n> This value is stored as a lowercase string.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "Provides a list of parameters for the cluster parameter group.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to be assigned to the cluster parameter group.", "title": "Tags", "type": "array" } }, "required": [ "Description", "Family", "Parameters" ], "type": "object" }, "Type": { "enum": [ "AWS::DocDB::DBClusterParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DocDB::DBInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoMinorVersionUpgrade": { "markdownDescription": "This parameter does not apply to Amazon DocumentDB. Amazon DocumentDB does not perform minor version upgrades regardless of the value set.\n\nDefault: `false`", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AvailabilityZone": { "markdownDescription": "The Amazon EC2 Availability Zone that the instance is created in.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nExample: `us-east-1d`", "title": "AvailabilityZone", "type": "string" }, "CACertificateIdentifier": { "markdownDescription": "The CA certificate identifier to use for the DB instance's server certificate.\n\nFor more information, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", "title": "CACertificateIdentifier", "type": "string" }, "CertificateRotationRestart": { "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, see [Updating Your Amazon DocumentDB TLS Certificates](https://docs.aws.amazon.com/documentdb/latest/developerguide/ca_cert_rotation.html) and [Encrypting Data in Transit](https://docs.aws.amazon.com/documentdb/latest/developerguide/security.encryption.ssl.html) in the *Amazon DocumentDB Developer Guide* .", "title": "CertificateRotationRestart", "type": "boolean" }, "DBClusterIdentifier": { "markdownDescription": "The identifier of the cluster that the instance will belong to.", "title": "DBClusterIdentifier", "type": "string" }, "DBInstanceClass": { "markdownDescription": "The compute and memory capacity of the instance; for example, `db.m4.large` . If you change the class of an instance there can be some interruption in the cluster's service.", "title": "DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { "markdownDescription": "The instance identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\nExample: `mydbinstance`", "title": "DBInstanceIdentifier", "type": "string" }, "EnablePerformanceInsights": { "markdownDescription": "A value that indicates whether to enable Performance Insights for the DB Instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/documentdb/latest/developerguide/performance-insights.html) .", "title": "EnablePerformanceInsights", "type": "boolean" }, "PreferredMaintenanceWindow": { "markdownDescription": "The time range each week during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\nValid days: Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\nConstraints: Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to be assigned to the instance. You can assign up to 10 tags to an instance.", "title": "Tags", "type": "array" } }, "required": [ "DBClusterIdentifier", "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ "AWS::DocDB::DBInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DocDB::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBSubnetGroupDescription": { "markdownDescription": "The description for the subnet group.", "title": "DBSubnetGroupDescription", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "The name for the subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens. Must not be default.\n\nExample: `mySubnetgroup`", "title": "DBSubnetGroupName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 subnet IDs for the subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to be assigned to the subnet group.", "title": "Tags", "type": "array" } }, "required": [ "DBSubnetGroupDescription", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::DocDB::DBSubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DocDB::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "A Boolean value; set to `true` to activate the subscription, set to `false` to create the subscription but not active it.", "title": "Enabled", "type": "boolean" }, "EventCategories": { "items": { "type": "string" }, "markdownDescription": "A list of event categories for a `SourceType` that you want to subscribe to.", "title": "EventCategories", "type": "array" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. Amazon SNS creates the ARN when you create a topic and subscribe to it.", "title": "SnsTopicArn", "type": "string" }, "SourceIds": { "items": { "type": "string" }, "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If `SourceIds` are provided, `SourceType` must also be provided.\n- If the source type is an instance, a `DBInstanceIdentifier` must be provided.\n- If the source type is a security group, a `DBSecurityGroupName` must be provided.\n- If the source type is a parameter group, a `DBParameterGroupName` must be provided.\n- If the source type is a snapshot, a `DBSnapshotIdentifier` must be provided.", "title": "SourceIds", "type": "array" }, "SourceType": { "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by an instance, you would set this parameter to `db-instance` . If this value is not specified, all events are returned.\n\nValid values: `db-instance` , `db-cluster` , `db-parameter-group` , `db-security-group` , `db-cluster-snapshot`", "title": "SourceType", "type": "string" }, "SubscriptionName": { "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be fewer than 255 characters.", "title": "SubscriptionName", "type": "string" } }, "required": [ "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::DocDB::EventSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DocDBElastic::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdminUserName": { "markdownDescription": "The name of the Amazon DocumentDB elastic clusters administrator.\n\n*Constraints* :\n\n- Must be from 1 to 63 letters or numbers.\n- The first character must be a letter.\n- Cannot be a reserved word.", "title": "AdminUserName", "type": "string" }, "AdminUserPassword": { "markdownDescription": "The password for the Elastic DocumentDB cluster administrator and can contain any printable ASCII characters.\n\n*Constraints* :\n\n- Must contain from 8 to 100 characters.\n- Cannot contain a forward slash (/), double quote (\"), or the \"at\" symbol (@).\n- A valid `AdminUserName` entry is also required.", "title": "AdminUserPassword", "type": "string" }, "AuthType": { "markdownDescription": "The authentication type used to determine where to fetch the password used for accessing the elastic cluster. Valid types are `PLAIN_TEXT` or `SECRET_ARN` .", "title": "AuthType", "type": "string" }, "BackupRetentionPeriod": { "markdownDescription": "The number of days for which automatic snapshots are retained.", "title": "BackupRetentionPeriod", "type": "number" }, "ClusterName": { "markdownDescription": "The name of the new elastic cluster. This parameter is stored as a lowercase string.\n\n*Constraints* :\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- The first character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n\n*Example* : `my-cluster`", "title": "ClusterName", "type": "string" }, "KmsKeyId": { "markdownDescription": "The KMS key identifier to use to encrypt the new elastic cluster.\n\nThe KMS key identifier is the Amazon Resource Name (ARN) for the KMS encryption key. If you are creating a cluster using the same Amazon account that owns this KMS encryption key, you can use the KMS key alias instead of the ARN as the KMS encryption key.\n\nIf an encryption key is not specified, Amazon DocumentDB uses the default encryption key that KMS creates for your account. Your account has a different default encryption key for each Amazon Region.", "title": "KmsKeyId", "type": "string" }, "PreferredBackupWindow": { "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, as determined by `backupRetentionPeriod` .", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\n*Format* : `ddd:hh24:mi-ddd:hh24:mi`\n\n*Default* : a 30-minute window selected at random from an 8-hour block of time for each AWS Region , occurring on a random day of the week.\n\n*Valid days* : Mon, Tue, Wed, Thu, Fri, Sat, Sun\n\n*Constraints* : Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "ShardCapacity": { "markdownDescription": "The number of vCPUs assigned to each elastic cluster shard. Maximum is 64. Allowed values are 2, 4, 8, 16, 32, 64.", "title": "ShardCapacity", "type": "number" }, "ShardCount": { "markdownDescription": "The number of shards assigned to the elastic cluster. Maximum is 32.", "title": "ShardCount", "type": "number" }, "ShardInstanceCount": { "markdownDescription": "The number of replica instances applying to all shards in the cluster. A `shardInstanceCount` value of 1 means there is one writer instance, and any additional instances are replicas that can be used for reads and to improve availability.", "title": "ShardInstanceCount", "type": "number" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 subnet IDs for the new elastic cluster.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to be assigned to the new elastic cluster.", "title": "Tags", "type": "array" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of EC2 VPC security groups to associate with the new elastic cluster.", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "AdminUserName", "AuthType", "ClusterName", "ShardCapacity", "ShardCount" ], "type": "object" }, "Type": { "enum": [ "AWS::DocDBElastic::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DynamoDB::GlobalTable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttributeDefinitions": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.AttributeDefinition" }, "markdownDescription": "A list of attributes that describe the key schema for the global table and indexes.", "title": "AttributeDefinitions", "type": "array" }, "BillingMode": { "markdownDescription": "Specifies how you are charged for read and write throughput and how you manage capacity. Valid values are:\n\n- `PAY_PER_REQUEST`\n- `PROVISIONED`\n\nAll replicas in your global table will have the same billing mode. If you use `PROVISIONED` billing mode, you must provide an auto scaling configuration via the `WriteProvisionedThroughputSettings` property. The default value of this property is `PROVISIONED` .", "title": "BillingMode", "type": "string" }, "GlobalSecondaryIndexes": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex" }, "markdownDescription": "Global secondary indexes to be created on the global table. You can create up to 20 global secondary indexes. Each replica in your global table will have the same global secondary index settings. You can only create or delete one global secondary index in a single stack operation.\n\nSince the backfilling of an index could take a long time, CloudFormation does not wait for the index to become active. If a stack operation rolls back, CloudFormation might not delete an index that has been added. In that case, you will need to delete the index manually.", "title": "GlobalSecondaryIndexes", "type": "array" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", "title": "KeySchema", "type": "array" }, "LocalSecondaryIndexes": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.LocalSecondaryIndex" }, "markdownDescription": "Local secondary indexes to be created on the table. You can create up to five local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes. Each replica in your global table will have the same local secondary index settings.", "title": "LocalSecondaryIndexes", "type": "array" }, "Replicas": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSpecification" }, "markdownDescription": "Specifies the list of replicas for your global table. The list must contain at least one element, the region where the stack defining the global table is deployed. For example, if you define your table in a stack deployed to us-east-1, you must have an entry in `Replicas` with the region us-east-1. You cannot remove the replica in the stack region.\n\n> Adding a replica might take a few minutes for an empty table, or up to several hours for large tables. If you want to add or remove a replica, we recommend submitting an `UpdateStack` operation containing only that change.\n> \n> If you add or delete a replica during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new replica, you might need to manually delete the replica. \n\nYou can create a new global table with as many replicas as needed. You can add or remove replicas after table creation, but you can only add or remove a single replica in each update.", "title": "Replicas", "type": "array" }, "SSESpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.SSESpecification", "markdownDescription": "Specifies the settings to enable server-side encryption. These settings will be applied to all replicas. If you plan to use customer-managed KMS keys, you must provide a key for each replica using the `ReplicaSpecification.ReplicaSSESpecification` property.", "title": "SSESpecification" }, "StreamSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.StreamSpecification", "markdownDescription": "Specifies the streams settings on your global table. You must provide a value for this property if your global table contains more than one replica. You can only change the streams settings if your global table has only one replica.", "title": "StreamSpecification" }, "TableName": { "markdownDescription": "A name for the global table. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID as the table name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "TableName", "type": "string" }, "TimeToLiveSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TimeToLiveSpecification", "markdownDescription": "Specifies the time to live (TTL) settings for the table. This setting will be applied to all replicas.", "title": "TimeToLiveSpecification" }, "WriteProvisionedThroughputSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", "markdownDescription": "Specifies an auto scaling policy for write capacity. This policy will be applied to all replicas. This setting must be specified if `BillingMode` is set to `PROVISIONED` .", "title": "WriteProvisionedThroughputSettings" } }, "required": [ "AttributeDefinitions", "KeySchema", "Replicas" ], "type": "object" }, "Type": { "enum": [ "AWS::DynamoDB::GlobalTable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.AttributeDefinition": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "A name for the attribute.", "title": "AttributeName", "type": "string" }, "AttributeType": { "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", "title": "AttributeType", "type": "string" } }, "required": [ "AttributeName", "AttributeType" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The maximum provisioned capacity units for the global table.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum provisioned capacity units for the global table.", "title": "MinCapacity", "type": "number" }, "SeedCapacity": { "markdownDescription": "When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent.\n\nIf you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10.\n\nYou must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` .", "title": "SeedCapacity", "type": "number" }, "TargetTrackingScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration", "markdownDescription": "Defines a target tracking scaling policy.", "title": "TargetTrackingScalingPolicyConfiguration" } }, "required": [ "MaxCapacity", "MinCapacity", "TargetTrackingScalingPolicyConfiguration" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.GlobalSecondaryIndex": { "additionalProperties": false, "properties": { "IndexName": { "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", "title": "IndexName", "type": "string" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeySchema", "type": "array" }, "Projection": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", "title": "Projection" }, "WriteProvisionedThroughputSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings", "markdownDescription": "Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index.", "title": "WriteProvisionedThroughputSettings" } }, "required": [ "IndexName", "KeySchema", "Projection" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.KeySchema": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of a key attribute.", "title": "AttributeName", "type": "string" }, "KeyType": { "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeyType", "type": "string" } }, "required": [ "AttributeName", "KeyType" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.KinesisStreamSpecification": { "additionalProperties": false, "properties": { "ApproximateCreationDateTimePrecision": { "markdownDescription": "The precision for the time and date that the stream was created.", "title": "ApproximateCreationDateTimePrecision", "type": "string" }, "StreamArn": { "markdownDescription": "The ARN for a specific Kinesis data stream.", "title": "StreamArn", "type": "string" } }, "required": [ "StreamArn" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.LocalSecondaryIndex": { "additionalProperties": false, "properties": { "IndexName": { "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", "title": "IndexName", "type": "string" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KeySchema" }, "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeySchema", "type": "array" }, "Projection": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.Projection", "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", "title": "Projection" } }, "required": [ "IndexName", "KeySchema", "Projection" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification": { "additionalProperties": false, "properties": { "PointInTimeRecoveryEnabled": { "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", "title": "PointInTimeRecoveryEnabled", "type": "boolean" } }, "type": "object" }, "AWS::DynamoDB::GlobalTable.Projection": { "additionalProperties": false, "properties": { "NonKeyAttributes": { "items": { "type": "string" }, "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", "title": "NonKeyAttributes", "type": "array" }, "ProjectionType": { "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", "title": "ProjectionType", "type": "string" } }, "type": "object" }, "AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings": { "additionalProperties": false, "properties": { "ReadCapacityAutoScalingSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", "title": "ReadCapacityAutoScalingSettings" }, "ReadCapacityUnits": { "markdownDescription": "Specifies a fixed read capacity for the replica table or global secondary index.", "title": "ReadCapacityUnits", "type": "number" } }, "type": "object" }, "AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification": { "additionalProperties": false, "properties": { "ContributorInsightsSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", "markdownDescription": "Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table\u2019s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table.", "title": "ContributorInsightsSpecification" }, "IndexName": { "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", "title": "IndexName", "type": "string" }, "ReadProvisionedThroughputSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", "markdownDescription": "Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` .", "title": "ReadProvisionedThroughputSettings" } }, "required": [ "IndexName" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.ReplicaSSESpecification": { "additionalProperties": false, "properties": { "KMSMasterKeyId": { "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", "title": "KMSMasterKeyId", "type": "string" } }, "required": [ "KMSMasterKeyId" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.ReplicaSpecification": { "additionalProperties": false, "properties": { "ContributorInsightsSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ContributorInsightsSpecification", "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica.", "title": "ContributorInsightsSpecification" }, "DeletionProtectionEnabled": { "markdownDescription": "Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", "title": "DeletionProtectionEnabled", "type": "boolean" }, "GlobalSecondaryIndexes": { "items": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaGlobalSecondaryIndexSpecification" }, "markdownDescription": "Defines additional settings for the global secondary indexes of this replica.", "title": "GlobalSecondaryIndexes", "type": "array" }, "KinesisStreamSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.KinesisStreamSpecification", "markdownDescription": "Defines the Kinesis Data Streams configuration for the specified replica.", "title": "KinesisStreamSpecification" }, "PointInTimeRecoverySpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.PointInTimeRecoverySpecification", "markdownDescription": "The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica.", "title": "PointInTimeRecoverySpecification" }, "ReadProvisionedThroughputSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReadProvisionedThroughputSettings", "markdownDescription": "Defines read capacity settings for the replica table.", "title": "ReadProvisionedThroughputSettings" }, "Region": { "markdownDescription": "The region in which this replica exists.", "title": "Region", "type": "string" }, "ReplicaStreamSpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification", "markdownDescription": "Represents the DynamoDB Streams configuration for a global table replica.", "title": "ReplicaStreamSpecification" }, "ResourcePolicy": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", "markdownDescription": "A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", "title": "ResourcePolicy" }, "SSESpecification": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ReplicaSSESpecification", "markdownDescription": "Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas.", "title": "SSESpecification" }, "TableClass": { "markdownDescription": "The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", "title": "TableClass", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this replica.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Region" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.ReplicaStreamSpecification": { "additionalProperties": false, "properties": { "ResourcePolicy": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.ResourcePolicy", "markdownDescription": "A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nYou can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource.", "title": "ResourcePolicy" } }, "required": [ "ResourcePolicy" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.ResourcePolicy": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", "title": "PolicyDocument", "type": "object" } }, "required": [ "PolicyDocument" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.SSESpecification": { "additionalProperties": false, "properties": { "SSEEnabled": { "markdownDescription": "Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys.", "title": "SSEEnabled", "type": "boolean" }, "SSEType": { "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", "title": "SSEType", "type": "string" } }, "required": [ "SSEEnabled" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.StreamSpecification": { "additionalProperties": false, "properties": { "StreamViewType": { "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", "title": "StreamViewType", "type": "string" } }, "required": [ "StreamViewType" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.TargetTrackingScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "DisableScaleIn": { "markdownDescription": "Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` .", "title": "DisableScaleIn", "type": "boolean" }, "ScaleInCooldown": { "markdownDescription": "The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start.", "title": "ScaleInCooldown", "type": "number" }, "ScaleOutCooldown": { "markdownDescription": "The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start.", "title": "ScaleOutCooldown", "type": "number" }, "TargetValue": { "markdownDescription": "Defines a target value for the scaling policy.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.TimeToLiveSpecification": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of the attribute used to store the expiration time for items in the table.\n\nCurrently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed.", "title": "AttributeName", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::DynamoDB::GlobalTable.WriteProvisionedThroughputSettings": { "additionalProperties": false, "properties": { "WriteCapacityAutoScalingSettings": { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable.CapacityAutoScalingSettings", "markdownDescription": "Specifies auto scaling settings for the replica table or global secondary index.", "title": "WriteCapacityAutoScalingSettings" } }, "type": "object" }, "AWS::DynamoDB::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttributeDefinitions": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.AttributeDefinition" }, "markdownDescription": "A list of attributes that describe the key schema for the table and indexes.\n\nThis property is required to create a DynamoDB table.\n\nUpdate requires: [Some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) . Replacement if you edit an existing AttributeDefinition.", "title": "AttributeDefinitions", "type": "array" }, "BillingMode": { "markdownDescription": "Specify how you are charged for read and write throughput and how you manage capacity.\n\nValid values include:\n\n- `PROVISIONED` - We recommend using `PROVISIONED` for predictable workloads. `PROVISIONED` sets the billing mode to [Provisioned Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual) .\n- `PAY_PER_REQUEST` - We recommend using `PAY_PER_REQUEST` for unpredictable workloads. `PAY_PER_REQUEST` sets the billing mode to [On-Demand Mode](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand) .\n\nIf not specified, the default is `PROVISIONED` .", "title": "BillingMode", "type": "string" }, "ContributorInsightsSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified table.", "title": "ContributorInsightsSpecification" }, "DeletionProtectionEnabled": { "markdownDescription": "Determines if a table is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* .", "title": "DeletionProtectionEnabled", "type": "boolean" }, "GlobalSecondaryIndexes": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.GlobalSecondaryIndex" }, "markdownDescription": "Global secondary indexes to be created on the table. You can create up to 20 global secondary indexes.\n\n> If you update a table to include a new global secondary index, AWS CloudFormation initiates the index creation and then proceeds with the stack update. AWS CloudFormation doesn't wait for the index to complete creation because the backfilling phase can take a long time, depending on the size of the table. You can't use the index or update the table until the index's status is `ACTIVE` . You can track its status by using the DynamoDB [DescribeTable](https://docs.aws.amazon.com/cli/latest/reference/dynamodb/describe-table.html) command.\n> \n> If you add or delete an index during an update, we recommend that you don't update any other resources. If your stack fails to update and is rolled back while adding a new index, you must manually delete the index.\n> \n> Updates are not supported. The following are exceptions:\n> \n> - If you update either the contributor insights specification or the provisioned throughput values of global secondary indexes, you can update the table without interruption.\n> - You can delete or add one global secondary index without interruption. If you do both in the same update (for example, by changing the index's logical ID), the update fails.", "title": "GlobalSecondaryIndexes", "type": "array" }, "ImportSourceSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.ImportSourceSpecification", "markdownDescription": "Specifies the properties of data being imported from the S3 bucket source to the table.\n\n> If you specify the `ImportSourceSpecification` property, and also specify either the `StreamSpecification` , the `TableClass` property, or the `DeletionProtectionEnabled` property, the IAM entity creating/updating stack must have `UpdateTable` permission.", "title": "ImportSourceSpecification" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" }, "markdownDescription": "Specifies the attributes that make up the primary key for the table. The attributes in the `KeySchema` property must also be defined in the `AttributeDefinitions` property.", "title": "KeySchema", "type": "array" }, "KinesisStreamSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.KinesisStreamSpecification", "markdownDescription": "The Kinesis Data Streams configuration for the specified table.", "title": "KinesisStreamSpecification" }, "LocalSecondaryIndexes": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.LocalSecondaryIndex" }, "markdownDescription": "Local secondary indexes to be created on the table. You can create up to 5 local secondary indexes. Each index is scoped to a given hash key value. The size of each hash key can be up to 10 gigabytes.", "title": "LocalSecondaryIndexes", "type": "array" }, "PointInTimeRecoverySpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.PointInTimeRecoverySpecification", "markdownDescription": "The settings used to enable point in time recovery.", "title": "PointInTimeRecoverySpecification" }, "ProvisionedThroughput": { "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", "markdownDescription": "Throughput for the specified table, which consists of values for `ReadCapacityUnits` and `WriteCapacityUnits` . For more information about the contents of a provisioned throughput structure, see [Amazon DynamoDB Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html) .\n\nIf you set `BillingMode` as `PROVISIONED` , you must specify this property. If you set `BillingMode` as `PAY_PER_REQUEST` , you cannot specify this property.", "title": "ProvisionedThroughput" }, "ResourcePolicy": { "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", "markdownDescription": "A resource-based policy document that contains permissions to add to the specified table. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .\n\nWhen you attach a resource-based policy while creating a table, the policy creation is *strongly consistent* . For information about the considerations that you should keep in mind while attaching a resource-based policy, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html) .", "title": "ResourcePolicy" }, "SSESpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", "markdownDescription": "Specifies the settings to enable server-side encryption.", "title": "SSESpecification" }, "StreamSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.StreamSpecification", "markdownDescription": "The settings for the DynamoDB table stream, which capture changes to items stored in the table.", "title": "StreamSpecification" }, "TableClass": { "markdownDescription": "The table class of the new table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` .", "title": "TableClass", "type": "string" }, "TableName": { "markdownDescription": "A name for the table. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the table name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "TableName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "TimeToLiveSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.TimeToLiveSpecification", "markdownDescription": "Specifies the Time to Live (TTL) settings for the table.\n\n> For detailed information about the limits in DynamoDB, see [Limits in Amazon DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the Amazon DynamoDB Developer Guide.", "title": "TimeToLiveSpecification" } }, "required": [ "KeySchema" ], "type": "object" }, "Type": { "enum": [ "AWS::DynamoDB::Table" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::DynamoDB::Table.AttributeDefinition": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "A name for the attribute.", "title": "AttributeName", "type": "string" }, "AttributeType": { "markdownDescription": "The data type for the attribute, where:\n\n- `S` - the attribute is of type String\n- `N` - the attribute is of type Number\n- `B` - the attribute is of type Binary", "title": "AttributeType", "type": "string" } }, "required": [ "AttributeName", "AttributeType" ], "type": "object" }, "AWS::DynamoDB::Table.ContributorInsightsSpecification": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false).", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::DynamoDB::Table.Csv": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter used for separating items in the CSV file being imported.", "title": "Delimiter", "type": "string" }, "HeaderList": { "items": { "type": "string" }, "markdownDescription": "List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header.", "title": "HeaderList", "type": "array" } }, "type": "object" }, "AWS::DynamoDB::Table.GlobalSecondaryIndex": { "additionalProperties": false, "properties": { "ContributorInsightsSpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.ContributorInsightsSpecification", "markdownDescription": "The settings used to enable or disable CloudWatch Contributor Insights for the specified global secondary index.", "title": "ContributorInsightsSpecification" }, "IndexName": { "markdownDescription": "The name of the global secondary index. The name must be unique among all other indexes on this table.", "title": "IndexName", "type": "string" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" }, "markdownDescription": "The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeySchema", "type": "array" }, "Projection": { "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", "markdownDescription": "Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", "title": "Projection" }, "ProvisionedThroughput": { "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", "markdownDescription": "Represents the provisioned throughput settings for the specified global secondary index.\n\nFor current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide* .", "title": "ProvisionedThroughput" } }, "required": [ "IndexName", "KeySchema", "Projection" ], "type": "object" }, "AWS::DynamoDB::Table.ImportSourceSpecification": { "additionalProperties": false, "properties": { "InputCompressionType": { "markdownDescription": "Type of compression to be used on the input coming from the imported table.", "title": "InputCompressionType", "type": "string" }, "InputFormat": { "markdownDescription": "The format of the source data. Valid values for `ImportFormat` are `CSV` , `DYNAMODB_JSON` or `ION` .", "title": "InputFormat", "type": "string" }, "InputFormatOptions": { "$ref": "#/definitions/AWS::DynamoDB::Table.InputFormatOptions", "markdownDescription": "Additional properties that specify how the input is formatted,", "title": "InputFormatOptions" }, "S3BucketSource": { "$ref": "#/definitions/AWS::DynamoDB::Table.S3BucketSource", "markdownDescription": "The S3 bucket that provides the source for the import.", "title": "S3BucketSource" } }, "required": [ "InputFormat", "S3BucketSource" ], "type": "object" }, "AWS::DynamoDB::Table.InputFormatOptions": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::DynamoDB::Table.Csv", "markdownDescription": "The options for imported source files in CSV format. The values are Delimiter and HeaderList.", "title": "Csv" } }, "type": "object" }, "AWS::DynamoDB::Table.KeySchema": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of a key attribute.", "title": "AttributeName", "type": "string" }, "KeyType": { "markdownDescription": "The role that this key attribute will assume:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeyType", "type": "string" } }, "required": [ "AttributeName", "KeyType" ], "type": "object" }, "AWS::DynamoDB::Table.KinesisStreamSpecification": { "additionalProperties": false, "properties": { "ApproximateCreationDateTimePrecision": { "markdownDescription": "The precision for the time and date that the stream was created.", "title": "ApproximateCreationDateTimePrecision", "type": "string" }, "StreamArn": { "markdownDescription": "The ARN for a specific Kinesis data stream.\n\nLength Constraints: Minimum length of 37. Maximum length of 1024.", "title": "StreamArn", "type": "string" } }, "required": [ "StreamArn" ], "type": "object" }, "AWS::DynamoDB::Table.LocalSecondaryIndex": { "additionalProperties": false, "properties": { "IndexName": { "markdownDescription": "The name of the local secondary index. The name must be unique among all other indexes on this table.", "title": "IndexName", "type": "string" }, "KeySchema": { "items": { "$ref": "#/definitions/AWS::DynamoDB::Table.KeySchema" }, "markdownDescription": "The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types:\n\n- `HASH` - partition key\n- `RANGE` - sort key\n\n> The partition key of an item is also known as its *hash attribute* . The term \"hash attribute\" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values.\n> \n> The sort key of an item is also known as its *range attribute* . The term \"range attribute\" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value.", "title": "KeySchema", "type": "array" }, "Projection": { "$ref": "#/definitions/AWS::DynamoDB::Table.Projection", "markdownDescription": "Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected.", "title": "Projection" } }, "required": [ "IndexName", "KeySchema", "Projection" ], "type": "object" }, "AWS::DynamoDB::Table.PointInTimeRecoverySpecification": { "additionalProperties": false, "properties": { "PointInTimeRecoveryEnabled": { "markdownDescription": "Indicates whether point in time recovery is enabled (true) or disabled (false) on the table.", "title": "PointInTimeRecoveryEnabled", "type": "boolean" } }, "type": "object" }, "AWS::DynamoDB::Table.Projection": { "additionalProperties": false, "properties": { "NonKeyAttributes": { "items": { "type": "string" }, "markdownDescription": "Represents the non-key attribute names which will be projected into the index.\n\nFor local secondary indexes, the total count of `NonKeyAttributes` summed across all of the local secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total.", "title": "NonKeyAttributes", "type": "array" }, "ProjectionType": { "markdownDescription": "The set of attributes that are projected into the index:\n\n- `KEYS_ONLY` - Only the index and primary keys are projected into the index.\n- `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify.\n- `ALL` - All of the table attributes are projected into the index.\n\nWhen using the DynamoDB console, `ALL` is selected by default.", "title": "ProjectionType", "type": "string" } }, "type": "object" }, "AWS::DynamoDB::Table.ProvisionedThroughput": { "additionalProperties": false, "properties": { "ReadCapacityUnits": { "markdownDescription": "The maximum number of strongly consistent reads consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", "title": "ReadCapacityUnits", "type": "number" }, "WriteCapacityUnits": { "markdownDescription": "The maximum number of writes consumed per second before DynamoDB returns a `ThrottlingException` . For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide* .\n\nIf read/write capacity mode is `PAY_PER_REQUEST` the value is set to 0.", "title": "WriteCapacityUnits", "type": "number" } }, "required": [ "ReadCapacityUnits", "WriteCapacityUnits" ], "type": "object" }, "AWS::DynamoDB::Table.ResourcePolicy": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A resource-based policy document that contains permissions to add to the specified DynamoDB table, index, or both. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", "title": "PolicyDocument", "type": "object" } }, "required": [ "PolicyDocument" ], "type": "object" }, "AWS::DynamoDB::Table.S3BucketSource": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The S3 bucket that is being imported from.", "title": "S3Bucket", "type": "string" }, "S3BucketOwner": { "markdownDescription": "The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional.", "title": "S3BucketOwner", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "The key prefix shared by all S3 Objects that are being imported.", "title": "S3KeyPrefix", "type": "string" } }, "required": [ "S3Bucket" ], "type": "object" }, "AWS::DynamoDB::Table.SSESpecification": { "additionalProperties": false, "properties": { "KMSMasterKeyId": { "markdownDescription": "The AWS KMS key that should be used for the AWS KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` .", "title": "KMSMasterKeyId", "type": "string" }, "SSEEnabled": { "markdownDescription": "Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to `KMS` and an AWS managed key is used ( AWS KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key.", "title": "SSEEnabled", "type": "boolean" }, "SSEType": { "markdownDescription": "Server-side encryption type. The only supported value is:\n\n- `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS KMS ( AWS KMS charges apply).", "title": "SSEType", "type": "string" } }, "required": [ "SSEEnabled" ], "type": "object" }, "AWS::DynamoDB::Table.StreamSpecification": { "additionalProperties": false, "properties": { "ResourcePolicy": { "$ref": "#/definitions/AWS::DynamoDB::Table.ResourcePolicy", "markdownDescription": "Creates or updates a resource-based policy document that contains the permissions for DynamoDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource.\n\nIn a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) .", "title": "ResourcePolicy" }, "StreamViewType": { "markdownDescription": "When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are:\n\n- `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream.\n- `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream.\n- `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream.\n- `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream.", "title": "StreamViewType", "type": "string" } }, "required": [ "StreamViewType" ], "type": "object" }, "AWS::DynamoDB::Table.TimeToLiveSpecification": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of the TTL attribute used to store the expiration time for items in the table.\n\n> - The `AttributeName` property is required when enabling the TTL, or when TTL is already enabled.\n> - To update this property, you must first disable TTL and then enable TTL with the new attribute name.", "title": "AttributeName", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether TTL is to be enabled (true) or disabled (false) on the table.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::EC2::CapacityReservation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone in which to create the Capacity Reservation.", "title": "AvailabilityZone", "type": "string" }, "EbsOptimized": { "markdownDescription": "Indicates whether the Capacity Reservation supports EBS-optimized instances. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS- optimized instance.", "title": "EbsOptimized", "type": "boolean" }, "EndDate": { "markdownDescription": "The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. The Capacity Reservation's state changes to `expired` when it reaches its end date and time.\n\nYou must provide an `EndDate` value if `EndDateType` is `limited` . Omit `EndDate` if `EndDateType` is `unlimited` .\n\nIf the `EndDateType` is `limited` , the Capacity Reservation is cancelled within an hour from the specified time. For example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to end between 13:30:55 and 14:30:55 on 5/31/2019.", "title": "EndDate", "type": "string" }, "EndDateType": { "markdownDescription": "Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can have one of the following end types:\n\n- `unlimited` - The Capacity Reservation remains active until you explicitly cancel it. Do not provide an `EndDate` if the `EndDateType` is `unlimited` .\n- `limited` - The Capacity Reservation expires automatically at a specified date and time. You must provide an `EndDate` value if the `EndDateType` value is `limited` .", "title": "EndDateType", "type": "string" }, "EphemeralStorage": { "markdownDescription": "*Deprecated.*", "title": "EphemeralStorage", "type": "boolean" }, "InstanceCount": { "markdownDescription": "The number of instances for which to reserve capacity.\n\nValid range: 1 - 1000", "title": "InstanceCount", "type": "number" }, "InstanceMatchCriteria": { "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation accepts. The options include:\n\n- `open` - The Capacity Reservation automatically matches all instances that have matching attributes (instance type, platform, and Availability Zone). Instances that have matching attributes run in the Capacity Reservation automatically without specifying any additional parameters.\n- `targeted` - The Capacity Reservation only accepts instances that have matching attributes (instance type, platform, and Availability Zone), and explicitly target the Capacity Reservation. This ensures that only permitted instances can use the reserved capacity.\n\nDefault: `open`", "title": "InstanceMatchCriteria", "type": "string" }, "InstancePlatform": { "markdownDescription": "The type of operating system for which to reserve capacity.", "title": "InstancePlatform", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type for which to reserve capacity. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .", "title": "InstanceType", "type": "string" }, "OutPostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost on which to create the Capacity Reservation.", "title": "OutPostArn", "type": "string" }, "PlacementGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the cluster placement group in which to create the Capacity Reservation. For more information, see [Capacity Reservations for cluster placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cr-cpg.html) in the *Amazon EC2 User Guide* .", "title": "PlacementGroupArn", "type": "string" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::CapacityReservation.TagSpecification" }, "markdownDescription": "The tags to apply to the Capacity Reservation during launch.", "title": "TagSpecifications", "type": "array" }, "Tenancy": { "markdownDescription": "Indicates the tenancy of the Capacity Reservation. A Capacity Reservation can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservation is created on single-tenant hardware that is dedicated to a single AWS account .", "title": "Tenancy", "type": "string" } }, "required": [ "AvailabilityZone", "InstanceCount", "InstancePlatform", "InstanceType" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::CapacityReservation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::CapacityReservation.TagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource to tag. Specify `capacity-reservation` .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::CapacityReservationFleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "The strategy used by the Capacity Reservation Fleet to determine which of the specified instance types to use. Currently, only the `prioritized` allocation strategy is supported. For more information, see [Allocation strategy](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#allocation-strategy) in the *Amazon EC2 User Guide* .\n\nValid values: `prioritized`", "title": "AllocationStrategy", "type": "string" }, "EndDate": { "markdownDescription": "The date and time at which the Capacity Reservation Fleet expires. When the Capacity Reservation Fleet expires, its state changes to `expired` and all of the Capacity Reservations in the Fleet expire.\n\nThe Capacity Reservation Fleet expires within an hour after the specified time. For example, if you specify `5/31/2019` , `13:30:55` , the Capacity Reservation Fleet is guaranteed to expire between `13:30:55` and `14:30:55` on `5/31/2019` .", "title": "EndDate", "type": "string" }, "InstanceMatchCriteria": { "markdownDescription": "Indicates the type of instance launches that the Capacity Reservation Fleet accepts. All Capacity Reservations in the Fleet inherit this instance matching criteria.\n\nCurrently, Capacity Reservation Fleets support `open` instance matching criteria only. This means that instances that have matching attributes (instance type, platform, and Availability Zone) run in the Capacity Reservations automatically. Instances do not need to explicitly target a Capacity Reservation Fleet to use its reserved capacity.", "title": "InstanceMatchCriteria", "type": "string" }, "InstanceTypeSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification" }, "markdownDescription": "Information about the instance types for which to reserve the capacity.", "title": "InstanceTypeSpecifications", "type": "array" }, "NoRemoveEndDate": { "markdownDescription": "Used to add an end date to a Capacity Reservation Fleet that has no end date and time. To add an end date to a Capacity Reservation Fleet, specify `true` for this paramater and specify the end date and time (in UTC time format) for the *EndDate* parameter.", "title": "NoRemoveEndDate", "type": "boolean" }, "RemoveEndDate": { "markdownDescription": "Used to remove an end date from a Capacity Reservation Fleet that is configured to end automatically at a specific date and time. To remove the end date from a Capacity Reservation Fleet, specify `true` for this paramater and omit the *EndDate* parameter.", "title": "RemoveEndDate", "type": "boolean" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet.TagSpecification" }, "markdownDescription": "The tags to assign to the Capacity Reservation Fleet. The tags are automatically assigned to the Capacity Reservations in the Fleet.", "title": "TagSpecifications", "type": "array" }, "Tenancy": { "markdownDescription": "Indicates the tenancy of the Capacity Reservation Fleet. All Capacity Reservations in the Fleet inherit this tenancy. The Capacity Reservation Fleet can have one of the following tenancy settings:\n\n- `default` - The Capacity Reservation Fleet is created on hardware that is shared with other AWS accounts .\n- `dedicated` - The Capacity Reservations are created on single-tenant hardware that is dedicated to a single AWS account .", "title": "Tenancy", "type": "string" }, "TotalTargetCapacity": { "markdownDescription": "The total number of capacity units to be reserved by the Capacity Reservation Fleet. This value, together with the instance type weights that you assign to each instance type used by the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the *Amazon EC2 User Guide* .", "title": "TotalTargetCapacity", "type": "number" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::CapacityReservationFleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::CapacityReservationFleet.InstanceTypeSpecification": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", "title": "AvailabilityZone", "type": "string" }, "AvailabilityZoneId": { "markdownDescription": "The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone.", "title": "AvailabilityZoneId", "type": "string" }, "EbsOptimized": { "markdownDescription": "Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types.", "title": "EbsOptimized", "type": "boolean" }, "InstancePlatform": { "markdownDescription": "The type of operating system for which the Capacity Reservation Fleet reserves capacity.", "title": "InstancePlatform", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type for which the Capacity Reservation Fleet reserves capacity.", "title": "InstanceType", "type": "string" }, "Priority": { "markdownDescription": "The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* .", "title": "Priority", "type": "number" }, "Weight": { "markdownDescription": "The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide.\n\nValid Range: Minimum value of `0.001` . Maximum value of `99.999` .", "title": "Weight", "type": "number" } }, "type": "object" }, "AWS::EC2::CapacityReservationFleet.TagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource to tag on creation. Specify `capacity-reservation-fleet` .\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::CarrierGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the carrier gateway.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC associated with the carrier gateway.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::CarrierGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::ClientVpnAuthorizationRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessGroupId": { "markdownDescription": "The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if `AuthorizeAllGroups` is `false` or not specified.", "title": "AccessGroupId", "type": "string" }, "AuthorizeAllGroups": { "markdownDescription": "Indicates whether to grant access to all clients. Specify `true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.", "title": "AuthorizeAllGroups", "type": "boolean" }, "ClientVpnEndpointId": { "markdownDescription": "The ID of the Client VPN endpoint.", "title": "ClientVpnEndpointId", "type": "string" }, "Description": { "markdownDescription": "A brief description of the authorization rule.", "title": "Description", "type": "string" }, "TargetNetworkCidr": { "markdownDescription": "The IPv4 address range, in CIDR notation, of the network for which access is being authorized.", "title": "TargetNetworkCidr", "type": "string" } }, "required": [ "ClientVpnEndpointId", "TargetNetworkCidr" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::ClientVpnAuthorizationRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationOptions": { "items": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest" }, "markdownDescription": "Information about the authentication method to be used to authenticate clients.", "title": "AuthenticationOptions", "type": "array" }, "ClientCidrBlock": { "markdownDescription": "The IPv4 address range, in CIDR notation, from which to assign client IP addresses. The address range cannot overlap with the local CIDR of the VPC in which the associated subnet is located, or the routes that you add manually. The address range cannot be changed after the Client VPN endpoint has been created. Client CIDR range must have a size of at least /22 and must not be greater than /12.", "title": "ClientCidrBlock", "type": "string" }, "ClientConnectOptions": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientConnectOptions", "markdownDescription": "The options for managing connection authorization for new client connections.", "title": "ClientConnectOptions" }, "ClientLoginBannerOptions": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions", "markdownDescription": "Options for enabling a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.", "title": "ClientLoginBannerOptions" }, "ConnectionLogOptions": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions", "markdownDescription": "Information about the client connection logging options.\n\nIf you enable client connection logging, data about client connections is sent to a Cloudwatch Logs log stream. The following information is logged:\n\n- Client connection requests\n- Client connection results (successful and unsuccessful)\n- Reasons for unsuccessful client connection requests\n- Client connection termination time", "title": "ConnectionLogOptions" }, "Description": { "markdownDescription": "A brief description of the Client VPN endpoint.", "title": "Description", "type": "string" }, "DnsServers": { "items": { "type": "string" }, "markdownDescription": "Information about the DNS servers to be used for DNS resolution. A Client VPN endpoint can have up to two DNS servers. If no DNS server is specified, the DNS address configured on the device is used for the DNS server.", "title": "DnsServers", "type": "array" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of one or more security groups to apply to the target network. You must also specify the ID of the VPC that contains the security groups.", "title": "SecurityGroupIds", "type": "array" }, "SelfServicePortal": { "markdownDescription": "Specify whether to enable the self-service portal for the Client VPN endpoint.\n\nDefault Value: `enabled`", "title": "SelfServicePortal", "type": "string" }, "ServerCertificateArn": { "markdownDescription": "The ARN of the server certificate. For more information, see the [AWS Certificate Manager User Guide](https://docs.aws.amazon.com/acm/latest/userguide/) .", "title": "ServerCertificateArn", "type": "string" }, "SessionTimeoutHours": { "markdownDescription": "The maximum VPN session duration time in hours.\n\nValid values: `8 | 10 | 12 | 24`\n\nDefault value: `24`", "title": "SessionTimeoutHours", "type": "number" }, "SplitTunnel": { "markdownDescription": "Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint.\n\nBy default, split-tunnel on a VPN endpoint is disabled.\n\nFor information about split-tunnel VPN endpoints, see [Split-tunnel AWS Client VPN endpoint](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html) in the *AWS Client VPN Administrator Guide* .", "title": "SplitTunnel", "type": "boolean" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.TagSpecification" }, "markdownDescription": "The tags to apply to the Client VPN endpoint during creation.", "title": "TagSpecifications", "type": "array" }, "TransportProtocol": { "markdownDescription": "The transport protocol to be used by the VPN session.\n\nDefault value: `udp`", "title": "TransportProtocol", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC to associate with the Client VPN endpoint. If no security group IDs are specified in the request, the default security group for the VPC is applied.", "title": "VpcId", "type": "string" }, "VpnPort": { "markdownDescription": "The port number to assign to the Client VPN endpoint for TCP and UDP traffic.\n\nValid Values: `443` | `1194`\n\nDefault Value: `443`", "title": "VpnPort", "type": "number" } }, "required": [ "AuthenticationOptions", "ClientCidrBlock", "ConnectionLogOptions", "ServerCertificateArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::ClientVpnEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest": { "additionalProperties": false, "properties": { "ClientRootCertificateChainArn": { "markdownDescription": "The ARN of the client certificate. The certificate must be signed by a certificate authority (CA) and it must be provisioned in AWS Certificate Manager (ACM).", "title": "ClientRootCertificateChainArn", "type": "string" } }, "required": [ "ClientRootCertificateChainArn" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.ClientAuthenticationRequest": { "additionalProperties": false, "properties": { "ActiveDirectory": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest", "markdownDescription": "Information about the Active Directory to be used, if applicable. You must provide this information if *Type* is `directory-service-authentication` .", "title": "ActiveDirectory" }, "FederatedAuthentication": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest", "markdownDescription": "Information about the IAM SAML identity provider, if applicable.", "title": "FederatedAuthentication" }, "MutualAuthentication": { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint.CertificateAuthenticationRequest", "markdownDescription": "Information about the authentication certificates to be used, if applicable. You must provide this information if *Type* is `certificate-authentication` .", "title": "MutualAuthentication" }, "Type": { "markdownDescription": "The type of client authentication to be used.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.ClientConnectOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether client connect options are enabled. The default is `false` (not enabled).", "title": "Enabled", "type": "boolean" }, "LambdaFunctionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function used for connection authorization.", "title": "LambdaFunctionArn", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.ClientLoginBannerOptions": { "additionalProperties": false, "properties": { "BannerText": { "markdownDescription": "Customizable text that will be displayed in a banner on AWS provided clients when a VPN session is established. UTF-8 encoded characters only. Maximum of 1400 characters.", "title": "BannerText", "type": "string" }, "Enabled": { "markdownDescription": "Enable or disable a customizable text banner that will be displayed on AWS provided clients when a VPN session is established.\n\nValid values: `true | false`\n\nDefault value: `false`", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.ConnectionLogOptions": { "additionalProperties": false, "properties": { "CloudwatchLogGroup": { "markdownDescription": "The name of the CloudWatch Logs log group. Required if connection logging is enabled.", "title": "CloudwatchLogGroup", "type": "string" }, "CloudwatchLogStream": { "markdownDescription": "The name of the CloudWatch Logs log stream to which the connection data is published.", "title": "CloudwatchLogStream", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether connection logging is enabled.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.DirectoryServiceAuthenticationRequest": { "additionalProperties": false, "properties": { "DirectoryId": { "markdownDescription": "The ID of the Active Directory to be used for authentication.", "title": "DirectoryId", "type": "string" } }, "required": [ "DirectoryId" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.FederatedAuthenticationRequest": { "additionalProperties": false, "properties": { "SAMLProviderArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider.", "title": "SAMLProviderArn", "type": "string" }, "SelfServiceSAMLProviderArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.", "title": "SelfServiceSAMLProviderArn", "type": "string" } }, "required": [ "SAMLProviderArn" ], "type": "object" }, "AWS::EC2::ClientVpnEndpoint.TagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource to tag. To tag a Client VPN endpoint, `ResourceType` must be `client-vpn-endpoint` .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the resource.", "title": "Tags", "type": "array" } }, "required": [ "ResourceType", "Tags" ], "type": "object" }, "AWS::EC2::ClientVpnRoute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientVpnEndpointId": { "markdownDescription": "The ID of the Client VPN endpoint to which to add the route.", "title": "ClientVpnEndpointId", "type": "string" }, "Description": { "markdownDescription": "A brief description of the route.", "title": "Description", "type": "string" }, "DestinationCidrBlock": { "markdownDescription": "The IPv4 address range, in CIDR notation, of the route destination. For example:\n\n- To add a route for Internet access, enter `0.0.0.0/0`\n- To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range\n- To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range\n- To add a route for the local network, enter the client CIDR range", "title": "DestinationCidrBlock", "type": "string" }, "TargetVpcSubnetId": { "markdownDescription": "The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.\n\nAlternatively, if you're adding a route for the local network, specify `local` .", "title": "TargetVpcSubnetId", "type": "string" } }, "required": [ "ClientVpnEndpointId", "DestinationCidrBlock", "TargetVpcSubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::ClientVpnRoute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::ClientVpnTargetNetworkAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientVpnEndpointId": { "markdownDescription": "The ID of the Client VPN endpoint.", "title": "ClientVpnEndpointId", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet to associate with the Client VPN endpoint.", "title": "SubnetId", "type": "string" } }, "required": [ "ClientVpnEndpointId", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::ClientVpnTargetNetworkAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::CustomerGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BgpAsn": { "markdownDescription": "For customer gateway devices that support BGP, specify the device's ASN. You must specify either `BgpAsn` or `BgpAsnExtended` when creating the customer gateway. If the ASN is larger than `2,147,483,647` , you must use `BgpAsnExtended` .\n\nDefault: 65000\n\nValid values: `1` to `2,147,483,647`", "title": "BgpAsn", "type": "number" }, "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the customer gateway certificate.", "title": "CertificateArn", "type": "string" }, "DeviceName": { "markdownDescription": "The name of customer gateway device.", "title": "DeviceName", "type": "string" }, "IpAddress": { "markdownDescription": "IPv4 address for the customer gateway device's outside interface. The address must be static. If `OutsideIpAddressType` in your VPN connection options is set to `PrivateIpv4` , you can use an RFC6598 or RFC1918 private IPv4 address. If `OutsideIpAddressType` is set to `PublicIpv4` , you can use a public IPv4 address.", "title": "IpAddress", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags for the customer gateway.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of VPN connection that this customer gateway supports ( `ipsec.1` ).", "title": "Type", "type": "string" } }, "required": [ "IpAddress", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::CustomerGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::DHCPOptions": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "This value is used to complete unqualified DNS hostnames. If you're using AmazonProvidedDNS in `us-east-1` , specify `ec2.internal` . If you're using AmazonProvidedDNS in another Region, specify *region* . `compute.internal` (for example, `ap-northeast-1.compute.internal` ). Otherwise, specify a domain name (for example, *MyCompany.com* ).", "title": "DomainName", "type": "string" }, "DomainNameServers": { "items": { "type": "string" }, "markdownDescription": "The IPv4 addresses of up to four domain name servers, or `AmazonProvidedDNS` . The default is `AmazonProvidedDNS` . To have your instance receive a custom DNS hostname as specified in `DomainName` , you must set this property to a custom DNS server.", "title": "DomainNameServers", "type": "array" }, "Ipv6AddressPreferredLeaseTime": { "markdownDescription": "A value (in seconds, minutes, hours, or years) for how frequently a running instance with an IPv6 assigned to it goes through DHCPv6 lease renewal. Acceptable values are between 140 and 2147483647 seconds (approximately 68 years). If no value is entered, the default lease time is 140 seconds. If you use long-term addressing for EC2 instances, you can increase the lease time and avoid frequent lease renewal requests. Lease renewal typically occurs when half of the lease time has elapsed.", "title": "Ipv6AddressPreferredLeaseTime", "type": "number" }, "NetbiosNameServers": { "items": { "type": "string" }, "markdownDescription": "The IPv4 addresses of up to four NetBIOS name servers.", "title": "NetbiosNameServers", "type": "array" }, "NetbiosNodeType": { "markdownDescription": "The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported).", "title": "NetbiosNodeType", "type": "number" }, "NtpServers": { "items": { "type": "string" }, "markdownDescription": "The IPv4 addresses of up to four Network Time Protocol (NTP) servers.", "title": "NtpServers", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the DHCP options set.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::DHCPOptions" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::EC2Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Context": { "markdownDescription": "Reserved.", "title": "Context", "type": "string" }, "ExcessCapacityTerminationPolicy": { "markdownDescription": "Indicates whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2 Fleet.\n\nSupported only for fleets of type `maintain` .", "title": "ExcessCapacityTerminationPolicy", "type": "string" }, "LaunchTemplateConfigs": { "items": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest" }, "markdownDescription": "The configuration for the EC2 Fleet.", "title": "LaunchTemplateConfigs", "type": "array" }, "OnDemandOptions": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.OnDemandOptionsRequest", "markdownDescription": "Describes the configuration of On-Demand Instances in an EC2 Fleet.", "title": "OnDemandOptions" }, "ReplaceUnhealthyInstances": { "markdownDescription": "Indicates whether EC2 Fleet should replace unhealthy Spot Instances. Supported only for fleets of type `maintain` . For more information, see [EC2 Fleet health checks](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#ec2-fleet-health-checks) in the *Amazon EC2 User Guide* .", "title": "ReplaceUnhealthyInstances", "type": "boolean" }, "SpotOptions": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.SpotOptionsRequest", "markdownDescription": "Describes the configuration of Spot Instances in an EC2 Fleet.", "title": "SpotOptions" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.TagSpecification" }, "markdownDescription": "The key-value pair for tagging the EC2 Fleet request on creation. For more information, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .\n\nIf the fleet type is `instant` , specify a resource type of `fleet` to tag the fleet or `instance` to tag the instances at launch.\n\nIf the fleet type is `maintain` or `request` , specify a resource type of `fleet` to tag the fleet. You cannot specify a resource type of `instance` . To tag instances at launch, specify the tags in a [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) .", "title": "TagSpecifications", "type": "array" }, "TargetCapacitySpecification": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest", "markdownDescription": "The number of units to request.", "title": "TargetCapacitySpecification" }, "TerminateInstancesWithExpiration": { "markdownDescription": "Indicates whether running instances should be terminated when the EC2 Fleet expires.", "title": "TerminateInstancesWithExpiration", "type": "boolean" }, "Type": { "markdownDescription": "The fleet type. The default value is `maintain` .\n\n- `maintain` - The EC2 Fleet places an asynchronous request for your desired capacity, and continues to maintain your desired Spot capacity by replenishing interrupted Spot Instances.\n- `request` - The EC2 Fleet places an asynchronous one-time request for your desired capacity, but does submit Spot requests in alternative capacity pools if Spot capacity is unavailable, and does not maintain Spot capacity if Spot Instances are interrupted.\n- `instant` - The EC2 Fleet places a synchronous one-time request for your desired capacity, and returns errors for any instances that could not be launched.\n\nFor more information, see [EC2 Fleet request types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-request-type.html) in the *Amazon EC2 User Guide* .", "title": "Type", "type": "string" }, "ValidFrom": { "markdownDescription": "The start date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). The default is to start fulfilling the request immediately.", "title": "ValidFrom", "type": "string" }, "ValidUntil": { "markdownDescription": "The end date and time of the request, in UTC format (for example, *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). At this point, no new EC2 Fleet requests are placed or able to fulfill the request. If no value is specified, the request remains until you cancel it.", "title": "ValidUntil", "type": "string" } }, "required": [ "LaunchTemplateConfigs", "TargetCapacitySpecification" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::EC2Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::EC2Fleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.CapacityRebalance": { "additionalProperties": false, "properties": { "ReplacementStrategy": { "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", "title": "ReplacementStrategy", "type": "string" }, "TerminationDelay": { "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", "title": "TerminationDelay", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest": { "additionalProperties": false, "properties": { "UsageStrategy": { "markdownDescription": "Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity.\n\nIf you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ).\n\nIf you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy.", "title": "UsageStrategy", "type": "string" } }, "type": "object" }, "AWS::EC2::EC2Fleet.FleetLaunchTemplateConfigRequest": { "additionalProperties": false, "properties": { "LaunchTemplateSpecification": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest", "markdownDescription": "The launch template to use. You must specify either the launch template ID or launch template name in the request.", "title": "LaunchTemplateSpecification" }, "Overrides": { "items": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest" }, "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.\n\nFor fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates.", "title": "Overrides", "type": "array" } }, "type": "object" }, "AWS::EC2::EC2Fleet.FleetLaunchTemplateOverridesRequest": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone in which to launch the instances.", "title": "AvailabilityZone", "type": "string" }, "InstanceRequirements": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.InstanceRequirementsRequest", "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", "title": "InstanceRequirements" }, "InstanceType": { "markdownDescription": "The instance type.\n\n`mac1.metal` is not supported as a launch template override.\n\n> If you specify `InstanceType` , you can't specify `InstanceRequirements` .", "title": "InstanceType", "type": "string" }, "MaxPrice": { "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", "title": "MaxPrice", "type": "string" }, "Placement": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.Placement", "markdownDescription": "The location where the instance launched, if applicable.", "title": "Placement" }, "Priority": { "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", "title": "Priority", "type": "number" }, "SubnetId": { "markdownDescription": "The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID.", "title": "SubnetId", "type": "string" }, "WeightedCapacity": { "markdownDescription": "The number of units provided by the specified instance type.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", "title": "WeightedCapacity", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.FleetLaunchTemplateSpecificationRequest": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails.\n\nIf the value is `$Latest` , Amazon EC2 uses the latest version of the launch template.\n\nIf the value is `$Default` , Amazon EC2 uses the default version of the launch template.", "title": "Version", "type": "string" } }, "required": [ "Version" ], "type": "object" }, "AWS::EC2::EC2Fleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { "AcceleratorCount": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorCountRequest", "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", "title": "AcceleratorCount" }, "AcceleratorManufacturers": { "items": { "type": "string" }, "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", "title": "AcceleratorManufacturers", "type": "array" }, "AcceleratorNames": { "items": { "type": "string" }, "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", "title": "AcceleratorNames", "type": "array" }, "AcceleratorTotalMemoryMiB": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.AcceleratorTotalMemoryMiBRequest", "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", "title": "AcceleratorTotalMemoryMiB" }, "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "The accelerator types that must be on the instance type.\n\n- To include instance types with GPU hardware, specify `gpu` .\n- To include instance types with FPGA hardware, specify `fpga` .\n- To include instance types with inference hardware, specify `inference` .\n\nDefault: Any accelerator type", "title": "AcceleratorTypes", "type": "array" }, "AllowedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", "title": "AllowedInstanceTypes", "type": "array" }, "BareMetal": { "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BareMetal", "type": "string" }, "BaselineEbsBandwidthMbps": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.BaselineEbsBandwidthMbpsRequest", "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BurstablePerformance", "type": "string" }, "CpuManufacturers": { "items": { "type": "string" }, "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", "title": "CpuManufacturers", "type": "array" }, "ExcludedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", "title": "ExcludedInstanceTypes", "type": "array" }, "InstanceGenerations": { "items": { "type": "string" }, "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", "title": "InstanceGenerations", "type": "array" }, "LocalStorage": { "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", "title": "LocalStorage", "type": "string" }, "LocalStorageTypes": { "items": { "type": "string" }, "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", "title": "LocalStorageTypes", "type": "array" }, "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", "type": "number" }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest", "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", "title": "MemoryGiBPerVCpu" }, "MemoryMiB": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.MemoryMiBRequest", "markdownDescription": "The minimum and maximum amount of memory, in MiB.", "title": "MemoryMiB" }, "NetworkBandwidthGbps": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest", "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "NetworkBandwidthGbps" }, "NetworkInterfaceCount": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest", "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", "title": "NetworkInterfaceCount" }, "OnDemandMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", "title": "OnDemandMaxPricePercentageOverLowestPrice", "type": "number" }, "RequireHibernateSupport": { "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", "title": "RequireHibernateSupport", "type": "boolean" }, "SpotMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", "title": "SpotMaxPricePercentageOverLowestPrice", "type": "number" }, "TotalLocalStorageGB": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest", "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", "title": "TotalLocalStorageGB" }, "VCpuCount": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.VCpuCountRangeRequest", "markdownDescription": "The minimum and maximum number of vCPUs.", "title": "VCpuCount" } }, "type": "object" }, "AWS::EC2::EC2Fleet.MaintenanceStrategies": { "additionalProperties": false, "properties": { "CapacityRebalance": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityRebalance", "markdownDescription": "The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.", "title": "CapacityRebalance" } }, "type": "object" }, "AWS::EC2::EC2Fleet.MemoryGiBPerVCpuRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.MemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.NetworkBandwidthGbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.OnDemandOptionsRequest": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity.\n\n`lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first.\n\n`prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first.\n\nDefault: `lowest-price`", "title": "AllocationStrategy", "type": "string" }, "CapacityReservationOptions": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.CapacityReservationOptionsRequest", "markdownDescription": "The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity.\n\nSupported only for fleets of type `instant` .", "title": "CapacityReservationOptions" }, "MaxTotalPrice": { "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", "title": "MaxTotalPrice", "type": "string" }, "MinTargetCapacity": { "markdownDescription": "The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", "title": "MinTargetCapacity", "type": "number" }, "SingleAvailabilityZone": { "markdownDescription": "Indicates that the fleet launches all On-Demand Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", "title": "SingleAvailabilityZone", "type": "boolean" }, "SingleInstanceType": { "markdownDescription": "Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet.\n\nSupported only for fleets of type `instant` .", "title": "SingleInstanceType", "type": "boolean" } }, "type": "object" }, "AWS::EC2::EC2Fleet.Placement": { "additionalProperties": false, "properties": { "Affinity": { "markdownDescription": "The affinity setting for the instance on the Dedicated Host.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", "title": "Affinity", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", "title": "AvailabilityZone", "type": "string" }, "GroupName": { "markdownDescription": "The name of the placement group that the instance is in. If you specify `GroupName` , you can't specify `GroupId` .", "title": "GroupName", "type": "string" }, "HostId": { "markdownDescription": "The ID of the Dedicated Host on which the instance resides.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) .", "title": "HostId", "type": "string" }, "HostResourceGroupArn": { "markdownDescription": "The ARN of the host resource group in which to launch the instances.\n\nIf you specify this parameter, either omit the *Tenancy* parameter or set it to `host` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", "title": "HostResourceGroupArn", "type": "string" }, "PartitionNumber": { "markdownDescription": "The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` .\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) .", "title": "PartitionNumber", "type": "number" }, "SpreadDomain": { "markdownDescription": "Reserved for future use.", "title": "SpreadDomain", "type": "string" }, "Tenancy": { "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.\n\nThis parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option.", "title": "Tenancy", "type": "string" } }, "type": "object" }, "AWS::EC2::EC2Fleet.SpotOptionsRequest": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet.\n\nIf the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.\n\nIf the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify.\n\nIf the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity.\n\n*Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized`", "title": "AllocationStrategy", "type": "string" }, "InstanceInterruptionBehavior": { "markdownDescription": "The behavior when a Spot Instance is interrupted.\n\nDefault: `terminate`", "title": "InstanceInterruptionBehavior", "type": "string" }, "InstancePoolsToUseCount": { "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", "title": "InstancePoolsToUseCount", "type": "number" }, "MaintenanceStrategies": { "$ref": "#/definitions/AWS::EC2::EC2Fleet.MaintenanceStrategies", "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", "title": "MaintenanceStrategies" }, "MaxTotalPrice": { "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", "title": "MaxTotalPrice", "type": "string" }, "MinTargetCapacity": { "markdownDescription": "The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched.\n\nConstraints: Maximum value of `1000` . Supported only for fleets of type `instant` .\n\nAt least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType`", "title": "MinTargetCapacity", "type": "number" }, "SingleAvailabilityZone": { "markdownDescription": "Indicates that the fleet launches all Spot Instances into a single Availability Zone.\n\nSupported only for fleets of type `instant` .", "title": "SingleAvailabilityZone", "type": "boolean" }, "SingleInstanceType": { "markdownDescription": "Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet.\n\nSupported only for fleets of type `instant` .", "title": "SingleInstanceType", "type": "boolean" } }, "type": "object" }, "AWS::EC2::EC2Fleet.TagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource to tag.", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::EC2Fleet.TargetCapacitySpecificationRequest": { "additionalProperties": false, "properties": { "DefaultTargetCapacityType": { "markdownDescription": "The default target capacity type.", "title": "DefaultTargetCapacityType", "type": "string" }, "OnDemandTargetCapacity": { "markdownDescription": "The number of On-Demand units to request.", "title": "OnDemandTargetCapacity", "type": "number" }, "SpotTargetCapacity": { "markdownDescription": "The number of Spot units to request.", "title": "SpotTargetCapacity", "type": "number" }, "TargetCapacityUnitType": { "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection.\n\nDefault: `units` (the number of instances)", "title": "TargetCapacityUnitType", "type": "string" }, "TotalTargetCapacity": { "markdownDescription": "The number of units to request, filled using the default target capacity type.", "title": "TotalTargetCapacity", "type": "number" } }, "required": [ "TotalTargetCapacity" ], "type": "object" }, "AWS::EC2::EC2Fleet.TotalLocalStorageGBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EC2Fleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::EIP": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The network ( `vpc` ).\n\nIf you define an Elastic IP address and associate it with a VPC that is defined in the same template, you must declare a dependency on the VPC-gateway attachment by using the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) on this resource.", "title": "Domain", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the instance.\n\n> Updates to the `InstanceId` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "InstanceId", "type": "string" }, "NetworkBorderGroup": { "markdownDescription": "A unique set of Availability Zones, Local Zones, or Wavelength Zones from which AWS advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.\n\nUse [DescribeAvailabilityZones](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) to view the network border groups.", "title": "NetworkBorderGroup", "type": "string" }, "PublicIpv4Pool": { "markdownDescription": "The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool.\n\n> Updates to the `PublicIpv4Pool` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "PublicIpv4Pool", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the Elastic IP address.\n\n> Updates to the `Tags` property may require *some interruptions* . Updates on an EIP reassociates the address on its associated resource.", "title": "Tags", "type": "array" }, "TransferAddress": { "markdownDescription": "The Elastic IP address you are accepting for transfer. You can only accept one transferred address. For more information on Elastic IP address transfers, see [Transfer Elastic IP addresses](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) in the *Amazon Virtual Private Cloud User Guide* .", "title": "TransferAddress", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::EIP" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::EIPAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocationId": { "markdownDescription": "The allocation ID. This is required.", "title": "AllocationId", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.", "title": "InstanceId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.\n\nYou can specify either the instance ID or the network interface ID, but not both.", "title": "NetworkInterfaceId", "type": "string" }, "PrivateIpAddress": { "markdownDescription": "The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.", "title": "PrivateIpAddress", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::EIPAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::EgressOnlyInternetGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "VpcId": { "markdownDescription": "The ID of the VPC for which to create the egress-only internet gateway.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::EgressOnlyInternetGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::EnclaveCertificateIamRoleAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The ARN of the ACM certificate with which to associate the IAM role.", "title": "CertificateArn", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.", "title": "RoleArn", "type": "string" } }, "required": [ "CertificateArn", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::EnclaveCertificateIamRoleAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::FlowLog": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliverCrossAccountRole": { "markdownDescription": "The ARN of the IAM role that allows the service to publish flow logs across accounts.", "title": "DeliverCrossAccountRole", "type": "string" }, "DeliverLogsPermissionArn": { "markdownDescription": "The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the log destination.\n\nThis parameter is required if the destination type is `cloud-watch-logs` , or if the destination type is `kinesis-data-firehose` and the delivery stream and the resources to monitor are in different accounts.", "title": "DeliverLogsPermissionArn", "type": "string" }, "DestinationOptions": { "$ref": "#/definitions/AWS::EC2::FlowLog.DestinationOptions", "markdownDescription": "The destination options.", "title": "DestinationOptions" }, "LogDestination": { "markdownDescription": "The destination for the flow log data. The meaning of this parameter depends on the destination type.\n\n- If the destination type is `cloud-watch-logs` , specify the ARN of a CloudWatch Logs log group. For example:\n\narn:aws:logs: *region* : *account_id* :log-group: *my_group*\n\nAlternatively, use the `LogGroupName` parameter.\n- If the destination type is `s3` , specify the ARN of an S3 bucket. For example:\n\narn:aws:s3::: *my_bucket* / *my_subfolder* /\n\nThe subfolder is optional. Note that you can't use `AWSLogs` as a subfolder name.\n- If the destination type is `kinesis-data-firehose` , specify the ARN of a Kinesis Data Firehose delivery stream. For example:\n\narn:aws:firehose: *region* : *account_id* :deliverystream: *my_stream*", "title": "LogDestination", "type": "string" }, "LogDestinationType": { "markdownDescription": "The type of destination for the flow log data.\n\nDefault: `cloud-watch-logs`", "title": "LogDestinationType", "type": "string" }, "LogFormat": { "markdownDescription": "The fields to include in the flow log record, in the order in which they should appear. If you omit this parameter, the flow log is created using the default format. If you specify this parameter, you must include at least one field. For more information about the available fields, see [Flow log records](https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records) in the *Amazon VPC User Guide* or [Transit Gateway Flow Log records](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) in the *AWS Transit Gateway Guide* .\n\nSpecify the fields using the `${field-id}` format, separated by spaces.", "title": "LogFormat", "type": "string" }, "LogGroupName": { "markdownDescription": "The name of a new or existing CloudWatch Logs log group where Amazon EC2 publishes your flow logs.\n\nThis parameter is valid only if the destination type is `cloud-watch-logs` .", "title": "LogGroupName", "type": "string" }, "MaxAggregationInterval": { "markdownDescription": "The maximum interval of time during which a flow of packets is captured and aggregated into a flow log record. The possible values are 60 seconds (1 minute) or 600 seconds (10 minutes). This parameter must be 60 seconds for transit gateway resource types.\n\nWhen a network interface is attached to a [Nitro-based instance](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) , the aggregation interval is always 60 seconds or less, regardless of the value that you specify.\n\nDefault: 600", "title": "MaxAggregationInterval", "type": "number" }, "ResourceId": { "markdownDescription": "The ID of the resource to monitor. For example, if the resource type is `VPC` , specify the ID of the VPC.", "title": "ResourceId", "type": "string" }, "ResourceType": { "markdownDescription": "The type of resource to monitor.", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the flow logs.", "title": "Tags", "type": "array" }, "TrafficType": { "markdownDescription": "The type of traffic to monitor (accepted traffic, rejected traffic, or all traffic). This parameter is not supported for transit gateway resource types. It is required for the other resource types.", "title": "TrafficType", "type": "string" } }, "required": [ "ResourceId", "ResourceType" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::FlowLog" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::FlowLog.DestinationOptions": { "additionalProperties": false, "properties": { "FileFormat": { "markdownDescription": "The format for the flow log. The default is `plain-text` .", "title": "FileFormat", "type": "string" }, "HiveCompatiblePartitions": { "markdownDescription": "Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` .", "title": "HiveCompatiblePartitions", "type": "boolean" }, "PerHourPartition": { "markdownDescription": "Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` .", "title": "PerHourPartition", "type": "boolean" } }, "required": [ "FileFormat", "HiveCompatiblePartitions", "PerHourPartition" ], "type": "object" }, "AWS::EC2::GatewayRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GatewayId": { "markdownDescription": "The ID of the gateway.", "title": "GatewayId", "type": "string" }, "RouteTableId": { "markdownDescription": "The ID of the route table.", "title": "RouteTableId", "type": "string" } }, "required": [ "GatewayId", "RouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::GatewayRouteTableAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::Host": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssetId": { "markdownDescription": "The ID of the Outpost hardware asset on which the Dedicated Host is allocated.", "title": "AssetId", "type": "string" }, "AutoPlacement": { "markdownDescription": "Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [Understanding auto-placement and affinity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", "title": "AutoPlacement", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone in which to allocate the Dedicated Host.", "title": "AvailabilityZone", "type": "string" }, "HostMaintenance": { "markdownDescription": "Indicates whether host maintenance is enabled or disabled for the Dedicated Host.", "title": "HostMaintenance", "type": "string" }, "HostRecovery": { "markdownDescription": "Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see [Host recovery](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) in the *Amazon EC2 User Guide* .\n\nDefault: `off`", "title": "HostRecovery", "type": "string" }, "InstanceFamily": { "markdownDescription": "The instance family supported by the Dedicated Host. For example, `m5` .", "title": "InstanceFamily", "type": "string" }, "InstanceType": { "markdownDescription": "Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.", "title": "InstanceType", "type": "string" }, "OutpostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Outpost on which the Dedicated Host is allocated.", "title": "OutpostArn", "type": "string" } }, "required": [ "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::Host" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::IPAM": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description for the IPAM.", "title": "Description", "type": "string" }, "OperatingRegions": { "items": { "$ref": "#/definitions/AWS::EC2::IPAM.IpamOperatingRegion" }, "markdownDescription": "The operating Regions for an IPAM. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.\n\nFor more information about operating Regions, see [Create an IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/create-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "OperatingRegions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" }, "Tier": { "markdownDescription": "IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see the [VPC IPAM product pricing page](https://docs.aws.amazon.com//vpc/pricing/) .", "title": "Tier", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAM" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::IPAM.IpamOperatingRegion": { "additionalProperties": false, "properties": { "RegionName": { "markdownDescription": "The name of the operating Region.", "title": "RegionName", "type": "string" } }, "required": [ "RegionName" ], "type": "object" }, "AWS::EC2::IPAMAllocation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible values: Any available IPv4 or IPv6 CIDR.", "title": "Cidr", "type": "string" }, "Description": { "markdownDescription": "A description for the allocation.", "title": "Description", "type": "string" }, "IpamPoolId": { "markdownDescription": "The ID of the IPAM pool from which you would like to allocate a CIDR.", "title": "IpamPoolId", "type": "string" }, "NetmaskLength": { "markdownDescription": "The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:\n\n- If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.\n- If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.\n\nPossible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", "title": "NetmaskLength", "type": "number" } }, "required": [ "IpamPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMAllocation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::IPAMPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddressFamily": { "markdownDescription": "The address family of the pool.", "title": "AddressFamily", "type": "string" }, "AllocationDefaultNetmaskLength": { "markdownDescription": "The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.", "title": "AllocationDefaultNetmaskLength", "type": "number" }, "AllocationMaxNetmaskLength": { "markdownDescription": "The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. The maximum netmask length must be greater than the minimum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", "title": "AllocationMaxNetmaskLength", "type": "number" }, "AllocationMinNetmaskLength": { "markdownDescription": "The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. The minimum netmask length must be less than the maximum netmask length. Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.", "title": "AllocationMinNetmaskLength", "type": "number" }, "AllocationResourceTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags that are required for resources that use CIDRs from this IPAM pool. Resources that do not have these tags will not be allowed to allocate space from the pool. If the resources have their tags changed after they have allocated space or if the allocation tagging requirements are changed on the pool, the resource may be marked as noncompliant.", "title": "AllocationResourceTags", "type": "array" }, "AutoImport": { "markdownDescription": "If selected, IPAM will continuously look for resources within the CIDR range of this pool and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only.\n\nA locale must be set on the pool for this feature to work.", "title": "AutoImport", "type": "boolean" }, "AwsService": { "markdownDescription": "Limits which service in AWS that the pool can be used in. \"ec2\", for example, allows users to use space for Elastic IP addresses and VPCs.", "title": "AwsService", "type": "string" }, "Description": { "markdownDescription": "The description of the IPAM pool.", "title": "Description", "type": "string" }, "IpamScopeId": { "markdownDescription": "The ID of the scope in which you would like to create the IPAM pool.", "title": "IpamScopeId", "type": "string" }, "Locale": { "markdownDescription": "The locale of the IPAM pool. In IPAM, the locale is the AWS Region where you want to make an IPAM pool available for allocations. Only resources in the same Region as the locale of the pool can get IP address allocations from the pool. You can only allocate a CIDR for a VPC, for example, from an IPAM pool that shares a locale with the VPC\u2019s Region. Note that once you choose a Locale for a pool, you cannot modify it. If you choose an AWS Region for locale that has not been configured as an operating Region for the IPAM, you'll get an error.", "title": "Locale", "type": "string" }, "ProvisionedCidrs": { "items": { "$ref": "#/definitions/AWS::EC2::IPAMPool.ProvisionedCidr" }, "markdownDescription": "Information about the CIDRs provisioned to an IPAM pool.", "title": "ProvisionedCidrs", "type": "array" }, "PublicIpSource": { "markdownDescription": "The IP address source for pools in the public scope. Only used for provisioning IP address CIDRs to pools in the public scope. Default is `BYOIP` . For more information, see [Create IPv6 pools](https://docs.aws.amazon.com//vpc/latest/ipam/intro-create-ipv6-pools.html) in the *Amazon VPC IPAM User Guide* . By default, you can add only one Amazon-provided IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the default limit, see [Quotas for your IPAM](https://docs.aws.amazon.com//vpc/latest/ipam/quotas-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "PublicIpSource", "type": "string" }, "PubliclyAdvertisable": { "markdownDescription": "Determines if a pool is publicly advertisable. This option is not available for pools with AddressFamily set to `ipv4` .", "title": "PubliclyAdvertisable", "type": "boolean" }, "SourceIpamPoolId": { "markdownDescription": "The ID of the source IPAM pool. You can use this option to create an IPAM pool within an existing source pool.", "title": "SourceIpamPoolId", "type": "string" }, "SourceResource": { "$ref": "#/definitions/AWS::EC2::IPAMPool.SourceResource", "markdownDescription": "The resource used to provision CIDRs to a resource planning pool.", "title": "SourceResource" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" } }, "required": [ "AddressFamily", "IpamScopeId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::IPAMPool.ProvisionedCidr": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", "title": "Cidr", "type": "string" } }, "required": [ "Cidr" ], "type": "object" }, "AWS::EC2::IPAMPool.SourceResource": { "additionalProperties": false, "properties": { "ResourceId": { "markdownDescription": "The source resource ID.", "title": "ResourceId", "type": "string" }, "ResourceOwner": { "markdownDescription": "The source resource owner.", "title": "ResourceOwner", "type": "string" }, "ResourceRegion": { "markdownDescription": "The source resource Region.", "title": "ResourceRegion", "type": "string" }, "ResourceType": { "markdownDescription": "The source resource type.", "title": "ResourceType", "type": "string" } }, "required": [ "ResourceId", "ResourceOwner", "ResourceRegion", "ResourceType" ], "type": "object" }, "AWS::EC2::IPAMPoolCidr": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` .", "title": "Cidr", "type": "string" }, "IpamPoolId": { "markdownDescription": "The ID of the IPAM pool.", "title": "IpamPoolId", "type": "string" }, "NetmaskLength": { "markdownDescription": "The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. \"NetmaskLength\" or \"Cidr\" is required.", "title": "NetmaskLength", "type": "number" } }, "required": [ "IpamPoolId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMPoolCidr" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::IPAMResourceDiscovery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The resource discovery description.", "title": "Description", "type": "string" }, "OperatingRegions": { "items": { "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion" }, "markdownDescription": "The operating Regions for the resource discovery. Operating Regions are AWS Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the AWS Regions you select as operating Regions.", "title": "OperatingRegions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMResourceDiscovery" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::IPAMResourceDiscovery.IpamOperatingRegion": { "additionalProperties": false, "properties": { "RegionName": { "markdownDescription": "The name of the operating Region.", "title": "RegionName", "type": "string" } }, "required": [ "RegionName" ], "type": "object" }, "AWS::EC2::IPAMResourceDiscoveryAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IpamId": { "markdownDescription": "The IPAM ID.", "title": "IpamId", "type": "string" }, "IpamResourceDiscoveryId": { "markdownDescription": "The resource discovery ID.", "title": "IpamResourceDiscoveryId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag is a label that you assign to an AWS resource. Each tag consists of a key and an optional value. You can use tags to search and filter your resources or track your AWS costs.", "title": "Tags", "type": "array" } }, "required": [ "IpamId", "IpamResourceDiscoveryId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMResourceDiscoveryAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::IPAMScope": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the scope.", "title": "Description", "type": "string" }, "IpamId": { "markdownDescription": "The ID of the IPAM for which you're creating this scope.", "title": "IpamId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA` , specify `tag:Owner` for the filter name and `TeamA` for the filter value.", "title": "Tags", "type": "array" } }, "required": [ "IpamId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::IPAMScope" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "CreationPolicy": { "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalInfo": { "markdownDescription": "This property is reserved for internal use. If you use it, the stack fails with this error: `Bad property set: [Testing this property] (Service: AmazonEC2; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 0XXXXXX-49c7-4b40-8bcc-76885dcXXXXX)` .", "title": "AdditionalInfo", "type": "string" }, "Affinity": { "markdownDescription": "Indicates whether the instance is associated with a dedicated host. If you want the instance to always restart on the same host on which it was launched, specify `host` . If you want the instance to restart on any available host, but try to launch onto the last host it ran on (on a best-effort basis), specify `default` .", "title": "Affinity", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone of the instance.\n\nIf not specified, an Availability Zone will be automatically chosen for you based on the load balancing criteria for the Region.\n\nThis parameter is not supported by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", "title": "AvailabilityZone", "type": "string" }, "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.BlockDeviceMapping" }, "markdownDescription": "The block device mapping entries that defines the block devices to attach to the instance at launch.\n\nBy default, the block devices specified in the block device mapping for the AMI are used. You can override the AMI block device mapping using the instance block device mapping. For the root volume, you can override only the volume size, volume type, volume encryption settings, and the `DeleteOnTermination` setting.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "BlockDeviceMappings", "type": "array" }, "CpuOptions": { "$ref": "#/definitions/AWS::EC2::Instance.CpuOptions", "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "CpuOptions" }, "CreditSpecification": { "$ref": "#/definitions/AWS::EC2::Instance.CreditSpecification", "markdownDescription": "The credit option for CPU usage of the burstable performance instance. Valid values are `standard` and `unlimited` . To change this attribute after launch, use [ModifyInstanceCreditSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html) . For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide* .\n\nDefault: `standard` (T2 instances) or `unlimited` (T3/T3a/T4g instances)\n\nFor T3 instances with `host` tenancy, only `standard` is supported.", "title": "CreditSpecification" }, "DisableApiTermination": { "markdownDescription": "If you set this parameter to `true` , you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use [ModifyInstanceAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html) . Alternatively, if you set `InstanceInitiatedShutdownBehavior` to `terminate` , you can terminate the instance by running the shutdown command from the instance.\n\nDefault: `false`", "title": "DisableApiTermination", "type": "boolean" }, "EbsOptimized": { "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.\n\nDefault: `false`", "title": "EbsOptimized", "type": "boolean" }, "ElasticGpuSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.ElasticGpuSpecification" }, "markdownDescription": "An elastic GPU to associate with the instance.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024.", "title": "ElasticGpuSpecifications", "type": "array" }, "ElasticInferenceAccelerators": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.ElasticInferenceAccelerator" }, "markdownDescription": "An elastic inference accelerator to associate with the instance.\n\n> Amazon Elastic Inference (EI) is no longer available to new customers. For more information, see [Amazon Elastic Inference FAQs](https://docs.aws.amazon.com/machine-learning/elastic-inference/faqs/) .", "title": "ElasticInferenceAccelerators", "type": "array" }, "EnclaveOptions": { "$ref": "#/definitions/AWS::EC2::Instance.EnclaveOptions", "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves.", "title": "EnclaveOptions" }, "HibernationOptions": { "$ref": "#/definitions/AWS::EC2::Instance.HibernationOptions", "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .\n\nYou can't enable hibernation and AWS Nitro Enclaves on the same instance.", "title": "HibernationOptions" }, "HostId": { "markdownDescription": "If you specify host for the `Affinity` property, the ID of a dedicated host that the instance is associated with. If you don't specify an ID, Amazon EC2 launches the instance onto any available, compatible dedicated host in your account. This type of launch is called an untargeted launch. Note that for untargeted launches, you must have a compatible, dedicated host available to successfully launch instances.", "title": "HostId", "type": "string" }, "HostResourceGroupArn": { "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", "title": "HostResourceGroupArn", "type": "string" }, "IamInstanceProfile": { "markdownDescription": "The name of an IAM instance profile. To create a new IAM instance profile, use the [AWS::IAM::InstanceProfile](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-instanceprofile.html) resource.", "title": "IamInstanceProfile", "type": "string" }, "ImageId": { "markdownDescription": "The ID of the AMI. An AMI ID is required to launch an instance and must be specified here or in a launch template.", "title": "ImageId", "type": "string" }, "InstanceInitiatedShutdownBehavior": { "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", "title": "InstanceInitiatedShutdownBehavior", "type": "string" }, "InstanceType": { "markdownDescription": "The instance type. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nWhen you change your EBS-backed instance type, instance restart or replacement behavior depends on the instance type compatibility between the old and new types. An instance with an instance store volume as the root volume is always replaced. For more information, see [Change the instance type](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-resize.html) in the *Amazon EC2 User Guide* .", "title": "InstanceType", "type": "string" }, "Ipv6AddressCount": { "markdownDescription": "The number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "title": "Ipv6AddressCount", "type": "number" }, "Ipv6Addresses": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" }, "markdownDescription": "The IPv6 addresses from the range of the subnet to associate with the primary network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.\n\nYou cannot specify this option and the network interfaces option in the same request.", "title": "Ipv6Addresses", "type": "array" }, "KernelId": { "markdownDescription": "The ID of the kernel.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", "title": "KernelId", "type": "string" }, "KeyName": { "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", "title": "KeyName", "type": "string" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::EC2::Instance.LaunchTemplateSpecification", "markdownDescription": "The launch template. Any additional parameters that you specify for the new instance overwrite the corresponding parameters included in the launch template.", "title": "LaunchTemplate" }, "LicenseSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.LicenseSpecification" }, "markdownDescription": "The license configurations.", "title": "LicenseSpecifications", "type": "array" }, "Monitoring": { "markdownDescription": "Specifies whether detailed monitoring is enabled for the instance. Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *Amazon EC2 User Guide* .", "title": "Monitoring", "type": "boolean" }, "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.NetworkInterface" }, "markdownDescription": "The network interfaces to associate with the instance.\n\n> If you use this property to point to a network interface, you must terminate the original interface before attaching a new one to allow the update of the instance to succeed.\n> \n> If this resource has a public IP address and is also in a VPC that is defined in the same template, you must use the [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) to declare a dependency on the VPC-gateway attachment.", "title": "NetworkInterfaces", "type": "array" }, "PlacementGroupName": { "markdownDescription": "The name of an existing placement group that you want to launch the instance into (cluster | partition | spread).", "title": "PlacementGroupName", "type": "string" }, "PrivateDnsNameOptions": { "$ref": "#/definitions/AWS::EC2::Instance.PrivateDnsNameOptions", "markdownDescription": "The options for the instance hostname.", "title": "PrivateDnsNameOptions" }, "PrivateIpAddress": { "markdownDescription": "The primary IPv4 address. You must specify a value from the IPv4 address range of the subnet.\n\nOnly one private IP address can be designated as primary. You can't specify this option if you've specified the option to designate a private IP address as the primary IP address in a network interface specification. You cannot specify this option if you're launching more than one instance in the request.\n\nYou cannot specify this option and the network interfaces option in the same request.\n\nIf you make an update to an instance that requires replacement, you must assign a new private IP address. During a replacement, AWS CloudFormation creates a new instance but doesn't delete the old instance until the stack has successfully updated. If the stack update fails, AWS CloudFormation uses the old instance to roll back the stack to the previous working state. The old and new instances cannot have the same private IP address.", "title": "PrivateIpAddress", "type": "string" }, "PropagateTagsToVolumeOnCreation": { "markdownDescription": "Indicates whether to assign the tags from the instance to all of the volumes attached to the instance at launch. If you specify `true` and you assign tags to the instance, those tags are automatically assigned to all of the volumes that you attach to the instance at launch. If you specify `false` , those tags are not assigned to the attached volumes.", "title": "PropagateTagsToVolumeOnCreation", "type": "boolean" }, "RamdiskId": { "markdownDescription": "The ID of the RAM disk to select. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, go to the AWS Resource Center and search for the kernel ID.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [PV-GRUB](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", "title": "RamdiskId", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface.", "title": "SecurityGroupIds", "type": "array" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "[Default VPC] The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nYou cannot specify this option and the network interfaces option in the same request. The list can contain both the name of existing Amazon EC2 security groups or references to AWS::EC2::SecurityGroup resources created in the template.\n\nDefault: Amazon EC2 uses the default security group.", "title": "SecurityGroups", "type": "array" }, "SourceDestCheck": { "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", "title": "SourceDestCheck", "type": "boolean" }, "SsmAssociations": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.SsmAssociation" }, "markdownDescription": "The SSM [document](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-document.html) and parameter values in AWS Systems Manager to associate with this instance. To use this property, you must specify an IAM instance profile role for the instance. For more information, see [Create an IAM instance profile for Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-configuring-access-role.html) in the *AWS Systems Manager User Guide* .\n\n> You can associate only one document with an instance.", "title": "SsmAssociations", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet to launch the instance into.\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the instance. These tags are not applied to the EBS volumes, such as the root volume, unless [PropagateTagsToVolumeOnCreation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-propagatetagstovolumeoncreation) is `true` .", "title": "Tags", "type": "array" }, "Tenancy": { "markdownDescription": "The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware.", "title": "Tenancy", "type": "string" }, "UserData": { "markdownDescription": "The parameters or scripts to store as user data. Any scripts in user data are run when you launch the instance. User data is limited to 16 KB. You must provide base64-encoded text. For more information, see [Fn::Base64](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-base64.html) .\n\nIf the root volume is an EBS volume and you update user data, CloudFormation restarts the instance. If the root volume is an instance store volume and you update user data, the instance is replaced.", "title": "UserData", "type": "string" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.Volume" }, "markdownDescription": "The volumes to attach to the instance.", "title": "Volumes", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::Instance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::Instance.AssociationParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of an input parameter that is in the associated SSM document.", "title": "Key", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "The value of an input parameter.", "title": "Value", "type": "array" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EC2::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).\n\n> After the instance is running, this parameter is used to specify the device name of the block device mapping to update.", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::EC2::Instance.Ebs", "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.\n\n> After the instance is running, you can modify only the `DeleteOnTermination` parameter for the attached volumes without interrupting the instance. Modifying any other parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) .", "title": "Ebs" }, "NoDevice": { "markdownDescription": "To omit the device from the block device mapping, specify an empty string.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "NoDevice", "type": "object" }, "VirtualName": { "markdownDescription": "The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\n*Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "VirtualName", "type": "string" } }, "required": [ "DeviceName" ], "type": "object" }, "AWS::EC2::Instance.CpuOptions": { "additionalProperties": false, "properties": { "CoreCount": { "markdownDescription": "The number of CPU cores for the instance.", "title": "CoreCount", "type": "number" }, "ThreadsPerCore": { "markdownDescription": "The number of threads per CPU core.", "title": "ThreadsPerCore", "type": "number" } }, "type": "object" }, "AWS::EC2::Instance.CreditSpecification": { "additionalProperties": false, "properties": { "CPUCredits": { "markdownDescription": "The credit option for CPU usage of the instance.\n\nValid values: `standard` | `unlimited`\n\nT3 instances with `host` tenancy do not support the `unlimited` CPU credit option.", "title": "CPUCredits", "type": "string" } }, "type": "object" }, "AWS::EC2::Instance.Ebs": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) in the *Amazon Elastic Compute Cloud User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000-16,000 IOPS\n- `io1` : 100-64,000 IOPS\n- `io2` : 100-64,000 IOPS\n\nFor `io1` and `io2` volumes, we guarantee 64,000 IOPS only for [Instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . Other instance families guarantee performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` . If the encrypted state is `true` but you do not specify `KmsKeyId` , your KMS key for EBS is used.\n\nYou can specify the KMS key using any of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. For example, alias/ExampleAlias.\n- Key ARN. For example, arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "KmsKeyId", "type": "string" }, "SnapshotId": { "markdownDescription": "The ID of the snapshot.\n\nIf you specify both `SnapshotId` and `VolumeSize` , `VolumeSize` must be equal or greater than the size of the snapshot.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "SnapshotId", "type": "string" }, "VolumeSize": { "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` :1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide* . If the volume type is `io1` or `io2` , you must specify the IOPS that the volume supports.\n\n> After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::EC2::Instance.ElasticGpuSpecification": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of Elastic Graphics accelerator.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::Instance.ElasticInferenceAccelerator": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The number of elastic inference accelerators to attach to the instance.", "title": "Count", "type": "number" }, "Type": { "markdownDescription": "The type of elastic inference accelerator. The possible values are `eia1.medium` , `eia1.large` , `eia1.xlarge` , `eia2.medium` , `eia2.large` , and `eia2.xlarge` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::Instance.EnclaveOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::Instance.HibernationOptions": { "additionalProperties": false, "properties": { "Configured": { "markdownDescription": "Set to `true` to enable your instance for hibernation.\n\nFor Spot Instances, if you set `Configured` to `true` , either omit the `InstanceInterruptionBehavior` parameter (for [`SpotMarketOptions`](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html) ), or set it to `hibernate` . When `Configured` is true:\n\n- If you omit `InstanceInterruptionBehavior` , it defaults to `hibernate` .\n- If you set `InstanceInterruptionBehavior` to a value other than `hibernate` , you'll get an error.\n\nDefault: `false`", "title": "Configured", "type": "boolean" } }, "type": "object" }, "AWS::EC2::Instance.InstanceIpv6Address": { "additionalProperties": false, "properties": { "Ipv6Address": { "markdownDescription": "The IPv6 address.", "title": "Ipv6Address", "type": "string" } }, "required": [ "Ipv6Address" ], "type": "object" }, "AWS::EC2::Instance.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template ID or the launch template name, but not both.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The version number of the launch template. You must specify this property.\n\nTo specify the default version of the template, use the `Fn::GetAtt` intrinsic function to retrieve the `DefaultVersionNumber` attribute of the launch template. To specify the latest version of the template, use `Fn::GetAtt` to retrieve the `LatestVersionNumber` attribute. For more information, see [AWS::EC2:LaunchTemplate return values for Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", "title": "Version", "type": "string" } }, "required": [ "Version" ], "type": "object" }, "AWS::EC2::Instance.LicenseSpecification": { "additionalProperties": false, "properties": { "LicenseConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", "title": "LicenseConfigurationArn", "type": "string" } }, "required": [ "LicenseConfigurationArn" ], "type": "object" }, "AWS::EC2::Instance.NetworkInterface": { "additionalProperties": false, "properties": { "AssociateCarrierIpAddress": { "markdownDescription": "Indicates whether to assign a carrier IP address to the network interface.\n\nYou can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see [Carrier IP address](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", "title": "AssociateCarrierIpAddress", "type": "boolean" }, "AssociatePublicIpAddress": { "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance. Applies only if creating a network interface when launching an instance. The network interface must be the primary network interface. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", "title": "AssociatePublicIpAddress", "type": "boolean" }, "DeleteOnTermination": { "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated. Applies only if creating a network interface when launching an instance.", "title": "DeleteOnTermination", "type": "boolean" }, "Description": { "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", "title": "Description", "type": "string" }, "DeviceIndex": { "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you create a network interface when launching an instance, you must specify the device index.", "title": "DeviceIndex", "type": "string" }, "GroupSet": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", "title": "GroupSet", "type": "array" }, "Ipv6AddressCount": { "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", "title": "Ipv6AddressCount", "type": "number" }, "Ipv6Addresses": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.InstanceIpv6Address" }, "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", "title": "Ipv6Addresses", "type": "array" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface, when attaching an existing network interface.", "title": "NetworkInterfaceId", "type": "string" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance.", "title": "PrivateIpAddress", "type": "string" }, "PrivateIpAddresses": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.PrivateIpAddressSpecification" }, "markdownDescription": "One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary.", "title": "PrivateIpAddresses", "type": "array" }, "SecondaryPrivateIpAddressCount": { "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option.", "title": "SecondaryPrivateIpAddressCount", "type": "number" }, "SubnetId": { "markdownDescription": "The ID of the subnet associated with the network interface.", "title": "SubnetId", "type": "string" } }, "required": [ "DeviceIndex" ], "type": "object" }, "AWS::EC2::Instance.PrivateDnsNameOptions": { "additionalProperties": false, "properties": { "EnableResourceNameDnsAAAARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "EnableResourceNameDnsAAAARecord", "type": "boolean" }, "EnableResourceNameDnsARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "EnableResourceNameDnsARecord", "type": "boolean" }, "HostnameType": { "markdownDescription": "The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "HostnameType", "type": "string" } }, "type": "object" }, "AWS::EC2::Instance.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { "Primary": { "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", "title": "Primary", "type": "boolean" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address.", "title": "PrivateIpAddress", "type": "string" } }, "required": [ "Primary", "PrivateIpAddress" ], "type": "object" }, "AWS::EC2::Instance.SsmAssociation": { "additionalProperties": false, "properties": { "AssociationParameters": { "items": { "$ref": "#/definitions/AWS::EC2::Instance.AssociationParameter" }, "markdownDescription": "The input parameter values to use with the associated SSM document.", "title": "AssociationParameters", "type": "array" }, "DocumentName": { "markdownDescription": "The name of an SSM document to associate with the instance.", "title": "DocumentName", "type": "string" } }, "required": [ "DocumentName" ], "type": "object" }, "AWS::EC2::Instance.Volume": { "additionalProperties": false, "properties": { "Device": { "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", "title": "Device", "type": "string" }, "VolumeId": { "markdownDescription": "The ID of the EBS volume. The volume and instance must be within the same Availability Zone.", "title": "VolumeId", "type": "string" } }, "required": [ "Device", "VolumeId" ], "type": "object" }, "AWS::EC2::InstanceConnectEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientToken": { "markdownDescription": "Unique, case-sensitive identifier that you provide to ensure the idempotency of the request.", "title": "ClientToken", "type": "string" }, "PreserveClientIp": { "markdownDescription": "Indicates whether the client IP address is preserved as the source. The following are the possible values.\n\n- `true` - Use the client IP address as the source.\n- `false` - Use the network interface IP address as the source.\n\nDefault: `false`", "title": "PreserveClientIp", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "One or more security groups to associate with the endpoint. If you don't specify a security group, the default security group for your VPC will be associated with the endpoint.", "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet in which to create the EC2 Instance Connect Endpoint.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the EC2 Instance Connect Endpoint during creation.", "title": "Tags", "type": "array" } }, "required": [ "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::InstanceConnectEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::InternetGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags to assign to the internet gateway.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::InternetGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::KeyPair": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "KeyFormat": { "markdownDescription": "The format of the key pair.\n\nDefault: `pem`", "title": "KeyFormat", "type": "string" }, "KeyName": { "markdownDescription": "A unique name for the key pair.\n\nConstraints: Up to 255 ASCII characters", "title": "KeyName", "type": "string" }, "KeyType": { "markdownDescription": "The type of key pair. Note that ED25519 keys are not supported for Windows instances.\n\nIf the `PublicKeyMaterial` property is specified, the `KeyType` property is ignored, and the key type is inferred from the `PublicKeyMaterial` value.\n\nDefault: `rsa`", "title": "KeyType", "type": "string" }, "PublicKeyMaterial": { "markdownDescription": "The public key material. The `PublicKeyMaterial` property is used to import a key pair. If this property is not specified, then a new key pair will be created.", "title": "PublicKeyMaterial", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the key pair.", "title": "Tags", "type": "array" } }, "required": [ "KeyName" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::KeyPair" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::LaunchTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LaunchTemplateData": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateData", "markdownDescription": "The information for the launch template.", "title": "LaunchTemplateData" }, "LaunchTemplateName": { "markdownDescription": "A name for the launch template.", "title": "LaunchTemplateName", "type": "string" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification" }, "markdownDescription": "The tags to apply to the launch template on creation. To tag the launch template, the resource type must be `launch-template` .\n\nTo specify the tags for the resources that are created when an instance is launched, you must use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", "title": "TagSpecifications", "type": "array" }, "VersionDescription": { "markdownDescription": "A description for the first version of the launch template.", "title": "VersionDescription", "type": "string" } }, "required": [ "LaunchTemplateData" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::LaunchTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::LaunchTemplate.AcceleratorCount": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.BlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device name (for example, /dev/sdh or xvdh).", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ebs", "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "To omit the device from the block device mapping, specify an empty string.", "title": "NoDevice", "type": "string" }, "VirtualName": { "markdownDescription": "The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.", "title": "VirtualName", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.CapacityReservationSpecification": { "additionalProperties": false, "properties": { "CapacityReservationPreference": { "markdownDescription": "Indicates the instance's Capacity Reservation preferences. Possible preferences include:\n\n- `open` - The instance can run in any `open` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).\n- `none` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.", "title": "CapacityReservationPreference", "type": "string" }, "CapacityReservationTarget": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationTarget", "markdownDescription": "Information about the target Capacity Reservation or Capacity Reservation group.", "title": "CapacityReservationTarget" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.CapacityReservationTarget": { "additionalProperties": false, "properties": { "CapacityReservationId": { "markdownDescription": "The ID of the Capacity Reservation in which to run the instance.", "title": "CapacityReservationId", "type": "string" }, "CapacityReservationResourceGroupArn": { "markdownDescription": "The ARN of the Capacity Reservation resource group in which to run the instance.", "title": "CapacityReservationResourceGroupArn", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { "TcpEstablishedTimeout": { "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", "title": "TcpEstablishedTimeout", "type": "number" }, "UdpStreamTimeout": { "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", "title": "UdpStreamTimeout", "type": "number" }, "UdpTimeout": { "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", "title": "UdpTimeout", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.CpuOptions": { "additionalProperties": false, "properties": { "AmdSevSnp": { "markdownDescription": "Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html) .", "title": "AmdSevSnp", "type": "string" }, "CoreCount": { "markdownDescription": "The number of CPU cores for the instance.", "title": "CoreCount", "type": "number" }, "ThreadsPerCore": { "markdownDescription": "The number of threads per CPU core. To disable multithreading for the instance, specify a value of `1` . Otherwise, specify the default value of `2` .", "title": "ThreadsPerCore", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.CreditSpecification": { "additionalProperties": false, "properties": { "CpuCredits": { "markdownDescription": "The credit option for CPU usage of a T instance.\n\nValid values: `standard` | `unlimited`", "title": "CpuCredits", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Ebs": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination.", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is supported for `io1` , `io2` , and `gp3` volumes only.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The ARN of the symmetric AWS Key Management Service ( AWS KMS ) CMK used for encryption.", "title": "KmsKeyId", "type": "string" }, "SnapshotId": { "markdownDescription": "The ID of the snapshot.", "title": "SnapshotId", "type": "string" }, "Throughput": { "markdownDescription": "The throughput to provision for a `gp3` volume, with a maximum of 1,000 MiB/s.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", "title": "Throughput", "type": "number" }, "VolumeSize": { "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.ElasticGpuSpecification": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of Elastic Graphics accelerator.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.EnaSrdSpecification": { "additionalProperties": false, "properties": { "EnaSrdEnabled": { "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", "title": "EnaSrdEnabled", "type": "boolean" }, "EnaSrdUdpSpecification": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification", "markdownDescription": "Configures ENA Express for UDP network traffic.", "title": "EnaSrdUdpSpecification" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { "EnaSrdUdpEnabled": { "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", "title": "EnaSrdUdpEnabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.EnclaveOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "If this parameter is set to `true` , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.HibernationOptions": { "additionalProperties": false, "properties": { "Configured": { "markdownDescription": "If you set this parameter to `true` , the instance is enabled for hibernation.\n\nDefault: `false`", "title": "Configured", "type": "boolean" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.IamInstanceProfile": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", "title": "Arn", "type": "string" }, "Name": { "markdownDescription": "The name of the instance profile.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.InstanceMarketOptions": { "additionalProperties": false, "properties": { "MarketType": { "markdownDescription": "The market type.", "title": "MarketType", "type": "string" }, "SpotOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.SpotOptions", "markdownDescription": "The options for Spot Instances.", "title": "SpotOptions" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.InstanceRequirements": { "additionalProperties": false, "properties": { "AcceleratorCount": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorCount", "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", "title": "AcceleratorCount" }, "AcceleratorManufacturers": { "items": { "type": "string" }, "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", "title": "AcceleratorManufacturers", "type": "array" }, "AcceleratorNames": { "items": { "type": "string" }, "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", "title": "AcceleratorNames", "type": "array" }, "AcceleratorTotalMemoryMiB": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.AcceleratorTotalMemoryMiB", "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", "title": "AcceleratorTotalMemoryMiB" }, "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "The accelerator types that must be on the instance type.\n\n- For instance types with GPU accelerators, specify `gpu` .\n- For instance types with FPGA accelerators, specify `fpga` .\n- For instance types with inference accelerators, specify `inference` .\n\nDefault: Any accelerator type", "title": "AcceleratorTypes", "type": "array" }, "AllowedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", "title": "AllowedInstanceTypes", "type": "array" }, "BareMetal": { "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BareMetal", "type": "string" }, "BaselineEbsBandwidthMbps": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BaselineEbsBandwidthMbps", "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BurstablePerformance", "type": "string" }, "CpuManufacturers": { "items": { "type": "string" }, "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", "title": "CpuManufacturers", "type": "array" }, "ExcludedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", "title": "ExcludedInstanceTypes", "type": "array" }, "InstanceGenerations": { "items": { "type": "string" }, "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", "title": "InstanceGenerations", "type": "array" }, "LocalStorage": { "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", "title": "LocalStorage", "type": "string" }, "LocalStorageTypes": { "items": { "type": "string" }, "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", "title": "LocalStorageTypes", "type": "array" }, "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", "type": "number" }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu", "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", "title": "MemoryGiBPerVCpu" }, "MemoryMiB": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MemoryMiB", "markdownDescription": "The minimum and maximum amount of memory, in MiB.", "title": "MemoryMiB" }, "NetworkBandwidthGbps": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkBandwidthGbps", "markdownDescription": "The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps).\n\nDefault: No minimum or maximum limits", "title": "NetworkBandwidthGbps" }, "NetworkInterfaceCount": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterfaceCount", "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", "title": "NetworkInterfaceCount" }, "OnDemandMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo turn off price protection, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", "title": "OnDemandMaxPricePercentageOverLowestPrice", "type": "number" }, "RequireHibernateSupport": { "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", "title": "RequireHibernateSupport", "type": "boolean" }, "SpotMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", "title": "SpotMaxPricePercentageOverLowestPrice", "type": "number" }, "TotalLocalStorageGB": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TotalLocalStorageGB", "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", "title": "TotalLocalStorageGB" }, "VCpuCount": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.VCpuCount", "markdownDescription": "The minimum and maximum number of vCPUs.", "title": "VCpuCount" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { "Ipv4Prefix": { "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", "title": "Ipv4Prefix", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Ipv6Add": { "additionalProperties": false, "properties": { "Ipv6Address": { "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", "title": "Ipv6Address", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification": { "additionalProperties": false, "properties": { "Ipv6Prefix": { "markdownDescription": "The IPv6 prefix.", "title": "Ipv6Prefix", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.LaunchTemplateData": { "additionalProperties": false, "properties": { "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.BlockDeviceMapping" }, "markdownDescription": "The block device mapping.", "title": "BlockDeviceMappings", "type": "array" }, "CapacityReservationSpecification": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CapacityReservationSpecification", "markdownDescription": "The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to `open` , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).", "title": "CapacityReservationSpecification" }, "CpuOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CpuOptions", "markdownDescription": "The CPU options for the instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide* .", "title": "CpuOptions" }, "CreditSpecification": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.CreditSpecification", "markdownDescription": "The credit option for CPU usage of the instance. Valid only for T instances.", "title": "CreditSpecification" }, "DisableApiStop": { "markdownDescription": "Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide* .", "title": "DisableApiStop", "type": "boolean" }, "DisableApiTermination": { "markdownDescription": "If you set this parameter to `true` , you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use [ModifyInstanceAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html) . Alternatively, if you set `InstanceInitiatedShutdownBehavior` to `terminate` , you can terminate the instance by running the shutdown command from the instance.", "title": "DisableApiTermination", "type": "boolean" }, "EbsOptimized": { "markdownDescription": "Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.", "title": "EbsOptimized", "type": "boolean" }, "ElasticGpuSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ElasticGpuSpecification" }, "markdownDescription": "Deprecated.\n\n> Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads that require graphics acceleration, we recommend that you use Amazon EC2 G4ad, G4dn, or G5 instances.", "title": "ElasticGpuSpecifications", "type": "array" }, "ElasticInferenceAccelerators": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator" }, "markdownDescription": "An elastic inference accelerator to associate with the instance. Elastic inference accelerators are a resource you can attach to your Amazon EC2 instances to accelerate your Deep Learning (DL) inference workloads.\n\nYou cannot specify accelerators from different generations in the same request.\n\n> Starting April 15, 2023, AWS will not onboard new customers to Amazon Elastic Inference (EI), and will help current customers migrate their workloads to options that offer better price and performance. After April 15, 2023, new customers will not be able to launch instances with Amazon EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, customers who have used Amazon EI at least once during the past 30-day period are considered current customers and will be able to continue using the service.", "title": "ElasticInferenceAccelerators", "type": "array" }, "EnclaveOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnclaveOptions", "markdownDescription": "Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is AWS Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *AWS Nitro Enclaves User Guide* .\n\nYou can't enable AWS Nitro Enclaves and hibernation on the same instance.", "title": "EnclaveOptions" }, "HibernationOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.HibernationOptions", "markdownDescription": "Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html) . For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide* .", "title": "HibernationOptions" }, "IamInstanceProfile": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.IamInstanceProfile", "markdownDescription": "The name or Amazon Resource Name (ARN) of an IAM instance profile.", "title": "IamInstanceProfile" }, "ImageId": { "markdownDescription": "The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch.\n\nValid formats:\n\n- `ami-17characters00000`\n- `resolve:ssm:parameter-name`\n- `resolve:ssm:parameter-name:version-number`\n- `resolve:ssm:parameter-name:label`\n\nFor more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "ImageId", "type": "string" }, "InstanceInitiatedShutdownBehavior": { "markdownDescription": "Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).\n\nDefault: `stop`", "title": "InstanceInitiatedShutdownBehavior", "type": "string" }, "InstanceMarketOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceMarketOptions", "markdownDescription": "The market (purchasing) option for the instances.", "title": "InstanceMarketOptions" }, "InstanceRequirements": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.InstanceRequirements", "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes.\n\nYou must specify `VCpuCount` and `MemoryMiB` . All other attributes are optional. Any unspecified optional attribute is set to its default.\n\nWhen you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values.\n\nTo limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request:\n\n- `AllowedInstanceTypes` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes.\n- `ExcludedInstanceTypes` - The instance types to exclude from the list, even if they match your specified attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .\n> \n> Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) , or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) AWS CloudFormation resource, you can't specify `InstanceRequirements` . \n\nFor more information, see [Attribute-based instance type selection for EC2 Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) , [Attribute-based instance type selection for Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html) , and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide* .", "title": "InstanceRequirements" }, "InstanceType": { "markdownDescription": "The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nIf you specify `InstanceType` , you can't specify `InstanceRequirements` .", "title": "InstanceType", "type": "string" }, "KernelId": { "markdownDescription": "The ID of the kernel.\n\nWe recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", "title": "KernelId", "type": "string" }, "KeyName": { "markdownDescription": "The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html) .\n\n> If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.", "title": "KeyName", "type": "string" }, "LicenseSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.LicenseSpecification" }, "markdownDescription": "The license configurations.", "title": "LicenseSpecifications", "type": "array" }, "MaintenanceOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MaintenanceOptions", "markdownDescription": "The maintenance options of your instance.", "title": "MaintenanceOptions" }, "MetadataOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.MetadataOptions", "markdownDescription": "The metadata options for the instance. For more information, see [Instance metadata and user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the *Amazon EC2 User Guide* .", "title": "MetadataOptions" }, "Monitoring": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Monitoring", "markdownDescription": "The monitoring for the instance.", "title": "Monitoring" }, "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.NetworkInterface" }, "markdownDescription": "The network interfaces for the instance.", "title": "NetworkInterfaces", "type": "array" }, "Placement": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Placement", "markdownDescription": "The placement for the instance.", "title": "Placement" }, "PrivateDnsNameOptions": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateDnsNameOptions", "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "PrivateDnsNameOptions" }, "RamDiskId": { "markdownDescription": "The ID of the RAM disk.\n\n> We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide* .", "title": "RamDiskId", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead.", "title": "SecurityGroupIds", "type": "array" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The names of the security groups. For a nondefault VPC, you must use security group IDs instead.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", "title": "SecurityGroups", "type": "array" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.TagSpecification" }, "markdownDescription": "The tags to apply to the resources that are created during instance launch.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .\n\nTo tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications) .", "title": "TagSpecifications", "type": "array" }, "UserData": { "markdownDescription": "The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands on your Amazon EC2 instance at launch](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide* .\n\nIf you are creating the launch template for use with AWS Batch , the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive) . For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) in the *AWS Batch User Guide* .", "title": "UserData", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.LaunchTemplateElasticInferenceAccelerator": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The number of elastic inference accelerators to attach to the instance.\n\nDefault: 1", "title": "Count", "type": "number" }, "Type": { "markdownDescription": "The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.LaunchTemplateTagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource. To tag a launch template, `ResourceType` must be `launch-template` .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.LicenseSpecification": { "additionalProperties": false, "properties": { "LicenseConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the license configuration.", "title": "LicenseConfigurationArn", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.MaintenanceOptions": { "additionalProperties": false, "properties": { "AutoRecovery": { "markdownDescription": "Disables the automatic recovery behavior of your instance or sets it to default.", "title": "AutoRecovery", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.MemoryGiBPerVCpu": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.MemoryMiB": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.MetadataOptions": { "additionalProperties": false, "properties": { "HttpEndpoint": { "markdownDescription": "Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is `enabled` .\n\n> If you specify a value of `disabled` , you will not be able to access your instance metadata.", "title": "HttpEndpoint", "type": "string" }, "HttpProtocolIpv6": { "markdownDescription": "Enables or disables the IPv6 endpoint for the instance metadata service.\n\nDefault: `disabled`", "title": "HttpProtocolIpv6", "type": "string" }, "HttpPutResponseHopLimit": { "markdownDescription": "The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.\n\nDefault: `1`\n\nPossible values: Integers from 1 to 64", "title": "HttpPutResponseHopLimit", "type": "number" }, "HttpTokens": { "markdownDescription": "Indicates whether IMDSv2 is required.\n\n- `optional` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials.\n- `required` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available.\n\nDefault: If the value of `ImdsSupport` for the Amazon Machine Image (AMI) for your instance is `v2.0` , the default is `required` .", "title": "HttpTokens", "type": "string" }, "InstanceMetadataTags": { "markdownDescription": "Set to `enabled` to allow access to instance tags from the instance metadata. Set to `disabled` to turn off access to instance tags from the instance metadata. For more information, see [Work with instance tags using the instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS) .\n\nDefault: `disabled`", "title": "InstanceMetadataTags", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Monitoring": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specify `true` to enable detailed monitoring. Otherwise, basic monitoring is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.NetworkBandwidthGbps": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.NetworkInterface": { "additionalProperties": false, "properties": { "AssociateCarrierIpAddress": { "markdownDescription": "Associates a Carrier IP address with eth0 for a new network interface.\n\nUse this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *AWS Wavelength Developer Guide* .", "title": "AssociateCarrierIpAddress", "type": "boolean" }, "AssociatePublicIpAddress": { "markdownDescription": "Associates a public IPv4 address with eth0 for a new network interface.\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", "title": "AssociatePublicIpAddress", "type": "boolean" }, "ConnectionTrackingSpecification": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.ConnectionTrackingSpecification", "markdownDescription": "A connection tracking specification for the network interface.", "title": "ConnectionTrackingSpecification" }, "DeleteOnTermination": { "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", "title": "DeleteOnTermination", "type": "boolean" }, "Description": { "markdownDescription": "A description for the network interface.", "title": "Description", "type": "string" }, "DeviceIndex": { "markdownDescription": "The device index for the network interface attachment. Each network interface requires a device index. If you create a launch template that includes secondary network interfaces but not a primary network interface, then you must add a primary network interface as a launch parameter when you launch an instance from the template.", "title": "DeviceIndex", "type": "number" }, "EnaSrdSpecification": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.EnaSrdSpecification", "markdownDescription": "The ENA Express configuration for the network interface.", "title": "EnaSrdSpecification" }, "Groups": { "items": { "type": "string" }, "markdownDescription": "The IDs of one or more security groups.", "title": "Groups", "type": "array" }, "InterfaceType": { "markdownDescription": "The type of network interface. To create an Elastic Fabric Adapter (EFA), specify `efa` . For more information, see [Elastic Fabric Adapter](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide* .\n\nIf you are not creating an EFA, specify `interface` or omit this parameter.\n\nValid values: `interface` | `efa`", "title": "InterfaceType", "type": "string" }, "Ipv4PrefixCount": { "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv4Prefix` option.", "title": "Ipv4PrefixCount", "type": "number" }, "Ipv4Prefixes": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv4PrefixSpecification" }, "markdownDescription": "One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv4PrefixCount` option.", "title": "Ipv4Prefixes", "type": "array" }, "Ipv6AddressCount": { "markdownDescription": "The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.", "title": "Ipv6AddressCount", "type": "number" }, "Ipv6Addresses": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6Add" }, "markdownDescription": "One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.", "title": "Ipv6Addresses", "type": "array" }, "Ipv6PrefixCount": { "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the `Ipv6Prefix` option.", "title": "Ipv6PrefixCount", "type": "number" }, "Ipv6Prefixes": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.Ipv6PrefixSpecification" }, "markdownDescription": "One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the `Ipv6PrefixCount` option.", "title": "Ipv6Prefixes", "type": "array" }, "NetworkCardIndex": { "markdownDescription": "The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.", "title": "NetworkCardIndex", "type": "number" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface.", "title": "NetworkInterfaceId", "type": "string" }, "PrimaryIpv6": { "markdownDescription": "The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) .", "title": "PrimaryIpv6", "type": "boolean" }, "PrivateIpAddress": { "markdownDescription": "The primary private IPv4 address of the network interface.", "title": "PrivateIpAddress", "type": "string" }, "PrivateIpAddresses": { "items": { "$ref": "#/definitions/AWS::EC2::LaunchTemplate.PrivateIpAdd" }, "markdownDescription": "One or more private IPv4 addresses.", "title": "PrivateIpAddresses", "type": "array" }, "SecondaryPrivateIpAddressCount": { "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface.", "title": "SecondaryPrivateIpAddressCount", "type": "number" }, "SubnetId": { "markdownDescription": "The ID of the subnet for the network interface.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.NetworkInterfaceCount": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.Placement": { "additionalProperties": false, "properties": { "Affinity": { "markdownDescription": "The affinity setting for an instance on a Dedicated Host.", "title": "Affinity", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone for the instance.", "title": "AvailabilityZone", "type": "string" }, "GroupId": { "markdownDescription": "The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group.", "title": "GroupId", "type": "string" }, "GroupName": { "markdownDescription": "The name of the placement group for the instance.", "title": "GroupName", "type": "string" }, "HostId": { "markdownDescription": "The ID of the Dedicated Host for the instance.", "title": "HostId", "type": "string" }, "HostResourceGroupArn": { "markdownDescription": "The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to `host` .", "title": "HostResourceGroupArn", "type": "string" }, "PartitionNumber": { "markdownDescription": "The number of the partition the instance should launch in. Valid only if the placement group strategy is set to `partition` .", "title": "PartitionNumber", "type": "number" }, "SpreadDomain": { "markdownDescription": "Reserved for future use.", "title": "SpreadDomain", "type": "string" }, "Tenancy": { "markdownDescription": "The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware.", "title": "Tenancy", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.PrivateDnsNameOptions": { "additionalProperties": false, "properties": { "EnableResourceNameDnsAAAARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.", "title": "EnableResourceNameDnsAAAARecord", "type": "boolean" }, "EnableResourceNameDnsARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", "title": "EnableResourceNameDnsARecord", "type": "boolean" }, "HostnameType": { "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "HostnameType", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.PrivateIpAdd": { "additionalProperties": false, "properties": { "Primary": { "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", "title": "Primary", "type": "boolean" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address.", "title": "PrivateIpAddress", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.SpotOptions": { "additionalProperties": false, "properties": { "BlockDurationMinutes": { "markdownDescription": "Deprecated.", "title": "BlockDurationMinutes", "type": "number" }, "InstanceInterruptionBehavior": { "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", "title": "InstanceInterruptionBehavior", "type": "string" }, "MaxPrice": { "markdownDescription": "The maximum hourly price you're willing to pay for the Spot Instances. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter.", "title": "MaxPrice", "type": "string" }, "SpotInstanceType": { "markdownDescription": "The Spot Instance request type.\n\nIf you are using Spot Instances with an Auto Scaling group, use `one-time` requests, as the Amazon EC2 Auto Scaling service handles requesting new Spot Instances whenever the group is below its desired capacity.", "title": "SpotInstanceType", "type": "string" }, "ValidUntil": { "markdownDescription": "The end date of the request, in UTC format ( *YYYY-MM-DD* T *HH:MM:SS* Z). Supported only for persistent requests.\n\n- For a persistent request, the request remains active until the `ValidUntil` date and time is reached. Otherwise, the request remains active until you cancel it.\n- For a one-time request, `ValidUntil` is not supported. The request remains active until all instances launch or you cancel the request.\n\nDefault: 7 days from the current date", "title": "ValidUntil", "type": "string" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.TagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource to tag. You can specify tags for the following resource types only: `instance` | `volume` | `network-interface` | `spot-instances-request` . If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume.\n\nTo tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.TotalLocalStorageGB": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LaunchTemplate.VCpuCount": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::LocalGatewayRoute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationCidrBlock": { "markdownDescription": "The CIDR block used for destination matches.", "title": "DestinationCidrBlock", "type": "string" }, "LocalGatewayRouteTableId": { "markdownDescription": "The ID of the local gateway route table.", "title": "LocalGatewayRouteTableId", "type": "string" }, "LocalGatewayVirtualInterfaceGroupId": { "markdownDescription": "The ID of the virtual interface group.", "title": "LocalGatewayVirtualInterfaceGroupId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface.", "title": "NetworkInterfaceId", "type": "string" } }, "required": [ "DestinationCidrBlock", "LocalGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::LocalGatewayRoute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::LocalGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LocalGatewayId": { "markdownDescription": "The ID of the local gateway.", "title": "LocalGatewayId", "type": "string" }, "Mode": { "markdownDescription": "The mode of the local gateway route table.", "title": "Mode", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the local gateway route table.", "title": "Tags", "type": "array" } }, "required": [ "LocalGatewayId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::LocalGatewayRouteTable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::LocalGatewayRouteTableVPCAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LocalGatewayRouteTableId": { "markdownDescription": "The ID of the local gateway route table.", "title": "LocalGatewayRouteTableId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the association.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "LocalGatewayRouteTableId", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::LocalGatewayRouteTableVPCAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LocalGatewayRouteTableId": { "markdownDescription": "The ID of the local gateway route table.", "title": "LocalGatewayRouteTableId", "type": "string" }, "LocalGatewayVirtualInterfaceGroupId": { "markdownDescription": "The ID of the virtual interface group.", "title": "LocalGatewayVirtualInterfaceGroupId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the association.", "title": "Tags", "type": "array" } }, "required": [ "LocalGatewayRouteTableId", "LocalGatewayVirtualInterfaceGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NatGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocationId": { "markdownDescription": "[Public NAT gateway only] The allocation ID of the Elastic IP address that's associated with the NAT gateway. This property is required for a public NAT gateway and cannot be specified with a private NAT gateway.", "title": "AllocationId", "type": "string" }, "ConnectivityType": { "markdownDescription": "Indicates whether the NAT gateway supports public or private connectivity. The default is public connectivity.", "title": "ConnectivityType", "type": "string" }, "MaxDrainDurationSeconds": { "markdownDescription": "The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.", "title": "MaxDrainDurationSeconds", "type": "number" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address to assign to the NAT gateway. If you don't provide an address, a private IPv4 address will be automatically assigned.", "title": "PrivateIpAddress", "type": "string" }, "SecondaryAllocationIds": { "items": { "type": "string" }, "markdownDescription": "Secondary EIP allocation IDs. For more information, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon VPC User Guide* .", "title": "SecondaryAllocationIds", "type": "array" }, "SecondaryPrivateIpAddressCount": { "markdownDescription": "[Private NAT gateway only] The number of secondary private IPv4 addresses you want to assign to the NAT gateway. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", "title": "SecondaryPrivateIpAddressCount", "type": "number" }, "SecondaryPrivateIpAddresses": { "items": { "type": "string" }, "markdownDescription": "Secondary private IPv4 addresses. For more information about secondary addresses, see [Create a NAT gateway](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) in the *Amazon Virtual Private Cloud User Guide* .\n\n`SecondaryPrivateIpAddressCount` and `SecondaryPrivateIpAddresses` cannot be set at the same time.", "title": "SecondaryPrivateIpAddresses", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet in which the NAT gateway is located.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the NAT gateway.", "title": "Tags", "type": "array" } }, "required": [ "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NatGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkAcl": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the network ACL.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC for the network ACL.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkAcl" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkAclEntry": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CidrBlock": { "markdownDescription": "The IPv4 CIDR range to allow or deny, in CIDR notation (for example, 172.16.0.0/24). You must specify an IPv4 CIDR block or an IPv6 CIDR block.", "title": "CidrBlock", "type": "string" }, "Egress": { "markdownDescription": "Whether this rule applies to egress traffic from the subnet ( `true` ) or ingress traffic to the subnet ( `false` ). By default, AWS CloudFormation specifies `false` .", "title": "Egress", "type": "boolean" }, "Icmp": { "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.Icmp", "markdownDescription": "The Internet Control Message Protocol (ICMP) code and type. Required if specifying 1 (ICMP) for the protocol parameter.", "title": "Icmp" }, "Ipv6CidrBlock": { "markdownDescription": "The IPv6 network range to allow or deny, in CIDR notation. You must specify an IPv4 CIDR block or an IPv6 CIDR block.", "title": "Ipv6CidrBlock", "type": "string" }, "NetworkAclId": { "markdownDescription": "The ID of the ACL for the entry.", "title": "NetworkAclId", "type": "string" }, "PortRange": { "$ref": "#/definitions/AWS::EC2::NetworkAclEntry.PortRange", "markdownDescription": "The range of port numbers for the UDP/TCP protocol. Required if specifying 6 (TCP) or 17 (UDP) for the protocol parameter.", "title": "PortRange" }, "Protocol": { "markdownDescription": "The IP protocol that the rule applies to. You must specify -1 or a protocol number. You can specify -1 for all protocols.\n\n> If you specify -1, all ports are opened and the `PortRange` property is ignored.", "title": "Protocol", "type": "number" }, "RuleAction": { "markdownDescription": "Whether to allow or deny traffic that matches the rule; valid values are \"allow\" or \"deny\".", "title": "RuleAction", "type": "string" }, "RuleNumber": { "markdownDescription": "Rule number to assign to the entry, such as 100. ACL entries are processed in ascending order by rule number. Entries can't use the same rule number unless one is an egress rule and the other is an ingress rule.", "title": "RuleNumber", "type": "number" } }, "required": [ "NetworkAclId", "Protocol", "RuleAction", "RuleNumber" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkAclEntry" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkAclEntry.Icmp": { "additionalProperties": false, "properties": { "Code": { "markdownDescription": "The Internet Control Message Protocol (ICMP) code. You can use -1 to specify all ICMP codes for the given ICMP type. Required if you specify 1 (ICMP) for the protocol parameter.", "title": "Code", "type": "number" }, "Type": { "markdownDescription": "The Internet Control Message Protocol (ICMP) type. You can use -1 to specify all ICMP types. Conditional requirement: Required if you specify 1 (ICMP) for the `CreateNetworkAclEntry` protocol parameter.", "title": "Type", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkAclEntry.PortRange": { "additionalProperties": false, "properties": { "From": { "markdownDescription": "The first port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", "title": "From", "type": "number" }, "To": { "markdownDescription": "The last port in the range. Required if you specify 6 (TCP) or 17 (UDP) for the protocol parameter.", "title": "To", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExcludePaths": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" }, "markdownDescription": "The paths to exclude.", "title": "ExcludePaths", "type": "array" }, "MatchPaths": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest" }, "markdownDescription": "The paths to match.", "title": "MatchPaths", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInsightsAccessScope" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope.AccessScopePathRequest": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", "markdownDescription": "The destination.", "title": "Destination" }, "Source": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest", "markdownDescription": "The source.", "title": "Source" }, "ThroughResources": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest" }, "markdownDescription": "The through resources.", "title": "ThroughResources", "type": "array" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest": { "additionalProperties": false, "properties": { "DestinationAddresses": { "items": { "type": "string" }, "markdownDescription": "The destination addresses.", "title": "DestinationAddresses", "type": "array" }, "DestinationPorts": { "items": { "type": "string" }, "markdownDescription": "The destination ports.", "title": "DestinationPorts", "type": "array" }, "DestinationPrefixLists": { "items": { "type": "string" }, "markdownDescription": "The destination prefix lists.", "title": "DestinationPrefixLists", "type": "array" }, "Protocols": { "items": { "type": "string" }, "markdownDescription": "The protocols.", "title": "Protocols", "type": "array" }, "SourceAddresses": { "items": { "type": "string" }, "markdownDescription": "The source addresses.", "title": "SourceAddresses", "type": "array" }, "SourcePorts": { "items": { "type": "string" }, "markdownDescription": "The source ports.", "title": "SourcePorts", "type": "array" }, "SourcePrefixLists": { "items": { "type": "string" }, "markdownDescription": "The source prefix lists.", "title": "SourcePrefixLists", "type": "array" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope.PathStatementRequest": { "additionalProperties": false, "properties": { "PacketHeaderStatement": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.PacketHeaderStatementRequest", "markdownDescription": "The packet header statement.", "title": "PacketHeaderStatement" }, "ResourceStatement": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", "markdownDescription": "The resource statement.", "title": "ResourceStatement" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest": { "additionalProperties": false, "properties": { "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "The resource types.", "title": "ResourceTypes", "type": "array" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "The resources.", "title": "Resources", "type": "array" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScope.ThroughResourcesStatementRequest": { "additionalProperties": false, "properties": { "ResourceStatement": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope.ResourceStatementRequest", "markdownDescription": "The resource statement.", "title": "ResourceStatement" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAccessScopeAnalysis": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "NetworkInsightsAccessScopeId": { "markdownDescription": "The ID of the Network Access Scope.", "title": "NetworkInsightsAccessScopeId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" } }, "required": [ "NetworkInsightsAccessScopeId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInsightsAccessScopeAnalysis" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalAccounts": { "items": { "type": "string" }, "markdownDescription": "The member accounts that contain resources that the path can traverse.", "title": "AdditionalAccounts", "type": "array" }, "FilterInArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARN) of the resources that the path must traverse.", "title": "FilterInArns", "type": "array" }, "NetworkInsightsPathId": { "markdownDescription": "The ID of the path.", "title": "NetworkInsightsPathId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply.", "title": "Tags", "type": "array" } }, "required": [ "NetworkInsightsPathId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInsightsAnalysis" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail": { "additionalProperties": false, "properties": { "AdditionalDetailType": { "markdownDescription": "The additional detail code.", "title": "AdditionalDetailType", "type": "string" }, "Component": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The path component.", "title": "Component" }, "LoadBalancers": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, "markdownDescription": "The load balancers.", "title": "LoadBalancers", "type": "array" }, "ServiceName": { "markdownDescription": "The name of the VPC endpoint service.", "title": "ServiceName", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AlternatePathHint": { "additionalProperties": false, "properties": { "ComponentArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the component.", "title": "ComponentArn", "type": "string" }, "ComponentId": { "markdownDescription": "The ID of the component.", "title": "ComponentId", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The IPv4 address range, in CIDR notation.", "title": "Cidr", "type": "string" }, "Egress": { "markdownDescription": "Indicates whether the rule is an outbound rule.", "title": "Egress", "type": "boolean" }, "PortRange": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", "markdownDescription": "The range of ports.", "title": "PortRange" }, "Protocol": { "markdownDescription": "The protocol.", "title": "Protocol", "type": "string" }, "RuleAction": { "markdownDescription": "Indicates whether to allow or deny traffic that matches the rule.", "title": "RuleAction", "type": "string" }, "RuleNumber": { "markdownDescription": "The rule number.", "title": "RuleNumber", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the component.", "title": "Arn", "type": "string" }, "Id": { "markdownDescription": "The ID of the component.", "title": "Id", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener": { "additionalProperties": false, "properties": { "InstancePort": { "markdownDescription": "[Classic Load Balancers] The back-end port for the listener.", "title": "InstancePort", "type": "number" }, "LoadBalancerPort": { "markdownDescription": "The port on which the load balancer is listening.", "title": "LoadBalancerPort", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The IP address.", "title": "Address", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone.", "title": "AvailabilityZone", "type": "string" }, "Instance": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "Information about the instance.", "title": "Instance" }, "Port": { "markdownDescription": "The port on which the target is listening.", "title": "Port", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader": { "additionalProperties": false, "properties": { "DestinationAddresses": { "items": { "type": "string" }, "markdownDescription": "The destination addresses.", "title": "DestinationAddresses", "type": "array" }, "DestinationPortRanges": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" }, "markdownDescription": "The destination port ranges.", "title": "DestinationPortRanges", "type": "array" }, "Protocol": { "markdownDescription": "The protocol.", "title": "Protocol", "type": "string" }, "SourceAddresses": { "items": { "type": "string" }, "markdownDescription": "The source addresses.", "title": "SourceAddresses", "type": "array" }, "SourcePortRanges": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" }, "markdownDescription": "The source port ranges.", "title": "SourcePortRanges", "type": "array" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute": { "additionalProperties": false, "properties": { "NatGatewayId": { "markdownDescription": "The ID of a NAT gateway.", "title": "NatGatewayId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of a network interface.", "title": "NetworkInterfaceId", "type": "string" }, "Origin": { "markdownDescription": "Describes how the route was created. The following are the possible values:\n\n- CreateRouteTable - The route was automatically created when the route table was created.\n- CreateRoute - The route was manually added to the route table.\n- EnableVgwRoutePropagation - The route was propagated by route propagation.", "title": "Origin", "type": "string" }, "State": { "markdownDescription": "The state. The following are the possible values:\n\n- active\n- blackhole", "title": "State", "type": "string" }, "TransitGatewayId": { "markdownDescription": "The ID of a transit gateway.", "title": "TransitGatewayId", "type": "string" }, "VpcPeeringConnectionId": { "markdownDescription": "The ID of a VPC peering connection.", "title": "VpcPeeringConnectionId", "type": "string" }, "destinationCidr": { "markdownDescription": "The destination IPv4 address, in CIDR notation.", "title": "destinationCidr", "type": "string" }, "destinationPrefixListId": { "markdownDescription": "The prefix of the AWS service .", "title": "destinationPrefixListId", "type": "string" }, "egressOnlyInternetGatewayId": { "markdownDescription": "The ID of an egress-only internet gateway.", "title": "egressOnlyInternetGatewayId", "type": "string" }, "gatewayId": { "markdownDescription": "The ID of the gateway, such as an internet gateway or virtual private gateway.", "title": "gatewayId", "type": "string" }, "instanceId": { "markdownDescription": "The ID of the instance, such as a NAT instance.", "title": "instanceId", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The IPv4 address range, in CIDR notation.", "title": "Cidr", "type": "string" }, "Direction": { "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", "title": "Direction", "type": "string" }, "PortRange": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange", "markdownDescription": "The port range.", "title": "PortRange" }, "PrefixListId": { "markdownDescription": "The prefix list ID.", "title": "PrefixListId", "type": "string" }, "Protocol": { "markdownDescription": "The protocol name.", "title": "Protocol", "type": "string" }, "SecurityGroupId": { "markdownDescription": "The security group ID.", "title": "SecurityGroupId", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.Explanation": { "additionalProperties": false, "properties": { "Acl": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The network ACL.", "title": "Acl" }, "AclRule": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", "markdownDescription": "The network ACL rule.", "title": "AclRule" }, "Address": { "markdownDescription": "The IPv4 address, in CIDR notation.", "title": "Address", "type": "string" }, "Addresses": { "items": { "type": "string" }, "markdownDescription": "The IPv4 addresses, in CIDR notation.", "title": "Addresses", "type": "array" }, "AttachedTo": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The resource to which the component is attached.", "title": "AttachedTo" }, "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "The Availability Zones.", "title": "AvailabilityZones", "type": "array" }, "Cidrs": { "items": { "type": "string" }, "markdownDescription": "The CIDR ranges.", "title": "Cidrs", "type": "array" }, "ClassicLoadBalancerListener": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerListener", "markdownDescription": "The listener for a Classic Load Balancer.", "title": "ClassicLoadBalancerListener" }, "Component": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The component.", "title": "Component" }, "ComponentAccount": { "markdownDescription": "The AWS account for the component.", "title": "ComponentAccount", "type": "string" }, "ComponentRegion": { "markdownDescription": "The Region for the component.", "title": "ComponentRegion", "type": "string" }, "CustomerGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The customer gateway.", "title": "CustomerGateway" }, "Destination": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The destination.", "title": "Destination" }, "DestinationVpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The destination VPC.", "title": "DestinationVpc" }, "Direction": { "markdownDescription": "The direction. The following are the possible values:\n\n- egress\n- ingress", "title": "Direction", "type": "string" }, "ElasticLoadBalancerListener": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The load balancer listener.", "title": "ElasticLoadBalancerListener" }, "ExplanationCode": { "markdownDescription": "The explanation code.", "title": "ExplanationCode", "type": "string" }, "IngressRouteTable": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The route table.", "title": "IngressRouteTable" }, "InternetGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The internet gateway.", "title": "InternetGateway" }, "LoadBalancerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", "title": "LoadBalancerArn", "type": "string" }, "LoadBalancerListenerPort": { "markdownDescription": "The listener port of the load balancer.", "title": "LoadBalancerListenerPort", "type": "number" }, "LoadBalancerTarget": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisLoadBalancerTarget", "markdownDescription": "The target.", "title": "LoadBalancerTarget" }, "LoadBalancerTargetGroup": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The target group.", "title": "LoadBalancerTargetGroup" }, "LoadBalancerTargetGroups": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, "markdownDescription": "The target groups.", "title": "LoadBalancerTargetGroups", "type": "array" }, "LoadBalancerTargetPort": { "markdownDescription": "The target port.", "title": "LoadBalancerTargetPort", "type": "number" }, "MissingComponent": { "markdownDescription": "The missing component.", "title": "MissingComponent", "type": "string" }, "NatGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The NAT gateway.", "title": "NatGateway" }, "NetworkInterface": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The network interface.", "title": "NetworkInterface" }, "PacketField": { "markdownDescription": "The packet field.", "title": "PacketField", "type": "string" }, "Port": { "markdownDescription": "The port.", "title": "Port", "type": "number" }, "PortRanges": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.PortRange" }, "markdownDescription": "The port ranges.", "title": "PortRanges", "type": "array" }, "PrefixList": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The prefix list.", "title": "PrefixList" }, "Protocols": { "items": { "type": "string" }, "markdownDescription": "The protocols.", "title": "Protocols", "type": "array" }, "RouteTable": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The route table.", "title": "RouteTable" }, "RouteTableRoute": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", "markdownDescription": "The route table route.", "title": "RouteTableRoute" }, "SecurityGroup": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The security group.", "title": "SecurityGroup" }, "SecurityGroupRule": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", "markdownDescription": "The security group rule.", "title": "SecurityGroupRule" }, "SecurityGroups": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent" }, "markdownDescription": "The security groups.", "title": "SecurityGroups", "type": "array" }, "SourceVpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The source VPC.", "title": "SourceVpc" }, "State": { "markdownDescription": "The state.", "title": "State", "type": "string" }, "Subnet": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The subnet.", "title": "Subnet" }, "SubnetRouteTable": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The route table for the subnet.", "title": "SubnetRouteTable" }, "TransitGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The transit gateway.", "title": "TransitGateway" }, "TransitGatewayAttachment": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The transit gateway attachment.", "title": "TransitGatewayAttachment" }, "TransitGatewayRouteTable": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The transit gateway route table.", "title": "TransitGatewayRouteTable" }, "TransitGatewayRouteTableRoute": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", "markdownDescription": "The transit gateway route table route.", "title": "TransitGatewayRouteTableRoute" }, "Vpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The component VPC.", "title": "Vpc" }, "VpcPeeringConnection": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The VPC peering connection.", "title": "VpcPeeringConnection" }, "VpnConnection": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The VPN connection.", "title": "VpnConnection" }, "VpnGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The VPN gateway.", "title": "VpnGateway" }, "vpcEndpoint": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The VPC endpoint.", "title": "vpcEndpoint" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.PathComponent": { "additionalProperties": false, "properties": { "AclRule": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisAclRule", "markdownDescription": "The network ACL rule.", "title": "AclRule" }, "AdditionalDetails": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AdditionalDetail" }, "markdownDescription": "The additional details.", "title": "AdditionalDetails", "type": "array" }, "Component": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The component.", "title": "Component" }, "DestinationVpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The destination VPC.", "title": "DestinationVpc" }, "ElasticLoadBalancerListener": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The load balancer listener.", "title": "ElasticLoadBalancerListener" }, "Explanations": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.Explanation" }, "markdownDescription": "The explanation codes.", "title": "Explanations", "type": "array" }, "InboundHeader": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", "markdownDescription": "The inbound header.", "title": "InboundHeader" }, "OutboundHeader": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisPacketHeader", "markdownDescription": "The outbound header.", "title": "OutboundHeader" }, "RouteTableRoute": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisRouteTableRoute", "markdownDescription": "The route table route.", "title": "RouteTableRoute" }, "SecurityGroupRule": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisSecurityGroupRule", "markdownDescription": "The security group rule.", "title": "SecurityGroupRule" }, "SequenceNumber": { "markdownDescription": "The sequence number.", "title": "SequenceNumber", "type": "number" }, "ServiceName": { "markdownDescription": "The name of the VPC endpoint service.", "title": "ServiceName", "type": "string" }, "SourceVpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The source VPC.", "title": "SourceVpc" }, "Subnet": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The subnet.", "title": "Subnet" }, "TransitGateway": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The transit gateway.", "title": "TransitGateway" }, "TransitGatewayRouteTableRoute": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute", "markdownDescription": "The route in a transit gateway route table.", "title": "TransitGatewayRouteTableRoute" }, "Vpc": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis.AnalysisComponent", "markdownDescription": "The component VPC.", "title": "Vpc" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.PortRange": { "additionalProperties": false, "properties": { "From": { "markdownDescription": "The first port in the range.", "title": "From", "type": "number" }, "To": { "markdownDescription": "The last port in the range.", "title": "To", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsAnalysis.TransitGatewayRouteTableRoute": { "additionalProperties": false, "properties": { "AttachmentId": { "markdownDescription": "The ID of the route attachment.", "title": "AttachmentId", "type": "string" }, "DestinationCidr": { "markdownDescription": "The CIDR block used for destination matches.", "title": "DestinationCidr", "type": "string" }, "PrefixListId": { "markdownDescription": "The ID of the prefix list.", "title": "PrefixListId", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the resource for the route attachment.", "title": "ResourceId", "type": "string" }, "ResourceType": { "markdownDescription": "The resource type for the route attachment.", "title": "ResourceType", "type": "string" }, "RouteOrigin": { "markdownDescription": "The route origin. The following are the possible values:\n\n- static\n- propagated", "title": "RouteOrigin", "type": "string" }, "State": { "markdownDescription": "The state of the route.", "title": "State", "type": "string" } }, "type": "object" }, "AWS::EC2::NetworkInsightsPath": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The ID or ARN of the destination. If the resource is in another account, you must specify an ARN.", "title": "Destination", "type": "string" }, "DestinationIp": { "markdownDescription": "The IP address of the destination.", "title": "DestinationIp", "type": "string" }, "DestinationPort": { "markdownDescription": "The destination port.", "title": "DestinationPort", "type": "number" }, "FilterAtDestination": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", "markdownDescription": "Scopes the analysis to network paths that match specific filters at the destination. If you specify this parameter, you can't specify the parameter for the destination IP address.", "title": "FilterAtDestination" }, "FilterAtSource": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.PathFilter", "markdownDescription": "Scopes the analysis to network paths that match specific filters at the source. If you specify this parameter, you can't specify the parameters for the source IP address or the destination port.", "title": "FilterAtSource" }, "Protocol": { "markdownDescription": "The protocol.", "title": "Protocol", "type": "string" }, "Source": { "markdownDescription": "The ID or ARN of the source. If the resource is in another account, you must specify an ARN.", "title": "Source", "type": "string" }, "SourceIp": { "markdownDescription": "The IP address of the source.", "title": "SourceIp", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the path.", "title": "Tags", "type": "array" } }, "required": [ "Protocol", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInsightsPath" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkInsightsPath.FilterPortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "The first port in the range.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "The last port in the range.", "title": "ToPort", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInsightsPath.PathFilter": { "additionalProperties": false, "properties": { "DestinationAddress": { "markdownDescription": "The destination IPv4 address.", "title": "DestinationAddress", "type": "string" }, "DestinationPortRange": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", "markdownDescription": "The destination port range.", "title": "DestinationPortRange" }, "SourceAddress": { "markdownDescription": "The source IPv4 address.", "title": "SourceAddress", "type": "string" }, "SourcePortRange": { "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath.FilterPortRange", "markdownDescription": "The source port range.", "title": "SourcePortRange" } }, "type": "object" }, "AWS::EC2::NetworkInterface": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionTrackingSpecification": { "$ref": "#/definitions/AWS::EC2::NetworkInterface.ConnectionTrackingSpecification", "markdownDescription": "A connection tracking specification for the network interface.", "title": "ConnectionTrackingSpecification" }, "Description": { "markdownDescription": "A description for the network interface.", "title": "Description", "type": "string" }, "GroupSet": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups associated with this network interface.", "title": "GroupSet", "type": "array" }, "InterfaceType": { "markdownDescription": "The type of network interface. The default is `interface` . The supported values are `efa` and `trunk` .", "title": "InterfaceType", "type": "string" }, "Ipv4PrefixCount": { "markdownDescription": "The number of IPv4 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv4 prefixes if you've specified one of the following: specific IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", "title": "Ipv4PrefixCount", "type": "number" }, "Ipv4Prefixes": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv4PrefixSpecification" }, "markdownDescription": "The IPv4 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv4 prefixes if you've specified one of the following: a count of IPv4 prefixes, specific private IPv4 addresses, or a count of private IPv4 addresses.", "title": "Ipv4Prefixes", "type": "array" }, "Ipv6AddressCount": { "markdownDescription": "The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. To specify specific IPv6 addresses, use the `Ipv6Addresses` property and don't specify this property.\n\nWhen creating a network interface, you can't specify a count of IPv6 addresses if you've specified one of the following: specific IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", "title": "Ipv6AddressCount", "type": "number" }, "Ipv6Addresses": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInterface.InstanceIpv6Address" }, "markdownDescription": "The IPv6 addresses from the IPv6 CIDR block range of your subnet to assign to the network interface. If you're specifying a number of IPv6 addresses, use the `Ipv6AddressCount` property and don't specify this property.\n\nWhen creating a network interface, you can't specify IPv6 addresses if you've specified one of the following: a count of IPv6 addresses, specific IPv6 prefixes, or a count of IPv6 prefixes.", "title": "Ipv6Addresses", "type": "array" }, "Ipv6PrefixCount": { "markdownDescription": "The number of IPv6 prefixes to be automatically assigned to the network interface.\n\nWhen creating a network interface, you can't specify a count of IPv6 prefixes if you've specified one of the following: specific IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", "title": "Ipv6PrefixCount", "type": "number" }, "Ipv6Prefixes": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInterface.Ipv6PrefixSpecification" }, "markdownDescription": "The IPv6 delegated prefixes that are assigned to the network interface.\n\nWhen creating a network interface, you can't specify IPv6 prefixes if you've specified one of the following: a count of IPv6 prefixes, specific IPv6 addresses, or a count of IPv6 addresses.", "title": "Ipv6Prefixes", "type": "array" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address to assign to the network interface as the primary private IP address. If you want to specify multiple private IP addresses, use the `PrivateIpAddresses` property.", "title": "PrivateIpAddress", "type": "string" }, "PrivateIpAddresses": { "items": { "$ref": "#/definitions/AWS::EC2::NetworkInterface.PrivateIpAddressSpecification" }, "markdownDescription": "The private IPv4 addresses to assign to the network interface. You can specify a primary private IP address by setting the value of the `Primary` property to `true` in the `PrivateIpAddressSpecification` property. If you want EC2 to automatically assign private IP addresses, use the `SecondaryPrivateIpAddressCount` property and do not specify this property.\n\nWhen creating a network interface, you can't specify private IPv4 addresses if you've specified one of the following: a count of private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", "title": "PrivateIpAddresses", "type": "array" }, "SecondaryPrivateIpAddressCount": { "markdownDescription": "The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using `privateIpAddresses` .\n\nWhen creating a Network Interface, you can't specify a count of private IPv4 addresses if you've specified one of the following: specific private IPv4 addresses, specific IPv4 prefixes, or a count of IPv4 prefixes.", "title": "SecondaryPrivateIpAddressCount", "type": "number" }, "SourceDestCheck": { "markdownDescription": "Enable or disable source/destination checks, which ensure that the instance is either the source or the destination of any traffic that it receives. If the value is `true` , source/destination checks are enabled; otherwise, they are disabled. The default value is `true` . You must disable source/destination checks if the instance runs services such as network address translation, routing, or firewalls.", "title": "SourceDestCheck", "type": "boolean" }, "SubnetId": { "markdownDescription": "The ID of the subnet to associate with the network interface.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the network interface.", "title": "Tags", "type": "array" } }, "required": [ "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInterface" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkInterface.ConnectionTrackingSpecification": { "additionalProperties": false, "properties": { "TcpEstablishedTimeout": { "markdownDescription": "Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds.", "title": "TcpEstablishedTimeout", "type": "number" }, "UdpStreamTimeout": { "markdownDescription": "Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds.", "title": "UdpStreamTimeout", "type": "number" }, "UdpTimeout": { "markdownDescription": "Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds.", "title": "UdpTimeout", "type": "number" } }, "type": "object" }, "AWS::EC2::NetworkInterface.InstanceIpv6Address": { "additionalProperties": false, "properties": { "Ipv6Address": { "markdownDescription": "An IPv6 address to associate with the network interface.", "title": "Ipv6Address", "type": "string" } }, "required": [ "Ipv6Address" ], "type": "object" }, "AWS::EC2::NetworkInterface.Ipv4PrefixSpecification": { "additionalProperties": false, "properties": { "Ipv4Prefix": { "markdownDescription": "The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* .", "title": "Ipv4Prefix", "type": "string" } }, "required": [ "Ipv4Prefix" ], "type": "object" }, "AWS::EC2::NetworkInterface.Ipv6PrefixSpecification": { "additionalProperties": false, "properties": { "Ipv6Prefix": { "markdownDescription": "The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* .", "title": "Ipv6Prefix", "type": "string" } }, "required": [ "Ipv6Prefix" ], "type": "object" }, "AWS::EC2::NetworkInterface.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { "Primary": { "markdownDescription": "Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address.", "title": "Primary", "type": "boolean" }, "PrivateIpAddress": { "markdownDescription": "The private IP address of the network interface.", "title": "PrivateIpAddress", "type": "string" } }, "required": [ "Primary", "PrivateIpAddress" ], "type": "object" }, "AWS::EC2::NetworkInterfaceAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Whether to delete the network interface when the instance terminates. By default, this value is set to `true` .", "title": "DeleteOnTermination", "type": "boolean" }, "DeviceIndex": { "markdownDescription": "The network interface's position in the attachment order. For example, the first attached network interface has a `DeviceIndex` of 0.", "title": "DeviceIndex", "type": "string" }, "EnaSrdSpecification": { "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification", "markdownDescription": "Configures ENA Express for the network interface that this action attaches to the instance.", "title": "EnaSrdSpecification" }, "InstanceId": { "markdownDescription": "The ID of the instance to which you will attach the ENI.", "title": "InstanceId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the ENI that you want to attach.", "title": "NetworkInterfaceId", "type": "string" } }, "required": [ "DeviceIndex", "InstanceId", "NetworkInterfaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInterfaceAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkInterfaceAttachment.EnaSrdSpecification": { "additionalProperties": false, "properties": { "EnaSrdEnabled": { "markdownDescription": "Indicates whether ENA Express is enabled for the network interface.", "title": "EnaSrdEnabled", "type": "boolean" }, "EnaSrdUdpSpecification": { "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification", "markdownDescription": "Configures ENA Express for UDP network traffic.", "title": "EnaSrdUdpSpecification" } }, "type": "object" }, "AWS::EC2::NetworkInterfaceAttachment.EnaSrdUdpSpecification": { "additionalProperties": false, "properties": { "EnaSrdUdpEnabled": { "markdownDescription": "Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express.", "title": "EnaSrdUdpEnabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::NetworkInterfacePermission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The AWS account ID.", "title": "AwsAccountId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface.", "title": "NetworkInterfaceId", "type": "string" }, "Permission": { "markdownDescription": "The type of permission to grant: `INSTANCE-ATTACH` or `EIP-ASSOCIATE` .", "title": "Permission", "type": "string" } }, "required": [ "AwsAccountId", "NetworkInterfaceId", "Permission" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkInterfacePermission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::NetworkPerformanceMetricSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The Region or Availability Zone that's the target for the subscription. For example, `eu-west-1` .", "title": "Destination", "type": "string" }, "Metric": { "markdownDescription": "The metric used for the subscription.", "title": "Metric", "type": "string" }, "Source": { "markdownDescription": "The Region or Availability Zone that's the source for the subscription. For example, `us-east-1` .", "title": "Source", "type": "string" }, "Statistic": { "markdownDescription": "The statistic used for the subscription.", "title": "Statistic", "type": "string" } }, "required": [ "Destination", "Metric", "Source", "Statistic" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::NetworkPerformanceMetricSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::PlacementGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PartitionCount": { "markdownDescription": "The number of partitions. Valid only when *Strategy* is set to `partition` .", "title": "PartitionCount", "type": "number" }, "SpreadLevel": { "markdownDescription": "Determines how placement groups spread instances.\n\n- Host \u2013 You can use `host` only with Outpost placement groups.\n- Rack \u2013 No usage restrictions.", "title": "SpreadLevel", "type": "string" }, "Strategy": { "markdownDescription": "The placement strategy.", "title": "Strategy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the new placement group.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::PlacementGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::PrefixList": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddressFamily": { "markdownDescription": "The IP address type.\n\nValid Values: `IPv4` | `IPv6`", "title": "AddressFamily", "type": "string" }, "Entries": { "items": { "$ref": "#/definitions/AWS::EC2::PrefixList.Entry" }, "markdownDescription": "One or more entries for the prefix list.", "title": "Entries", "type": "array" }, "MaxEntries": { "markdownDescription": "The maximum number of entries for the prefix list.", "title": "MaxEntries", "type": "number" }, "PrefixListName": { "markdownDescription": "A name for the prefix list.\n\nConstraints: Up to 255 characters in length. The name cannot start with `com.amazonaws` .", "title": "PrefixListName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the prefix list.", "title": "Tags", "type": "array" } }, "required": [ "AddressFamily", "PrefixListName" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::PrefixList" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::PrefixList.Entry": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "The CIDR block.", "title": "Cidr", "type": "string" }, "Description": { "markdownDescription": "A description for the entry.\n\nConstraints: Up to 255 characters in length.", "title": "Description", "type": "string" } }, "required": [ "Cidr" ], "type": "object" }, "AWS::EC2::Route": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CarrierGatewayId": { "markdownDescription": "The ID of the carrier gateway.\n\nYou can only use this option when the VPC contains a subnet which is associated with a Wavelength Zone.", "title": "CarrierGatewayId", "type": "string" }, "CoreNetworkArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the core network.", "title": "CoreNetworkArn", "type": "string" }, "DestinationCidrBlock": { "markdownDescription": "The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match. We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .", "title": "DestinationCidrBlock", "type": "string" }, "DestinationIpv6CidrBlock": { "markdownDescription": "The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.", "title": "DestinationIpv6CidrBlock", "type": "string" }, "DestinationPrefixListId": { "markdownDescription": "The ID of a prefix list used for the destination match.", "title": "DestinationPrefixListId", "type": "string" }, "EgressOnlyInternetGatewayId": { "markdownDescription": "[IPv6 traffic only] The ID of an egress-only internet gateway.", "title": "EgressOnlyInternetGatewayId", "type": "string" }, "GatewayId": { "markdownDescription": "The ID of an internet gateway or virtual private gateway attached to your VPC.", "title": "GatewayId", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.", "title": "InstanceId", "type": "string" }, "LocalGatewayId": { "markdownDescription": "The ID of the local gateway.", "title": "LocalGatewayId", "type": "string" }, "NatGatewayId": { "markdownDescription": "[IPv4 traffic only] The ID of a NAT gateway.", "title": "NatGatewayId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of a network interface.", "title": "NetworkInterfaceId", "type": "string" }, "RouteTableId": { "markdownDescription": "The ID of the route table for the route.", "title": "RouteTableId", "type": "string" }, "TransitGatewayId": { "markdownDescription": "The ID of a transit gateway.", "title": "TransitGatewayId", "type": "string" }, "VpcEndpointId": { "markdownDescription": "The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.", "title": "VpcEndpointId", "type": "string" }, "VpcPeeringConnectionId": { "markdownDescription": "The ID of a VPC peering connection.", "title": "VpcPeeringConnectionId", "type": "string" } }, "required": [ "RouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::Route" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::RouteTable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the route table.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::RouteTable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupDescription": { "markdownDescription": "A description for the security group.\n\nConstraints: Up to 255 characters in length\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", "title": "GroupDescription", "type": "string" }, "GroupName": { "markdownDescription": "The name of the security group.\n\nConstraints: Up to 255 characters in length. Cannot start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", "title": "GroupName", "type": "string" }, "SecurityGroupEgress": { "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Egress" }, "markdownDescription": "The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", "title": "SecurityGroupEgress", "type": "array" }, "SecurityGroupIngress": { "items": { "$ref": "#/definitions/AWS::EC2::SecurityGroup.Ingress" }, "markdownDescription": "The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group.", "title": "SecurityGroupIngress", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the security group.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC for the security group. If you do not specify a VPC, the default is to use the default VPC for the Region. If there's no specified VPC and no default VPC, security group creation fails.", "title": "VpcId", "type": "string" } }, "required": [ "GroupDescription" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SecurityGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SecurityGroup.Egress": { "additionalProperties": false, "properties": { "CidrIp": { "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIp", "type": "string" }, "CidrIpv6": { "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIpv6", "type": "string" }, "Description": { "markdownDescription": "A description for the security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, "DestinationPrefixListId": { "markdownDescription": "The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", "title": "DestinationPrefixListId", "type": "string" }, "DestinationSecurityGroupId": { "markdownDescription": "The ID of the destination VPC security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", "title": "DestinationSecurityGroupId", "type": "string" }, "FromPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", "title": "FromPort", "type": "number" }, "IpProtocol": { "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", "title": "IpProtocol", "type": "string" }, "ToPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", "title": "ToPort", "type": "number" } }, "required": [ "IpProtocol" ], "type": "object" }, "AWS::EC2::SecurityGroup.Ingress": { "additionalProperties": false, "properties": { "CidrIp": { "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIp", "type": "string" }, "CidrIpv6": { "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIpv6", "type": "string" }, "Description": { "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, "FromPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", "title": "FromPort", "type": "number" }, "IpProtocol": { "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", "title": "IpProtocol", "type": "string" }, "SourcePrefixListId": { "markdownDescription": "The ID of a prefix list.", "title": "SourcePrefixListId", "type": "string" }, "SourceSecurityGroupId": { "markdownDescription": "The ID of the security group.", "title": "SourceSecurityGroupId", "type": "string" }, "SourceSecurityGroupName": { "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", "title": "SourceSecurityGroupName", "type": "string" }, "SourceSecurityGroupOwnerId": { "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", "title": "SourceSecurityGroupOwnerId", "type": "string" }, "ToPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", "title": "ToPort", "type": "number" } }, "required": [ "IpProtocol" ], "type": "object" }, "AWS::EC2::SecurityGroupEgress": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CidrIp": { "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIp", "type": "string" }, "CidrIpv6": { "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIpv6", "type": "string" }, "Description": { "markdownDescription": "The description of an egress (outbound) security group rule.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, "DestinationPrefixListId": { "markdownDescription": "The prefix list IDs for an AWS service. This is the AWS service to access through a VPC endpoint from instances associated with the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", "title": "DestinationPrefixListId", "type": "string" }, "DestinationSecurityGroupId": { "markdownDescription": "The ID of the security group.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` .", "title": "DestinationSecurityGroupId", "type": "string" }, "FromPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).", "title": "FromPort", "type": "number" }, "GroupId": { "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.", "title": "GroupId", "type": "string" }, "IpProtocol": { "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", "title": "IpProtocol", "type": "string" }, "ToPort": { "markdownDescription": "If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).", "title": "ToPort", "type": "number" } }, "required": [ "GroupId", "IpProtocol" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SecurityGroupEgress" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CidrIp": { "markdownDescription": "The IPv4 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIp", "type": "string" }, "CidrIpv6": { "markdownDescription": "The IPv6 address range, in CIDR format.\n\nYou must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` .\n\nFor examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* .", "title": "CidrIpv6", "type": "string" }, "Description": { "markdownDescription": "Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.\n\nConstraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*", "title": "Description", "type": "string" }, "FromPort": { "markdownDescription": "The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", "title": "FromPort", "type": "number" }, "GroupId": { "markdownDescription": "The ID of the security group.", "title": "GroupId", "type": "string" }, "GroupName": { "markdownDescription": "The name of the security group.\n\nConstraints: Up to 255 characters in length. Cannot start with `sg-` .\n\nValid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*", "title": "GroupName", "type": "string" }, "IpProtocol": { "markdownDescription": "The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ).\n\nUse `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.", "title": "IpProtocol", "type": "string" }, "SourcePrefixListId": { "markdownDescription": "The ID of a prefix list.", "title": "SourcePrefixListId", "type": "string" }, "SourceSecurityGroupId": { "markdownDescription": "The ID of the security group. You must specify either the security group ID or the security group name. For security groups in a nondefault VPC, you must specify the security group ID.", "title": "SourceSecurityGroupId", "type": "string" }, "SourceSecurityGroupName": { "markdownDescription": "[Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nFor security groups in a nondefault VPC, you must specify the group ID.", "title": "SourceSecurityGroupName", "type": "string" }, "SourceSecurityGroupOwnerId": { "markdownDescription": "[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access.\n\nIf you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify `SourceSecurityGroupOwnerId` ; otherwise, this property is optional.", "title": "SourceSecurityGroupOwnerId", "type": "string" }, "ToPort": { "markdownDescription": "The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.\n\nUse this for ICMP and any protocol that uses ports.", "title": "ToPort", "type": "number" } }, "required": [ "IpProtocol" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SecurityGroupIngress" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SnapshotBlockPublicAccess": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "The mode in which to enable block public access for snapshots for the Region. Specify one of the following values:\n\n- `block-all-sharing` - Prevents all public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. Additionally, snapshots that are already publicly shared are treated as private and they are no longer publicly available.\n\n> If you enable block public access for snapshots in `block-all-sharing` mode, it does not change the permissions for snapshots that are already publicly shared. Instead, it prevents these snapshots from be publicly visible and publicly accessible. Therefore, the attributes for these snapshots still indicate that they are publicly shared, even though they are not publicly available.\n- `block-new-sharing` - Prevents only new public sharing of snapshots in the Region. Users in the account will no longer be able to request new public sharing. However, snapshots that are already publicly shared, remain publicly available.", "title": "State", "type": "string" } }, "required": [ "State" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SnapshotBlockPublicAccess" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SpotFleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SpotFleetRequestConfigData": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetRequestConfigData", "markdownDescription": "Describes the configuration of a Spot Fleet request.", "title": "SpotFleetRequestConfigData" } }, "required": [ "SpotFleetRequestConfigData" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SpotFleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SpotFleet.AcceleratorCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` .", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of accelerators. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.BlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::EC2::SpotFleet.EbsBlockDevice", "markdownDescription": "Parameters used to automatically set up EBS volumes when the instance is launched.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value.", "title": "NoDevice", "type": "string" }, "VirtualName": { "markdownDescription": "The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.\n\nNVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.\n\nConstraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.", "title": "VirtualName", "type": "string" } }, "required": [ "DeviceName" ], "type": "object" }, "AWS::EC2::SpotFleet.ClassicLoadBalancer": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the load balancer.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::EC2::SpotFleet.ClassicLoadBalancersConfig": { "additionalProperties": false, "properties": { "ClassicLoadBalancers": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancer" }, "markdownDescription": "One or more Classic Load Balancers.", "title": "ClassicLoadBalancers", "type": "array" } }, "required": [ "ClassicLoadBalancers" ], "type": "object" }, "AWS::EC2::SpotFleet.EbsBlockDevice": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* .", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* .\n\nIn no case can you remove encryption from an encrypted volume.\n\nEncrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) .\n\nThis parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) .", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS.", "title": "Iops", "type": "number" }, "SnapshotId": { "markdownDescription": "The ID of the snapshot.", "title": "SnapshotId", "type": "string" }, "VolumeSize": { "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* .", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template.\n\nYou must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template.\n\nYou must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The version number of the launch template.\n\nSpecifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) .", "title": "Version", "type": "string" } }, "required": [ "Version" ], "type": "object" }, "AWS::EC2::SpotFleet.GroupIdentifier": { "additionalProperties": false, "properties": { "GroupId": { "markdownDescription": "The ID of the security group.", "title": "GroupId", "type": "string" } }, "required": [ "GroupId" ], "type": "object" }, "AWS::EC2::SpotFleet.IamInstanceProfileSpecification": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the instance profile.", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::EC2::SpotFleet.InstanceIpv6Address": { "additionalProperties": false, "properties": { "Ipv6Address": { "markdownDescription": "The IPv6 address.", "title": "Ipv6Address", "type": "string" } }, "required": [ "Ipv6Address" ], "type": "object" }, "AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification": { "additionalProperties": false, "properties": { "AssociatePublicIpAddress": { "markdownDescription": "Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", "title": "AssociatePublicIpAddress", "type": "boolean" }, "DeleteOnTermination": { "markdownDescription": "Indicates whether the network interface is deleted when the instance is terminated.", "title": "DeleteOnTermination", "type": "boolean" }, "Description": { "markdownDescription": "The description of the network interface. Applies only if creating a network interface when launching an instance.", "title": "Description", "type": "string" }, "DeviceIndex": { "markdownDescription": "The position of the network interface in the attachment order. A primary network interface has a device index of 0.\n\nIf you specify a network interface when launching an instance, you must specify the device index.", "title": "DeviceIndex", "type": "number" }, "Groups": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.", "title": "Groups", "type": "array" }, "Ipv6AddressCount": { "markdownDescription": "A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.", "title": "Ipv6AddressCount", "type": "number" }, "Ipv6Addresses": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceIpv6Address" }, "markdownDescription": "The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.", "title": "Ipv6Addresses", "type": "array" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface.\n\nIf you are creating a Spot Fleet, omit this parameter because you can\u2019t specify a network interface ID in a launch specification.", "title": "NetworkInterfaceId", "type": "string" }, "PrivateIpAddresses": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.PrivateIpAddressSpecification" }, "markdownDescription": "The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", "title": "PrivateIpAddresses", "type": "array" }, "SecondaryPrivateIpAddressCount": { "markdownDescription": "The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request.", "title": "SecondaryPrivateIpAddressCount", "type": "number" }, "SubnetId": { "markdownDescription": "The ID of the subnet associated with the network interface.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::EC2::SpotFleet.InstanceRequirementsRequest": { "additionalProperties": false, "properties": { "AcceleratorCount": { "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorCountRequest", "markdownDescription": "The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance.\n\nTo exclude accelerator-enabled instance types, set `Max` to `0` .\n\nDefault: No minimum or maximum limits", "title": "AcceleratorCount" }, "AcceleratorManufacturers": { "items": { "type": "string" }, "markdownDescription": "Indicates whether instance types must have accelerators by specific manufacturers.\n\n- For instance types with AWS devices, specify `amazon-web-services` .\n- For instance types with AMD devices, specify `amd` .\n- For instance types with Habana devices, specify `habana` .\n- For instance types with NVIDIA devices, specify `nvidia` .\n- For instance types with Xilinx devices, specify `xilinx` .\n\nDefault: Any manufacturer", "title": "AcceleratorManufacturers", "type": "array" }, "AcceleratorNames": { "items": { "type": "string" }, "markdownDescription": "The accelerators that must be on the instance type.\n\n- For instance types with NVIDIA A10G GPUs, specify `a10g` .\n- For instance types with NVIDIA A100 GPUs, specify `a100` .\n- For instance types with NVIDIA H100 GPUs, specify `h100` .\n- For instance types with AWS Inferentia chips, specify `inferentia` .\n- For instance types with NVIDIA GRID K520 GPUs, specify `k520` .\n- For instance types with NVIDIA K80 GPUs, specify `k80` .\n- For instance types with NVIDIA M60 GPUs, specify `m60` .\n- For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` .\n- For instance types with NVIDIA T4 GPUs, specify `t4` .\n- For instance types with NVIDIA T4G GPUs, specify `t4g` .\n- For instance types with Xilinx VU9P FPGAs, specify `vu9p` .\n- For instance types with NVIDIA V100 GPUs, specify `v100` .\n\nDefault: Any accelerator", "title": "AcceleratorNames", "type": "array" }, "AcceleratorTotalMemoryMiB": { "$ref": "#/definitions/AWS::EC2::SpotFleet.AcceleratorTotalMemoryMiBRequest", "markdownDescription": "The minimum and maximum amount of total accelerator memory, in MiB.\n\nDefault: No minimum or maximum limits", "title": "AcceleratorTotalMemoryMiB" }, "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "The accelerator types that must be on the instance type.\n\n- To include instance types with GPU hardware, specify `gpu` .\n- To include instance types with FPGA hardware, specify `fpga` .\n- To include instance types with inference hardware, specify `inference` .\n\nDefault: Any accelerator type", "title": "AcceleratorTypes", "type": "array" }, "AllowedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types.\n\n> If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . \n\nDefault: All instance types", "title": "AllowedInstanceTypes", "type": "array" }, "BareMetal": { "markdownDescription": "Indicates whether bare metal instance types must be included, excluded, or required.\n\n- To include bare metal instance types, specify `included` .\n- To require only bare metal instance types, specify `required` .\n- To exclude bare metal instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BareMetal", "type": "string" }, "BaselineEbsBandwidthMbps": { "$ref": "#/definitions/AWS::EC2::SpotFleet.BaselineEbsBandwidthMbpsRequest", "markdownDescription": "The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS\u2013optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "BaselineEbsBandwidthMbps" }, "BurstablePerformance": { "markdownDescription": "Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) .\n\n- To include burstable performance instance types, specify `included` .\n- To require only burstable performance instance types, specify `required` .\n- To exclude burstable performance instance types, specify `excluded` .\n\nDefault: `excluded`", "title": "BurstablePerformance", "type": "string" }, "CpuManufacturers": { "items": { "type": "string" }, "markdownDescription": "The CPU manufacturers to include.\n\n- For instance types with Intel CPUs, specify `intel` .\n- For instance types with AMD CPUs, specify `amd` .\n- For instance types with AWS CPUs, specify `amazon-web-services` .\n\n> Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. \n\nDefault: Any manufacturer", "title": "CpuManufacturers", "type": "array" }, "ExcludedInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types to exclude.\n\nYou can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` .\n\nFor example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types.\n\n> If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . \n\nDefault: No excluded instance types", "title": "ExcludedInstanceTypes", "type": "array" }, "InstanceGenerations": { "items": { "type": "string" }, "markdownDescription": "Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* .\n\nFor current generation instance types, specify `current` .\n\nFor previous generation instance types, specify `previous` .\n\nDefault: Current and previous generation instance types", "title": "InstanceGenerations", "type": "array" }, "LocalStorage": { "markdownDescription": "Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* .\n\n- To include instance types with instance store volumes, specify `included` .\n- To require only instance types with instance store volumes, specify `required` .\n- To exclude instance types with instance store volumes, specify `excluded` .\n\nDefault: `included`", "title": "LocalStorage", "type": "string" }, "LocalStorageTypes": { "items": { "type": "string" }, "markdownDescription": "The type of local storage that is required.\n\n- For instance types with hard disk drive (HDD) storage, specify `hdd` .\n- For instance types with solid state drive (SSD) storage, specify `ssd` .\n\nDefault: `hdd` and `ssd`", "title": "LocalStorageTypes", "type": "array" }, "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price.\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` .", "title": "MaxSpotPriceAsPercentageOfOptimalOnDemandPrice", "type": "number" }, "MemoryGiBPerVCpu": { "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest", "markdownDescription": "The minimum and maximum amount of memory per vCPU, in GiB.\n\nDefault: No minimum or maximum limits", "title": "MemoryGiBPerVCpu" }, "MemoryMiB": { "$ref": "#/definitions/AWS::EC2::SpotFleet.MemoryMiBRequest", "markdownDescription": "The minimum and maximum amount of memory, in MiB.", "title": "MemoryMiB" }, "NetworkBandwidthGbps": { "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest", "markdownDescription": "The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* .\n\nDefault: No minimum or maximum limits", "title": "NetworkBandwidthGbps" }, "NetworkInterfaceCount": { "$ref": "#/definitions/AWS::EC2::SpotFleet.NetworkInterfaceCountRequest", "markdownDescription": "The minimum and maximum number of network interfaces.\n\nDefault: No minimum or maximum limits", "title": "NetworkInterfaceCount" }, "OnDemandMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nTo indicate no price protection threshold, specify a high value, such as `999999` .\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. \n\nDefault: `20`", "title": "OnDemandMaxPricePercentageOverLowestPrice", "type": "number" }, "RequireHibernateSupport": { "markdownDescription": "Indicates whether instance types must support hibernation for On-Demand Instances.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) .\n\nDefault: `false`", "title": "RequireHibernateSupport", "type": "boolean" }, "SpotMaxPricePercentageOverLowestPrice": { "markdownDescription": "[Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold.\n\nThe parameter accepts an integer, which Amazon EC2 interprets as a percentage.\n\nIf you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price.\n\nThis parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) .\n\n> Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . \n\nDefault: `100`", "title": "SpotMaxPricePercentageOverLowestPrice", "type": "number" }, "TotalLocalStorageGB": { "$ref": "#/definitions/AWS::EC2::SpotFleet.TotalLocalStorageGBRequest", "markdownDescription": "The minimum and maximum amount of total local storage, in GB.\n\nDefault: No minimum or maximum limits", "title": "TotalLocalStorageGB" }, "VCpuCount": { "$ref": "#/definitions/AWS::EC2::SpotFleet.VCpuCountRangeRequest", "markdownDescription": "The minimum and maximum number of vCPUs.", "title": "VCpuCount" } }, "type": "object" }, "AWS::EC2::SpotFleet.LaunchTemplateConfig": { "additionalProperties": false, "properties": { "LaunchTemplateSpecification": { "$ref": "#/definitions/AWS::EC2::SpotFleet.FleetLaunchTemplateSpecification", "markdownDescription": "The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet.", "title": "LaunchTemplateSpecification" }, "Overrides": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateOverrides" }, "markdownDescription": "Any parameters that you specify override the same parameters in the launch template.", "title": "Overrides", "type": "array" } }, "type": "object" }, "AWS::EC2::SpotFleet.LaunchTemplateOverrides": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone in which to launch the instances.", "title": "AvailabilityZone", "type": "string" }, "InstanceRequirements": { "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", "markdownDescription": "The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", "title": "InstanceRequirements" }, "InstanceType": { "markdownDescription": "The instance type.", "title": "InstanceType", "type": "string" }, "Priority": { "markdownDescription": "The priority for the launch template override. The highest priority is launched first.\n\nIf `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.\n\nIf the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.\n\nValid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.", "title": "Priority", "type": "number" }, "SpotPrice": { "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", "title": "SpotPrice", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet in which to launch the instances.", "title": "SubnetId", "type": "string" }, "WeightedCapacity": { "markdownDescription": "The number of units provided by the specified instance type.\n\n> When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour.", "title": "WeightedCapacity", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.LoadBalancersConfig": { "additionalProperties": false, "properties": { "ClassicLoadBalancersConfig": { "$ref": "#/definitions/AWS::EC2::SpotFleet.ClassicLoadBalancersConfig", "markdownDescription": "The Classic Load Balancers.", "title": "ClassicLoadBalancersConfig" }, "TargetGroupsConfig": { "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroupsConfig", "markdownDescription": "The target groups.", "title": "TargetGroupsConfig" } }, "type": "object" }, "AWS::EC2::SpotFleet.MemoryGiBPerVCpuRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.MemoryMiBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.NetworkBandwidthGbpsRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.NetworkInterfaceCountRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of network interfaces. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of network interfaces. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.PrivateIpAddressSpecification": { "additionalProperties": false, "properties": { "Primary": { "markdownDescription": "Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.", "title": "Primary", "type": "boolean" }, "PrivateIpAddress": { "markdownDescription": "The private IPv4 address.", "title": "PrivateIpAddress", "type": "string" } }, "required": [ "PrivateIpAddress" ], "type": "object" }, "AWS::EC2::SpotFleet.SpotCapacityRebalance": { "additionalProperties": false, "properties": { "ReplacementStrategy": { "markdownDescription": "The replacement strategy to use. Only available for fleets of type `maintain` .\n\n`launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running.\n\n`launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification.", "title": "ReplacementStrategy", "type": "string" }, "TerminationDelay": { "markdownDescription": "The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance.\n\nRequired when `ReplacementStrategy` is set to `launch-before-terminate` .\n\nNot valid when `ReplacementStrategy` is set to `launch` .\n\nValid values: Minimum value of `120` seconds. Maximum value of `7200` seconds.", "title": "TerminationDelay", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.SpotFleetLaunchSpecification": { "additionalProperties": false, "properties": { "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.BlockDeviceMapping" }, "markdownDescription": "One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.", "title": "BlockDeviceMappings", "type": "array" }, "EbsOptimized": { "markdownDescription": "Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.\n\nDefault: `false`", "title": "EbsOptimized", "type": "boolean" }, "IamInstanceProfile": { "$ref": "#/definitions/AWS::EC2::SpotFleet.IamInstanceProfileSpecification", "markdownDescription": "The IAM instance profile.", "title": "IamInstanceProfile" }, "ImageId": { "markdownDescription": "The ID of the AMI.", "title": "ImageId", "type": "string" }, "InstanceRequirements": { "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceRequirementsRequest", "markdownDescription": "The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes.\n\n> If you specify `InstanceRequirements` , you can't specify `InstanceType` .", "title": "InstanceRequirements" }, "InstanceType": { "markdownDescription": "The instance type.", "title": "InstanceType", "type": "string" }, "KernelId": { "markdownDescription": "The ID of the kernel.", "title": "KernelId", "type": "string" }, "KeyName": { "markdownDescription": "The name of the key pair.", "title": "KeyName", "type": "string" }, "Monitoring": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetMonitoring", "markdownDescription": "Enable or disable monitoring for the instances.", "title": "Monitoring" }, "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.InstanceNetworkInterfaceSpecification" }, "markdownDescription": "The network interfaces.", "title": "NetworkInterfaces", "type": "array" }, "Placement": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotPlacement", "markdownDescription": "The placement information.", "title": "Placement" }, "RamdiskId": { "markdownDescription": "The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.", "title": "RamdiskId", "type": "string" }, "SecurityGroups": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.GroupIdentifier" }, "markdownDescription": "The security groups.\n\nIf you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter.", "title": "SecurityGroups", "type": "array" }, "SpotPrice": { "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", "title": "SpotPrice", "type": "string" }, "SubnetId": { "markdownDescription": "The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, \"subnet-1234abcdeexample1, subnet-0987cdef6example2\".\n\nIf you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter.", "title": "SubnetId", "type": "string" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" }, "markdownDescription": "The tags to apply during creation.", "title": "TagSpecifications", "type": "array" }, "UserData": { "markdownDescription": "The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.", "title": "UserData", "type": "string" }, "WeightedCapacity": { "markdownDescription": "The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.\n\nIf the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.", "title": "WeightedCapacity", "type": "number" } }, "required": [ "ImageId" ], "type": "object" }, "AWS::EC2::SpotFleet.SpotFleetMonitoring": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables monitoring for the instance.\n\nDefault: `false`", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::SpotFleet.SpotFleetRequestConfigData": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* .\n\n- **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools.\n- **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity.\n- **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify.\n- **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. \n\nSpot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates.\n\nDefault: `lowestPrice`", "title": "AllocationStrategy", "type": "string" }, "Context": { "markdownDescription": "Reserved.", "title": "Context", "type": "string" }, "ExcessCapacityTerminationPolicy": { "markdownDescription": "Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.\n\nSupported only for fleets of type `maintain` .", "title": "ExcessCapacityTerminationPolicy", "type": "string" }, "IamFleetRole": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` .", "title": "IamFleetRole", "type": "string" }, "InstanceInterruptionBehavior": { "markdownDescription": "The behavior when a Spot Instance is interrupted. The default is `terminate` .", "title": "InstanceInterruptionBehavior", "type": "string" }, "InstancePoolsToUseCount": { "markdownDescription": "The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.\n\nNote that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified.", "title": "InstancePoolsToUseCount", "type": "number" }, "LaunchSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetLaunchSpecification" }, "markdownDescription": "The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` .", "title": "LaunchSpecifications", "type": "array" }, "LaunchTemplateConfigs": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.LaunchTemplateConfig" }, "markdownDescription": "The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` .", "title": "LaunchTemplateConfigs", "type": "array" }, "LoadBalancersConfig": { "$ref": "#/definitions/AWS::EC2::SpotFleet.LoadBalancersConfig", "markdownDescription": "One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.\n\nWith Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.", "title": "LoadBalancersConfig" }, "OnDemandAllocationStrategy": { "markdownDescription": "The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` .", "title": "OnDemandAllocationStrategy", "type": "string" }, "OnDemandMaxTotalPrice": { "markdownDescription": "The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", "title": "OnDemandMaxTotalPrice", "type": "string" }, "OnDemandTargetCapacity": { "markdownDescription": "The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", "title": "OnDemandTargetCapacity", "type": "number" }, "ReplaceUnhealthyInstances": { "markdownDescription": "Indicates whether Spot Fleet should replace unhealthy instances.", "title": "ReplaceUnhealthyInstances", "type": "boolean" }, "SpotMaintenanceStrategies": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotMaintenanceStrategies", "markdownDescription": "The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.", "title": "SpotMaintenanceStrategies" }, "SpotMaxTotalPrice": { "markdownDescription": "The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn\u2019t met the target capacity.\n\n> If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* .", "title": "SpotMaxTotalPrice", "type": "string" }, "SpotPrice": { "markdownDescription": "The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.\n\n> If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.", "title": "SpotPrice", "type": "string" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotFleetTagSpecification" }, "markdownDescription": "The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) .", "title": "TagSpecifications", "type": "array" }, "TargetCapacity": { "markdownDescription": "The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later.", "title": "TargetCapacity", "type": "number" }, "TargetCapacityUnitType": { "markdownDescription": "The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection.\n\nDefault: `units` (the number of instances)", "title": "TargetCapacityUnitType", "type": "string" }, "TerminateInstancesWithExpiration": { "markdownDescription": "Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.", "title": "TerminateInstancesWithExpiration", "type": "boolean" }, "Type": { "markdownDescription": "The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet.", "title": "Type", "type": "string" }, "ValidFrom": { "markdownDescription": "The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately.", "title": "ValidFrom", "type": "string" }, "ValidUntil": { "markdownDescription": "The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.", "title": "ValidUntil", "type": "string" } }, "required": [ "IamFleetRole", "TargetCapacity" ], "type": "object" }, "AWS::EC2::SpotFleet.SpotFleetTagSpecification": { "additionalProperties": false, "properties": { "ResourceType": { "markdownDescription": "The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` .", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::EC2::SpotFleet.SpotMaintenanceStrategies": { "additionalProperties": false, "properties": { "CapacityRebalance": { "$ref": "#/definitions/AWS::EC2::SpotFleet.SpotCapacityRebalance", "markdownDescription": "The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* .", "title": "CapacityRebalance" } }, "type": "object" }, "AWS::EC2::SpotFleet.SpotPlacement": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone.\n\nTo specify multiple Availability Zones, separate them using commas; for example, \"us-west-2a, us-west-2b\".", "title": "AvailabilityZone", "type": "string" }, "GroupName": { "markdownDescription": "The name of the placement group.", "title": "GroupName", "type": "string" }, "Tenancy": { "markdownDescription": "The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances.", "title": "Tenancy", "type": "string" } }, "type": "object" }, "AWS::EC2::SpotFleet.TargetGroup": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::EC2::SpotFleet.TargetGroupsConfig": { "additionalProperties": false, "properties": { "TargetGroups": { "items": { "$ref": "#/definitions/AWS::EC2::SpotFleet.TargetGroup" }, "markdownDescription": "One or more target groups.", "title": "TargetGroups", "type": "array" } }, "required": [ "TargetGroups" ], "type": "object" }, "AWS::EC2::SpotFleet.TotalLocalStorageGBRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::SpotFleet.VCpuCountRangeRequest": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum number of vCPUs. To specify no maximum limit, omit this parameter.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum number of vCPUs. To specify no minimum limit, specify `0` .", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::EC2::Subnet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssignIpv6AddressOnCreation": { "markdownDescription": "Indicates whether a network interface created in this subnet receives an IPv6 address. The default value is `false` .\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", "title": "AssignIpv6AddressOnCreation", "type": "boolean" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone of the subnet.\n\nIf you update this property, you must also update the `CidrBlock` property.", "title": "AvailabilityZone", "type": "string" }, "AvailabilityZoneId": { "markdownDescription": "The AZ ID of the subnet.", "title": "AvailabilityZoneId", "type": "string" }, "CidrBlock": { "markdownDescription": "The IPv4 CIDR block assigned to the subnet.\n\nIf you update this property, we create a new subnet, and then delete the existing one.", "title": "CidrBlock", "type": "string" }, "EnableDns64": { "markdownDescription": "Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations. For more information, see [DNS64 and NAT64](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-nat64-dns64) in the *Amazon Virtual Private Cloud User Guide* .", "title": "EnableDns64", "type": "boolean" }, "EnableLniAtDeviceIndex": { "markdownDescription": "Indicates the device position for local network interfaces in this subnet. For example, `1` indicates local network interfaces in this subnet are the secondary network interface (eth1).", "title": "EnableLniAtDeviceIndex", "type": "number" }, "Ipv4IpamPoolId": { "markdownDescription": "An IPv4 IPAM pool ID for the subnet.", "title": "Ipv4IpamPoolId", "type": "string" }, "Ipv4NetmaskLength": { "markdownDescription": "An IPv4 netmask length for the subnet.", "title": "Ipv4NetmaskLength", "type": "number" }, "Ipv6CidrBlock": { "markdownDescription": "The IPv6 CIDR block.\n\nIf you specify `AssignIpv6AddressOnCreation` , you must also specify an IPv6 CIDR block.", "title": "Ipv6CidrBlock", "type": "string" }, "Ipv6CidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The IPv6 network ranges for the subnet, in CIDR notation.", "title": "Ipv6CidrBlocks", "type": "array" }, "Ipv6IpamPoolId": { "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", "title": "Ipv6IpamPoolId", "type": "string" }, "Ipv6Native": { "markdownDescription": "Indicates whether this is an IPv6 only subnet. For more information, see [Subnet basics](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#subnet-basics) in the *Amazon Virtual Private Cloud User Guide* .", "title": "Ipv6Native", "type": "boolean" }, "Ipv6NetmaskLength": { "markdownDescription": "An IPv6 netmask length for the subnet.", "title": "Ipv6NetmaskLength", "type": "number" }, "MapPublicIpOnLaunch": { "markdownDescription": "Indicates whether instances launched in this subnet receive a public IPv4 address. The default value is `false` .\n\nAWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) .", "title": "MapPublicIpOnLaunch", "type": "boolean" }, "OutpostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", "title": "OutpostArn", "type": "string" }, "PrivateDnsNameOptionsOnLaunch": { "$ref": "#/definitions/AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch", "markdownDescription": "The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *Amazon Elastic Compute Cloud User Guide* .\n\nAvailable options:\n\n- EnableResourceNameDnsAAAARecord (true | false)\n- EnableResourceNameDnsARecord (true | false)\n- HostnameType (ip-name | resource-name)", "title": "PrivateDnsNameOptionsOnLaunch" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the subnet.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC the subnet is in.\n\nIf you update this property, you must also update the `CidrBlock` property.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::Subnet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::Subnet.PrivateDnsNameOptionsOnLaunch": { "additionalProperties": false, "properties": { "EnableResourceNameDnsAAAARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.", "title": "EnableResourceNameDnsAAAARecord", "type": "boolean" }, "EnableResourceNameDnsARecord": { "markdownDescription": "Indicates whether to respond to DNS queries for instance hostnames with DNS A records.", "title": "EnableResourceNameDnsARecord", "type": "boolean" }, "HostnameType": { "markdownDescription": "The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.", "title": "HostnameType", "type": "string" } }, "type": "object" }, "AWS::EC2::SubnetCidrBlock": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Ipv6CidrBlock": { "markdownDescription": "The IPv6 network range for the subnet, in CIDR notation.", "title": "Ipv6CidrBlock", "type": "string" }, "Ipv6IpamPoolId": { "markdownDescription": "An IPv6 IPAM pool ID for the subnet.", "title": "Ipv6IpamPoolId", "type": "string" }, "Ipv6NetmaskLength": { "markdownDescription": "An IPv6 netmask length for the subnet.", "title": "Ipv6NetmaskLength", "type": "number" }, "SubnetId": { "markdownDescription": "The ID of the subnet.", "title": "SubnetId", "type": "string" } }, "required": [ "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SubnetCidrBlock" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SubnetNetworkAclAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "NetworkAclId": { "markdownDescription": "The ID of the network ACL.", "title": "NetworkAclId", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet.", "title": "SubnetId", "type": "string" } }, "required": [ "NetworkAclId", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SubnetNetworkAclAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::SubnetRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RouteTableId": { "markdownDescription": "The ID of the route table.\n\nThe physical ID changes when the route table ID is changed.", "title": "RouteTableId", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet.", "title": "SubnetId", "type": "string" } }, "required": [ "RouteTableId", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::SubnetRouteTableAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TrafficMirrorFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the Traffic Mirror filter.", "title": "Description", "type": "string" }, "NetworkServices": { "items": { "type": "string" }, "markdownDescription": "The network service traffic that is associated with the Traffic Mirror filter.\n\nValid values are `amazon-dns` .", "title": "NetworkServices", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to a Traffic Mirror filter.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::TrafficMirrorFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::TrafficMirrorFilterRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the Traffic Mirror rule.", "title": "Description", "type": "string" }, "DestinationCidrBlock": { "markdownDescription": "The destination CIDR block to assign to the Traffic Mirror rule.", "title": "DestinationCidrBlock", "type": "string" }, "DestinationPortRange": { "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", "markdownDescription": "The destination port range.", "title": "DestinationPortRange" }, "Protocol": { "markdownDescription": "The protocol, for example UDP, to assign to the Traffic Mirror rule.\n\nFor information about the protocol value, see [Protocol Numbers](https://docs.aws.amazon.com/https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) on the Internet Assigned Numbers Authority (IANA) website.", "title": "Protocol", "type": "number" }, "RuleAction": { "markdownDescription": "The action to take on the filtered traffic.", "title": "RuleAction", "type": "string" }, "RuleNumber": { "markdownDescription": "The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given direction. The rules are processed in ascending order by rule number.", "title": "RuleNumber", "type": "number" }, "SourceCidrBlock": { "markdownDescription": "The source CIDR block to assign to the Traffic Mirror rule.", "title": "SourceCidrBlock", "type": "string" }, "SourcePortRange": { "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange", "markdownDescription": "The source port range.", "title": "SourcePortRange" }, "TrafficDirection": { "markdownDescription": "The type of traffic.", "title": "TrafficDirection", "type": "string" }, "TrafficMirrorFilterId": { "markdownDescription": "The ID of the filter that this rule is associated with.", "title": "TrafficMirrorFilterId", "type": "string" } }, "required": [ "DestinationCidrBlock", "RuleAction", "RuleNumber", "SourceCidrBlock", "TrafficDirection", "TrafficMirrorFilterId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TrafficMirrorFilterRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TrafficMirrorFilterRule.TrafficMirrorPortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "The start of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "The end of the Traffic Mirror port range. This applies to the TCP and UDP protocols.", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "ToPort" ], "type": "object" }, "AWS::EC2::TrafficMirrorSession": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the Traffic Mirror session.", "title": "Description", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The ID of the source network interface.", "title": "NetworkInterfaceId", "type": "string" }, "PacketLength": { "markdownDescription": "The number of bytes in each packet to mirror. These are bytes after the VXLAN header. Do not specify this parameter when you want to mirror the entire packet. To mirror a subset of the packet, set this to the length (in bytes) that you want to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target.\n\nIf you do not want to mirror the entire packet, use the `PacketLength` parameter to specify the number of bytes in each packet to mirror.\n\nFor sessions with Network Load Balancer (NLB) Traffic Mirror targets the default `PacketLength` will be set to 8500. Valid values are 1-8500. Setting a `PacketLength` greater than 8500 will result in an error response.", "title": "PacketLength", "type": "number" }, "SessionNumber": { "markdownDescription": "The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.\n\nValid values are 1-32766.", "title": "SessionNumber", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to a Traffic Mirror session.", "title": "Tags", "type": "array" }, "TrafficMirrorFilterId": { "markdownDescription": "The ID of the Traffic Mirror filter.", "title": "TrafficMirrorFilterId", "type": "string" }, "TrafficMirrorTargetId": { "markdownDescription": "The ID of the Traffic Mirror target.", "title": "TrafficMirrorTargetId", "type": "string" }, "VirtualNetworkId": { "markdownDescription": "The VXLAN ID for the Traffic Mirror session. For more information about the VXLAN protocol, see [RFC 7348](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc7348) . If you do not specify a `VirtualNetworkId` , an account-wide unique ID is chosen at random.", "title": "VirtualNetworkId", "type": "number" } }, "required": [ "NetworkInterfaceId", "SessionNumber", "TrafficMirrorFilterId", "TrafficMirrorTargetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TrafficMirrorSession" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TrafficMirrorTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the Traffic Mirror target.", "title": "Description", "type": "string" }, "GatewayLoadBalancerEndpointId": { "markdownDescription": "The ID of the Gateway Load Balancer endpoint.", "title": "GatewayLoadBalancerEndpointId", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The network interface ID that is associated with the target.", "title": "NetworkInterfaceId", "type": "string" }, "NetworkLoadBalancerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Network Load Balancer that is associated with the target.", "title": "NetworkLoadBalancerArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the Traffic Mirror target.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::TrafficMirrorTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::TransitGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmazonSideAsn": { "markdownDescription": "A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs. The default is 64512.", "title": "AmazonSideAsn", "type": "number" }, "AssociationDefaultRouteTableId": { "markdownDescription": "The ID of the default association route table.", "title": "AssociationDefaultRouteTableId", "type": "string" }, "AutoAcceptSharedAttachments": { "markdownDescription": "Enable or disable automatic acceptance of attachment requests. Disabled by default.", "title": "AutoAcceptSharedAttachments", "type": "string" }, "DefaultRouteTableAssociation": { "markdownDescription": "Enable or disable automatic association with the default association route table. Enabled by default.", "title": "DefaultRouteTableAssociation", "type": "string" }, "DefaultRouteTablePropagation": { "markdownDescription": "Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default.", "title": "DefaultRouteTablePropagation", "type": "string" }, "Description": { "markdownDescription": "The description of the transit gateway.", "title": "Description", "type": "string" }, "DnsSupport": { "markdownDescription": "Enable or disable DNS support. Enabled by default.", "title": "DnsSupport", "type": "string" }, "MulticastSupport": { "markdownDescription": "Indicates whether multicast is enabled on the transit gateway", "title": "MulticastSupport", "type": "string" }, "PropagationDefaultRouteTableId": { "markdownDescription": "The ID of the default propagation route table.", "title": "PropagationDefaultRouteTableId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the transit gateway.", "title": "Tags", "type": "array" }, "TransitGatewayCidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The transit gateway CIDR blocks.", "title": "TransitGatewayCidrBlocks", "type": "array" }, "VpnEcmpSupport": { "markdownDescription": "Enable or disable Equal Cost Multipath Protocol support. Enabled by default.", "title": "VpnEcmpSupport", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::TransitGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Options": { "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment.Options", "markdownDescription": "The VPC attachment options.", "title": "Options" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of one or more subnets. You can specify only one subnet per Availability Zone. You must specify at least one subnet, but we recommend that you specify two subnets for better availability. The transit gateway uses one IP address from each specified subnet.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway.", "title": "TransitGatewayId", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "SubnetIds", "TransitGatewayId", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayAttachment.Options": { "additionalProperties": false, "properties": { "ApplianceModeSupport": { "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", "title": "ApplianceModeSupport", "type": "string" }, "DnsSupport": { "markdownDescription": "Enable or disable DNS support. The default is `disable` .", "title": "DnsSupport", "type": "string" }, "Ipv6Support": { "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", "title": "Ipv6Support", "type": "string" }, "SecurityGroupReferencingSupport": { "markdownDescription": "Enables you to reference a security group across VPCs attached to a transit gateway (TGW). Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.\n\nFor important information about this feature, see [Create a transit gateway](https://docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw) in the *AWS Transit Gateway Guide* .", "title": "SecurityGroupReferencingSupport", "type": "string" } }, "type": "object" }, "AWS::EC2::TransitGatewayConnect": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Options": { "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions", "markdownDescription": "The Connect attachment options.\n\n- protocol (gre)", "title": "Options" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the attachment.", "title": "Tags", "type": "array" }, "TransportTransitGatewayAttachmentId": { "markdownDescription": "The ID of the attachment from which the Connect attachment was created.", "title": "TransportTransitGatewayAttachmentId", "type": "string" } }, "required": [ "Options", "TransportTransitGatewayAttachmentId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayConnect" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayConnect.TransitGatewayConnectOptions": { "additionalProperties": false, "properties": { "Protocol": { "markdownDescription": "The tunnel protocol.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::EC2::TransitGatewayMulticastDomain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Options": { "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain.Options", "markdownDescription": "The options for the transit gateway multicast domain.\n\n- AutoAcceptSharedAssociations (enable | disable)\n- Igmpv2Support (enable | disable)\n- StaticSourcesSupport (enable | disable)", "title": "Options" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the transit gateway multicast domain.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway.", "title": "TransitGatewayId", "type": "string" } }, "required": [ "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayMulticastDomain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayMulticastDomain.Options": { "additionalProperties": false, "properties": { "AutoAcceptSharedAssociations": { "markdownDescription": "Indicates whether to automatically accept cross-account subnet associations that are associated with the transit gateway multicast domain.", "title": "AutoAcceptSharedAssociations", "type": "string" }, "Igmpv2Support": { "markdownDescription": "Specify whether to enable Internet Group Management Protocol (IGMP) version 2 for the transit gateway multicast domain.", "title": "Igmpv2Support", "type": "string" }, "StaticSourcesSupport": { "markdownDescription": "Specify whether to enable support for statically configuring multicast group sources for a domain.", "title": "StaticSourcesSupport", "type": "string" } }, "type": "object" }, "AWS::EC2::TransitGatewayMulticastDomainAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SubnetId": { "markdownDescription": "The IDs of the subnets to associate with the transit gateway multicast domain.", "title": "SubnetId", "type": "string" }, "TransitGatewayAttachmentId": { "markdownDescription": "The ID of the transit gateway attachment.", "title": "TransitGatewayAttachmentId", "type": "string" }, "TransitGatewayMulticastDomainId": { "markdownDescription": "The ID of the transit gateway multicast domain.", "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ "SubnetId", "TransitGatewayAttachmentId", "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayMulticastDomainAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayMulticastGroupMember": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupIpAddress": { "markdownDescription": "The IP address assigned to the transit gateway multicast group.", "title": "GroupIpAddress", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The group members' network interface IDs to register with the transit gateway multicast group.", "title": "NetworkInterfaceId", "type": "string" }, "TransitGatewayMulticastDomainId": { "markdownDescription": "The ID of the transit gateway multicast domain.", "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ "GroupIpAddress", "NetworkInterfaceId", "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayMulticastGroupMember" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayMulticastGroupSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupIpAddress": { "markdownDescription": "The IP address assigned to the transit gateway multicast group.", "title": "GroupIpAddress", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The group sources' network interface IDs to register with the transit gateway multicast group.", "title": "NetworkInterfaceId", "type": "string" }, "TransitGatewayMulticastDomainId": { "markdownDescription": "The ID of the transit gateway multicast domain.", "title": "TransitGatewayMulticastDomainId", "type": "string" } }, "required": [ "GroupIpAddress", "NetworkInterfaceId", "TransitGatewayMulticastDomainId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayMulticastGroupSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayPeeringAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PeerAccountId": { "markdownDescription": "The ID of the AWS account that owns the transit gateway.", "title": "PeerAccountId", "type": "string" }, "PeerRegion": { "markdownDescription": "The Region of the transit gateway.", "title": "PeerRegion", "type": "string" }, "PeerTransitGatewayId": { "markdownDescription": "The ID of the transit gateway.", "title": "PeerTransitGatewayId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the transit gateway peering attachment.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway peering attachment.", "title": "TransitGatewayId", "type": "string" } }, "required": [ "PeerAccountId", "PeerRegion", "PeerTransitGatewayId", "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayPeeringAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayPeeringAttachment.PeeringAttachmentStatus": { "additionalProperties": false, "properties": { "Code": { "markdownDescription": "The status code.", "title": "Code", "type": "string" }, "Message": { "markdownDescription": "The status message, if applicable.", "title": "Message", "type": "string" } }, "type": "object" }, "AWS::EC2::TransitGatewayRoute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Blackhole": { "markdownDescription": "Indicates whether to drop traffic that matches this route.", "title": "Blackhole", "type": "boolean" }, "DestinationCidrBlock": { "markdownDescription": "The CIDR block used for destination matches.", "title": "DestinationCidrBlock", "type": "string" }, "TransitGatewayAttachmentId": { "markdownDescription": "The ID of the attachment.", "title": "TransitGatewayAttachmentId", "type": "string" }, "TransitGatewayRouteTableId": { "markdownDescription": "The ID of the transit gateway route table.", "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayRoute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayRouteTable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the route table.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway.", "title": "TransitGatewayId", "type": "string" } }, "required": [ "TransitGatewayId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayRouteTable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayRouteTableAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "TransitGatewayAttachmentId": { "markdownDescription": "The ID of the attachment.", "title": "TransitGatewayAttachmentId", "type": "string" }, "TransitGatewayRouteTableId": { "markdownDescription": "The ID of the route table for the transit gateway.", "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ "TransitGatewayAttachmentId", "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayRouteTableAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayRouteTablePropagation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "TransitGatewayAttachmentId": { "markdownDescription": "The ID of the attachment.", "title": "TransitGatewayAttachmentId", "type": "string" }, "TransitGatewayRouteTableId": { "markdownDescription": "The ID of the propagation route table.", "title": "TransitGatewayRouteTableId", "type": "string" } }, "required": [ "TransitGatewayAttachmentId", "TransitGatewayRouteTableId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayRouteTablePropagation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayVpcAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddSubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.", "title": "AddSubnetIds", "type": "array" }, "Options": { "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment.Options", "markdownDescription": "The VPC attachment options.", "title": "Options" }, "RemoveSubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of one or more subnets to remove.", "title": "RemoveSubnetIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the VPC attachment.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway.", "title": "TransitGatewayId", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "SubnetIds", "TransitGatewayId", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::TransitGatewayVpcAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::TransitGatewayVpcAttachment.Options": { "additionalProperties": false, "properties": { "ApplianceModeSupport": { "markdownDescription": "Enable or disable appliance mode support. The default is `disable` .", "title": "ApplianceModeSupport", "type": "string" }, "DnsSupport": { "markdownDescription": "Enable or disable DNS support. The default is `disable` .", "title": "DnsSupport", "type": "string" }, "Ipv6Support": { "markdownDescription": "Enable or disable IPv6 support. The default is `disable` .", "title": "Ipv6Support", "type": "string" } }, "type": "object" }, "AWS::EC2::VPC": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CidrBlock": { "markdownDescription": "The IPv4 network range for the VPC, in CIDR notation. For example, `10.0.0.0/16` . We modify the specified CIDR block to its canonical form; for example, if you specify `100.68.0.18/18` , we modify it to `100.68.0.0/18` .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", "title": "CidrBlock", "type": "string" }, "EnableDnsHostnames": { "markdownDescription": "Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not. Disabled by default for nondefault VPCs. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .\n\nYou can only enable DNS hostnames if you've enabled DNS support.", "title": "EnableDnsHostnames", "type": "boolean" }, "EnableDnsSupport": { "markdownDescription": "Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP address at the base of the VPC network range \"plus two\" succeed. If disabled, the Amazon provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is not enabled. Enabled by default. For more information, see [DNS attributes in your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#vpc-dns-support) .", "title": "EnableDnsSupport", "type": "boolean" }, "InstanceTenancy": { "markdownDescription": "The allowed tenancy of instances launched into the VPC.\n\n- `default` : An instance launched into the VPC runs on shared hardware by default, unless you explicitly specify a different tenancy during instance launch.\n- `dedicated` : An instance launched into the VPC runs on dedicated hardware by default, unless you explicitly specify a tenancy of `host` during instance launch. You cannot specify a tenancy of `default` during instance launch.\n\nUpdating `InstanceTenancy` requires no replacement only if you are updating its value from `dedicated` to `default` . Updating `InstanceTenancy` from `default` to `dedicated` requires replacement.", "title": "InstanceTenancy", "type": "string" }, "Ipv4IpamPoolId": { "markdownDescription": "The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .\n\nYou must specify either `CidrBlock` or `Ipv4IpamPoolId` .", "title": "Ipv4IpamPoolId", "type": "string" }, "Ipv4NetmaskLength": { "markdownDescription": "The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "Ipv4NetmaskLength", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the VPC.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPC" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::VPCCidrBlock": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmazonProvidedIpv6CidrBlock": { "markdownDescription": "Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.", "title": "AmazonProvidedIpv6CidrBlock", "type": "boolean" }, "CidrBlock": { "markdownDescription": "An IPv4 CIDR block to associate with the VPC.", "title": "CidrBlock", "type": "string" }, "Ipv4IpamPoolId": { "markdownDescription": "Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "Ipv4IpamPoolId", "type": "string" }, "Ipv4NetmaskLength": { "markdownDescription": "The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "Ipv4NetmaskLength", "type": "number" }, "Ipv6CidrBlock": { "markdownDescription": "An IPv6 CIDR block from the IPv6 address pool. You must also specify `Ipv6Pool` in the request.\n\nTo let Amazon choose the IPv6 CIDR block for you, omit this parameter.", "title": "Ipv6CidrBlock", "type": "string" }, "Ipv6IpamPoolId": { "markdownDescription": "Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "Ipv6IpamPoolId", "type": "string" }, "Ipv6NetmaskLength": { "markdownDescription": "The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?](https://docs.aws.amazon.com//vpc/latest/ipam/what-is-it-ipam.html) in the *Amazon VPC IPAM User Guide* .", "title": "Ipv6NetmaskLength", "type": "number" }, "Ipv6Pool": { "markdownDescription": "The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.", "title": "Ipv6Pool", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCCidrBlock" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCDHCPOptionsAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DhcpOptionsId": { "markdownDescription": "The ID of the DHCP options set, or `default` to associate no DHCP options with the VPC.", "title": "DhcpOptionsId", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "DhcpOptionsId", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCDHCPOptionsAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "An endpoint policy, which controls access to the service from the VPC. The default endpoint policy allows full access to the service. Endpoint policies are supported only for gateway and interface endpoints.\n\nFor CloudFormation templates in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation converts YAML policies to JSON format before calling the API to create or modify the VPC endpoint.", "title": "PolicyDocument", "type": "object" }, "PrivateDnsEnabled": { "markdownDescription": "Indicate whether to associate a private hosted zone with the specified VPC. The private hosted zone contains a record set for the default public DNS name for the service for the Region (for example, `kinesis.us-east-1.amazonaws.com` ), which resolves to the private IP addresses of the endpoint network interfaces in the VPC. This enables you to make requests to the default public DNS name for the service instead of the public DNS names that are automatically generated by the VPC endpoint service.\n\nTo use a private hosted zone, you must set the following VPC attributes to `true` : `enableDnsHostnames` and `enableDnsSupport` .\n\nThis property is supported only for interface endpoints.\n\nDefault: `false`", "title": "PrivateDnsEnabled", "type": "boolean" }, "RouteTableIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the route tables. Routing is supported only for gateway endpoints.", "title": "RouteTableIds", "type": "array" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups to associate with the endpoint network interfaces. If this parameter is not specified, we use the default security group for the VPC. Security groups are supported only for interface endpoints.", "title": "SecurityGroupIds", "type": "array" }, "ServiceName": { "markdownDescription": "The name of the endpoint service.", "title": "ServiceName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets in which to create endpoint network interfaces. You must specify this property for an interface endpoint or a Gateway Load Balancer endpoint. You can't specify this property for a gateway endpoint. For a Gateway Load Balancer endpoint, you can specify only one subnet.", "title": "SubnetIds", "type": "array" }, "VpcEndpointType": { "markdownDescription": "The type of endpoint.\n\nDefault: Gateway", "title": "VpcEndpointType", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "ServiceName", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCEndpointConnectionNotification": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionEvents": { "items": { "type": "string" }, "markdownDescription": "The endpoint events for which to receive notifications. Valid values are `Accept` , `Connect` , `Delete` , and `Reject` .", "title": "ConnectionEvents", "type": "array" }, "ConnectionNotificationArn": { "markdownDescription": "The ARN of the SNS topic for the notifications.", "title": "ConnectionNotificationArn", "type": "string" }, "ServiceId": { "markdownDescription": "The ID of the endpoint service.", "title": "ServiceId", "type": "string" }, "VPCEndpointId": { "markdownDescription": "The ID of the endpoint.", "title": "VPCEndpointId", "type": "string" } }, "required": [ "ConnectionEvents", "ConnectionNotificationArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCEndpointConnectionNotification" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCEndpointService": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptanceRequired": { "markdownDescription": "Indicates whether requests from service consumers to create an endpoint to your service must be accepted.", "title": "AcceptanceRequired", "type": "boolean" }, "ContributorInsightsEnabled": { "markdownDescription": "Indicates whether to enable the built-in Contributor Insights rules provided by AWS PrivateLink .", "title": "ContributorInsightsEnabled", "type": "boolean" }, "GatewayLoadBalancerArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the Gateway Load Balancers.", "title": "GatewayLoadBalancerArns", "type": "array" }, "NetworkLoadBalancerArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the Network Load Balancers.", "title": "NetworkLoadBalancerArns", "type": "array" }, "PayerResponsibility": { "markdownDescription": "The entity that is responsible for the endpoint costs. The default is the endpoint owner. If you set the payer responsibility to the service owner, you cannot set it back to the endpoint owner.", "title": "PayerResponsibility", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCEndpointService" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::VPCEndpointServicePermissions": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedPrincipals": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARN) of one or more principals (for example, users, IAM roles, and AWS accounts ). Permissions are granted to the principals in this list. To grant permissions to all principals, specify an asterisk (*). Permissions are revoked for principals not in this list. If the list is empty, then all permissions are revoked.", "title": "AllowedPrincipals", "type": "array" }, "ServiceId": { "markdownDescription": "The ID of the service.", "title": "ServiceId", "type": "string" } }, "required": [ "ServiceId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCEndpointServicePermissions" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCGatewayAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InternetGatewayId": { "markdownDescription": "The ID of the internet gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", "title": "InternetGatewayId", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" }, "VpnGatewayId": { "markdownDescription": "The ID of the virtual private gateway.\n\nYou must specify either `InternetGatewayId` or `VpnGatewayId` , but not both.", "title": "VpnGatewayId", "type": "string" } }, "required": [ "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCGatewayAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPCPeeringConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PeerOwnerId": { "markdownDescription": "The AWS account ID of the owner of the accepter VPC.\n\nDefault: Your AWS account ID", "title": "PeerOwnerId", "type": "string" }, "PeerRegion": { "markdownDescription": "The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.\n\nDefault: The Region in which you make the request.", "title": "PeerRegion", "type": "string" }, "PeerRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the VPC peer role for the peering connection in another AWS account.\n\nThis is required when you are peering a VPC in a different AWS account.", "title": "PeerRoleArn", "type": "string" }, "PeerVpcId": { "markdownDescription": "The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.", "title": "PeerVpcId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the resource.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "required": [ "PeerVpcId", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPCPeeringConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPNConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomerGatewayId": { "markdownDescription": "The ID of the customer gateway at your end of the VPN connection.", "title": "CustomerGatewayId", "type": "string" }, "StaticRoutesOnly": { "markdownDescription": "Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.\n\nIf you are creating a VPN connection for a device that does not support Border Gateway Protocol (BGP), you must specify `true` .", "title": "StaticRoutesOnly", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the VPN connection.", "title": "Tags", "type": "array" }, "TransitGatewayId": { "markdownDescription": "The ID of the transit gateway associated with the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", "title": "TransitGatewayId", "type": "string" }, "Type": { "markdownDescription": "The type of VPN connection.", "title": "Type", "type": "string" }, "VpnGatewayId": { "markdownDescription": "The ID of the virtual private gateway at the AWS side of the VPN connection.\n\nYou must specify either `TransitGatewayId` or `VpnGatewayId` , but not both.", "title": "VpnGatewayId", "type": "string" }, "VpnTunnelOptionsSpecifications": { "items": { "$ref": "#/definitions/AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification" }, "markdownDescription": "The tunnel options for the VPN connection.", "title": "VpnTunnelOptionsSpecifications", "type": "array" } }, "required": [ "CustomerGatewayId", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPNConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPNConnection.VpnTunnelOptionsSpecification": { "additionalProperties": false, "properties": { "PreSharedKey": { "markdownDescription": "The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway.\n\nConstraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0).", "title": "PreSharedKey", "type": "string" }, "TunnelInsideCidr": { "markdownDescription": "The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway.\n\nConstraints: A size /30 CIDR block from the `169.254.0.0/16` range. The following CIDR blocks are reserved and cannot be used:\n\n- `169.254.0.0/30`\n- `169.254.1.0/30`\n- `169.254.2.0/30`\n- `169.254.3.0/30`\n- `169.254.4.0/30`\n- `169.254.5.0/30`\n- `169.254.169.252/30`", "title": "TunnelInsideCidr", "type": "string" } }, "type": "object" }, "AWS::EC2::VPNConnectionRoute": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationCidrBlock": { "markdownDescription": "The CIDR block associated with the local subnet of the customer network.", "title": "DestinationCidrBlock", "type": "string" }, "VpnConnectionId": { "markdownDescription": "The ID of the VPN connection.", "title": "VpnConnectionId", "type": "string" } }, "required": [ "DestinationCidrBlock", "VpnConnectionId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPNConnectionRoute" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPNGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmazonSideAsn": { "markdownDescription": "The private Autonomous System Number (ASN) for the Amazon side of a BGP session.", "title": "AmazonSideAsn", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags assigned to the virtual private gateway.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of VPN connection the virtual private gateway supports.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPNGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VPNGatewayRoutePropagation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RouteTableIds": { "items": { "type": "string" }, "markdownDescription": "The ID of the route table. The routing table must be associated with the same VPC that the virtual private gateway is attached to.", "title": "RouteTableIds", "type": "array" }, "VpnGatewayId": { "markdownDescription": "The ID of the virtual private gateway that is attached to a VPC. The virtual private gateway must be attached to the same VPC that the routing tables are associated with.", "title": "VpnGatewayId", "type": "string" } }, "required": [ "RouteTableIds", "VpnGatewayId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VPNGatewayRoutePropagation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VerifiedAccessEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationDomain": { "markdownDescription": "The DNS name for users to reach your application.", "title": "ApplicationDomain", "type": "string" }, "AttachmentType": { "markdownDescription": "The type of attachment used to provide connectivity between the AWS Verified Access endpoint and the application.", "title": "AttachmentType", "type": "string" }, "Description": { "markdownDescription": "A description for the AWS Verified Access endpoint.", "title": "Description", "type": "string" }, "DomainCertificateArn": { "markdownDescription": "The ARN of a public TLS/SSL certificate imported into or created with ACM.", "title": "DomainCertificateArn", "type": "string" }, "EndpointDomainPrefix": { "markdownDescription": "A custom identifier that is prepended to the DNS name that is generated for the endpoint.", "title": "EndpointDomainPrefix", "type": "string" }, "EndpointType": { "markdownDescription": "The type of AWS Verified Access endpoint. Incoming application requests will be sent to an IP address, load balancer or a network interface depending on the endpoint type specified.", "title": "EndpointType", "type": "string" }, "LoadBalancerOptions": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions", "markdownDescription": "The load balancer details if creating the AWS Verified Access endpoint as `load-balancer` type.", "title": "LoadBalancerOptions" }, "NetworkInterfaceOptions": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions", "markdownDescription": "The options for network-interface type endpoint.", "title": "NetworkInterfaceOptions" }, "PolicyDocument": { "markdownDescription": "The Verified Access policy document.", "title": "PolicyDocument", "type": "string" }, "PolicyEnabled": { "markdownDescription": "The status of the Verified Access policy.", "title": "PolicyEnabled", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups for the endpoint.", "title": "SecurityGroupIds", "type": "array" }, "SseSpecification": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint.SseSpecification", "markdownDescription": "The options for additional server side encryption.", "title": "SseSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "VerifiedAccessGroupId": { "markdownDescription": "The ID of the AWS Verified Access group.", "title": "VerifiedAccessGroupId", "type": "string" } }, "required": [ "ApplicationDomain", "AttachmentType", "DomainCertificateArn", "EndpointDomainPrefix", "EndpointType", "VerifiedAccessGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VerifiedAccessEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VerifiedAccessEndpoint.LoadBalancerOptions": { "additionalProperties": false, "properties": { "LoadBalancerArn": { "markdownDescription": "The ARN of the load balancer.", "title": "LoadBalancerArn", "type": "string" }, "Port": { "markdownDescription": "The IP port number.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The IP protocol.", "title": "Protocol", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::EC2::VerifiedAccessEndpoint.NetworkInterfaceOptions": { "additionalProperties": false, "properties": { "NetworkInterfaceId": { "markdownDescription": "The ID of the network interface.", "title": "NetworkInterfaceId", "type": "string" }, "Port": { "markdownDescription": "The IP port number.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The IP protocol.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessEndpoint.SseSpecification": { "additionalProperties": false, "properties": { "CustomerManagedKeyEnabled": { "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", "title": "CustomerManagedKeyEnabled", "type": "boolean" }, "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the AWS Verified Access group.", "title": "Description", "type": "string" }, "PolicyDocument": { "markdownDescription": "The Verified Access policy document.", "title": "PolicyDocument", "type": "string" }, "PolicyEnabled": { "markdownDescription": "The status of the Verified Access policy.", "title": "PolicyEnabled", "type": "boolean" }, "SseSpecification": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup.SseSpecification", "markdownDescription": "The options for additional server side encryption.", "title": "SseSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "VerifiedAccessInstanceId": { "markdownDescription": "The ID of the AWS Verified Access instance.", "title": "VerifiedAccessInstanceId", "type": "string" } }, "required": [ "VerifiedAccessInstanceId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VerifiedAccessGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VerifiedAccessGroup.SseSpecification": { "additionalProperties": false, "properties": { "CustomerManagedKeyEnabled": { "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", "title": "CustomerManagedKeyEnabled", "type": "boolean" }, "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the AWS Verified Access instance.", "title": "Description", "type": "string" }, "FipsEnabled": { "markdownDescription": "Indicates whether support for Federal Information Processing Standards (FIPS) is enabled on the instance.", "title": "FipsEnabled", "type": "boolean" }, "LoggingConfigurations": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs", "markdownDescription": "The logging configuration for the Verified Access instances.", "title": "LoggingConfigurations" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "VerifiedAccessTrustProviderIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the AWS Verified Access trust providers.", "title": "VerifiedAccessTrustProviderIds", "type": "array" }, "VerifiedAccessTrustProviders": { "items": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider" }, "markdownDescription": "The IDs of the AWS Verified Access trust providers.", "title": "VerifiedAccessTrustProviders", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EC2::VerifiedAccessInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EC2::VerifiedAccessInstance.CloudWatchLogs": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether logging is enabled.", "title": "Enabled", "type": "boolean" }, "LogGroup": { "markdownDescription": "The ID of the CloudWatch Logs log group.", "title": "LogGroup", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose": { "additionalProperties": false, "properties": { "DeliveryStream": { "markdownDescription": "The ID of the delivery stream.", "title": "DeliveryStream", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether logging is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EC2::VerifiedAccessInstance.S3": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The bucket name.", "title": "BucketName", "type": "string" }, "BucketOwner": { "markdownDescription": "The AWS account number that owns the bucket.", "title": "BucketOwner", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether logging is enabled.", "title": "Enabled", "type": "boolean" }, "Prefix": { "markdownDescription": "The bucket prefix.", "title": "Prefix", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessInstance.VerifiedAccessLogs": { "additionalProperties": false, "properties": { "CloudWatchLogs": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.CloudWatchLogs", "markdownDescription": "CloudWatch Logs logging destination.", "title": "CloudWatchLogs" }, "IncludeTrustContext": { "markdownDescription": "Indicates whether to include trust data sent by trust providers in the logs.", "title": "IncludeTrustContext", "type": "boolean" }, "KinesisDataFirehose": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.KinesisDataFirehose", "markdownDescription": "Kinesis logging destination.", "title": "KinesisDataFirehose" }, "LogVersion": { "markdownDescription": "The logging version.\n\nValid values: `ocsf-0.1` | `ocsf-1.0.0-rc.2`", "title": "LogVersion", "type": "string" }, "S3": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance.S3", "markdownDescription": "Amazon S3 logging options.", "title": "S3" } }, "type": "object" }, "AWS::EC2::VerifiedAccessInstance.VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, "DeviceTrustProviderType": { "markdownDescription": "The type of device-based trust provider.", "title": "DeviceTrustProviderType", "type": "string" }, "TrustProviderType": { "markdownDescription": "The type of Verified Access trust provider.", "title": "TrustProviderType", "type": "string" }, "UserTrustProviderType": { "markdownDescription": "The type of user-based trust provider.", "title": "UserTrustProviderType", "type": "string" }, "VerifiedAccessTrustProviderId": { "markdownDescription": "The ID of the AWS Verified Access trust provider.", "title": "VerifiedAccessTrustProviderId", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessTrustProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the AWS Verified Access trust provider.", "title": "Description", "type": "string" }, "DeviceOptions": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions", "markdownDescription": "The options for device-identity trust provider.", "title": "DeviceOptions" }, "DeviceTrustProviderType": { "markdownDescription": "The type of device-based trust provider.", "title": "DeviceTrustProviderType", "type": "string" }, "OidcOptions": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.OidcOptions", "markdownDescription": "The options for an OpenID Connect-compatible user-identity trust provider.", "title": "OidcOptions" }, "PolicyReferenceName": { "markdownDescription": "The identifier to be used when working with policy rules.", "title": "PolicyReferenceName", "type": "string" }, "SseSpecification": { "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider.SseSpecification", "markdownDescription": "The options for additional server side encryption.", "title": "SseSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "TrustProviderType": { "markdownDescription": "The type of Verified Access trust provider.", "title": "TrustProviderType", "type": "string" }, "UserTrustProviderType": { "markdownDescription": "The type of user-based trust provider.", "title": "UserTrustProviderType", "type": "string" } }, "required": [ "PolicyReferenceName", "TrustProviderType" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VerifiedAccessTrustProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VerifiedAccessTrustProvider.DeviceOptions": { "additionalProperties": false, "properties": { "PublicSigningKeyUrl": { "markdownDescription": "The URL AWS Verified Access will use to verify the authenticity of the device tokens.", "title": "PublicSigningKeyUrl", "type": "string" }, "TenantId": { "markdownDescription": "The ID of the tenant application with the device-identity provider.", "title": "TenantId", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessTrustProvider.OidcOptions": { "additionalProperties": false, "properties": { "AuthorizationEndpoint": { "markdownDescription": "The OIDC authorization endpoint.", "title": "AuthorizationEndpoint", "type": "string" }, "ClientId": { "markdownDescription": "The client identifier.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret.", "title": "ClientSecret", "type": "string" }, "Issuer": { "markdownDescription": "The OIDC issuer.", "title": "Issuer", "type": "string" }, "Scope": { "markdownDescription": "The OpenID Connect (OIDC) scope specified.", "title": "Scope", "type": "string" }, "TokenEndpoint": { "markdownDescription": "The OIDC token endpoint.", "title": "TokenEndpoint", "type": "string" }, "UserInfoEndpoint": { "markdownDescription": "The OIDC user info endpoint.", "title": "UserInfoEndpoint", "type": "string" } }, "type": "object" }, "AWS::EC2::VerifiedAccessTrustProvider.SseSpecification": { "additionalProperties": false, "properties": { "CustomerManagedKeyEnabled": { "markdownDescription": "Enable or disable the use of customer managed KMS keys for server side encryption.\n\nValid values: `True` | `False`", "title": "CustomerManagedKeyEnabled", "type": "boolean" }, "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::EC2::Volume": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoEnableIO": { "markdownDescription": "Indicates whether the volume is auto-enabled for I/O operations. By default, Amazon EBS disables I/O to the volume from attached EC2 instances when it determines that a volume's data is potentially inconsistent. If the consistency of the volume is not a concern, and you prefer that the volume be made available immediately if it's impaired, you can configure the volume to automatically enable I/O.", "title": "AutoEnableIO", "type": "boolean" }, "AvailabilityZone": { "markdownDescription": "The ID of the Availability Zone in which to create the volume. For example, `us-east-1a` .", "title": "AvailabilityZone", "type": "string" }, "Encrypted": { "markdownDescription": "Indicates whether the volume should be encrypted. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Encryption by default](https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) in the *Amazon EBS User Guide* .\n\nEncrypted Amazon EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) .", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type:\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nFor `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html) . On other instances, you can achieve performance up to 32,000 IOPS.\n\nThis parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. This parameter is not supported for `gp2` , `st1` , `sc1` , or `standard` volumes.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The identifier of the AWS KMS key to use for Amazon EBS encryption. If `KmsKeyId` is specified, the encrypted state must be `true` .\n\nIf you omit this property and your account is enabled for encryption by default, or *Encrypted* is set to `true` , then the volume is encrypted using the default key specified for your account. If your account does not have a default key, then the volume is encrypted using the AWS managed key .\n\nAlternatively, if you want to specify a different key, you can specify one of the following:\n\n- Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.\n- Key alias. Specify the alias for the key, prefixed with `alias/` . For example, for a key with the alias `my_cmk` , use `alias/my_cmk` . Or to specify the AWS managed key , use `alias/aws/ebs` .\n- Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.\n- Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.", "title": "KmsKeyId", "type": "string" }, "MultiAttachEnabled": { "markdownDescription": "Indicates whether Amazon EBS Multi-Attach is enabled.\n\nAWS CloudFormation does not currently support updating a single-attach volume to be multi-attach enabled, updating a multi-attach enabled volume to be single-attach, or updating the size or number of I/O operations per second (IOPS) of a multi-attach enabled volume.", "title": "MultiAttachEnabled", "type": "boolean" }, "OutpostArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Outpost.", "title": "OutpostArn", "type": "string" }, "Size": { "markdownDescription": "The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.\n\nThe following are the supported volumes sizes for each volume type:\n\n- `gp2` and `gp3` : 1 - 16,384 GiB\n- `io1` : 4 - 16,384 GiB\n- `io2` : 4 - 65,536 GiB\n- `st1` and `sc1` : 125 - 16,384 GiB\n- `standard` : 1 - 1024 GiB", "title": "Size", "type": "number" }, "SnapshotId": { "markdownDescription": "The snapshot from which to create the volume. You must specify either a snapshot ID or a volume size.", "title": "SnapshotId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to apply to the volume during creation.", "title": "Tags", "type": "array" }, "Throughput": { "markdownDescription": "The throughput to provision for a volume, with a maximum of 1,000 MiB/s.\n\nThis parameter is valid only for `gp3` volumes. The default value is 125.\n\nValid Range: Minimum value of 125. Maximum value of 1000.", "title": "Throughput", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. This parameter can be one of the following values:\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\nFor more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) .\n\nDefault: `gp2`", "title": "VolumeType", "type": "string" } }, "required": [ "AvailabilityZone" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::Volume" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EC2::VolumeAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Device": { "markdownDescription": "The device name (for example, `/dev/sdh` or `xvdh` ).", "title": "Device", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the instance to which the volume attaches. This value can be a reference to an [`AWS::EC2::Instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) resource, or it can be the physical ID of an existing EC2 instance.", "title": "InstanceId", "type": "string" }, "VolumeId": { "markdownDescription": "The ID of the Amazon EBS volume. The volume and instance must be within the same Availability Zone. This value can be a reference to an [`AWS::EC2::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html) resource, or it can be the volume ID of an existing Amazon EBS volume.", "title": "VolumeId", "type": "string" } }, "required": [ "InstanceId", "VolumeId" ], "type": "object" }, "Type": { "enum": [ "AWS::EC2::VolumeAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECR::PublicRepository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RepositoryCatalogData": { "$ref": "#/definitions/AWS::ECR::PublicRepository.RepositoryCatalogData", "markdownDescription": "The details about the repository that are publicly visible in the Amazon ECR Public Gallery. For more information, see [Amazon ECR Public repository catalog data](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-catalog-data.html) in the *Amazon ECR Public User Guide* .", "title": "RepositoryCatalogData" }, "RepositoryName": { "markdownDescription": "The name to use for the public repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "RepositoryName", "type": "string" }, "RepositoryPolicyText": { "markdownDescription": "The JSON repository policy text to apply to the public repository. For more information, see [Amazon ECR Public repository policies](https://docs.aws.amazon.com/AmazonECR/latest/public/public-repository-policies.html) in the *Amazon ECR Public User Guide* .", "title": "RepositoryPolicyText", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECR::PublicRepository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECR::PublicRepository.RepositoryCatalogData": { "additionalProperties": false, "properties": { "AboutText": { "markdownDescription": "The longform description of the contents of the repository. This text appears in the repository details on the Amazon ECR Public Gallery.", "title": "AboutText", "type": "string" }, "Architectures": { "items": { "type": "string" }, "markdownDescription": "The architecture tags that are associated with the repository.", "title": "Architectures", "type": "array" }, "OperatingSystems": { "items": { "type": "string" }, "markdownDescription": "The operating system tags that are associated with the repository.", "title": "OperatingSystems", "type": "array" }, "RepositoryDescription": { "markdownDescription": "The short description of the repository.", "title": "RepositoryDescription", "type": "string" }, "UsageText": { "markdownDescription": "The longform usage details of the contents of the repository. The usage text provides context for users of the repository.", "title": "UsageText", "type": "string" } }, "type": "object" }, "AWS::ECR::PullThroughCacheRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CredentialArn": { "markdownDescription": "The ARN of the Secrets Manager secret associated with the pull through cache rule.", "title": "CredentialArn", "type": "string" }, "EcrRepositoryPrefix": { "markdownDescription": "The Amazon ECR repository prefix associated with the pull through cache rule.", "title": "EcrRepositoryPrefix", "type": "string" }, "UpstreamRegistry": { "markdownDescription": "The name of the upstream source registry associated with the pull through cache rule.", "title": "UpstreamRegistry", "type": "string" }, "UpstreamRegistryUrl": { "markdownDescription": "The upstream registry URL associated with the pull through cache rule.", "title": "UpstreamRegistryUrl", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECR::PullThroughCacheRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECR::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyText": { "markdownDescription": "The JSON policy text for your registry.", "title": "PolicyText", "type": "object" } }, "required": [ "PolicyText" ], "type": "object" }, "Type": { "enum": [ "AWS::ECR::RegistryPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECR::ReplicationConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ReplicationConfiguration": { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationConfiguration", "markdownDescription": "The replication configuration for a registry.", "title": "ReplicationConfiguration" } }, "required": [ "ReplicationConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::ECR::ReplicationConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECR::ReplicationConfiguration.ReplicationConfiguration": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationRule" }, "markdownDescription": "An array of objects representing the replication destinations and repository filters for a replication configuration.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::ECR::ReplicationConfiguration.ReplicationDestination": { "additionalProperties": false, "properties": { "Region": { "markdownDescription": "The Region to replicate to.", "title": "Region", "type": "string" }, "RegistryId": { "markdownDescription": "The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID.", "title": "RegistryId", "type": "string" } }, "required": [ "Region", "RegistryId" ], "type": "object" }, "AWS::ECR::ReplicationConfiguration.ReplicationRule": { "additionalProperties": false, "properties": { "Destinations": { "items": { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.ReplicationDestination" }, "markdownDescription": "An array of objects representing the destination for a replication rule.", "title": "Destinations", "type": "array" }, "RepositoryFilters": { "items": { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration.RepositoryFilter" }, "markdownDescription": "An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated.", "title": "RepositoryFilters", "type": "array" } }, "required": [ "Destinations" ], "type": "object" }, "AWS::ECR::ReplicationConfiguration.RepositoryFilter": { "additionalProperties": false, "properties": { "Filter": { "markdownDescription": "The repository filter details. When the `PREFIX_MATCH` filter type is specified, this value is required and should be the repository name prefix to configure replication for.", "title": "Filter", "type": "string" }, "FilterType": { "markdownDescription": "The repository filter type. The only supported value is `PREFIX_MATCH` , which is a repository name prefix specified with the `filter` parameter.", "title": "FilterType", "type": "string" } }, "required": [ "Filter", "FilterType" ], "type": "object" }, "AWS::ECR::Repository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EmptyOnDelete": { "markdownDescription": "If true, deleting the repository force deletes the contents of the repository. If false, the repository must be empty before attempting to delete it.", "title": "EmptyOnDelete", "type": "boolean" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::ECR::Repository.EncryptionConfiguration", "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.", "title": "EncryptionConfiguration" }, "ImageScanningConfiguration": { "$ref": "#/definitions/AWS::ECR::Repository.ImageScanningConfiguration", "markdownDescription": "The image scanning configuration for the repository. This determines whether images are scanned for known vulnerabilities after being pushed to the repository.", "title": "ImageScanningConfiguration" }, "ImageTagMutability": { "markdownDescription": "The tag mutability setting for the repository. If this parameter is omitted, the default setting of `MUTABLE` will be used which will allow image tags to be overwritten. If `IMMUTABLE` is specified, all image tags within the repository will be immutable which will prevent them from being overwritten.", "title": "ImageTagMutability", "type": "string" }, "LifecyclePolicy": { "$ref": "#/definitions/AWS::ECR::Repository.LifecyclePolicy", "markdownDescription": "Creates or updates a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) .", "title": "LifecyclePolicy" }, "RepositoryName": { "markdownDescription": "The name to use for the repository. The repository name may be specified on its own (such as `nginx-web-app` ) or it can be prepended with a namespace to group the repository into a category (such as `project-a/nginx-web-app` ). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the repository name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe repository name must start with a letter and can only contain lowercase letters, numbers, hyphens, underscores, and forward slashes.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "RepositoryName", "type": "string" }, "RepositoryPolicyText": { "markdownDescription": "The JSON repository policy text to apply to the repository. For more information, see [Amazon ECR repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policy-examples.html) in the *Amazon Elastic Container Registry User Guide* .", "title": "RepositoryPolicyText", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECR::Repository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECR::Repository.EncryptionConfiguration": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .", "title": "EncryptionType", "type": "string" }, "KmsKey": { "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", "title": "KmsKey", "type": "string" } }, "required": [ "EncryptionType" ], "type": "object" }, "AWS::ECR::Repository.ImageScanningConfiguration": { "additionalProperties": false, "properties": { "ScanOnPush": { "markdownDescription": "The setting that determines whether images are scanned after being pushed to a repository. If set to `true` , images will be scanned after being pushed. If this parameter is not specified, it will default to `false` and images will not be scanned unless a scan is manually started.", "title": "ScanOnPush", "type": "boolean" } }, "type": "object" }, "AWS::ECR::Repository.LifecyclePolicy": { "additionalProperties": false, "properties": { "LifecyclePolicyText": { "markdownDescription": "The JSON repository policy text to apply to the repository.", "title": "LifecyclePolicyText", "type": "string" }, "RegistryId": { "markdownDescription": "The AWS account ID associated with the registry that contains the repository. If you do not specify a registry, the default registry is assumed.", "title": "RegistryId", "type": "string" } }, "type": "object" }, "AWS::ECR::RepositoryCreationTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppliedFor": { "items": { "type": "string" }, "markdownDescription": "", "title": "AppliedFor", "type": "array" }, "Description": { "markdownDescription": "", "title": "Description", "type": "string" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration", "markdownDescription": "The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.\n\nBy default, when no encryption configuration is set or the `AES256` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. This does not require any action on your part.\n\nFor more control over the encryption of the contents of your repository, you can use server-side encryption with AWS Key Management Service key stored in AWS Key Management Service ( AWS KMS ) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* .", "title": "EncryptionConfiguration" }, "ImageTagMutability": { "markdownDescription": "", "title": "ImageTagMutability", "type": "string" }, "LifecyclePolicy": { "markdownDescription": "", "title": "LifecyclePolicy", "type": "string" }, "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" }, "RepositoryPolicy": { "markdownDescription": "", "title": "RepositoryPolicy", "type": "string" }, "ResourceTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags attached to the resource.", "title": "ResourceTags", "type": "array" } }, "required": [ "AppliedFor", "Prefix" ], "type": "object" }, "Type": { "enum": [ "AWS::ECR::RepositoryCreationTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECR::RepositoryCreationTemplate.EncryptionConfiguration": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The encryption type to use.\n\nIf you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .\n\nIf you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .", "title": "EncryptionType", "type": "string" }, "KmsKey": { "markdownDescription": "If you use the `KMS` encryption type, specify the AWS KMS key to use for encryption. The alias, key ID, or full ARN of the AWS KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed AWS KMS key for Amazon ECR will be used.", "title": "KmsKey", "type": "string" } }, "required": [ "EncryptionType" ], "type": "object" }, "AWS::ECS::CapacityProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingGroupProvider": { "$ref": "#/definitions/AWS::ECS::CapacityProvider.AutoScalingGroupProvider", "markdownDescription": "The Auto Scaling group settings for the capacity provider.", "title": "AutoScalingGroupProvider" }, "Name": { "markdownDescription": "The name of the capacity provider. If a name is specified, it cannot start with `aws` , `ecs` , or `fargate` . If no name is specified, a default name in the `CFNStackName-CFNResourceName-RandomString` format is used.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the capacity provider to help you categorize and organize it. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, "required": [ "AutoScalingGroupProvider" ], "type": "object" }, "Type": { "enum": [ "AWS::ECS::CapacityProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECS::CapacityProvider.AutoScalingGroupProvider": { "additionalProperties": false, "properties": { "AutoScalingGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name.", "title": "AutoScalingGroupArn", "type": "string" }, "ManagedDraining": { "markdownDescription": "The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider.", "title": "ManagedDraining", "type": "string" }, "ManagedScaling": { "$ref": "#/definitions/AWS::ECS::CapacityProvider.ManagedScaling", "markdownDescription": "The managed scaling settings for the Auto Scaling group capacity provider.", "title": "ManagedScaling" }, "ManagedTerminationProtection": { "markdownDescription": "The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off.\n\n> When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. \n\nWhen managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* .\n\nWhen managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in.", "title": "ManagedTerminationProtection", "type": "string" } }, "required": [ "AutoScalingGroupArn" ], "type": "object" }, "AWS::ECS::CapacityProvider.ManagedScaling": { "additionalProperties": false, "properties": { "InstanceWarmupPeriod": { "markdownDescription": "The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used.", "title": "InstanceWarmupPeriod", "type": "number" }, "MaximumScalingStepSize": { "markdownDescription": "The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter. If this parameter is omitted, the default value of `10000` is used.", "title": "MaximumScalingStepSize", "type": "number" }, "MinimumScalingStepSize": { "markdownDescription": "The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used.\n\nWhen additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size.\n\nIf you use a capacity provider with an Auto Scaling group configured with more than one Amazon EC2 instance type or Availability Zone, Amazon ECS will scale up by the exact minimum scaling step size value and will ignore both the maximum scaling step size as well as the capacity demand.", "title": "MinimumScalingStepSize", "type": "number" }, "Status": { "markdownDescription": "Determines whether to use managed scaling for the capacity provider.", "title": "Status", "type": "string" }, "TargetCapacity": { "markdownDescription": "The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used.", "title": "TargetCapacity", "type": "number" } }, "type": "object" }, "AWS::ECS::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityProviders": { "items": { "type": "string" }, "markdownDescription": "The short name of one or more capacity providers to associate with the cluster. A capacity provider must be associated with a cluster before it can be included as part of the default capacity provider strategy of the cluster or used in a capacity provider strategy when calling the [CreateService](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateService.html) or [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) actions.\n\nIf specifying a capacity provider that uses an Auto Scaling group, the capacity provider must be created but not associated with another cluster. New Auto Scaling group capacity providers can be created with the [CreateCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) API operation.\n\nTo use a AWS Fargate capacity provider, specify either the `FARGATE` or `FARGATE_SPOT` capacity providers. The AWS Fargate capacity providers are available to all accounts and only need to be associated with a cluster to be used.\n\nThe [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created.", "title": "CapacityProviders", "type": "array" }, "ClusterName": { "markdownDescription": "A user-generated string that you use to identify your cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID for the name.", "title": "ClusterName", "type": "string" }, "ClusterSettings": { "items": { "$ref": "#/definitions/AWS::ECS::Cluster.ClusterSettings" }, "markdownDescription": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster.", "title": "ClusterSettings", "type": "array" }, "Configuration": { "$ref": "#/definitions/AWS::ECS::Cluster.ClusterConfiguration", "markdownDescription": "The execute command and managed storage configuration for the cluster.", "title": "Configuration" }, "DefaultCapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::ECS::Cluster.CapacityProviderStrategyItem" }, "markdownDescription": "The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used.", "title": "DefaultCapacityProviderStrategy", "type": "array" }, "ServiceConnectDefaults": { "$ref": "#/definitions/AWS::ECS::Cluster.ServiceConnectDefaults", "markdownDescription": "Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the `enabled` parameter to `true` in the `ServiceConnectConfiguration` . You can set the namespace of each service individually in the `ServiceConnectConfiguration` to override this default parameter.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ServiceConnectDefaults" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the cluster to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECS::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::Cluster.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", "title": "Weight", "type": "number" } }, "type": "object" }, "AWS::ECS::Cluster.ClusterConfiguration": { "additionalProperties": false, "properties": { "ExecuteCommandConfiguration": { "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandConfiguration", "markdownDescription": "The details of the execute command configuration.", "title": "ExecuteCommandConfiguration" } }, "type": "object" }, "AWS::ECS::Cluster.ClusterSettings": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the cluster setting. The value is `containerInsights` .", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value to set for the cluster setting. The supported values are `enabled` and `disabled` .\n\nIf you set `name` to `containerInsights` and `value` to `enabled` , CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the `containerInsights` account setting is turned on. If a cluster value is specified, it will override the `containerInsights` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) .", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ECS::Cluster.ExecuteCommandConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "Specify an AWS Key Management Service key ID to encrypt the data between the local client and the container.", "title": "KmsKeyId", "type": "string" }, "LogConfiguration": { "$ref": "#/definitions/AWS::ECS::Cluster.ExecuteCommandLogConfiguration", "markdownDescription": "The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When `logging=OVERRIDE` is specified, a `logConfiguration` must be provided.", "title": "LogConfiguration" }, "Logging": { "markdownDescription": "The log setting to use for redirecting logs for your execute command results. The following log settings are available.\n\n- `NONE` : The execute command session is not logged.\n- `DEFAULT` : The `awslogs` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no `awslogs` log driver is configured in the task definition, the output won't be logged.\n- `OVERRIDE` : Specify the logging details as a part of `logConfiguration` . If the `OVERRIDE` logging option is specified, the `logConfiguration` is required.", "title": "Logging", "type": "string" } }, "type": "object" }, "AWS::ECS::Cluster.ExecuteCommandLogConfiguration": { "additionalProperties": false, "properties": { "CloudWatchEncryptionEnabled": { "markdownDescription": "Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off.", "title": "CloudWatchEncryptionEnabled", "type": "boolean" }, "CloudWatchLogGroupName": { "markdownDescription": "The name of the CloudWatch log group to send logs to.\n\n> The CloudWatch log group must already be created.", "title": "CloudWatchLogGroupName", "type": "string" }, "S3BucketName": { "markdownDescription": "The name of the S3 bucket to send logs to.\n\n> The S3 bucket must already be created.", "title": "S3BucketName", "type": "string" }, "S3EncryptionEnabled": { "markdownDescription": "Determines whether to use encryption on the S3 logs. If not specified, encryption is not used.", "title": "S3EncryptionEnabled", "type": "boolean" }, "S3KeyPrefix": { "markdownDescription": "An optional folder in the S3 bucket to place logs in.", "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, "AWS::ECS::Cluster.ServiceConnectDefaults": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include hyphens (-), tilde (~), greater than (>), less than (<), or slash (/).\n\nIf you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region.\n\nIf you enter a new name, a AWS Cloud Map namespace will be created. Amazon ECS creates a AWS Cloud Map namespace with the \"API calls\" method of instance discovery only. This instance discovery method is the \"HTTP\" namespace type in the AWS Command Line Interface . Other types of instance discovery aren't used by Service Connect.\n\nIf you update the cluster with an empty string `\"\"` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in AWS Cloud Map and must be deleted separately.\n\nFor more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", "title": "Namespace", "type": "string" } }, "type": "object" }, "AWS::ECS::ClusterCapacityProviderAssociations": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityProviders": { "items": { "type": "string" }, "markdownDescription": "The capacity providers to associate with the cluster.", "title": "CapacityProviders", "type": "array" }, "Cluster": { "markdownDescription": "The cluster the capacity provider association is the target of.", "title": "Cluster", "type": "string" }, "DefaultCapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy" }, "markdownDescription": "The default capacity provider strategy to associate with the cluster.", "title": "DefaultCapacityProviderStrategy", "type": "array" } }, "required": [ "CapacityProviders", "Cluster", "DefaultCapacityProviderStrategy" ], "type": "object" }, "Type": { "enum": [ "AWS::ECS::ClusterCapacityProviderAssociations" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECS::ClusterCapacityProviderAssociations.CapacityProviderStrategy": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", "title": "Weight", "type": "number" } }, "required": [ "CapacityProvider" ], "type": "object" }, "AWS::ECS::PrimaryTaskSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Cluster": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service that the task set exists in.", "title": "Cluster", "type": "string" }, "Service": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service that the task set exists in.", "title": "Service", "type": "string" }, "TaskSetId": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the task set to set as the primary task set in the deployment.", "title": "TaskSetId", "type": "string" } }, "required": [ "Cluster", "Service", "TaskSetId" ], "type": "object" }, "Type": { "enum": [ "AWS::ECS::PrimaryTaskSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECS::Service": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::ECS::Service.CapacityProviderStrategyItem" }, "markdownDescription": "The capacity provider strategy to use for the service.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or `launchType` is specified, the `defaultCapacityProviderStrategy` for the cluster is used.\n\nA capacity provider strategy may contain a maximum of 6 capacity providers.", "title": "CapacityProviderStrategy", "type": "array" }, "Cluster": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that you run your service on. If you do not specify a cluster, the default cluster is assumed.", "title": "Cluster", "type": "string" }, "DeploymentConfiguration": { "$ref": "#/definitions/AWS::ECS::Service.DeploymentConfiguration", "markdownDescription": "Optional deployment parameters that control how many tasks run during the deployment and the ordering of stopping and starting tasks.", "title": "DeploymentConfiguration" }, "DeploymentController": { "$ref": "#/definitions/AWS::ECS::Service.DeploymentController", "markdownDescription": "The deployment controller to use for the service. If no deployment controller is specified, the default value of `ECS` is used.", "title": "DeploymentController" }, "DesiredCount": { "markdownDescription": "The number of instantiations of the specified task definition to place and keep running in your service.\n\nFor new services, if a desired count is not specified, a default value of `1` is used. When using the `DAEMON` scheduling strategy, the desired count is not required.\n\nFor existing services, if a desired count is not specified, it is omitted from the operation.", "title": "DesiredCount", "type": "number" }, "EnableECSManagedTags": { "markdownDescription": "Specifies whether to turn on Amazon ECS managed tags for the tasks within the service. For more information, see [Tagging your Amazon ECS resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nWhen you use Amazon ECS managed tags, you need to set the `propagateTags` request parameter.", "title": "EnableECSManagedTags", "type": "boolean" }, "EnableExecuteCommand": { "markdownDescription": "Determines whether the execute command functionality is turned on for the service. If `true` , the execute command functionality is turned on for all containers in tasks as part of the service.", "title": "EnableExecuteCommand", "type": "boolean" }, "HealthCheckGracePeriodSeconds": { "markdownDescription": "The period of time, in seconds, that the Amazon ECS service scheduler ignores unhealthy Elastic Load Balancing target health checks after a task has first started. This is only used when your service is configured to use a load balancer. If your service has a load balancer defined and you don't specify a health check grace period value, the default value of `0` is used.\n\nIf you do not use an Elastic Load Balancing, we recommend that you use the `startPeriod` in the task definition health check parameters. For more information, see [Health check](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_HealthCheck.html) .\n\nIf your service's tasks take a while to start and respond to Elastic Load Balancing health checks, you can specify a health check grace period of up to 2,147,483,647 seconds (about 69 years). During that time, the Amazon ECS service scheduler ignores health check status. This grace period can prevent the service scheduler from marking tasks as unhealthy and stopping them before they have time to come up.", "title": "HealthCheckGracePeriodSeconds", "type": "number" }, "LaunchType": { "markdownDescription": "The launch type on which to run your service. For more information, see [Amazon ECS Launch Types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LaunchType", "type": "string" }, "LoadBalancers": { "items": { "$ref": "#/definitions/AWS::ECS::Service.LoadBalancer" }, "markdownDescription": "A list of load balancer objects to associate with the service. If you specify the `Role` property, `LoadBalancers` must be specified as well. For information about the number of load balancers that you can specify per service, see [Service Load Balancing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-load-balancing.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LoadBalancers", "type": "array" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::ECS::Service.NetworkConfiguration", "markdownDescription": "The network configuration for the service. This parameter is required for task definitions that use the `awsvpc` network mode to receive their own elastic network interface, and it is not supported for other network modes. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "NetworkConfiguration" }, "PlacementConstraints": { "items": { "$ref": "#/definitions/AWS::ECS::Service.PlacementConstraint" }, "markdownDescription": "An array of placement constraint objects to use for tasks in your service. You can specify a maximum of 10 constraints for each task. This limit includes constraints in the task definition and those specified at runtime.", "title": "PlacementConstraints", "type": "array" }, "PlacementStrategies": { "items": { "$ref": "#/definitions/AWS::ECS::Service.PlacementStrategy" }, "markdownDescription": "The placement strategy objects to use for tasks in your service. You can specify a maximum of 5 strategy rules for each service.", "title": "PlacementStrategies", "type": "array" }, "PlatformVersion": { "markdownDescription": "The platform version that your tasks in the service are running on. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "PlatformVersion", "type": "string" }, "PropagateTags": { "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the [TagResource](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.\n\nYou must set this to a value other than `NONE` when you use Cost Explorer. For more information, see [Amazon ECS usage reports](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/usage-reports.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe default is `NONE` .", "title": "PropagateTags", "type": "string" }, "Role": { "markdownDescription": "The name or full Amazon Resource Name (ARN) of the IAM role that allows Amazon ECS to make calls to your load balancer on your behalf. This parameter is only permitted if you are using a load balancer with your service and your task definition doesn't use the `awsvpc` network mode. If you specify the `role` parameter, you must also specify a load balancer object with the `loadBalancers` parameter.\n\n> If your account has already created the Amazon ECS service-linked role, that role is used for your service unless you specify a role here. The service-linked role is required if your task definition uses the `awsvpc` network mode or if the service is configured to use service discovery, an external deployment controller, multiple target groups, or Elastic Inference accelerators in which case you don't specify a role here. For more information, see [Using service-linked roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using-service-linked-roles.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nIf your specified role has a path other than `/` , then you must either specify the full role ARN (this is recommended) or prefix the role name with the path. For example, if a role with the name `bar` has a path of `/foo/` then you would specify `/foo/bar` as the role name. For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", "title": "Role", "type": "string" }, "SchedulingStrategy": { "markdownDescription": "The scheduling strategy to use for the service. For more information, see [Services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html) .\n\nThere are two service scheduler strategies available:\n\n- `REPLICA` -The replica scheduling strategy places and maintains the desired number of tasks across your cluster. By default, the service scheduler spreads tasks across Availability Zones. You can use task placement strategies and constraints to customize task placement decisions. This scheduler strategy is required if the service uses the `CODE_DEPLOY` or `EXTERNAL` deployment controller types.\n- `DAEMON` -The daemon scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that you specify in your cluster. The service scheduler also evaluates the task placement constraints for running tasks and will stop tasks that don't meet the placement constraints. When you're using this strategy, you don't need to specify a desired number of tasks, a task placement strategy, or use Service Auto Scaling policies.\n\n> Tasks using the Fargate launch type or the `CODE_DEPLOY` or `EXTERNAL` deployment controller types don't support the `DAEMON` scheduling strategy.", "title": "SchedulingStrategy", "type": "string" }, "ServiceConnectConfiguration": { "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectConfiguration", "markdownDescription": "The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ServiceConnectConfiguration" }, "ServiceName": { "markdownDescription": "The name of your service. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. Service names must be unique within a cluster, but you can have similarly named services in multiple clusters within a Region or across multiple Regions.\n\n> The stack update fails if you change any properties that require replacement and the `ServiceName` is configured. This is because AWS CloudFormation creates the replacement service first, but each `ServiceName` must be unique in the cluster.", "title": "ServiceName", "type": "string" }, "ServiceRegistries": { "items": { "$ref": "#/definitions/AWS::ECS::Service.ServiceRegistry" }, "markdownDescription": "The details of the service discovery registry to associate with this service. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .\n\n> Each service may be associated with one service registry. Multiple service registries for each service isn't supported.", "title": "ServiceRegistries", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the service to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. When a service is deleted, the tags are deleted as well.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, "TaskDefinition": { "markdownDescription": "The `family` and `revision` ( `family:revision` ) or full ARN of the task definition to run in your service. If a `revision` isn't specified, the latest `ACTIVE` revision is used.\n\nA task definition must be specified if the service uses either the `ECS` or `CODE_DEPLOY` deployment controllers.\n\nFor more information about deployment types, see [Amazon ECS deployment types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-types.html) .", "title": "TaskDefinition", "type": "string" }, "VolumeConfigurations": { "items": { "$ref": "#/definitions/AWS::ECS::Service.ServiceVolumeConfiguration" }, "markdownDescription": "The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume.", "title": "VolumeConfigurations", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECS::Service" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::Service.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Whether the task's elastic network interface receives a public IP address. The default value is `DISABLED` .", "title": "AssignPublicIp", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per `AwsVpcConfiguration` .\n\n> All specified security groups must be from the same VPC.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per `AwsVpcConfiguration` .\n\n> All specified subnets must be from the same VPC.", "title": "Subnets", "type": "array" } }, "type": "object" }, "AWS::ECS::Service.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied.\n\nIf no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail.\n\nAn example scenario for using weights is defining a strategy that contains two capacity providers and both have a weight of `1` , then when the `base` is satisfied, the tasks will be split evenly across the two capacity providers. Using that same logic, if you specify a weight of `1` for *capacityProviderA* and a weight of `4` for *capacityProviderB* , then for every one task that's run using *capacityProviderA* , four tasks would use *capacityProviderB* .", "title": "Weight", "type": "number" } }, "type": "object" }, "AWS::ECS::Service.DeploymentAlarms": { "additionalProperties": false, "properties": { "AlarmNames": { "items": { "type": "string" }, "markdownDescription": "One or more CloudWatch alarm names. Use a \",\" to separate the alarms.", "title": "AlarmNames", "type": "array" }, "Enable": { "markdownDescription": "Determines whether to use the CloudWatch alarm option in the service deployment process.", "title": "Enable", "type": "boolean" }, "Rollback": { "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", "title": "Rollback", "type": "boolean" } }, "required": [ "AlarmNames", "Enable", "Rollback" ], "type": "object" }, "AWS::ECS::Service.DeploymentCircuitBreaker": { "additionalProperties": false, "properties": { "Enable": { "markdownDescription": "Determines whether to use the deployment circuit breaker logic for the service.", "title": "Enable", "type": "boolean" }, "Rollback": { "markdownDescription": "Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully.", "title": "Rollback", "type": "boolean" } }, "required": [ "Enable", "Rollback" ], "type": "object" }, "AWS::ECS::Service.DeploymentConfiguration": { "additionalProperties": false, "properties": { "Alarms": { "$ref": "#/definitions/AWS::ECS::Service.DeploymentAlarms", "markdownDescription": "Information about the CloudWatch alarms.", "title": "Alarms" }, "DeploymentCircuitBreaker": { "$ref": "#/definitions/AWS::ECS::Service.DeploymentCircuitBreaker", "markdownDescription": "> The deployment circuit breaker can only be used for services using the rolling update ( `ECS` ) deployment type. \n\nThe *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*", "title": "DeploymentCircuitBreaker" }, "MaximumPercent": { "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `maximumPercent` parameter represents an upper limit on the number of your service's tasks that are allowed in the `RUNNING` or `PENDING` state during a deployment, as a percentage of the `desiredCount` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the `REPLICA` service scheduler and has a `desiredCount` of four tasks and a `maximumPercent` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default `maximumPercent` value for a service using the `REPLICA` service scheduler is 200%.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and tasks that use the EC2 launch type, the *maximum percent* value is set to the default value and is used to define the upper limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state. If the tasks in the service use the Fargate launch type, the maximum percent value is not used, although it is returned when describing your service.", "title": "MaximumPercent", "type": "number" }, "MinimumHealthyPercent": { "markdownDescription": "If a service is using the rolling update ( `ECS` ) deployment type, the `minimumHealthyPercent` represents a lower limit on the number of your service's tasks that must remain in the `RUNNING` state during a deployment, as a percentage of the `desiredCount` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a `desiredCount` of four tasks and a `minimumHealthyPercent` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks.\n\nFor services that *do not* use a load balancer, the following should be noted:\n\n- A service is considered healthy if all essential containers within the tasks in the service pass their health checks.\n- If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a `RUNNING` state before the task is counted towards the minimum healthy percent total.\n- If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings.\n\nFor services that *do* use a load balancer, the following should be noted:\n\n- If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n- If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total.\n\nThe default value for a replica service for `minimumHealthyPercent` is 100%. The default `minimumHealthyPercent` value for a service using the `DAEMON` service schedule is 0% for the AWS CLI , the AWS SDKs, and the APIs and 50% for the AWS Management Console.\n\nThe minimum number of healthy tasks during a deployment is the `desiredCount` multiplied by the `minimumHealthyPercent` /100, rounded up to the nearest integer value.\n\nIf a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value and is used to define the lower limit on the number of the tasks in the service that remain in the `RUNNING` state while the container instances are in the `DRAINING` state. If a service is using either the blue/green ( `CODE_DEPLOY` ) or `EXTERNAL` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service.", "title": "MinimumHealthyPercent", "type": "number" } }, "type": "object" }, "AWS::ECS::Service.DeploymentController": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The deployment controller type to use. There are three deployment controller types available:\n\n- **ECS** - The rolling update ( `ECS` ) deployment type involves replacing the current running version of the container with the latest version. The number of containers Amazon ECS adds or removes from the service during a rolling update is controlled by adjusting the minimum and maximum number of healthy tasks allowed during a service deployment, as specified in the [DeploymentConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeploymentConfiguration.html) .\n- **CODE_DEPLOY** - The blue/green ( `CODE_DEPLOY` ) deployment type uses the blue/green deployment model powered by AWS CodeDeploy , which allows you to verify a new deployment of a service before sending production traffic to it.\n- **EXTERNAL** - The external ( `EXTERNAL` ) deployment type enables you to use any third-party deployment controller for full control over the deployment process for an Amazon ECS service.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::ECS::Service.EBSTagSpecification": { "additionalProperties": false, "properties": { "PropagateTags": { "markdownDescription": "Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a `SERVICE` specified in `ServiceVolumeConfiguration` . If no value is specified, the tags aren't propagated.", "title": "PropagateTags", "type": "string" }, "ResourceType": { "markdownDescription": "The type of volume resource.", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags applied to this Amazon EBS volume. `AmazonECSCreated` and `AmazonECSManaged` are reserved tags that can't be used.", "title": "Tags", "type": "array" } }, "required": [ "ResourceType" ], "type": "object" }, "AWS::ECS::Service.LoadBalancer": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", "title": "ContainerName", "type": "string" }, "ContainerPort": { "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", "title": "ContainerPort", "type": "number" }, "LoadBalancerName": { "markdownDescription": "The name of the load balancer to associate with the Amazon ECS service or task set.\n\nIf you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted.", "title": "LoadBalancerName", "type": "string" }, "TargetGroupArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", "title": "TargetGroupArn", "type": "string" } }, "type": "object" }, "AWS::ECS::Service.LogConfiguration": { "additionalProperties": false, "properties": { "LogDriver": { "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", "title": "LogDriver", "type": "string" }, "Options": { "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Options", "type": "object" }, "SecretOptions": { "items": { "$ref": "#/definitions/AWS::ECS::Service.Secret" }, "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "SecretOptions", "type": "array" } }, "type": "object" }, "AWS::ECS::Service.NetworkConfiguration": { "additionalProperties": false, "properties": { "AwsvpcConfiguration": { "$ref": "#/definitions/AWS::ECS::Service.AwsVpcConfiguration", "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", "title": "AwsvpcConfiguration" } }, "type": "object" }, "AWS::ECS::Service.PlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::Service.PlacementStrategy": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The field to apply the placement strategy against. For the `spread` placement strategy, valid values are `instanceId` (or `host` , which has the same effect), or any platform or custom attribute that's applied to a container instance, such as `attribute:ecs.availability-zone` . For the `binpack` placement strategy, valid values are `cpu` and `memory` . For the `random` placement strategy, this field is not used.", "title": "Field", "type": "string" }, "Type": { "markdownDescription": "The type of placement strategy. The `random` placement strategy randomly places tasks on available candidates. The `spread` placement strategy spreads placement across available candidates evenly based on the `field` parameter. The `binpack` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the `field` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::Service.Secret": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the secret.", "title": "Name", "type": "string" }, "ValueFrom": { "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", "title": "ValueFrom", "type": "string" } }, "required": [ "Name", "ValueFrom" ], "type": "object" }, "AWS::ECS::Service.ServiceConnectClientAlias": { "additionalProperties": false, "properties": { "DnsName": { "markdownDescription": "The `dnsName` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen.\n\nIf this parameter isn't specified, the default value of `discoveryName.namespace` is used. If the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are `database` , `db` , or the lowercase name of a database, such as `mysql` or `redis` . For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "DnsName", "type": "string" }, "Port": { "markdownDescription": "The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace.\n\nTo avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Port", "type": "number" } }, "required": [ "Port" ], "type": "object" }, "AWS::ECS::Service.ServiceConnectConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether to use Service Connect with this service.", "title": "Enabled", "type": "boolean" }, "LogConfiguration": { "$ref": "#/definitions/AWS::ECS::Service.LogConfiguration", "markdownDescription": "The log configuration for the container. This parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--log-driver` option to [`docker run`](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/run/) .\n\nBy default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\nUnderstand the following when specifying a log configuration for your containers.\n\n- Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n- This parameter requires version 1.18 of the Docker Remote API or greater on your container instance.\n- For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .\n- For tasks that are on AWS Fargate , because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to.", "title": "LogConfiguration" }, "Namespace": { "markdownDescription": "The namespace name or full Amazon Resource Name (ARN) of the AWS Cloud Map namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about AWS Cloud Map , see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *AWS Cloud Map Developer Guide* .", "title": "Namespace", "type": "string" }, "Services": { "items": { "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectService" }, "markdownDescription": "The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service.\n\nThis field is not required for a \"client\" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means.\n\nAn object selects a port from the task definition, assigns a name for the AWS Cloud Map service, and a list of aliases (endpoints) and ports for client applications to refer to this service.", "title": "Services", "type": "array" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::ECS::Service.ServiceConnectService": { "additionalProperties": false, "properties": { "ClientAliases": { "items": { "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectClientAlias" }, "markdownDescription": "The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1.\n\nEach alias (\"endpoint\") is a fully-qualified name and port number that other Amazon ECS tasks (\"clients\") can use to connect to this service.\n\nEach name and port mapping must be unique within the namespace.\n\nFor each `ServiceConnectService` , you must provide at least one `clientAlias` with one `port` .", "title": "ClientAliases", "type": "array" }, "DiscoveryName": { "markdownDescription": "The `discoveryName` is the name of the new AWS Cloud Map service that Amazon ECS creates for this Amazon ECS service. This must be unique within the AWS Cloud Map namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nIf the `discoveryName` isn't specified, the port mapping name from the task definition is used in `portName.namespace` .", "title": "DiscoveryName", "type": "string" }, "IngressPortOverride": { "markdownDescription": "The port number for the Service Connect proxy to listen on.\n\nUse the value of this field to bypass the proxy for traffic on the port number specified in the named `portMapping` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service.\n\nIn `awsvpc` mode and Fargate, the default value is the container port number. The container port number is in the `portMapping` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy.", "title": "IngressPortOverride", "type": "number" }, "PortName": { "markdownDescription": "The `portName` must match the name of one of the `portMappings` from all the containers in the task definition of this Amazon ECS service.", "title": "PortName", "type": "string" }, "Timeout": { "$ref": "#/definitions/AWS::ECS::Service.TimeoutConfiguration", "markdownDescription": "A reference to an object that represents the configured timeouts for Service Connect.", "title": "Timeout" }, "Tls": { "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsConfiguration", "markdownDescription": "A reference to an object that represents a Transport Layer Security (TLS) configuration.", "title": "Tls" } }, "required": [ "PortName" ], "type": "object" }, "AWS::ECS::Service.ServiceConnectTlsCertificateAuthority": { "additionalProperties": false, "properties": { "AwsPcaAuthorityArn": { "markdownDescription": "The ARN of the AWS Private Certificate Authority certificate.", "title": "AwsPcaAuthorityArn", "type": "string" } }, "type": "object" }, "AWS::ECS::Service.ServiceConnectTlsConfiguration": { "additionalProperties": false, "properties": { "IssuerCertificateAuthority": { "$ref": "#/definitions/AWS::ECS::Service.ServiceConnectTlsCertificateAuthority", "markdownDescription": "The signer certificate authority.", "title": "IssuerCertificateAuthority" }, "KmsKey": { "markdownDescription": "The AWS Key Management Service key.", "title": "KmsKey", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS.", "title": "RoleArn", "type": "string" } }, "required": [ "IssuerCertificateAuthority" ], "type": "object" }, "AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration": { "additionalProperties": false, "properties": { "Encrypted": { "markdownDescription": "Indicates whether the volume should be encrypted. If no value is specified, encryption is turned on by default. This parameter maps 1:1 with the `Encrypted` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", "title": "Encrypted", "type": "boolean" }, "FilesystemType": { "markdownDescription": "The Linux filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the task will fail to start.\n\nThe available filesystem types are `ext3` , `ext4` , and `xfs` . If no value is specified, the `xfs` filesystem type is used by default.", "title": "FilesystemType", "type": "string" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.\n\nThe following are the supported values for each volume type.\n\n- `gp3` : 3,000 - 16,000 IOPS\n- `io1` : 100 - 64,000 IOPS\n- `io2` : 100 - 256,000 IOPS\n\nThis parameter is required for `io1` and `io2` volume types. The default for `gp3` volumes is `3,000 IOPS` . This parameter is not supported for `st1` , `sc1` , or `standard` volume types.\n\nThis parameter maps 1:1 with the `Iops` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When encryption is turned on and no AWS Key Management Service key is specified, the default AWS managed key for Amazon EBS volumes is used. This parameter maps 1:1 with the `KmsKeyId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails.", "title": "KmsKeyId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed `AmazonECSInfrastructureRolePolicyForVolumes` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* .", "title": "RoleArn", "type": "string" }, "SizeInGiB": { "markdownDescription": "The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the `Size` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\nThe following are the supported volume size values for each volume type.\n\n- `gp2` and `gp3` : 1-16,384\n- `io1` and `io2` : 4-16,384\n- `st1` and `sc1` : 125-16,384\n- `standard` : 1-1,024", "title": "SizeInGiB", "type": "number" }, "SnapshotId": { "markdownDescription": "The snapshot that Amazon ECS uses to create the volume. You must specify either a snapshot ID or a volume size. This parameter maps 1:1 with the `SnapshotId` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", "title": "SnapshotId", "type": "string" }, "TagSpecifications": { "items": { "$ref": "#/definitions/AWS::ECS::Service.EBSTagSpecification" }, "markdownDescription": "The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the `TagSpecifications.N` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .", "title": "TagSpecifications", "type": "array" }, "Throughput": { "markdownDescription": "The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the `Throughput` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* .\n\n> This parameter is only supported for the `gp3` volume type.", "title": "Throughput", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. This parameter maps 1:1 with the `VolumeType` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference* . For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide* .\n\nThe following are the supported volume types.\n\n- General Purpose SSD: `gp2` | `gp3`\n- Provisioned IOPS SSD: `io1` | `io2`\n- Throughput Optimized HDD: `st1`\n- Cold HDD: `sc1`\n- Magnetic: `standard`\n\n> The magnetic volume type is not supported on Fargate.", "title": "VolumeType", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::ECS::Service.ServiceRegistry": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", "title": "ContainerName", "type": "string" }, "ContainerPort": { "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", "title": "ContainerPort", "type": "number" }, "Port": { "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", "title": "Port", "type": "number" }, "RegistryArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", "title": "RegistryArn", "type": "string" } }, "type": "object" }, "AWS::ECS::Service.ServiceVolumeConfiguration": { "additionalProperties": false, "properties": { "ManagedEBSVolume": { "$ref": "#/definitions/AWS::ECS::Service.ServiceManagedEBSVolumeConfiguration", "markdownDescription": "The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created.", "title": "ManagedEBSVolume" }, "Name": { "markdownDescription": "The name of the volume. This value must match the volume name from the `Volume` object in the task definition.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::ECS::Service.TimeoutConfiguration": { "additionalProperties": false, "properties": { "IdleTimeoutSeconds": { "markdownDescription": "The amount of time in seconds a connection will stay active while idle. A value of `0` can be set to disable `idleTimeout` .\n\nThe `idleTimeout` default for `HTTP` / `HTTP2` / `GRPC` is 5 minutes.\n\nThe `idleTimeout` default for `TCP` is 1 hour.", "title": "IdleTimeoutSeconds", "type": "number" }, "PerRequestTimeoutSeconds": { "markdownDescription": "The amount of time waiting for the upstream to respond with a complete response per request. A value of `0` can be set to disable `perRequestTimeout` . `perRequestTimeout` can only be set if Service Connect `appProtocol` isn't `TCP` . Only `idleTimeout` is allowed for `TCP` `appProtocol` .", "title": "PerRequestTimeoutSeconds", "type": "number" } }, "type": "object" }, "AWS::ECS::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerDefinitions": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDefinition" }, "markdownDescription": "A list of container definitions in JSON format that describe the different containers that make up your task. For more information about container definition parameters and defaults, see [Amazon ECS Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ContainerDefinitions", "type": "array" }, "Cpu": { "markdownDescription": "The number of `cpu` units used by the task. If you use the EC2 launch type, this field is optional. Any value can be used. If you use the Fargate launch type, this field is required. You must use one of the following values. The value that you choose determines your range of valid values for the `memory` parameter.\n\nIf you use the EC2 launch type, this field is optional. Supported values are between `128` CPU units ( `0.125` vCPUs) and `10240` CPU units ( `10` vCPUs).\n\nThe CPU units cannot be less than 1 vCPU when you use Windows containers on Fargate.\n\n- 256 (.25 vCPU) - Available `memory` values: 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB)\n- 512 (.5 vCPU) - Available `memory` values: 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB)\n- 1024 (1 vCPU) - Available `memory` values: 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB)\n- 2048 (2 vCPU) - Available `memory` values: 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB)\n- 4096 (4 vCPU) - Available `memory` values: 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB)\n- 8192 (8 vCPU) - Available `memory` values: 16 GB and 60 GB in 4 GB increments\n\nThis option requires Linux platform `1.4.0` or later.\n- 16384 (16vCPU) - Available `memory` values: 32GB and 120 GB in 8 GB increments\n\nThis option requires Linux platform `1.4.0` or later.", "title": "Cpu", "type": "string" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.EphemeralStorage", "markdownDescription": "The ephemeral storage settings to use for tasks run with the task definition.", "title": "EphemeralStorage" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants the Amazon ECS container agent permission to make AWS API calls on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ExecutionRoleArn", "type": "string" }, "Family": { "markdownDescription": "The name of a family that this task definition is registered to. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.\n\nA family groups multiple versions of a task definition. Amazon ECS gives the first task definition that you registered to a family a revision number of 1. Amazon ECS gives sequential revision numbers to each task definition that you add.\n\n> To use revision numbers when you update a task definition, specify this property. If you don't specify a value, AWS CloudFormation generates a new task definition each time that you update it.", "title": "Family", "type": "string" }, "InferenceAccelerators": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.InferenceAccelerator" }, "markdownDescription": "The Elastic Inference accelerators to use for the containers in the task.", "title": "InferenceAccelerators", "type": "array" }, "IpcMode": { "markdownDescription": "The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . If `host` is specified, then all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If `task` is specified, all containers within the specified task share the same IPC resources. If `none` is specified, then IPC resources within the containers of a task are private and not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the *Docker run reference* .\n\nIf the `host` IPC mode is used, be aware that there is a heightened risk of undesired IPC namespace expose. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/) .\n\nIf you are setting namespaced kernel parameters using `systemControls` for the containers in the task, the following will apply to your IPC resource namespace. For more information, see [System Controls](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n- For tasks that use the `host` IPC mode, IPC namespace related `systemControls` are not supported.\n- For tasks that use the `task` IPC mode, IPC namespace related `systemControls` will apply to all containers within a task.\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", "title": "IpcMode", "type": "string" }, "Memory": { "markdownDescription": "The amount (in MiB) of memory used by the task.\n\nIf your tasks runs on Amazon EC2 instances, you must specify either a task-level memory value or a container-level memory value. This field is optional and any value can be used. If a task-level memory value is specified, the container-level memory value is optional. For more information regarding container-level memory and memory reservation, see [ContainerDefinition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) .\n\nIf your tasks runs on AWS Fargate , this field is required. You must use one of the following values. The value you choose determines your range of valid values for the `cpu` parameter.\n\n- 512 (0.5 GB), 1024 (1 GB), 2048 (2 GB) - Available `cpu` values: 256 (.25 vCPU)\n- 1024 (1 GB), 2048 (2 GB), 3072 (3 GB), 4096 (4 GB) - Available `cpu` values: 512 (.5 vCPU)\n- 2048 (2 GB), 3072 (3 GB), 4096 (4 GB), 5120 (5 GB), 6144 (6 GB), 7168 (7 GB), 8192 (8 GB) - Available `cpu` values: 1024 (1 vCPU)\n- Between 4096 (4 GB) and 16384 (16 GB) in increments of 1024 (1 GB) - Available `cpu` values: 2048 (2 vCPU)\n- Between 8192 (8 GB) and 30720 (30 GB) in increments of 1024 (1 GB) - Available `cpu` values: 4096 (4 vCPU)\n- Between 16 GB and 60 GB in 4 GB increments - Available `cpu` values: 8192 (8 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.\n- Between 32GB and 120 GB in 8 GB increments - Available `cpu` values: 16384 (16 vCPU)\n\nThis option requires Linux platform `1.4.0` or later.", "title": "Memory", "type": "string" }, "NetworkMode": { "markdownDescription": "The Docker networking mode to use for the containers in the task. The valid values are `none` , `bridge` , `awsvpc` , and `host` . If no network mode is specified, the default is `bridge` .\n\nFor Amazon ECS tasks on Fargate, the `awsvpc` network mode is required. For Amazon ECS tasks on Amazon EC2 Linux instances, any network mode can be used. For Amazon ECS tasks on Amazon EC2 Windows instances, `` or `awsvpc` can be used. If the network mode is set to `none` , you cannot specify port mappings in your container definitions, and the tasks containers do not have external connectivity. The `host` and `awsvpc` network modes offer the highest networking performance for containers because they use the EC2 network stack instead of the virtualized network stack provided by the `bridge` mode.\n\nWith the `host` and `awsvpc` network modes, exposed container ports are mapped directly to the corresponding host port (for the `host` network mode) or the attached elastic network interface port (for the `awsvpc` network mode), so you cannot take advantage of dynamic host port mappings.\n\n> When using the `host` network mode, you should not run containers using the root user (UID 0). It is considered best practice to use a non-root user. \n\nIf the network mode is `awsvpc` , the task is allocated an elastic network interface, and you must specify a `NetworkConfiguration` value when you create a service or run a task with the task definition. For more information, see [Task Networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf the network mode is `host` , you cannot run multiple instantiations of the same task on a single container instance when port mappings are used.\n\nFor more information, see [Network settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#network-settings) in the *Docker run reference* .", "title": "NetworkMode", "type": "string" }, "PidMode": { "markdownDescription": "The process namespace to use for the containers in the task. The valid values are `host` or `task` . On Fargate for Linux containers, the only valid value is `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task.\n\nIf `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the same process namespace with the host Amazon EC2 instance.\n\nIf `task` is specified, all containers within the specified task share the same process namespace.\n\nIf no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the *Docker run reference* .\n\nIf the `host` PID mode is used, there's a heightened risk of undesired process namespace exposure. For more information, see [Docker security](https://docs.aws.amazon.com/https://docs.docker.com/engine/security/security/) .\n\n> This parameter is not supported for Windows containers. > This parameter is only supported for tasks that are hosted on AWS Fargate if the tasks are using platform version `1.4.0` or later (Linux). This isn't supported for Windows containers on Fargate.", "title": "PidMode", "type": "string" }, "PlacementConstraints": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint" }, "markdownDescription": "An array of placement constraint objects to use for tasks.\n\n> This parameter isn't supported for tasks run on AWS Fargate .", "title": "PlacementConstraints", "type": "array" }, "ProxyConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.ProxyConfiguration", "markdownDescription": "The configuration details for the App Mesh proxy.\n\nYour Amazon ECS container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the `ecs-init` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version `20190301` or later, they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ProxyConfiguration" }, "RequiresCompatibilities": { "items": { "type": "string" }, "markdownDescription": "The task launch types the task definition was validated against. The valid values are `EC2` , `FARGATE` , and `EXTERNAL` . For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "RequiresCompatibilities", "type": "array" }, "RuntimePlatform": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.RuntimePlatform", "markdownDescription": "The operating system that your tasks definitions run on. A platform family is specified only for tasks using the Fargate launch type.", "title": "RuntimePlatform" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the task definition to help you categorize and organize them. Each tag consists of a key and an optional value. You define both of them.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, "TaskRoleArn": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the AWS Identity and Access Management role that grants containers in the task permission to call AWS APIs on your behalf. For informationabout the required IAM roles for Amazon ECS, see [IAM roles for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/security-ecs-iam-role-overview.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "TaskRoleArn", "type": "string" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Volume" }, "markdownDescription": "The list of data volume definitions for the task. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> The `host` and `sourcePath` parameters aren't supported for tasks run on AWS Fargate .", "title": "Volumes", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ECS::TaskDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::TaskDefinition.AuthorizationConfig": { "additionalProperties": false, "properties": { "AccessPointId": { "markdownDescription": "The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* .", "title": "AccessPointId", "type": "string" }, "IAM": { "markdownDescription": "Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide* .", "title": "IAM", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.ContainerDefinition": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) . If there are multiple arguments, each argument is a separated string in the array.", "title": "Command", "type": "array" }, "Cpu": { "markdownDescription": "The number of `cpu` units reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nThis field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level `cpu` value.\n\n> You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. \n\nLinux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units.\n\nOn Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. For more information, see [CPU share constraint](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#cpu-share-constraint) in the Docker documentation. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version:\n\n- *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares.\n- *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2.\n- *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares.\n\nOn Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as `0` , which Windows interprets as 1% of one CPU.", "title": "Cpu", "type": "number" }, "CredentialSpecs": { "items": { "type": "string" }, "markdownDescription": "A list of ARNs in SSM or Amazon S3 to a credential spec ( `CredSpec` ) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the `dockerSecurityOptions` . The maximum number of ARNs is 1.\n\nThere are two formats for each ARN.\n\n- **credentialspecdomainless:MyARN** - You use `credentialspecdomainless:MyARN` to provide a `CredSpec` with an additional section for a secret in AWS Secrets Manager . You provide the login credentials to the domain in the secret.\n\nEach task that runs on any container instance can join different domains.\n\nYou can use this format without joining the container instance to a domain.\n- **credentialspec:MyARN** - You use `credentialspec:MyARN` to provide a `CredSpec` for a single domain.\n\nYou must join the container instance to the domain before you start any tasks that use this task definition.\n\nIn both formats, replace `MyARN` with the ARN in SSM or Amazon S3.\n\nIf you provide a `credentialspecdomainless:MyARN` , the `credspec` must provide a ARN in AWS Secrets Manager for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) .", "title": "CredentialSpecs", "type": "array" }, "DependsOn": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.ContainerDependency" }, "markdownDescription": "The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed.\n\nFor tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nIf the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html) , the `dependsOn` parameter is not supported. For more information see [Issue #680](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/680) on the on the GitHub website.", "title": "DependsOn", "type": "array" }, "DisableNetworking": { "markdownDescription": "When this parameter is true, networking is off within the container. This parameter maps to `NetworkDisabled` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) .\n\n> This parameter is not supported for Windows containers.", "title": "DisableNetworking", "type": "boolean" }, "DnsSearchDomains": { "items": { "type": "string" }, "markdownDescription": "A list of DNS search domains that are presented to the container. This parameter maps to `DnsSearch` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--dns-search` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers.", "title": "DnsSearchDomains", "type": "array" }, "DnsServers": { "items": { "type": "string" }, "markdownDescription": "A list of DNS servers that are presented to the container. This parameter maps to `Dns` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--dns` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers.", "title": "DnsServers", "type": "array" }, "DockerLabels": { "additionalProperties": true, "markdownDescription": "A key/value map of labels to add to the container. This parameter maps to `Labels` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--label` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "DockerLabels", "type": "object" }, "DockerSecurityOptions": { "items": { "type": "string" }, "markdownDescription": "A list of strings to provide custom configuration for multiple security systems. For more information about valid values, see [Docker Run Security Configuration](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . This field isn't valid for containers in tasks using the Fargate launch type.\n\nFor Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems.\n\nFor any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThis parameter maps to `SecurityOpt` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--security-opt` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> The Amazon ECS container agent running on a container instance must register with the `ECS_SELINUX_CAPABLE=true` or `ECS_APPARMOR_CAPABLE=true` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . \n\nFor more information about valid values, see [Docker Run Security Configuration](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nValid values: \"no-new-privileges\" | \"apparmor:PROFILE\" | \"label:value\" | \"credentialspec:CredentialSpecFilePath\"", "title": "DockerSecurityOptions", "type": "array" }, "EntryPoint": { "items": { "type": "string" }, "markdownDescription": "> Early versions of the Amazon ECS container agent don't properly handle `entryPoint` parameters. If you have problems using `entryPoint` , update your container agent or enter your commands and arguments as `command` array items instead. \n\nThe entry point that's passed to the container. This parameter maps to `Entrypoint` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--entrypoint` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . For more information, see [https://docs.docker.com/engine/reference/builder/#entrypoint](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint) .", "title": "EntryPoint", "type": "array" }, "Environment": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" }, "markdownDescription": "The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> We don't recommend that you use plaintext environment variables for sensitive information, such as credential data.", "title": "Environment", "type": "array" }, "EnvironmentFiles": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.EnvironmentFile" }, "markdownDescription": "A list of files containing the environment variables to pass to a container. This parameter maps to the `--env-file` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nYou can specify up to ten environment files. The file must have a `.env` file extension. Each line in an environment file contains an environment variable in `VARIABLE=VALUE` format. Lines beginning with `#` are treated as comments and are ignored. For more information about the environment variable file syntax, see [Declare default environment variables in file](https://docs.aws.amazon.com/https://docs.docker.com/compose/env-file/) .\n\nIf there are environment variables specified using the `environment` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "EnvironmentFiles", "type": "array" }, "Essential": { "markdownDescription": "If the `essential` parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as `false` , its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential.\n\nAll tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Essential", "type": "boolean" }, "ExtraHosts": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostEntry" }, "markdownDescription": "A list of hostnames and IP address mappings to append to the `/etc/hosts` file on the container. This parameter maps to `ExtraHosts` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--add-host` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter isn't supported for Windows containers or tasks that use the `awsvpc` network mode.", "title": "ExtraHosts", "type": "array" }, "FirelensConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.FirelensConfiguration", "markdownDescription": "The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "FirelensConfiguration" }, "HealthCheck": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.HealthCheck", "markdownDescription": "The container health check command and associated configuration parameters for the container. This parameter maps to `HealthCheck` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `HEALTHCHECK` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "HealthCheck" }, "Hostname": { "markdownDescription": "The hostname to use for your container. This parameter maps to `Hostname` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--hostname` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> The `hostname` parameter is not supported if you're using the `awsvpc` network mode.", "title": "Hostname", "type": "string" }, "Image": { "markdownDescription": "The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `*repository-url* / *image* : *tag*` or `*repository-url* / *image* @ *digest*` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n- When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks.\n- Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest` . For example, `012345678910.dkr.ecr..amazonaws.com/:latest` or `012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE` .\n- Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ).\n- Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ).\n- Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ).", "title": "Image", "type": "string" }, "Interactive": { "markdownDescription": "When this parameter is `true` , you can deploy containerized applications that require `stdin` or a `tty` to be allocated. This parameter maps to `OpenStdin` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--interactive` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Interactive", "type": "boolean" }, "Links": { "items": { "type": "string" }, "markdownDescription": "The `links` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is `bridge` . The `name:internalName` construct is analogous to `name:alias` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. For more information about linking Docker containers, go to [Legacy container links](https://docs.aws.amazon.com/https://docs.docker.com/network/links/) in the Docker documentation. This parameter maps to `Links` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--link` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers. > Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings.", "title": "Links", "type": "array" }, "LinuxParameters": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.LinuxParameters", "markdownDescription": "Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) .\n\n> This parameter is not supported for Windows containers.", "title": "LinuxParameters" }, "LogConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.LogConfiguration", "markdownDescription": "The log configuration specification for the container.\n\nThis parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation.\n\n> Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. \n\nThis parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LogConfiguration" }, "Memory": { "markdownDescription": "The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task `memory` value, if one is specified. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf using the Fargate launch type, this parameter is optional.\n\nIf using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level `memory` and `memoryReservation` value, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers.", "title": "Memory", "type": "number" }, "MemoryReservation": { "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the `memory` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to `MemoryReservation` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--memory-reservation` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nIf a task-level memory value is not specified, you must specify a non-zero integer for one or both of `memory` or `memoryReservation` in a container definition. If you specify both, `memory` must be greater than `memoryReservation` . If you specify `memoryReservation` , then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of `memory` is used.\n\nFor example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a `memoryReservation` of 128 MiB, and a `memory` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed.\n\nThe Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers.\n\nThe Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers.", "title": "MemoryReservation", "type": "number" }, "MountPoints": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.MountPoint" }, "markdownDescription": "The mount points for data volumes in your container.\n\nThis parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives.", "title": "MountPoints", "type": "array" }, "Name": { "markdownDescription": "The name of a container. If you're linking multiple containers together in a task definition, the `name` of one container can be entered in the `links` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to `name` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--name` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "Name", "type": "string" }, "PortMappings": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.PortMapping" }, "markdownDescription": "The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic.\n\nFor task definitions that use the `awsvpc` network mode, you should only specify the `containerPort` . The `hostPort` can be left blank or it must be the same value as the `containerPort` .\n\nPort mappings on Windows use the `NetNAT` gateway address rather than `localhost` . There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself.\n\nThis parameter maps to `PortBindings` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--publish` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . If the network mode of a task definition is set to `none` , then you can't specify port mappings. If the network mode of a task definition is set to `host` , then host ports must either be undefined or they must match the container port in the port mapping.\n\n> After a task reaches the `RUNNING` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the `networkBindings` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses.", "title": "PortMappings", "type": "array" }, "Privileged": { "markdownDescription": "When this parameter is true, the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers or tasks run on AWS Fargate .", "title": "Privileged", "type": "boolean" }, "PseudoTerminal": { "markdownDescription": "When this parameter is `true` , a TTY is allocated. This parameter maps to `Tty` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--tty` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "PseudoTerminal", "type": "boolean" }, "ReadonlyRootFilesystem": { "markdownDescription": "When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--read-only` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> This parameter is not supported for Windows containers.", "title": "ReadonlyRootFilesystem", "type": "boolean" }, "RepositoryCredentials": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.RepositoryCredentials", "markdownDescription": "The private repository authentication credentials to use.", "title": "RepositoryCredentials" }, "ResourceRequirements": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.ResourceRequirement" }, "markdownDescription": "The type and amount of a resource to assign to a container. The only supported resource is a GPU.", "title": "ResourceRequirements", "type": "array" }, "Secrets": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" }, "markdownDescription": "The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Secrets", "type": "array" }, "StartTimeout": { "markdownDescription": "Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a `COMPLETE` , `SUCCESS` , or `HEALTHY` status. If a `startTimeout` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a `STOPPED` state.\n\n> When the `ECS_CONTAINER_START_TIMEOUT` container agent configuration variable is used, it's enforced independently from this start timeout value. \n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nFor tasks using the EC2 launch type, your container instances require at least version `1.26.0` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version `1.26.0-1` of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values for Fargate are 2-120 seconds.", "title": "StartTimeout", "type": "number" }, "StopTimeout": { "markdownDescription": "Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own.\n\nFor tasks using the Fargate launch type, the task or service requires the following platforms:\n\n- Linux platform version `1.3.0` or later.\n- Windows platform version `1.0.0` or later.\n\nThe max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used.\n\nFor tasks that use the EC2 launch type, if the `stopTimeout` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable `ECS_CONTAINER_STOP_TIMEOUT` is used. If neither the `stopTimeout` parameter or the `ECS_CONTAINER_STOP_TIMEOUT` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide* . If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the `ecs-init` package. If your container instances are launched from version `20190301` or later, then they contain the required versions of the container agent and `ecs-init` . For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nThe valid values are 2-120 seconds.", "title": "StopTimeout", "type": "number" }, "SystemControls": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.SystemControl" }, "markdownDescription": "A list of namespaced kernel parameters to set in the container. This parameter maps to `Sysctls` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--sysctl` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . For example, you can configure `net.ipv4.tcp_keepalive_time` setting to maintain longer lived connections.", "title": "SystemControls", "type": "array" }, "Ulimits": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Ulimit" }, "markdownDescription": "A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`\n\n> This parameter is not supported for Windows containers.", "title": "Ulimits", "type": "array" }, "User": { "markdownDescription": "The user to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> When running tasks using the `host` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. \n\nYou can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer.\n\n- `user`\n- `user:group`\n- `uid`\n- `uid:gid`\n- `user:gid`\n- `uid:group`\n\n> This parameter is not supported for Windows containers.", "title": "User", "type": "string" }, "VolumesFrom": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.VolumeFrom" }, "markdownDescription": "Data volumes to mount from another container. This parameter maps to `VolumesFrom` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--volumes-from` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "VolumesFrom", "type": "array" }, "WorkingDirectory": { "markdownDescription": "The working directory to run commands inside the container in. This parameter maps to `WorkingDir` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--workdir` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .", "title": "WorkingDirectory", "type": "string" } }, "required": [ "Image", "Name" ], "type": "object" }, "AWS::ECS::TaskDefinition.ContainerDependency": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "The dependency condition of the container. The following are the available conditions and their behavior:\n\n- `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.\n- `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container.\n- `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a `zero` status. This condition can't be set on an essential container.\n- `HEALTHY` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup.", "title": "Condition", "type": "string" }, "ContainerName": { "markdownDescription": "The name of a container.", "title": "ContainerName", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.Device": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The path inside the container at which to expose the host device.", "title": "ContainerPath", "type": "string" }, "HostPath": { "markdownDescription": "The path for the device on the host container instance.", "title": "HostPath", "type": "string" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device.", "title": "Permissions", "type": "array" } }, "type": "object" }, "AWS::ECS::TaskDefinition.DockerVolumeConfiguration": { "additionalProperties": false, "properties": { "Autoprovision": { "markdownDescription": "If this value is `true` , the Docker volume is created if it doesn't already exist.\n\n> This field is only used if the `scope` is `shared` .", "title": "Autoprovision", "type": "boolean" }, "Driver": { "markdownDescription": "The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use `docker plugin ls` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. For more information, see [Docker plugin discovery](https://docs.aws.amazon.com/https://docs.docker.com/engine/extend/plugin_api/#plugin-discovery) . This parameter maps to `Driver` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `xxdriver` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/) .", "title": "Driver", "type": "string" }, "DriverOpts": { "additionalProperties": true, "markdownDescription": "A map of Docker driver-specific options passed through. This parameter maps to `DriverOpts` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `xxopt` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "DriverOpts", "type": "object" }, "Labels": { "additionalProperties": true, "markdownDescription": "Custom metadata to add to your Docker volume. This parameter maps to `Labels` in the [Create a volume](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/VolumeCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `xxlabel` option to [docker volume create](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/commandline/volume_create/) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Labels", "type": "object" }, "Scope": { "markdownDescription": "The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a `task` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as `shared` persist after the task stops.", "title": "Scope", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.EFSVolumeConfiguration": { "additionalProperties": false, "properties": { "AuthorizationConfig": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.AuthorizationConfig", "markdownDescription": "The authorization configuration details for the Amazon EFS file system.", "title": "AuthorizationConfig" }, "FilesystemId": { "markdownDescription": "The Amazon EFS file system ID to use.", "title": "FilesystemId", "type": "string" }, "RootDirectory": { "markdownDescription": "The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying `/` will have the same effect as omitting this parameter.\n\n> If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` which will enforce the path set on the EFS access point.", "title": "RootDirectory", "type": "string" }, "TransitEncryption": { "markdownDescription": "Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* .", "title": "TransitEncryption", "type": "string" }, "TransitEncryptionPort": { "markdownDescription": "The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* .", "title": "TransitEncryptionPort", "type": "number" } }, "required": [ "FilesystemId" ], "type": "object" }, "AWS::ECS::TaskDefinition.EnvironmentFile": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The file type to use. Environment files are objects in Amazon S3. The only supported value is `s3` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.EphemeralStorage": { "additionalProperties": false, "properties": { "SizeInGiB": { "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `20` GiB and the maximum supported value is `200` GiB.", "title": "SizeInGiB", "type": "number" } }, "type": "object" }, "AWS::ECS::TaskDefinition.FSxAuthorizationConfig": { "additionalProperties": false, "properties": { "CredentialsParameter": { "markdownDescription": "", "title": "CredentialsParameter", "type": "string" }, "Domain": { "markdownDescription": "", "title": "Domain", "type": "string" } }, "required": [ "CredentialsParameter", "Domain" ], "type": "object" }, "AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration": { "additionalProperties": false, "properties": { "AuthorizationConfig": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxAuthorizationConfig", "markdownDescription": "The authorization configuration details for the Amazon FSx for Windows File Server file system.", "title": "AuthorizationConfig" }, "FileSystemId": { "markdownDescription": "The Amazon FSx for Windows File Server file system ID to use.", "title": "FileSystemId", "type": "string" }, "RootDirectory": { "markdownDescription": "The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host.", "title": "RootDirectory", "type": "string" } }, "required": [ "FileSystemId", "RootDirectory" ], "type": "object" }, "AWS::ECS::TaskDefinition.FirelensConfiguration": { "additionalProperties": false, "properties": { "Options": { "additionalProperties": true, "markdownDescription": "The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event.\n\nIf specified, valid option keys are:\n\n- `enable-ecs-log-metadata` , which can be `true` or `false`\n- `config-file-type` , which can be `s3` or `file`\n- `config-file-value` , which is either an S3 ARN or a file path", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Options", "type": "object" }, "Type": { "markdownDescription": "The log router to use. The valid values are `fluentd` or `fluentbit` .", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.HealthCheck": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "A string array representing the command that the container runs to determine if it is healthy. The string array must start with `CMD` to run the command arguments directly, or `CMD-SHELL` to run the command with the container's default shell.\n\nWhen you use the AWS Management Console JSON panel, the AWS Command Line Interface , or the APIs, enclose the list of commands in double quotes and brackets.\n\n`[ \"CMD-SHELL\", \"curl -f http://localhost/ || exit 1\" ]`\n\nYou don't include the double quotes and brackets when you use the AWS Management Console.\n\n`CMD-SHELL, curl -f http://localhost/ || exit 1`\n\nAn exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see `HealthCheck` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) .", "title": "Command", "type": "array" }, "Interval": { "markdownDescription": "The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds.", "title": "Interval", "type": "number" }, "Retries": { "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3.", "title": "Retries", "type": "number" }, "StartPeriod": { "markdownDescription": "The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the `startPeriod` is off.\n\n> If a health check succeeds within the `startPeriod` , then the container is considered healthy and any subsequent failures count toward the maximum number of retries.", "title": "StartPeriod", "type": "number" }, "Timeout": { "markdownDescription": "The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5.", "title": "Timeout", "type": "number" } }, "type": "object" }, "AWS::ECS::TaskDefinition.HostEntry": { "additionalProperties": false, "properties": { "Hostname": { "markdownDescription": "The hostname to use in the `/etc/hosts` entry.", "title": "Hostname", "type": "string" }, "IpAddress": { "markdownDescription": "The IP address to use in the `/etc/hosts` entry.", "title": "IpAddress", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.HostVolumeProperties": { "additionalProperties": false, "properties": { "SourcePath": { "markdownDescription": "When the `host` parameter is used, specify a `sourcePath` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the `host` parameter contains a `sourcePath` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the `sourcePath` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.\n\nIf you're using the Fargate launch type, the `sourcePath` parameter is not supported.", "title": "SourcePath", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.InferenceAccelerator": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The Elastic Inference accelerator device name. The `deviceName` must also be referenced in a container definition as a [ResourceRequirement](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ResourceRequirement.html) .", "title": "DeviceName", "type": "string" }, "DeviceType": { "markdownDescription": "The Elastic Inference accelerator type to use.", "title": "DeviceType", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.KernelCapabilities": { "additionalProperties": false, "properties": { "Add": { "items": { "type": "string" }, "markdownDescription": "The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to `CapAdd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--cap-add` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> Tasks launched on AWS Fargate only support adding the `SYS_PTRACE` kernel capability. \n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", "title": "Add", "type": "array" }, "Drop": { "items": { "type": "string" }, "markdownDescription": "The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to `CapDrop` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--cap-drop` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\nValid values: `\"ALL\" | \"AUDIT_CONTROL\" | \"AUDIT_WRITE\" | \"BLOCK_SUSPEND\" | \"CHOWN\" | \"DAC_OVERRIDE\" | \"DAC_READ_SEARCH\" | \"FOWNER\" | \"FSETID\" | \"IPC_LOCK\" | \"IPC_OWNER\" | \"KILL\" | \"LEASE\" | \"LINUX_IMMUTABLE\" | \"MAC_ADMIN\" | \"MAC_OVERRIDE\" | \"MKNOD\" | \"NET_ADMIN\" | \"NET_BIND_SERVICE\" | \"NET_BROADCAST\" | \"NET_RAW\" | \"SETFCAP\" | \"SETGID\" | \"SETPCAP\" | \"SETUID\" | \"SYS_ADMIN\" | \"SYS_BOOT\" | \"SYS_CHROOT\" | \"SYS_MODULE\" | \"SYS_NICE\" | \"SYS_PACCT\" | \"SYS_PTRACE\" | \"SYS_RAWIO\" | \"SYS_RESOURCE\" | \"SYS_TIME\" | \"SYS_TTY_CONFIG\" | \"SYSLOG\" | \"WAKE_ALARM\"`", "title": "Drop", "type": "array" } }, "type": "object" }, "AWS::ECS::TaskDefinition.KeyValuePair": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.LinuxParameters": { "additionalProperties": false, "properties": { "Capabilities": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.KernelCapabilities", "markdownDescription": "The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.\n\n> For tasks that use the Fargate launch type, `capabilities` is supported for all platform versions but the `add` parameter is only supported if using platform version 1.4.0 or later.", "title": "Capabilities" }, "Devices": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Device" }, "markdownDescription": "Any host devices to expose to the container. This parameter maps to `Devices` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--device` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> If you're using tasks that use the Fargate launch type, the `devices` parameter isn't supported.", "title": "Devices", "type": "array" }, "InitProcessEnabled": { "markdownDescription": "Run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "title": "InitProcessEnabled", "type": "boolean" }, "MaxSwap": { "markdownDescription": "The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the `--memory-swap` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) where the value would be the sum of the container memory plus the `maxSwap` value.\n\nIf a `maxSwap` value of `0` is specified, the container will not use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A `maxSwap` value must be set for the `swappiness` parameter to be used.\n\n> If you're using tasks that use the Fargate launch type, the `maxSwap` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", "title": "MaxSwap", "type": "number" }, "SharedMemorySize": { "markdownDescription": "The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> If you are using tasks that use the Fargate launch type, the `sharedMemorySize` parameter is not supported.", "title": "SharedMemorySize", "type": "number" }, "Swappiness": { "markdownDescription": "This allows you to tune a container's memory swappiness behavior. A `swappiness` value of `0` will cause swapping to not happen unless absolutely necessary. A `swappiness` value of `100` will cause pages to be swapped very aggressively. Accepted values are whole numbers between `0` and `100` . If the `swappiness` parameter is not specified, a default value of `60` is used. If a value is not specified for `maxSwap` then this parameter is ignored. This parameter maps to the `--memory-swappiness` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> If you're using tasks that use the Fargate launch type, the `swappiness` parameter isn't supported.\n> \n> If you're using tasks on Amazon Linux 2023 the `swappiness` parameter isn't supported.", "title": "Swappiness", "type": "number" }, "Tmpfs": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Tmpfs" }, "markdownDescription": "The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the `--tmpfs` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) .\n\n> If you're using tasks that use the Fargate launch type, the `tmpfs` parameter isn't supported.", "title": "Tmpfs", "type": "array" } }, "type": "object" }, "AWS::ECS::TaskDefinition.LogConfiguration": { "additionalProperties": false, "properties": { "LogDriver": { "markdownDescription": "The log driver to use for the container.\n\nFor tasks on AWS Fargate , the supported log drivers are `awslogs` , `splunk` , and `awsfirelens` .\n\nFor tasks hosted on Amazon EC2 instances, the supported log drivers are `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `syslog` , `splunk` , and `awsfirelens` .\n\nFor more information about using the `awslogs` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor more information about using the `awsfirelens` log driver, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) .\n\n> If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software.", "title": "LogDriver", "type": "string" }, "Options": { "additionalProperties": true, "markdownDescription": "The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version --format '{{.Server.APIVersion}}'`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Options", "type": "object" }, "SecretOptions": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.Secret" }, "markdownDescription": "The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "SecretOptions", "type": "array" } }, "required": [ "LogDriver" ], "type": "object" }, "AWS::ECS::TaskDefinition.MountPoint": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The path on the container to mount the host volume at.", "title": "ContainerPath", "type": "string" }, "ReadOnly": { "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" }, "SourceVolume": { "markdownDescription": "The name of the volume to mount. Must be a volume name referenced in the `name` parameter of task definition `volume` .", "title": "SourceVolume", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.PortMapping": { "additionalProperties": false, "properties": { "AppProtocol": { "markdownDescription": "The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch.\n\nIf you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP.\n\n`appProtocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.\n\nTasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "AppProtocol", "type": "string" }, "ContainerPort": { "markdownDescription": "The port number on the container that's bound to the user-specified or automatically assigned host port.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, specify the exposed ports using `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see `hostPort` . Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance.", "title": "ContainerPort", "type": "number" }, "ContainerPortRange": { "markdownDescription": "The port number range on the container that's bound to the dynamically mapped host port range.\n\nThe following rules apply when you specify a `containerPortRange` :\n\n- You must use either the `bridge` network mode or the `awsvpc` network mode.\n- This parameter is available for both the EC2 and AWS Fargate launch types.\n- This parameter is available for both the Linux and Windows operating systems.\n- The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the `ecs-init` package\n- You can specify a maximum of 100 port ranges per container.\n- You do not specify a `hostPortRange` . The value of the `hostPortRange` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPortRange` is set to the same value as the `containerPortRange` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports.\n- The `containerPortRange` valid values are between 1 and 65535.\n- A port can only be included in one port mapping per container.\n- You cannot specify overlapping port ranges.\n- The first port in the range must be less than last port in the range.\n- Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports.\n\nFor more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website.\n\nFor information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide* .\n\nYou can call [`DescribeTasks`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the `hostPortRange` which are the host ports that are bound to the container ports.", "title": "ContainerPortRange", "type": "string" }, "HostPort": { "markdownDescription": "The port number on the container instance to reserve for your container.\n\nIf you specify a `containerPortRange` , leave this field empty and the value of the `hostPort` is set as follows:\n\n- For containers in a task with the `awsvpc` network mode, the `hostPort` is set to the same value as the `containerPort` . This is a static mapping strategy.\n- For containers in a task with the `bridge` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy.\n\nIf you use containers in a task with the `awsvpc` or `host` network mode, the `hostPort` can either be left blank or set to the same value as the `containerPort` .\n\nIf you use containers in a task with the `bridge` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the `hostPort` (or set it to `0` ) while specifying a `containerPort` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version.\n\nThe default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under `/proc/sys/net/ipv4/ip_local_port_range` . If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range.\n\nThe default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the `remainingResources` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota.", "title": "HostPort", "type": "number" }, "Name": { "markdownDescription": "The name that's used for the port mapping. This parameter only applies to Service Connect. This parameter is the name that you use in the `serviceConnectConfiguration` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen.\n\nFor more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Name", "type": "string" }, "Protocol": { "markdownDescription": "The protocol used for the port mapping. Valid values are `tcp` and `udp` . The default is `tcp` . `protocol` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.ProxyConfiguration": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The name of the container that will serve as the App Mesh proxy.", "title": "ContainerName", "type": "string" }, "ProxyConfigurationProperties": { "items": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.KeyValuePair" }, "markdownDescription": "The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs.\n\n- `IgnoredUID` - (Required) The user ID (UID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredGID` is specified, this field can be empty.\n- `IgnoredGID` - (Required) The group ID (GID) of the proxy container as defined by the `user` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If `IgnoredUID` is specified, this field can be empty.\n- `AppPorts` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the `ProxyIngressPort` and `ProxyEgressPort` .\n- `ProxyIngressPort` - (Required) Specifies the port that incoming traffic to the `AppPorts` is directed to.\n- `ProxyEgressPort` - (Required) Specifies the port that outgoing traffic from the `AppPorts` is directed to.\n- `EgressIgnoredPorts` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.\n- `EgressIgnoredIPs` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the `ProxyEgressPort` . It can be an empty list.", "title": "ProxyConfigurationProperties", "type": "array" }, "Type": { "markdownDescription": "The proxy type. The only supported value is `APPMESH` .", "title": "Type", "type": "string" } }, "required": [ "ContainerName" ], "type": "object" }, "AWS::ECS::TaskDefinition.RepositoryCredentials": { "additionalProperties": false, "properties": { "CredentialsParameter": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret containing the private repository credentials.\n\n> When you use the Amazon ECS API, AWS CLI , or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret.", "title": "CredentialsParameter", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.ResourceRequirement": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of resource to assign to a container.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The value for the specified resource type.\n\nWhen the type is `GPU` , the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nWhen the type is `InferenceAccelerator` , the `value` matches the `deviceName` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::ECS::TaskDefinition.RuntimePlatform": { "additionalProperties": false, "properties": { "CpuArchitecture": { "markdownDescription": "The CPU architecture.\n\nYou can run your Linux tasks on an ARM-based platform by setting the value to `ARM64` . This option is available for tasks that run on Linux Amazon EC2 instance or Linux containers on Fargate.", "title": "CpuArchitecture", "type": "string" }, "OperatingSystemFamily": { "markdownDescription": "The operating system.", "title": "OperatingSystemFamily", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.Secret": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the secret.", "title": "Name", "type": "string" }, "ValueFrom": { "markdownDescription": "The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store.\n\nFor information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.", "title": "ValueFrom", "type": "string" } }, "required": [ "Name", "ValueFrom" ], "type": "object" }, "AWS::ECS::TaskDefinition.SystemControl": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "The namespaced kernel parameter to set a `value` for.", "title": "Namespace", "type": "string" }, "Value": { "markdownDescription": "The namespaced kernel parameter to set a `value` for.\n\nValid IPC namespace values: `\"kernel.msgmax\" | \"kernel.msgmnb\" | \"kernel.msgmni\" | \"kernel.sem\" | \"kernel.shmall\" | \"kernel.shmmax\" | \"kernel.shmmni\" | \"kernel.shm_rmid_forced\"` , and `Sysctls` that start with `\"fs.mqueue.*\"`\n\nValid network namespace values: `Sysctls` that start with `\"net.*\"`\n\nAll of these values are supported by Fargate.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.TaskDefinitionPlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The type of constraint. The `MemberOf` constraint restricts selection to be from a group of valid candidates.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ECS::TaskDefinition.Tmpfs": { "additionalProperties": false, "properties": { "ContainerPath": { "markdownDescription": "The absolute file path where the tmpfs volume is to be mounted.", "title": "ContainerPath", "type": "string" }, "MountOptions": { "items": { "type": "string" }, "markdownDescription": "The list of tmpfs volume mount options.\n\nValid values: `\"defaults\" | \"ro\" | \"rw\" | \"suid\" | \"nosuid\" | \"dev\" | \"nodev\" | \"exec\" | \"noexec\" | \"sync\" | \"async\" | \"dirsync\" | \"remount\" | \"mand\" | \"nomand\" | \"atime\" | \"noatime\" | \"diratime\" | \"nodiratime\" | \"bind\" | \"rbind\" | \"unbindable\" | \"runbindable\" | \"private\" | \"rprivate\" | \"shared\" | \"rshared\" | \"slave\" | \"rslave\" | \"relatime\" | \"norelatime\" | \"strictatime\" | \"nostrictatime\" | \"mode\" | \"uid\" | \"gid\" | \"nr_inodes\" | \"nr_blocks\" | \"mpol\"`", "title": "MountOptions", "type": "array" }, "Size": { "markdownDescription": "The maximum size (in MiB) of the tmpfs volume.", "title": "Size", "type": "number" } }, "required": [ "Size" ], "type": "object" }, "AWS::ECS::TaskDefinition.Ulimit": { "additionalProperties": false, "properties": { "HardLimit": { "markdownDescription": "The hard limit for the `ulimit` type.", "title": "HardLimit", "type": "number" }, "Name": { "markdownDescription": "The `type` of the `ulimit` .", "title": "Name", "type": "string" }, "SoftLimit": { "markdownDescription": "The soft limit for the `ulimit` type.", "title": "SoftLimit", "type": "number" } }, "required": [ "HardLimit", "Name", "SoftLimit" ], "type": "object" }, "AWS::ECS::TaskDefinition.Volume": { "additionalProperties": false, "properties": { "ConfiguredAtLaunch": { "markdownDescription": "Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration.\n\nTo configure a volume at launch time, use this task definition revision and specify a `volumeConfigurations` object when calling the `CreateService` , `UpdateService` , `RunTask` or `StartTask` APIs.", "title": "ConfiguredAtLaunch", "type": "boolean" }, "DockerVolumeConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.DockerVolumeConfiguration", "markdownDescription": "This parameter is specified when you use Docker volumes.\n\nWindows containers only support the use of the `local` driver. To use bind mounts, specify the `host` parameter instead.\n\n> Docker volumes aren't supported by tasks run on AWS Fargate .", "title": "DockerVolumeConfiguration" }, "EFSVolumeConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.EFSVolumeConfiguration", "markdownDescription": "This parameter is specified when you use an Amazon Elastic File System file system for task storage.", "title": "EFSVolumeConfiguration" }, "FSxWindowsFileServerVolumeConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.FSxWindowsFileServerVolumeConfiguration", "markdownDescription": "This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage.", "title": "FSxWindowsFileServerVolumeConfiguration" }, "Host": { "$ref": "#/definitions/AWS::ECS::TaskDefinition.HostVolumeProperties", "markdownDescription": "This parameter is specified when you use bind mount host volumes. The contents of the `host` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the `host` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running.\n\nWindows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount `C:\\my\\path:C:\\my\\path` and `D:\\:D:\\` , but not `D:\\my\\path:C:\\my\\path` or `D:\\:C:\\my\\path` .", "title": "Host" }, "Name": { "markdownDescription": "The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.\n\nWhen using a volume configured at launch, the `name` is required and must also be specified as the volume name in the `ServiceVolumeConfiguration` or `TaskVolumeConfiguration` parameter when creating your service or standalone task.\n\nFor all other types of volumes, this name is referenced in the `sourceVolume` parameter of the `mountPoints` object in the container definition.\n\nWhen a volume is using the `efsVolumeConfiguration` , the name is required.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskDefinition.VolumeFrom": { "additionalProperties": false, "properties": { "ReadOnly": { "markdownDescription": "If this value is `true` , the container has read-only access to the volume. If this value is `false` , then the container can write to the volume. The default value is `false` .", "title": "ReadOnly", "type": "boolean" }, "SourceContainer": { "markdownDescription": "The name of another container within the same task definition to mount volumes from.", "title": "SourceContainer", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Cluster": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the cluster that hosts the service to create the task set in.", "title": "Cluster", "type": "string" }, "ExternalId": { "markdownDescription": "An optional non-unique tag that identifies this task set in external systems. If the task set is associated with a service discovery registry, the tasks in this task set will have the `ECS_TASK_SET_EXTERNAL_ID` AWS Cloud Map attribute set to the provided value.", "title": "ExternalId", "type": "string" }, "LaunchType": { "markdownDescription": "The launch type that new tasks in the task set uses. For more information, see [Amazon ECS launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/launch_types.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nIf a `launchType` is specified, the `capacityProviderStrategy` parameter must be omitted.", "title": "LaunchType", "type": "string" }, "LoadBalancers": { "items": { "$ref": "#/definitions/AWS::ECS::TaskSet.LoadBalancer" }, "markdownDescription": "A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer.", "title": "LoadBalancers", "type": "array" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskSet.NetworkConfiguration", "markdownDescription": "The network configuration for the task set.", "title": "NetworkConfiguration" }, "PlatformVersion": { "markdownDescription": "The platform version that the tasks in the task set uses. A platform version is specified only for tasks using the Fargate launch type. If one isn't specified, the `LATEST` platform version is used.", "title": "PlatformVersion", "type": "string" }, "Scale": { "$ref": "#/definitions/AWS::ECS::TaskSet.Scale", "markdownDescription": "A floating-point percentage of your desired number of tasks to place and keep running in the task set.", "title": "Scale" }, "Service": { "markdownDescription": "The short name or full Amazon Resource Name (ARN) of the service to create the task set in.", "title": "Service", "type": "string" }, "ServiceRegistries": { "items": { "$ref": "#/definitions/AWS::ECS::TaskSet.ServiceRegistry" }, "markdownDescription": "The details of the service discovery registries to assign to this task set. For more information, see [Service discovery](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html) .", "title": "ServiceRegistries", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the task set to help you categorize and organize them. Each tag consists of a key and an optional value. You define both.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource - 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length - 128 Unicode characters in UTF-8\n- Maximum value length - 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" }, "TaskDefinition": { "markdownDescription": "The task definition for the tasks in the task set to use. If a revision isn't specified, the latest `ACTIVE` revision is used.", "title": "TaskDefinition", "type": "string" } }, "required": [ "Cluster", "Service", "TaskDefinition" ], "type": "object" }, "Type": { "enum": [ "AWS::ECS::TaskSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ECS::TaskSet.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Whether the task's elastic network interface receives a public IP address. The default value is `DISABLED` .", "title": "AssignPublicIp", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified per `AwsVpcConfiguration` .\n\n> All specified security groups must be from the same VPC.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified per `AwsVpcConfiguration` .\n\n> All specified subnets must be from the same VPC.", "title": "Subnets", "type": "array" } }, "required": [ "Subnets" ], "type": "object" }, "AWS::ECS::TaskSet.LoadBalancer": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The name of the container (as it appears in a container definition) to associate with the load balancer.\n\nYou need to specify the container name when configuring the target group for an Amazon ECS load balancer.", "title": "ContainerName", "type": "string" }, "ContainerPort": { "markdownDescription": "The port on the container to associate with the load balancer. This port must correspond to a `containerPort` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the `hostPort` of the port mapping.", "title": "ContainerPort", "type": "number" }, "TargetGroupArn": { "markdownDescription": "The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set.\n\nA target group ARN is only specified when using an Application Load Balancer or Network Load Balancer.\n\nFor services using the `ECS` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide* .\n\nFor services using the `CODE_DEPLOY` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide* .\n\n> If your service's task definition uses the `awsvpc` network mode, you must choose `ip` as the target type, not `instance` . Do this when creating your target groups because tasks that use the `awsvpc` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type.", "title": "TargetGroupArn", "type": "string" } }, "type": "object" }, "AWS::ECS::TaskSet.NetworkConfiguration": { "additionalProperties": false, "properties": { "AwsVpcConfiguration": { "$ref": "#/definitions/AWS::ECS::TaskSet.AwsVpcConfiguration", "markdownDescription": "The VPC subnets and security groups that are associated with a task.\n\n> All specified subnets and security groups must be from the same VPC.", "title": "AwsVpcConfiguration" } }, "type": "object" }, "AWS::ECS::TaskSet.Scale": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "The unit of measure for the scale value.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "The value, specified as a percent total of a service's `desiredCount` , to scale the task set. Accepted values are numbers between 0 and 100.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::ECS::TaskSet.ServiceRegistry": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition that your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", "title": "ContainerName", "type": "string" }, "ContainerPort": { "markdownDescription": "The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the `bridge` or `host` network mode, you must specify a `containerName` and `containerPort` combination from the task definition. If the task definition your service task specifies uses the `awsvpc` network mode and a type SRV DNS record is used, you must specify either a `containerName` and `containerPort` combination or a `port` value. However, you can't specify both.", "title": "ContainerPort", "type": "number" }, "Port": { "markdownDescription": "The port value used if your service discovery service specified an SRV record. This field might be used if both the `awsvpc` network mode and SRV records are used.", "title": "Port", "type": "number" }, "RegistryArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map . For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html) .", "title": "RegistryArn", "type": "string" } }, "type": "object" }, "AWS::EFS::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPointTags": { "items": { "$ref": "#/definitions/AWS::EFS::AccessPoint.AccessPointTag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "AccessPointTags", "type": "array" }, "ClientToken": { "markdownDescription": "The opaque string specified in the request to ensure idempotent creation.", "title": "ClientToken", "type": "string" }, "FileSystemId": { "markdownDescription": "The ID of the EFS file system that the access point applies to. Accepts only the ID format for input when specifying a file system, for example `fs-0123456789abcedf2` .", "title": "FileSystemId", "type": "string" }, "PosixUser": { "$ref": "#/definitions/AWS::EFS::AccessPoint.PosixUser", "markdownDescription": "The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point that is used for all file operations by NFS clients using the access point.", "title": "PosixUser" }, "RootDirectory": { "$ref": "#/definitions/AWS::EFS::AccessPoint.RootDirectory", "markdownDescription": "The directory on the EFS file system that the access point exposes as the root directory to NFS clients using the access point.", "title": "RootDirectory" } }, "required": [ "FileSystemId" ], "type": "object" }, "Type": { "enum": [ "AWS::EFS::AccessPoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EFS::AccessPoint.AccessPointTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key (String). The key can't start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the tag key.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::EFS::AccessPoint.CreationInfo": { "additionalProperties": false, "properties": { "OwnerGid": { "markdownDescription": "Specifies the POSIX group ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", "title": "OwnerGid", "type": "string" }, "OwnerUid": { "markdownDescription": "Specifies the POSIX user ID to apply to the `RootDirectory` . Accepts values from 0 to 2^32 (4294967295).", "title": "OwnerUid", "type": "string" }, "Permissions": { "markdownDescription": "Specifies the POSIX permissions to apply to the `RootDirectory` , in the format of an octal number representing the file's mode bits.", "title": "Permissions", "type": "string" } }, "required": [ "OwnerGid", "OwnerUid", "Permissions" ], "type": "object" }, "AWS::EFS::AccessPoint.PosixUser": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The POSIX group ID used for all file system operations using this access point.", "title": "Gid", "type": "string" }, "SecondaryGids": { "items": { "type": "string" }, "markdownDescription": "Secondary POSIX group IDs used for all file system operations using this access point.", "title": "SecondaryGids", "type": "array" }, "Uid": { "markdownDescription": "The POSIX user ID used for all file system operations using this access point.", "title": "Uid", "type": "string" } }, "required": [ "Gid", "Uid" ], "type": "object" }, "AWS::EFS::AccessPoint.RootDirectory": { "additionalProperties": false, "properties": { "CreationInfo": { "$ref": "#/definitions/AWS::EFS::AccessPoint.CreationInfo", "markdownDescription": "(Optional) Specifies the POSIX IDs and permissions to apply to the access point's `RootDirectory` . If the `RootDirectory` > `Path` specified does not exist, EFS creates the root directory using the `CreationInfo` settings when a client connects to an access point. When specifying the `CreationInfo` , you must provide values for all properties.\n\n> If you do not provide `CreationInfo` and the specified `RootDirectory` > `Path` does not exist, attempts to mount the file system using the access point will fail.", "title": "CreationInfo" }, "Path": { "markdownDescription": "Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the `CreationInfo` .", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::EFS::FileSystem": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZoneName": { "markdownDescription": "For One Zone file systems, specify the AWS Availability Zone in which to create the file system. Use the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/availability-durability.html#file-system-type) in the *Amazon EFS User Guide* .\n\n> One Zone file systems are not available in all Availability Zones in AWS Regions where Amazon EFS is available.", "title": "AvailabilityZoneName", "type": "string" }, "BackupPolicy": { "$ref": "#/definitions/AWS::EFS::FileSystem.BackupPolicy", "markdownDescription": "Use the `BackupPolicy` to turn automatic backups on or off for the file system.", "title": "BackupPolicy" }, "BypassPolicyLockoutSafetyCheck": { "markdownDescription": "(Optional) A boolean that specifies whether or not to bypass the `FileSystemPolicy` lockout safety check. The lockout safety check determines whether the policy in the request will lock out, or prevent, the IAM principal that is making the request from making future `PutFileSystemPolicy` requests on this file system. Set `BypassPolicyLockoutSafetyCheck` to `True` only when you intend to prevent the IAM principal that is making the request from making subsequent `PutFileSystemPolicy` requests on this file system. The default value is `False` .", "title": "BypassPolicyLockoutSafetyCheck", "type": "boolean" }, "Encrypted": { "markdownDescription": "A Boolean value that, if true, creates an encrypted file system. When creating an encrypted file system, you have the option of specifying a KmsKeyId for an existing AWS KMS key . If you don't specify a KMS key , then the default KMS key for Amazon EFS , `/aws/elasticfilesystem` , is used to protect the encrypted file system.", "title": "Encrypted", "type": "boolean" }, "FileSystemPolicy": { "markdownDescription": "The `FileSystemPolicy` for the EFS file system. A file system policy is an IAM resource policy used to control NFS access to an EFS file system. For more information, see [Using IAM to control NFS access to Amazon EFS](https://docs.aws.amazon.com/efs/latest/ug/iam-access-control-nfs-efs.html) in the *Amazon EFS User Guide* .", "title": "FileSystemPolicy", "type": "object" }, "FileSystemProtection": { "$ref": "#/definitions/AWS::EFS::FileSystem.FileSystemProtection", "markdownDescription": "Describes the protection on the file system.", "title": "FileSystemProtection" }, "FileSystemTags": { "items": { "$ref": "#/definitions/AWS::EFS::FileSystem.ElasticFileSystemTag" }, "markdownDescription": "Use to create one or more tags associated with the file system. Each tag is a user-defined key-value pair. Name your file system on creation by including a `\"Key\":\"Name\",\"Value\":\"{value}\"` key-value pair. Each key must be unique. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", "title": "FileSystemTags", "type": "array" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS KMS key to be used to protect the encrypted file system. This parameter is only required if you want to use a nondefault KMS key . If this parameter is not specified, the default KMS key for Amazon EFS is used. This ID can be in one of the following formats:\n\n- Key ID - A unique identifier of the key, for example `1234abcd-12ab-34cd-56ef-1234567890ab` .\n- ARN - An Amazon Resource Name (ARN) for the key, for example `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` .\n- Key alias - A previously created display name for a key, for example `alias/projectKey1` .\n- Key alias ARN - An ARN for a key alias, for example `arn:aws:kms:us-west-2:444455556666:alias/projectKey1` .\n\nIf `KmsKeyId` is specified, the `Encrypted` parameter must be set to true.", "title": "KmsKeyId", "type": "string" }, "LifecyclePolicies": { "items": { "$ref": "#/definitions/AWS::EFS::FileSystem.LifecyclePolicy" }, "markdownDescription": "An array of `LifecyclePolicy` objects that define the file system's `LifecycleConfiguration` object. A `LifecycleConfiguration` object informs Lifecycle management of the following:\n\n- When to move files in the file system from primary storage to IA storage.\n- When to move files in the file system from primary storage or IA storage to Archive storage.\n- When to move files that are in IA or Archive storage to primary storage.\n\n> Amazon EFS requires that each `LifecyclePolicy` object have only a single transition. This means that in a request body, `LifecyclePolicies` needs to be structured as an array of `LifecyclePolicy` objects, one object for each transition, `TransitionToIA` , `TransitionToArchive` `TransitionToPrimaryStorageClass` . See the example requests in the following section for more information.", "title": "LifecyclePolicies", "type": "array" }, "PerformanceMode": { "markdownDescription": "The performance mode of the file system. We recommend `generalPurpose` performance mode for all file systems. File systems using the `maxIO` performance mode can scale to higher levels of aggregate throughput and operations per second with a tradeoff of slightly higher latencies for most file operations. The performance mode can't be changed after the file system has been created. The `maxIO` mode is not supported on One Zone file systems.\n\n> Due to the higher per-operation latencies with Max I/O, we recommend using General Purpose performance mode for all file systems. \n\nDefault is `generalPurpose` .", "title": "PerformanceMode", "type": "string" }, "ProvisionedThroughputInMibps": { "markdownDescription": "The throughput, measured in mebibytes per second (MiBps), that you want to provision for a file system that you're creating. Required if `ThroughputMode` is set to `provisioned` . Valid values are 1-3414 MiBps, with the upper limit depending on Region. To increase this limit, contact AWS Support . For more information, see [Amazon EFS quotas that you can increase](https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits) in the *Amazon EFS User Guide* .", "title": "ProvisionedThroughputInMibps", "type": "number" }, "ReplicationConfiguration": { "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationConfiguration", "markdownDescription": "Describes the replication configuration for a specific file system.", "title": "ReplicationConfiguration" }, "ThroughputMode": { "markdownDescription": "Specifies the throughput mode for the file system. The mode can be `bursting` , `provisioned` , or `elastic` . If you set `ThroughputMode` to `provisioned` , you must also set a value for `ProvisionedThroughputInMibps` . After you create the file system, you can decrease your file system's Provisioned throughput or change between the throughput modes, with certain time restrictions. For more information, see [Specifying throughput with provisioned mode](https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput) in the *Amazon EFS User Guide* .\n\nDefault is `bursting` .", "title": "ThroughputMode", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EFS::FileSystem" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EFS::FileSystem.BackupPolicy": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Set the backup policy status for the file system.\n\n- *`ENABLED`* - Turns automatic backups on for the file system.\n- *`DISABLED`* - Turns automatic backups off for the file system.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::EFS::FileSystem.ElasticFileSystemTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key (String). The key can't start with `aws:` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the tag key.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EFS::FileSystem.FileSystemProtection": { "additionalProperties": false, "properties": { "ReplicationOverwriteProtection": { "markdownDescription": "The status of the file system's replication overwrite protection.\n\n- `ENABLED` \u2013 The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is `ENABLED` by default.\n- `DISABLED` \u2013 The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication.\n- `REPLICATING` \u2013 The file system is being used as the destination file system in a replication configuration. The file system is read-only and is only modified only by EFS replication.\n\nIf the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable.", "title": "ReplicationOverwriteProtection", "type": "string" } }, "type": "object" }, "AWS::EFS::FileSystem.LifecyclePolicy": { "additionalProperties": false, "properties": { "TransitionToArchive": { "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", "title": "TransitionToArchive", "type": "string" }, "TransitionToIA": { "markdownDescription": "The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events.", "title": "TransitionToIA", "type": "string" }, "TransitionToPrimaryStorageClass": { "markdownDescription": "Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events.", "title": "TransitionToPrimaryStorageClass", "type": "string" } }, "type": "object" }, "AWS::EFS::FileSystem.ReplicationConfiguration": { "additionalProperties": false, "properties": { "Destinations": { "items": { "$ref": "#/definitions/AWS::EFS::FileSystem.ReplicationDestination" }, "markdownDescription": "An array of destination objects. Only one destination object is supported.", "title": "Destinations", "type": "array" } }, "type": "object" }, "AWS::EFS::FileSystem.ReplicationDestination": { "additionalProperties": false, "properties": { "AvailabilityZoneName": { "markdownDescription": "For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located.\n\nUse the format `us-east-1a` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide* .\n\n> One Zone file system type is not available in all Availability Zones in AWS Regions where Amazon EFS is available.", "title": "AvailabilityZoneName", "type": "string" }, "FileSystemId": { "markdownDescription": "The ID of the destination Amazon EFS file system.", "title": "FileSystemId", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of an AWS KMS key used to protect the encrypted file system.", "title": "KmsKeyId", "type": "string" }, "Region": { "markdownDescription": "The AWS Region in which the destination file system is located.\n\n> For One Zone file systems, the replication configuration must specify the AWS Region in which the destination file system is located.", "title": "Region", "type": "string" } }, "type": "object" }, "AWS::EFS::MountTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The ID of the file system for which to create the mount target.", "title": "FileSystemId", "type": "string" }, "IpAddress": { "markdownDescription": "Valid IPv4 address within the address range of the specified subnet.", "title": "IpAddress", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "Up to five VPC security group IDs, of the form `sg-xxxxxxxx` . These must be for the same VPC as subnet specified.", "title": "SecurityGroups", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone.", "title": "SubnetId", "type": "string" } }, "required": [ "FileSystemId", "SecurityGroups", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::EFS::MountTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::AccessEntry": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPolicies": { "items": { "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessPolicy" }, "markdownDescription": "The access policies to associate to the access entry.", "title": "AccessPolicies", "type": "array" }, "ClusterName": { "markdownDescription": "The name of your cluster.", "title": "ClusterName", "type": "string" }, "KubernetesGroups": { "items": { "type": "string" }, "markdownDescription": "The value for `name` that you've specified for `kind: Group` as a `subject` in a Kubernetes `RoleBinding` or `ClusterRoleBinding` object. Amazon EKS doesn't confirm that the value for `name` exists in any bindings on your cluster. You can specify one or more names.\n\nKubernetes authorizes the `principalArn` of the access entry to access any cluster objects that you've specified in a Kubernetes `Role` or `ClusterRole` object that is also specified in a binding's `roleRef` . For more information about creating Kubernetes `RoleBinding` , `ClusterRoleBinding` , `Role` , or `ClusterRole` objects, see [Using RBAC Authorization in the Kubernetes documentation](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/access-authn-authz/rbac/) .\n\nIf you want Amazon EKS to authorize the `principalArn` (instead of, or in addition to Kubernetes authorizing the `principalArn` ), you can associate one or more access policies to the access entry using `AssociateAccessPolicy` . If you associate any access policies, the `principalARN` has all permissions assigned in the associated access policies and all permissions in any Kubernetes `Role` or `ClusterRole` objects that the group names are bound to.", "title": "KubernetesGroups", "type": "array" }, "PrincipalArn": { "markdownDescription": "The ARN of the IAM principal for the `AccessEntry` . You can specify one ARN for each access entry. You can't specify the same ARN in more than one access entry. This value can't be changed after access entry creation.\n\nThe valid principals differ depending on the type of the access entry in the `type` field. The only valid ARN is IAM roles for the types of access entries for nodes: `` `` . You can use every IAM principal type for `STANDARD` access entries. You can't use the STS session principal type with access entries because this is a temporary principal for each session and not a permanent identity that can be assigned permissions.\n\n[IAM best practices](https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#bp-users-federation-idp) recommend using IAM roles with temporary credentials, rather than IAM users with long-term credentials.", "title": "PrincipalArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the new access entry. Valid values are `Standard` , `FARGATE_LINUX` , `EC2_LINUX` , and `EC2_WINDOWS` .\n\nIf the `principalArn` is for an IAM role that's used for self-managed Amazon EC2 nodes, specify `EC2_LINUX` or `EC2_WINDOWS` . Amazon EKS grants the necessary permissions to the node for you. If the `principalArn` is for any other purpose, specify `STANDARD` . If you don't specify a value, Amazon EKS sets the value to `STANDARD` . It's unnecessary to create access entries for IAM roles used with Fargate profiles or managed Amazon EC2 nodes, because Amazon EKS creates entries in the `aws-auth` `ConfigMap` for the roles. You can't change this value once you've created the access entry.\n\nIf you set the value to `EC2_LINUX` or `EC2_WINDOWS` , you can't specify values for `kubernetesGroups` , or associate an `AccessPolicy` to the access entry.", "title": "Type", "type": "string" }, "Username": { "markdownDescription": "The username to authenticate to Kubernetes with. We recommend not specifying a username and letting Amazon EKS specify it for you. For more information about the value Amazon EKS specifies for you, or constraints before specifying your own username, see [Creating access entries](https://docs.aws.amazon.com/eks/latest/userguide/access-entries.html#creating-access-entries) in the *Amazon EKS User Guide* .", "title": "Username", "type": "string" } }, "required": [ "ClusterName", "PrincipalArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::AccessEntry" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::AccessEntry.AccessPolicy": { "additionalProperties": false, "properties": { "AccessScope": { "$ref": "#/definitions/AWS::EKS::AccessEntry.AccessScope", "markdownDescription": "The scope of an `AccessPolicy` that's associated to an `AccessEntry` .", "title": "AccessScope" }, "PolicyArn": { "markdownDescription": "The ARN of the access policy.", "title": "PolicyArn", "type": "string" } }, "required": [ "AccessScope", "PolicyArn" ], "type": "object" }, "AWS::EKS::AccessEntry.AccessScope": { "additionalProperties": false, "properties": { "Namespaces": { "items": { "type": "string" }, "markdownDescription": "A Kubernetes `namespace` that an access policy is scoped to. A value is required if you specified `namespace` for `Type` .", "title": "Namespaces", "type": "array" }, "Type": { "markdownDescription": "The scope type of an access policy.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EKS::Addon": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddonName": { "markdownDescription": "The name of the add-on.", "title": "AddonName", "type": "string" }, "AddonVersion": { "markdownDescription": "The version of the add-on.", "title": "AddonVersion", "type": "string" }, "ClusterName": { "markdownDescription": "The name of your cluster.", "title": "ClusterName", "type": "string" }, "ConfigurationValues": { "markdownDescription": "The configuration values that you provided.", "title": "ConfigurationValues", "type": "string" }, "PreserveOnDelete": { "markdownDescription": "Specifying this option preserves the add-on software on your cluster but Amazon EKS stops managing any settings for the add-on. If an IAM account is associated with the add-on, it isn't removed.", "title": "PreserveOnDelete", "type": "boolean" }, "ResolveConflicts": { "markdownDescription": "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose:\n\n- *None* \u2013 If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail.\n- *Overwrite* \u2013 If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value.\n- *Preserve* \u2013 This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see [UpdateAddon](https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html) .\n\nIf you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.", "title": "ResolveConflicts", "type": "string" }, "ServiceAccountRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the *Amazon EKS User Guide* .\n\n> To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see [Enabling IAM roles for service accounts on your cluster](https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the *Amazon EKS User Guide* .", "title": "ServiceAccountRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the add-on to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Add-on tags do not propagate to any other resources associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ "AddonName", "ClusterName" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::Addon" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessConfig": { "$ref": "#/definitions/AWS::EKS::Cluster.AccessConfig", "markdownDescription": "The access configuration for the cluster.", "title": "AccessConfig" }, "EncryptionConfig": { "items": { "$ref": "#/definitions/AWS::EKS::Cluster.EncryptionConfig" }, "markdownDescription": "The encryption configuration for the cluster.", "title": "EncryptionConfig", "type": "array" }, "KubernetesNetworkConfig": { "$ref": "#/definitions/AWS::EKS::Cluster.KubernetesNetworkConfig", "markdownDescription": "The Kubernetes network configuration for the cluster.", "title": "KubernetesNetworkConfig" }, "Logging": { "$ref": "#/definitions/AWS::EKS::Cluster.Logging", "markdownDescription": "The logging configuration for your cluster.", "title": "Logging" }, "Name": { "markdownDescription": "The unique name to give to your cluster.", "title": "Name", "type": "string" }, "OutpostConfig": { "$ref": "#/definitions/AWS::EKS::Cluster.OutpostConfig", "markdownDescription": "An object representing the configuration of your local Amazon EKS cluster on an AWS Outpost. This object isn't available for clusters on the AWS cloud.", "title": "OutpostConfig" }, "ResourcesVpcConfig": { "$ref": "#/definitions/AWS::EKS::Cluster.ResourcesVpcConfig", "markdownDescription": "The VPC configuration that's used by the cluster control plane. Amazon EKS VPC resources have specific requirements to work properly with Kubernetes. For more information, see [Cluster VPC Considerations](https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html) and [Cluster Security Group Considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the *Amazon EKS User Guide* . You must specify at least two subnets. You can specify up to five security groups, but we recommend that you use a dedicated security group for your cluster control plane.", "title": "ResourcesVpcConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that provides permissions for the Kubernetes control plane to make calls to AWS API operations on your behalf. For more information, see [Amazon EKS Service IAM Role](https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html) in the **Amazon EKS User Guide** .", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the cluster to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Cluster tags don't propagate to any other resources associated with the cluster.\n\n> You must have the `eks:TagResource` and `eks:UntagResource` permissions for your [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the AWS CloudFormation stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.", "title": "Tags", "type": "array" }, "Version": { "markdownDescription": "The desired Kubernetes version for your cluster. If you don't specify a value here, the default version available in Amazon EKS is used.\n\n> The default version might not be the latest version available.", "title": "Version", "type": "string" } }, "required": [ "ResourcesVpcConfig", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::Cluster.AccessConfig": { "additionalProperties": false, "properties": { "AuthenticationMode": { "markdownDescription": "The desired authentication mode for the cluster. If you create a cluster by using the EKS API, AWS SDKs, or AWS CloudFormation , the default is `CONFIG_MAP` . If you create the cluster by using the AWS Management Console , the default value is `API_AND_CONFIG_MAP` .", "title": "AuthenticationMode", "type": "string" }, "BootstrapClusterCreatorAdminPermissions": { "markdownDescription": "Specifies whether or not the cluster creator IAM principal was set as a cluster admin access entry during cluster creation time. The default value is `true` .", "title": "BootstrapClusterCreatorAdminPermissions", "type": "boolean" } }, "type": "object" }, "AWS::EKS::Cluster.ClusterLogging": { "additionalProperties": false, "properties": { "EnabledTypes": { "items": { "$ref": "#/definitions/AWS::EKS::Cluster.LoggingTypeConfig" }, "markdownDescription": "The enabled control plane logs for your cluster. All log types are disabled if the array is empty.\n\n> When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it.", "title": "EnabledTypes", "type": "array" } }, "type": "object" }, "AWS::EKS::Cluster.ControlPlanePlacement": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the placement group for the Kubernetes control plane instances. This property is only used for a local cluster on an AWS Outpost.", "title": "GroupName", "type": "string" } }, "type": "object" }, "AWS::EKS::Cluster.EncryptionConfig": { "additionalProperties": false, "properties": { "Provider": { "$ref": "#/definitions/AWS::EKS::Cluster.Provider", "markdownDescription": "The encryption provider for the cluster.", "title": "Provider" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "Specifies the resources to be encrypted. The only supported value is `secrets` .", "title": "Resources", "type": "array" } }, "type": "object" }, "AWS::EKS::Cluster.KubernetesNetworkConfig": { "additionalProperties": false, "properties": { "IpFamily": { "markdownDescription": "Specify which IP family is used to assign Kubernetes pod and service IP addresses. If you don't specify a value, `ipv4` is used by default. You can only specify an IP family when you create a cluster and can't change this value once the cluster is created. If you specify `ipv6` , the VPC and subnets that you specify for cluster creation must have both `IPv4` and `IPv6` CIDR blocks assigned to them. You can't specify `ipv6` for clusters in China Regions.\n\nYou can only specify `ipv6` for `1.21` and later clusters that use version `1.10.1` or later of the Amazon VPC CNI add-on. If you specify `ipv6` , then ensure that your VPC meets the requirements listed in the considerations listed in [Assigning IPv6 addresses to pods and services](https://docs.aws.amazon.com/eks/latest/userguide/cni-ipv6.html) in the Amazon EKS User Guide. Kubernetes assigns services `IPv6` addresses from the unique local address range `(fc00::/7)` . You can't specify a custom `IPv6` CIDR block. Pod addresses are assigned from the subnet's `IPv6` CIDR.", "title": "IpFamily", "type": "string" }, "ServiceIpv4Cidr": { "markdownDescription": "Don't specify a value if you select `ipv6` for *ipFamily* . The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the `10.100.0.0/16` or `172.20.0.0/16` CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. The block must meet the following requirements:\n\n- Within one of the following private IP address blocks: `10.0.0.0/8` , `172.16.0.0/12` , or `192.168.0.0/16` .\n- Doesn't overlap with any CIDR block assigned to the VPC that you selected for VPC.\n- Between `/24` and `/12` .\n\n> You can only specify a custom CIDR block when you create a cluster. You can't change this value after the cluster is created.", "title": "ServiceIpv4Cidr", "type": "string" }, "ServiceIpv6Cidr": { "markdownDescription": "The CIDR block that Kubernetes pod and service IP addresses are assigned from if you created a 1.21 or later cluster with version 1.10.1 or later of the Amazon VPC CNI add-on and specified `ipv6` for *ipFamily* when you created the cluster. Kubernetes assigns service addresses from the unique local address range ( `fc00::/7` ) because you can't specify a custom IPv6 CIDR block when you create the cluster.", "title": "ServiceIpv6Cidr", "type": "string" } }, "type": "object" }, "AWS::EKS::Cluster.Logging": { "additionalProperties": false, "properties": { "ClusterLogging": { "$ref": "#/definitions/AWS::EKS::Cluster.ClusterLogging", "markdownDescription": "The cluster control plane logging configuration for your cluster.", "title": "ClusterLogging" } }, "type": "object" }, "AWS::EKS::Cluster.LoggingTypeConfig": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The name of the log type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::EKS::Cluster.OutpostConfig": { "additionalProperties": false, "properties": { "ControlPlaneInstanceType": { "markdownDescription": "The Amazon EC2 instance type that you want to use for your local Amazon EKS cluster on Outposts. Choose an instance type based on the number of nodes that your cluster will have. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .\n\nThe instance type that you specify is used for all Kubernetes control plane instances. The instance type can't be changed after cluster creation. The control plane is not automatically scaled by Amazon EKS.", "title": "ControlPlaneInstanceType", "type": "string" }, "ControlPlanePlacement": { "$ref": "#/definitions/AWS::EKS::Cluster.ControlPlanePlacement", "markdownDescription": "An object representing the placement configuration for all the control plane instances of your local Amazon EKS cluster on an AWS Outpost. For more information, see [Capacity considerations](https://docs.aws.amazon.com/eks/latest/userguide/eks-outposts-capacity-considerations.html) in the *Amazon EKS User Guide* .", "title": "ControlPlanePlacement" }, "OutpostArns": { "items": { "type": "string" }, "markdownDescription": "The ARN of the Outpost that you want to use for your local Amazon EKS cluster on Outposts. Only a single Outpost ARN is supported.", "title": "OutpostArns", "type": "array" } }, "required": [ "ControlPlaneInstanceType", "OutpostArns" ], "type": "object" }, "AWS::EKS::Cluster.Provider": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric and created in the same AWS Region as the cluster. If the KMS key was created in a different account, the [IAM principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) must have access to the KMS key. For more information, see [Allowing users in other accounts to use a KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html) in the *AWS Key Management Service Developer Guide* .", "title": "KeyArn", "type": "string" } }, "type": "object" }, "AWS::EKS::Cluster.ResourcesVpcConfig": { "additionalProperties": false, "properties": { "EndpointPrivateAccess": { "markdownDescription": "Set this value to `true` to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is `false` , which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that `publicAccessCidrs` includes the necessary CIDR blocks for communication with the nodes or Fargate pods. For more information, see [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", "title": "EndpointPrivateAccess", "type": "boolean" }, "EndpointPublicAccess": { "markdownDescription": "Set this value to `false` to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is `true` , which enables public access for your Kubernetes API server. For more information, see [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", "title": "EndpointPublicAccess", "type": "boolean" }, "PublicAccessCidrs": { "items": { "type": "string" }, "markdownDescription": "The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is `0.0.0.0/0` . If you've disabled private endpoint access, make sure that you specify the necessary CIDR blocks for every node and AWS Fargate `Pod` in the cluster. For more information, see [Amazon EKS cluster endpoint access control](https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html) in the **Amazon EKS User Guide** .", "title": "PublicAccessCidrs", "type": "array" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use that allow communication between your nodes and the Kubernetes control plane. If you don't specify any security groups, then familiarize yourself with the difference between Amazon EKS defaults for clusters deployed with Kubernetes. For more information, see [Amazon EKS security group considerations](https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html) in the **Amazon EKS User Guide** .", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane.", "title": "SubnetIds", "type": "array" } }, "required": [ "SubnetIds" ], "type": "object" }, "AWS::EKS::FargateProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterName": { "markdownDescription": "The name of your cluster.", "title": "ClusterName", "type": "string" }, "FargateProfileName": { "markdownDescription": "The name of the Fargate profile.", "title": "FargateProfileName", "type": "string" }, "PodExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `Pod` execution role to use for a `Pod` that matches the selectors in the Fargate profile. The `Pod` execution role allows Fargate infrastructure to register with your cluster as a node, and it provides read access to Amazon ECR image repositories. For more information, see [`Pod` execution role](https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html) in the *Amazon EKS User Guide* .", "title": "PodExecutionRoleArn", "type": "string" }, "Selectors": { "items": { "$ref": "#/definitions/AWS::EKS::FargateProfile.Selector" }, "markdownDescription": "The selectors to match for a `Pod` to use this Fargate profile. Each selector must have an associated Kubernetes `namespace` . Optionally, you can also specify `labels` for a `namespace` . You may specify up to five selectors in a Fargate profile.", "title": "Selectors", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The IDs of subnets to launch a `Pod` into. A `Pod` running on Fargate isn't assigned a public IP address, so only private subnets (with no direct route to an Internet Gateway) are accepted for this parameter.", "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" } }, "required": [ "ClusterName", "PodExecutionRoleArn", "Selectors" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::FargateProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::FargateProfile.Label": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "Enter a key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "Enter a value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EKS::FargateProfile.Selector": { "additionalProperties": false, "properties": { "Labels": { "items": { "$ref": "#/definitions/AWS::EKS::FargateProfile.Label" }, "markdownDescription": "The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match.", "title": "Labels", "type": "array" }, "Namespace": { "markdownDescription": "The Kubernetes `namespace` that the selector should match.", "title": "Namespace", "type": "string" } }, "required": [ "Namespace" ], "type": "object" }, "AWS::EKS::IdentityProviderConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterName": { "markdownDescription": "The name of your cluster.", "title": "ClusterName", "type": "string" }, "IdentityProviderConfigName": { "markdownDescription": "The name of the configuration.", "title": "IdentityProviderConfigName", "type": "string" }, "Oidc": { "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig", "markdownDescription": "An object representing an OpenID Connect (OIDC) identity provider configuration.", "title": "Oidc" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the identity provider configuration. The only type available is `oidc` .", "title": "Type", "type": "string" } }, "required": [ "ClusterName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::IdentityProviderConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::IdentityProviderConfig.OidcIdentityProviderConfig": { "additionalProperties": false, "properties": { "ClientId": { "markdownDescription": "This is also known as *audience* . The ID of the client application that makes authentication requests to the OIDC identity provider.", "title": "ClientId", "type": "string" }, "GroupsClaim": { "markdownDescription": "The JSON web token (JWT) claim that the provider uses to return your groups.", "title": "GroupsClaim", "type": "string" }, "GroupsPrefix": { "markdownDescription": "The prefix that is prepended to group claims to prevent clashes with existing names (such as `system:` groups). For example, the value `oidc:` creates group names like `oidc:engineering` and `oidc:infra` . The prefix can't contain `system:`", "title": "GroupsPrefix", "type": "string" }, "IssuerUrl": { "markdownDescription": "The URL of the OIDC identity provider that allows the API server to discover public signing keys for verifying tokens.", "title": "IssuerUrl", "type": "string" }, "RequiredClaims": { "items": { "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig.RequiredClaim" }, "markdownDescription": "The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value.", "title": "RequiredClaims", "type": "array" }, "UsernameClaim": { "markdownDescription": "The JSON Web token (JWT) claim that is used as the username.", "title": "UsernameClaim", "type": "string" }, "UsernamePrefix": { "markdownDescription": "The prefix that is prepended to username claims to prevent clashes with existing names. The prefix can't contain `system:`", "title": "UsernamePrefix", "type": "string" } }, "required": [ "ClientId", "IssuerUrl" ], "type": "object" }, "AWS::EKS::IdentityProviderConfig.RequiredClaim": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key to match from the token.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value for the key from the token.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EKS::Nodegroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmiType": { "markdownDescription": "The AMI type for your node group. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `amiType` , or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add `eks:kube-proxy-windows` to your Windows nodes `rolearn` in the `aws-auth` `ConfigMap` . For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "AmiType", "type": "string" }, "CapacityType": { "markdownDescription": "The capacity type of your managed node group.", "title": "CapacityType", "type": "string" }, "ClusterName": { "markdownDescription": "The name of your cluster.", "title": "ClusterName", "type": "string" }, "DiskSize": { "markdownDescription": "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify `launchTemplate` , then don't specify `diskSize` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "DiskSize", "type": "number" }, "ForceUpdateEnabled": { "markdownDescription": "Force the update if any `Pod` on the existing node group can't be drained due to a `Pod` disruption budget issue. If an update fails because all Pods can't be drained, you can force the update after it fails to terminate the old node whether or not any `Pod` is running on the node.", "title": "ForceUpdateEnabled", "type": "boolean" }, "InstanceTypes": { "items": { "type": "string" }, "markdownDescription": "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the `amiType` parameter. If you specify `launchTemplate` , then you can specify zero or one instance type in your launch template *or* you can specify 0-20 instance types for `instanceTypes` . If however, you specify an instance type in your launch template *and* specify any `instanceTypes` , the node group deployment will fail. If you don't specify an instance type in a launch template or for `instanceTypes` , then `t3.medium` is used, by default. If you specify `Spot` for `capacityType` , then we recommend specifying multiple values for `instanceTypes` . For more information, see [Managed node group capacity types](https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "InstanceTypes", "type": "array" }, "Labels": { "additionalProperties": true, "markdownDescription": "The Kubernetes `labels` applied to the nodes in the node group.\n\n> Only `labels` that are applied with the Amazon EKS API are shown here. There may be other Kubernetes `labels` applied to the nodes in this group.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Labels", "type": "object" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::EKS::Nodegroup.LaunchTemplateSpecification", "markdownDescription": "An object representing a node group's launch template specification. When using this object, don't directly specify `instanceTypes` , `diskSize` , or `remoteAccess` . Make sure that the launch template meets the requirements in `launchTemplateSpecification` . Also refer to [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "LaunchTemplate" }, "NodeRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node `kubelet` daemon makes calls to AWS APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see [Amazon EKS node IAM role](https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the **Amazon EKS User Guide** . If you specify `launchTemplate` , then don't specify `[IamInstanceProfile](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "NodeRole", "type": "string" }, "NodegroupName": { "markdownDescription": "The unique name to give your node group.", "title": "NodegroupName", "type": "string" }, "ReleaseVersion": { "markdownDescription": "The AMI version of the Amazon EKS optimized AMI to use with your node group (for example, `1.14.7- *YYYYMMDD*` ). By default, the latest available AMI version for the node group's current Kubernetes version is used. For more information, see [Amazon EKS optimized Linux AMI Versions](https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the *Amazon EKS User Guide* .\n\n> Changing this value triggers an update of the node group if one is available. You can't update other properties at the same time as updating `Release Version` .", "title": "ReleaseVersion", "type": "string" }, "RemoteAccess": { "$ref": "#/definitions/AWS::EKS::Nodegroup.RemoteAccess", "markdownDescription": "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify `launchTemplate` , then don't specify `remoteAccess` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "RemoteAccess" }, "ScalingConfig": { "$ref": "#/definitions/AWS::EKS::Nodegroup.ScalingConfig", "markdownDescription": "The scaling configuration details for the Auto Scaling group that is created for your node group.", "title": "ScalingConfig" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The subnets to use for the Auto Scaling group that is created for your node group. If you specify `launchTemplate` , then don't specify `[SubnetId](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html)` in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Customizing managed nodes with launch templates](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .", "title": "Subnets", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Taints": { "items": { "$ref": "#/definitions/AWS::EKS::Nodegroup.Taint" }, "markdownDescription": "The Kubernetes taints to be applied to the nodes in the node group when they are created. Effect is one of `No_Schedule` , `Prefer_No_Schedule` , or `No_Execute` . Kubernetes taints can be used together with tolerations to control how workloads are scheduled to your nodes. For more information, see [Node taints on managed node groups](https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html) .", "title": "Taints", "type": "array" }, "UpdateConfig": { "$ref": "#/definitions/AWS::EKS::Nodegroup.UpdateConfig", "markdownDescription": "The node group update configuration.", "title": "UpdateConfig" }, "Version": { "markdownDescription": "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify `launchTemplate` , and your launch template uses a custom AMI, then don't specify `version` , or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see [Launch template support](https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the *Amazon EKS User Guide* .\n\n> You can't update other properties at the same time as updating `Version` .", "title": "Version", "type": "string" } }, "required": [ "ClusterName", "NodeRole", "Subnets" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::Nodegroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EKS::Nodegroup.LaunchTemplateSpecification": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the launch template.\n\nYou must specify either the launch template ID or the launch template name in the request, but not both.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the launch template.\n\nYou must specify either the launch template name or the launch template ID in the request, but not both.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version number of the launch template to use. If no version is specified, then the template's default version is used.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::EKS::Nodegroup.RemoteAccess": { "additionalProperties": false, "properties": { "Ec2SshKey": { "markdownDescription": "The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* .", "title": "Ec2SshKey", "type": "string" }, "SourceSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* .", "title": "SourceSecurityGroups", "type": "array" } }, "required": [ "Ec2SshKey" ], "type": "object" }, "AWS::EKS::Nodegroup.ScalingConfig": { "additionalProperties": false, "properties": { "DesiredSize": { "markdownDescription": "The current number of nodes that the managed node group should maintain.\n\n> If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. \n\nWhenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template.\n\nThis parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` .", "title": "DesiredSize", "type": "number" }, "MaxSize": { "markdownDescription": "The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* .", "title": "MaxSize", "type": "number" }, "MinSize": { "markdownDescription": "The minimum number of nodes that the managed node group can scale in to.", "title": "MinSize", "type": "number" } }, "type": "object" }, "AWS::EKS::Nodegroup.Taint": { "additionalProperties": false, "properties": { "Effect": { "markdownDescription": "The effect of the taint.", "title": "Effect", "type": "string" }, "Key": { "markdownDescription": "The key of the taint.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the taint.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::EKS::Nodegroup.UpdateConfig": { "additionalProperties": false, "properties": { "MaxUnavailable": { "markdownDescription": "The maximum number of nodes unavailable at once during a version update. Nodes are updated in parallel. This value or `maxUnavailablePercentage` is required to have a value.The maximum number is 100.", "title": "MaxUnavailable", "type": "number" }, "MaxUnavailablePercentage": { "markdownDescription": "The maximum percentage of nodes unavailable during a version update. This percentage of nodes are updated in parallel, up to 100 nodes at once. This value or `maxUnavailable` is required to have a value.", "title": "MaxUnavailablePercentage", "type": "number" } }, "type": "object" }, "AWS::EKS::PodIdentityAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterName": { "markdownDescription": "The name of the cluster that the association is in.", "title": "ClusterName", "type": "string" }, "Namespace": { "markdownDescription": "The name of the Kubernetes namespace inside the cluster to create the association in. The service account and the pods that use the service account must be in this namespace.", "title": "Namespace", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to associate with the service account. The EKS Pod Identity agent manages credentials to assume this role for applications in the containers in the pods that use this service account.", "title": "RoleArn", "type": "string" }, "ServiceAccount": { "markdownDescription": "The name of the Kubernetes service account inside the cluster to associate the IAM credentials with.", "title": "ServiceAccount", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or AWS resources.\n\nThe following basic restrictions apply to tags:\n\n- Maximum number of tags per resource \u2013 50\n- For each resource, each tag key must be unique, and each tag key can have only one value.\n- Maximum key length \u2013 128 Unicode characters in UTF-8\n- Maximum value length \u2013 256 Unicode characters in UTF-8\n- If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @.\n- Tag keys and values are case-sensitive.\n- Do not use `aws:` , `AWS:` , or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit.", "title": "Tags", "type": "array" } }, "required": [ "ClusterName", "Namespace", "RoleArn", "ServiceAccount" ], "type": "object" }, "Type": { "enum": [ "AWS::EKS::PodIdentityAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalInfo": { "markdownDescription": "A JSON string for selecting additional features.", "title": "AdditionalInfo", "type": "object" }, "Applications": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.Application" }, "markdownDescription": "The applications to install on this cluster, for example, Spark, Flink, Oozie, Zeppelin, and so on.", "title": "Applications", "type": "array" }, "AutoScalingRole": { "markdownDescription": "An IAM role for automatic scaling policies. The default role is `EMR_AutoScaling_DefaultRole` . The IAM role provides permissions that the automatic scaling feature requires to launch and terminate Amazon EC2 instances in an instance group.", "title": "AutoScalingRole", "type": "string" }, "AutoTerminationPolicy": { "$ref": "#/definitions/AWS::EMR::Cluster.AutoTerminationPolicy", "markdownDescription": "An auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see [Control cluster termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) .", "title": "AutoTerminationPolicy" }, "BootstrapActions": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.BootstrapActionConfig" }, "markdownDescription": "A list of bootstrap actions to run before Hadoop starts on the cluster nodes.", "title": "BootstrapActions", "type": "array" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, "markdownDescription": "Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.", "title": "Configurations", "type": "array" }, "CustomAmiId": { "markdownDescription": "Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.", "title": "CustomAmiId", "type": "string" }, "EbsRootVolumeIops": { "markdownDescription": "The IOPS, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", "title": "EbsRootVolumeIops", "type": "number" }, "EbsRootVolumeSize": { "markdownDescription": "The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.", "title": "EbsRootVolumeSize", "type": "number" }, "EbsRootVolumeThroughput": { "markdownDescription": "The throughput, in MiB/s, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 6.15.0 and later.", "title": "EbsRootVolumeThroughput", "type": "number" }, "Instances": { "$ref": "#/definitions/AWS::EMR::Cluster.JobFlowInstancesConfig", "markdownDescription": "A specification of the number and type of Amazon EC2 instances.", "title": "Instances" }, "JobFlowRole": { "markdownDescription": "Also called instance profile and Amazon EC2 role. An IAM role for an Amazon EMR cluster. The Amazon EC2 instances of the cluster assume this role. The default role is `EMR_EC2_DefaultRole` . In order to use the default role, you must have already created it using the AWS CLI or console.", "title": "JobFlowRole", "type": "string" }, "KerberosAttributes": { "$ref": "#/definitions/AWS::EMR::Cluster.KerberosAttributes", "markdownDescription": "Attributes for Kerberos configuration when Kerberos authentication is enabled using a security configuration. For more information see [Use Kerberos Authentication](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-kerberos.html) in the *Amazon EMR Management Guide* .", "title": "KerberosAttributes" }, "LogEncryptionKmsKeyId": { "markdownDescription": "The AWS KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.", "title": "LogEncryptionKmsKeyId", "type": "string" }, "LogUri": { "markdownDescription": "The path to the Amazon S3 location where logs for this cluster are stored.", "title": "LogUri", "type": "string" }, "ManagedScalingPolicy": { "$ref": "#/definitions/AWS::EMR::Cluster.ManagedScalingPolicy", "markdownDescription": "Creates or updates a managed scaling policy for an Amazon EMR cluster. The managed scaling policy defines the limits for resources, such as Amazon EC2 instances that can be added or terminated from a cluster. The policy only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "ManagedScalingPolicy" }, "Name": { "markdownDescription": "The name of the cluster. This parameter can't contain the characters <, >, $, |, or ` (backtick).", "title": "Name", "type": "string" }, "OSReleaseLabel": { "markdownDescription": "The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.", "title": "OSReleaseLabel", "type": "string" }, "PlacementGroupConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.PlacementGroupConfig" }, "markdownDescription": "", "title": "PlacementGroupConfigs", "type": "array" }, "ReleaseLabel": { "markdownDescription": "The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form `emr-x.x.x` , where x.x.x is an Amazon EMR release version such as `emr-5.14.0` . For more information about Amazon EMR release versions and included application versions and features, see [](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/) . The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use `AmiVersion` .", "title": "ReleaseLabel", "type": "string" }, "ScaleDownBehavior": { "markdownDescription": "The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. `TERMINATE_AT_INSTANCE_HOUR` indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. `TERMINATE_AT_TASK_COMPLETION` indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. `TERMINATE_AT_TASK_COMPLETION` is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.", "title": "ScaleDownBehavior", "type": "string" }, "SecurityConfiguration": { "markdownDescription": "The name of the security configuration applied to the cluster.", "title": "SecurityConfiguration", "type": "string" }, "ServiceRole": { "markdownDescription": "The IAM role that Amazon EMR assumes in order to access AWS resources on your behalf.", "title": "ServiceRole", "type": "string" }, "StepConcurrencyLevel": { "markdownDescription": "Specifies the number of steps that can be executed concurrently. The default value is `1` . The maximum value is `256` .", "title": "StepConcurrencyLevel", "type": "number" }, "Steps": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.StepConfig" }, "markdownDescription": "A list of steps to run.", "title": "Steps", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags associated with a cluster.", "title": "Tags", "type": "array" }, "VisibleToAllUsers": { "markdownDescription": "Indicates whether the cluster is visible to all IAM users of the AWS account associated with the cluster. If this value is set to `true` , all IAM users of that AWS account can view and manage the cluster if they have the proper policy permissions set. If this value is `false` , only the IAM user that created the cluster can view and manage it. This value can be changed using the SetVisibleToAllUsers action.\n\n> When you create clusters directly through the EMR console or API, this value is set to `true` by default. However, for `AWS::EMR::Cluster` resources in CloudFormation, the default is `false` .", "title": "VisibleToAllUsers", "type": "boolean" } }, "required": [ "Instances", "JobFlowRole", "Name", "ServiceRole" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::Cluster.Application": { "additionalProperties": false, "properties": { "AdditionalInfo": { "additionalProperties": true, "markdownDescription": "This option is for advanced users only. This is meta information about clusters and applications that are used for testing and troubleshooting.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalInfo", "type": "object" }, "Args": { "items": { "type": "string" }, "markdownDescription": "Arguments for Amazon EMR to pass to the application.", "title": "Args", "type": "array" }, "Name": { "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version of the application.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::EMR::Cluster.AutoScalingPolicy": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::EMR::Cluster.ScalingConstraints", "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", "title": "Constraints" }, "Rules": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.ScalingRule" }, "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", "title": "Rules", "type": "array" } }, "required": [ "Constraints", "Rules" ], "type": "object" }, "AWS::EMR::Cluster.AutoTerminationPolicy": { "additionalProperties": false, "properties": { "IdleTimeout": { "markdownDescription": "Specifies the amount of idle time in seconds after which the cluster automatically terminates. You can specify a minimum of 60 seconds and a maximum of 604800 seconds (seven days).", "title": "IdleTimeout", "type": "number" } }, "type": "object" }, "AWS::EMR::Cluster.BootstrapActionConfig": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the bootstrap action.", "title": "Name", "type": "string" }, "ScriptBootstrapAction": { "$ref": "#/definitions/AWS::EMR::Cluster.ScriptBootstrapActionConfig", "markdownDescription": "The script run by the bootstrap action.", "title": "ScriptBootstrapAction" } }, "required": [ "Name", "ScriptBootstrapAction" ], "type": "object" }, "AWS::EMR::Cluster.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", "title": "ComparisonOperator", "type": "string" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.MetricDimension" }, "markdownDescription": "A CloudWatch metric dimension.", "title": "Dimensions", "type": "array" }, "EvaluationPeriods": { "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", "title": "EvaluationPeriods", "type": "number" }, "MetricName": { "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", "title": "Namespace", "type": "string" }, "Period": { "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", "title": "Period", "type": "number" }, "Statistic": { "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", "title": "Statistic", "type": "string" }, "Threshold": { "markdownDescription": "The value against which the specified statistic is compared.", "title": "Threshold", "type": "number" }, "Unit": { "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", "title": "Unit", "type": "string" } }, "required": [ "ComparisonOperator", "MetricName", "Period", "Threshold" ], "type": "object" }, "AWS::EMR::Cluster.ComputeLimits": { "additionalProperties": false, "properties": { "MaximumCapacityUnits": { "markdownDescription": "The upper boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "MaximumCapacityUnits", "type": "number" }, "MaximumCoreCapacityUnits": { "markdownDescription": "The upper boundary of Amazon EC2 units for core node type in a cluster. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The core units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between core and task nodes.", "title": "MaximumCoreCapacityUnits", "type": "number" }, "MaximumOnDemandCapacityUnits": { "markdownDescription": "The upper boundary of On-Demand Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. The On-Demand units are not allowed to scale beyond this boundary. The parameter is used to split capacity allocation between On-Demand and Spot Instances.", "title": "MaximumOnDemandCapacityUnits", "type": "number" }, "MinimumCapacityUnits": { "markdownDescription": "The lower boundary of Amazon EC2 units. It is measured through vCPU cores or instances for instance groups and measured through units for instance fleets. Managed scaling activities are not allowed beyond this boundary. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "MinimumCapacityUnits", "type": "number" }, "UnitType": { "markdownDescription": "The unit type used for specifying a managed scaling policy.", "title": "UnitType", "type": "string" } }, "required": [ "MaximumCapacityUnits", "MinimumCapacityUnits", "UnitType" ], "type": "object" }, "AWS::EMR::Cluster.Configuration": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "The classification within a configuration.", "title": "Classification", "type": "string" }, "ConfigurationProperties": { "additionalProperties": true, "markdownDescription": "A list of additional configurations to apply within a configuration object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ConfigurationProperties", "type": "object" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, "markdownDescription": "A list of additional configurations to apply within a configuration object.", "title": "Configurations", "type": "array" } }, "type": "object" }, "AWS::EMR::Cluster.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { "VolumeSpecification": { "$ref": "#/definitions/AWS::EMR::Cluster.VolumeSpecification", "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", "title": "VolumeSpecification" }, "VolumesPerInstance": { "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", "title": "VolumesPerInstance", "type": "number" } }, "required": [ "VolumeSpecification" ], "type": "object" }, "AWS::EMR::Cluster.EbsConfiguration": { "additionalProperties": false, "properties": { "EbsBlockDeviceConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.EbsBlockDeviceConfig" }, "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", "title": "EbsBlockDeviceConfigs", "type": "array" }, "EbsOptimized": { "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized.", "title": "EbsOptimized", "type": "boolean" } }, "type": "object" }, "AWS::EMR::Cluster.HadoopJarStepConfig": { "additionalProperties": false, "properties": { "Args": { "items": { "type": "string" }, "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", "title": "Args", "type": "array" }, "Jar": { "markdownDescription": "A path to a JAR file run during the step.", "title": "Jar", "type": "string" }, "MainClass": { "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", "title": "MainClass", "type": "string" }, "StepProperties": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.KeyValue" }, "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key-value pairs to your main function.", "title": "StepProperties", "type": "array" } }, "required": [ "Jar" ], "type": "object" }, "AWS::EMR::Cluster.InstanceFleetConfig": { "additionalProperties": false, "properties": { "InstanceTypeConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceTypeConfig" }, "markdownDescription": "The instance type configurations that define the Amazon EC2 instances in the instance fleet.", "title": "InstanceTypeConfigs", "type": "array" }, "LaunchSpecifications": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications", "markdownDescription": "The launch specification for the instance fleet.", "title": "LaunchSpecifications" }, "Name": { "markdownDescription": "The friendly name of the instance fleet.", "title": "Name", "type": "string" }, "TargetOnDemandCapacity": { "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", "title": "TargetOnDemandCapacity", "type": "number" }, "TargetSpotCapacity": { "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", "title": "TargetSpotCapacity", "type": "number" } }, "type": "object" }, "AWS::EMR::Cluster.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { "OnDemandSpecification": { "$ref": "#/definitions/AWS::EMR::Cluster.OnDemandProvisioningSpecification", "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", "title": "OnDemandSpecification" }, "SpotSpecification": { "$ref": "#/definitions/AWS::EMR::Cluster.SpotProvisioningSpecification", "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.", "title": "SpotSpecification" } }, "type": "object" }, "AWS::EMR::Cluster.InstanceGroupConfig": { "additionalProperties": false, "properties": { "AutoScalingPolicy": { "$ref": "#/definitions/AWS::EMR::Cluster.AutoScalingPolicy", "markdownDescription": "`AutoScalingPolicy` is a subproperty of the [InstanceGroupConfig](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-emr-cluster-jobflowinstancesconfig-instancegroupconfig.html) property type that specifies the constraints and rules of an automatic scaling policy in Amazon EMR . The automatic scaling policy defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. Only core and task instance groups can use automatic scaling policies. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) .", "title": "AutoScalingPolicy" }, "BidPrice": { "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", "title": "BidPrice", "type": "string" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", "title": "Configurations", "type": "array" }, "CustomAmiId": { "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", "title": "CustomAmiId", "type": "string" }, "EbsConfiguration": { "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", "markdownDescription": "EBS configurations that will be attached to each Amazon EC2 instance in the instance group.", "title": "EbsConfiguration" }, "InstanceCount": { "markdownDescription": "Target number of instances for the instance group.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", "title": "InstanceType", "type": "string" }, "Market": { "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", "title": "Market", "type": "string" }, "Name": { "markdownDescription": "Friendly name given to the instance group.", "title": "Name", "type": "string" } }, "required": [ "InstanceCount", "InstanceType" ], "type": "object" }, "AWS::EMR::Cluster.InstanceTypeConfig": { "additionalProperties": false, "properties": { "BidPrice": { "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", "title": "BidPrice", "type": "string" }, "BidPriceAsPercentageOfOnDemandPrice": { "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", "title": "BidPriceAsPercentageOfOnDemandPrice", "type": "number" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.Configuration" }, "markdownDescription": "A configuration classification that applies when provisioning cluster instances, which can include configurations for applications and software that run on the cluster.", "title": "Configurations", "type": "array" }, "CustomAmiId": { "markdownDescription": "The custom AMI ID to use for the instance type.", "title": "CustomAmiId", "type": "string" }, "EbsConfiguration": { "$ref": "#/definitions/AWS::EMR::Cluster.EbsConfiguration", "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", "title": "EbsConfiguration" }, "InstanceType": { "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", "title": "InstanceType", "type": "string" }, "WeightedCapacity": { "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", "title": "WeightedCapacity", "type": "number" } }, "required": [ "InstanceType" ], "type": "object" }, "AWS::EMR::Cluster.JobFlowInstancesConfig": { "additionalProperties": false, "properties": { "AdditionalMasterSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of additional Amazon EC2 security group IDs for the master node.", "title": "AdditionalMasterSecurityGroups", "type": "array" }, "AdditionalSlaveSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of additional Amazon EC2 security group IDs for the core and task nodes.", "title": "AdditionalSlaveSecurityGroups", "type": "array" }, "CoreInstanceFleet": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", "markdownDescription": "Describes the EC2 instances and instance configurations for the core instance fleet when using clusters with the instance fleet configuration.", "title": "CoreInstanceFleet" }, "CoreInstanceGroup": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", "markdownDescription": "Describes the EC2 instances and instance configurations for core instance groups when using clusters with the uniform instance group configuration.", "title": "CoreInstanceGroup" }, "Ec2KeyName": { "markdownDescription": "The name of the Amazon EC2 key pair that can be used to connect to the master node using SSH as the user called \"hadoop.\"", "title": "Ec2KeyName", "type": "string" }, "Ec2SubnetId": { "markdownDescription": "Applies to clusters that use the uniform instance group configuration. To launch the cluster in Amazon Virtual Private Cloud (Amazon VPC), set this parameter to the identifier of the Amazon VPC subnet where you want the cluster to launch. If you do not specify this value and your account supports EC2-Classic, the cluster launches in EC2-Classic.", "title": "Ec2SubnetId", "type": "string" }, "Ec2SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.", "title": "Ec2SubnetIds", "type": "array" }, "EmrManagedMasterSecurityGroup": { "markdownDescription": "The identifier of the Amazon EC2 security group for the master node. If you specify `EmrManagedMasterSecurityGroup` , you must also specify `EmrManagedSlaveSecurityGroup` .", "title": "EmrManagedMasterSecurityGroup", "type": "string" }, "EmrManagedSlaveSecurityGroup": { "markdownDescription": "The identifier of the Amazon EC2 security group for the core and task nodes. If you specify `EmrManagedSlaveSecurityGroup` , you must also specify `EmrManagedMasterSecurityGroup` .", "title": "EmrManagedSlaveSecurityGroup", "type": "string" }, "HadoopVersion": { "markdownDescription": "Applies only to Amazon EMR release versions earlier than 4.0. The Hadoop version for the cluster. Valid inputs are \"0.18\" (no longer maintained), \"0.20\" (no longer maintained), \"0.20.205\" (no longer maintained), \"1.0.3\", \"2.2.0\", or \"2.4.0\". If you do not set this value, the default of 0.18 is used, unless the `AmiVersion` parameter is set in the RunJobFlow call, in which case the default version of Hadoop for that AMI version is used.", "title": "HadoopVersion", "type": "string" }, "KeepJobFlowAliveWhenNoSteps": { "markdownDescription": "Specifies whether the cluster should remain available after completing all steps. Defaults to `false` . For more information about configuring cluster termination, see [Control Cluster Termination](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-plan-termination.html) in the *EMR Management Guide* .", "title": "KeepJobFlowAliveWhenNoSteps", "type": "boolean" }, "MasterInstanceFleet": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig", "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance fleet when using clusters with the instance fleet configuration.", "title": "MasterInstanceFleet" }, "MasterInstanceGroup": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig", "markdownDescription": "Describes the EC2 instances and instance configurations for the master instance group when using clusters with the uniform instance group configuration.", "title": "MasterInstanceGroup" }, "Placement": { "$ref": "#/definitions/AWS::EMR::Cluster.PlacementType", "markdownDescription": "The Availability Zone in which the cluster runs.", "title": "Placement" }, "ServiceAccessSecurityGroup": { "markdownDescription": "The identifier of the Amazon EC2 security group for the Amazon EMR service to access clusters in VPC private subnets.", "title": "ServiceAccessSecurityGroup", "type": "string" }, "TaskInstanceFleets": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceFleetConfig" }, "markdownDescription": "Describes the EC2 instances and instance configurations for the task instance fleets when using clusters with the instance fleet configuration. These task instance fleets are added to the cluster as part of the cluster launch. Each task instance fleet must have a unique name specified so that CloudFormation can differentiate between the task instance fleets.\n\n> You can currently specify only one task instance fleet for a cluster. After creating the cluster, you can only modify the mutable properties of `InstanceFleetConfig` , which are `TargetOnDemandCapacity` and `TargetSpotCapacity` . Modifying any other property results in cluster replacement. > To allow a maximum of 30 Amazon EC2 instance types per fleet, include `TaskInstanceFleets` when you create your cluster. If you create your cluster without `TaskInstanceFleets` , Amazon EMR uses its default allocation strategy, which allows for a maximum of five Amazon EC2 instance types.", "title": "TaskInstanceFleets", "type": "array" }, "TaskInstanceGroups": { "items": { "$ref": "#/definitions/AWS::EMR::Cluster.InstanceGroupConfig" }, "markdownDescription": "Describes the EC2 instances and instance configurations for task instance groups when using clusters with the uniform instance group configuration. These task instance groups are added to the cluster as part of the cluster launch. Each task instance group must have a unique name specified so that CloudFormation can differentiate between the task instance groups.\n\n> After creating the cluster, you can only modify the mutable properties of `InstanceGroupConfig` , which are `AutoScalingPolicy` and `InstanceCount` . Modifying any other property results in cluster replacement.", "title": "TaskInstanceGroups", "type": "array" }, "TerminationProtected": { "markdownDescription": "Specifies whether to lock the cluster to prevent the Amazon EC2 instances from being terminated by API call, user intervention, or in the event of a job-flow error.", "title": "TerminationProtected", "type": "boolean" }, "UnhealthyNodeReplacement": { "markdownDescription": "Indicates whether Amazon EMR should gracefully replace core nodes that have degraded within the cluster.", "title": "UnhealthyNodeReplacement", "type": "boolean" } }, "type": "object" }, "AWS::EMR::Cluster.KerberosAttributes": { "additionalProperties": false, "properties": { "ADDomainJoinPassword": { "markdownDescription": "The Active Directory password for `ADDomainJoinUser` .", "title": "ADDomainJoinPassword", "type": "string" }, "ADDomainJoinUser": { "markdownDescription": "Required only when establishing a cross-realm trust with an Active Directory domain. A user with sufficient privileges to join resources to the domain.", "title": "ADDomainJoinUser", "type": "string" }, "CrossRealmTrustPrincipalPassword": { "markdownDescription": "Required only when establishing a cross-realm trust with a KDC in a different realm. The cross-realm principal password, which must be identical across realms.", "title": "CrossRealmTrustPrincipalPassword", "type": "string" }, "KdcAdminPassword": { "markdownDescription": "The password used within the cluster for the kadmin service on the cluster-dedicated KDC, which maintains Kerberos principals, password policies, and keytabs for the cluster.", "title": "KdcAdminPassword", "type": "string" }, "Realm": { "markdownDescription": "The name of the Kerberos realm to which all nodes in a cluster belong. For example, `EC2.INTERNAL` .", "title": "Realm", "type": "string" } }, "required": [ "KdcAdminPassword", "Realm" ], "type": "object" }, "AWS::EMR::Cluster.KeyValue": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The unique identifier of a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value part of the identified key.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::EMR::Cluster.ManagedScalingPolicy": { "additionalProperties": false, "properties": { "ComputeLimits": { "$ref": "#/definitions/AWS::EMR::Cluster.ComputeLimits", "markdownDescription": "The Amazon EC2 unit limits for a managed scaling policy. The managed scaling activity of a cluster is not allowed to go above or below these limits. The limit only applies to the core and task nodes. The master node cannot be scaled after initial configuration.", "title": "ComputeLimits" } }, "type": "object" }, "AWS::EMR::Cluster.MetricDimension": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The dimension name.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The dimension value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EMR::Cluster.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", "title": "AllocationStrategy", "type": "string" } }, "required": [ "AllocationStrategy" ], "type": "object" }, "AWS::EMR::Cluster.PlacementGroupConfig": { "additionalProperties": false, "properties": { "InstanceRole": { "markdownDescription": "Role of the instance in the cluster.\n\nStarting with Amazon EMR release 5.23.0, the only supported instance role is `MASTER` .", "title": "InstanceRole", "type": "string" }, "PlacementStrategy": { "markdownDescription": "Amazon EC2 Placement Group strategy associated with instance role.\n\nStarting with Amazon EMR release 5.23.0, the only supported placement strategy is `SPREAD` for the `MASTER` instance role.", "title": "PlacementStrategy", "type": "string" } }, "required": [ "InstanceRole" ], "type": "object" }, "AWS::EMR::Cluster.PlacementType": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Amazon EC2 Availability Zone for the cluster. `AvailabilityZone` is used for uniform instance groups, while `AvailabilityZones` (plural) is used for instance fleets.", "title": "AvailabilityZone", "type": "string" } }, "required": [ "AvailabilityZone" ], "type": "object" }, "AWS::EMR::Cluster.ScalingAction": { "additionalProperties": false, "properties": { "Market": { "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", "title": "Market", "type": "string" }, "SimpleScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::EMR::Cluster.SimpleScalingPolicyConfiguration", "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", "title": "SimpleScalingPolicyConfiguration" } }, "required": [ "SimpleScalingPolicyConfiguration" ], "type": "object" }, "AWS::EMR::Cluster.ScalingConstraints": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", "title": "MinCapacity", "type": "number" } }, "required": [ "MaxCapacity", "MinCapacity" ], "type": "object" }, "AWS::EMR::Cluster.ScalingRule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::EMR::Cluster.ScalingAction", "markdownDescription": "The conditions that trigger an automatic scaling activity.", "title": "Action" }, "Description": { "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", "title": "Name", "type": "string" }, "Trigger": { "$ref": "#/definitions/AWS::EMR::Cluster.ScalingTrigger", "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", "title": "Trigger" } }, "required": [ "Action", "Name", "Trigger" ], "type": "object" }, "AWS::EMR::Cluster.ScalingTrigger": { "additionalProperties": false, "properties": { "CloudWatchAlarmDefinition": { "$ref": "#/definitions/AWS::EMR::Cluster.CloudWatchAlarmDefinition", "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", "title": "CloudWatchAlarmDefinition" } }, "required": [ "CloudWatchAlarmDefinition" ], "type": "object" }, "AWS::EMR::Cluster.ScriptBootstrapActionConfig": { "additionalProperties": false, "properties": { "Args": { "items": { "type": "string" }, "markdownDescription": "A list of command line arguments to pass to the bootstrap action script.", "title": "Args", "type": "array" }, "Path": { "markdownDescription": "Location in Amazon S3 of the script to run during a bootstrap action.", "title": "Path", "type": "string" } }, "required": [ "Path" ], "type": "object" }, "AWS::EMR::Cluster.SimpleScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "AdjustmentType": { "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", "title": "AdjustmentType", "type": "string" }, "CoolDown": { "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", "title": "CoolDown", "type": "number" }, "ScalingAdjustment": { "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", "title": "ScalingAdjustment", "type": "number" } }, "required": [ "ScalingAdjustment" ], "type": "object" }, "AWS::EMR::Cluster.SpotProvisioningSpecification": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", "title": "AllocationStrategy", "type": "string" }, "BlockDurationMinutes": { "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", "title": "BlockDurationMinutes", "type": "number" }, "TimeoutAction": { "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", "title": "TimeoutAction", "type": "string" }, "TimeoutDurationMinutes": { "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", "title": "TimeoutDurationMinutes", "type": "number" } }, "required": [ "TimeoutAction", "TimeoutDurationMinutes" ], "type": "object" }, "AWS::EMR::Cluster.StepConfig": { "additionalProperties": false, "properties": { "ActionOnFailure": { "markdownDescription": "The action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", "title": "ActionOnFailure", "type": "string" }, "HadoopJarStep": { "$ref": "#/definitions/AWS::EMR::Cluster.HadoopJarStepConfig", "markdownDescription": "The JAR file used for the step.", "title": "HadoopJarStep" }, "Name": { "markdownDescription": "The name of the step.", "title": "Name", "type": "string" } }, "required": [ "HadoopJarStep", "Name" ], "type": "object" }, "AWS::EMR::Cluster.VolumeSpecification": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", "title": "Iops", "type": "number" }, "SizeInGB": { "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", "title": "SizeInGB", "type": "number" }, "Throughput": { "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", "title": "Throughput", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", "title": "VolumeType", "type": "string" } }, "required": [ "SizeInGB", "VolumeType" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterId": { "markdownDescription": "The unique identifier of the EMR cluster.", "title": "ClusterId", "type": "string" }, "InstanceFleetType": { "markdownDescription": "The node type that the instance fleet hosts.\n\n*Allowed Values* : TASK", "title": "InstanceFleetType", "type": "string" }, "InstanceTypeConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceTypeConfig" }, "markdownDescription": "`InstanceTypeConfigs` determine the EC2 instances that Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities.\n\n> The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.", "title": "InstanceTypeConfigs", "type": "array" }, "LaunchSpecifications": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications", "markdownDescription": "The launch specification for the instance fleet.", "title": "LaunchSpecifications" }, "Name": { "markdownDescription": "The friendly name of the instance fleet.", "title": "Name", "type": "string" }, "TargetOnDemandCapacity": { "markdownDescription": "The target capacity of On-Demand units for the instance fleet, which determines how many On-Demand instances to provision. When the instance fleet launches, Amazon EMR tries to provision On-Demand instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When an On-Demand instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only Spot instances are provisioned for the instance fleet using `TargetSpotCapacity` . At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", "title": "TargetOnDemandCapacity", "type": "number" }, "TargetSpotCapacity": { "markdownDescription": "The target capacity of Spot units for the instance fleet, which determines how many Spot instances to provision. When the instance fleet launches, Amazon EMR tries to provision Spot instances as specified by `InstanceTypeConfig` . Each instance configuration has a specified `WeightedCapacity` . When a Spot instance is provisioned, the `WeightedCapacity` units count toward the target capacity. Amazon EMR provisions instances until the target capacity is totally fulfilled, even if this results in an overage. For example, if there are 2 units remaining to fulfill capacity, and Amazon EMR can only provision an instance with a `WeightedCapacity` of 5 units, the instance is provisioned, and the target capacity is exceeded by 3 units.\n\n> If not specified or set to 0, only On-Demand instances are provisioned for the instance fleet. At least one of `TargetSpotCapacity` and `TargetOnDemandCapacity` should be greater than 0. For a master instance fleet, only one of `TargetSpotCapacity` and `TargetOnDemandCapacity` can be specified, and its value must be 1.", "title": "TargetSpotCapacity", "type": "number" } }, "required": [ "ClusterId", "InstanceFleetType" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::InstanceFleetConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig.Configuration": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "The classification within a configuration.", "title": "Classification", "type": "string" }, "ConfigurationProperties": { "additionalProperties": true, "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ConfigurationProperties", "type": "object" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, "markdownDescription": "A list of additional configurations to apply within a configuration object.", "title": "Configurations", "type": "array" } }, "type": "object" }, "AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { "VolumeSpecification": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.VolumeSpecification", "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", "title": "VolumeSpecification" }, "VolumesPerInstance": { "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", "title": "VolumesPerInstance", "type": "number" } }, "required": [ "VolumeSpecification" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig.EbsConfiguration": { "additionalProperties": false, "properties": { "EbsBlockDeviceConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsBlockDeviceConfig" }, "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", "title": "EbsBlockDeviceConfigs", "type": "array" }, "EbsOptimized": { "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized.", "title": "EbsOptimized", "type": "boolean" } }, "type": "object" }, "AWS::EMR::InstanceFleetConfig.InstanceFleetProvisioningSpecifications": { "additionalProperties": false, "properties": { "OnDemandSpecification": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification", "markdownDescription": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.\n\n> The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.", "title": "OnDemandSpecification" }, "SpotSpecification": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification", "markdownDescription": "The launch specification for Spot instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.", "title": "SpotSpecification" } }, "type": "object" }, "AWS::EMR::InstanceFleetConfig.InstanceTypeConfig": { "additionalProperties": false, "properties": { "BidPrice": { "markdownDescription": "The bid price for each Amazon EC2 Spot Instance type as defined by `InstanceType` . Expressed in USD. If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", "title": "BidPrice", "type": "string" }, "BidPriceAsPercentageOfOnDemandPrice": { "markdownDescription": "The bid price, as a percentage of On-Demand price, for each Amazon EC2 Spot Instance as defined by `InstanceType` . Expressed as a number (for example, 20 specifies 20%). If neither `BidPrice` nor `BidPriceAsPercentageOfOnDemandPrice` is provided, `BidPriceAsPercentageOfOnDemandPrice` defaults to 100%.", "title": "BidPriceAsPercentageOfOnDemandPrice", "type": "number" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.Configuration" }, "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nAn optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see [Configuring Applications](https://docs.aws.amazon.com/emr/latest/ReleaseGuide/emr-configure-apps.html) .", "title": "Configurations", "type": "array" }, "CustomAmiId": { "markdownDescription": "The custom AMI ID to use for the instance type.", "title": "CustomAmiId", "type": "string" }, "EbsConfiguration": { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig.EbsConfiguration", "markdownDescription": "The configuration of Amazon Elastic Block Store (Amazon EBS) attached to each instance as defined by `InstanceType` .", "title": "EbsConfiguration" }, "InstanceType": { "markdownDescription": "An Amazon EC2 instance type, such as `m3.xlarge` .", "title": "InstanceType", "type": "string" }, "WeightedCapacity": { "markdownDescription": "The number of units that a provisioned instance of this type provides toward fulfilling the target capacities defined in `InstanceFleetConfig` . This value is 1 for a master instance fleet, and must be 1 or greater for core and task instance fleets. Defaults to 1 if not specified.", "title": "WeightedCapacity", "type": "number" } }, "required": [ "InstanceType" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig.OnDemandProvisioningSpecification": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "Specifies the strategy to use in launching On-Demand instance fleets. Available options are `lowest-price` and `prioritized` . `lowest-price` specifies to launch the instances with the lowest price first, and `prioritized` specifies that Amazon EMR should launch the instances with the highest priority first. The default is `lowest-price` .", "title": "AllocationStrategy", "type": "string" } }, "required": [ "AllocationStrategy" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig.SpotProvisioningSpecification": { "additionalProperties": false, "properties": { "AllocationStrategy": { "markdownDescription": "Specifies one of the following strategies to launch Spot Instance fleets: `capacity-optimized` , `price-capacity-optimized` , `lowest-price` , or `diversified` , and `capacity-optimized-prioritized` . For more information on the provisioning strategies, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide for Linux Instances* .\n\n> When you launch a Spot Instance fleet with the old console, it automatically launches with the `capacity-optimized` strategy. You can't change the allocation strategy from the old console.", "title": "AllocationStrategy", "type": "string" }, "BlockDurationMinutes": { "markdownDescription": "The defined duration for Spot Instances (also known as Spot blocks) in minutes. When specified, the Spot Instance does not terminate before the defined duration expires, and defined duration pricing for Spot Instances applies. Valid values are 60, 120, 180, 240, 300, or 360. The duration period starts as soon as a Spot Instance receives its instance ID. At the end of the duration, Amazon EC2 marks the Spot Instance for termination and provides a Spot Instance termination notice, which gives the instance a two-minute warning before it terminates.\n\n> Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.", "title": "BlockDurationMinutes", "type": "number" }, "TimeoutAction": { "markdownDescription": "The action to take when `TargetSpotCapacity` has not been fulfilled when the `TimeoutDurationMinutes` has expired; that is, when all Spot Instances could not be provisioned within the Spot provisioning timeout. Valid values are `TERMINATE_CLUSTER` and `SWITCH_TO_ON_DEMAND` . SWITCH_TO_ON_DEMAND specifies that if no Spot Instances are available, On-Demand Instances should be provisioned to fulfill any remaining Spot capacity.", "title": "TimeoutAction", "type": "string" }, "TimeoutDurationMinutes": { "markdownDescription": "The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the `TimeOutAction` is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.", "title": "TimeoutDurationMinutes", "type": "number" } }, "required": [ "TimeoutAction", "TimeoutDurationMinutes" ], "type": "object" }, "AWS::EMR::InstanceFleetConfig.VolumeSpecification": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", "title": "Iops", "type": "number" }, "SizeInGB": { "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", "title": "SizeInGB", "type": "number" }, "Throughput": { "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", "title": "Throughput", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", "title": "VolumeType", "type": "string" } }, "required": [ "SizeInGB", "VolumeType" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingPolicy": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.AutoScalingPolicy", "markdownDescription": "`AutoScalingPolicy` is a subproperty of `InstanceGroupConfig` . `AutoScalingPolicy` defines how an instance group dynamically adds and terminates EC2 instances in response to the value of a CloudWatch metric. For more information, see [Using Automatic Scaling in Amazon EMR](https://docs.aws.amazon.com//emr/latest/ManagementGuide/emr-automatic-scaling.html) in the *Amazon EMR Management Guide* .", "title": "AutoScalingPolicy" }, "BidPrice": { "markdownDescription": "If specified, indicates that the instance group uses Spot Instances. This is the maximum price you are willing to pay for Spot Instances. Specify `OnDemandPrice` to set the amount equal to the On-Demand price, or specify an amount in USD.", "title": "BidPrice", "type": "string" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, "markdownDescription": "> Amazon EMR releases 4.x or later. \n\nThe list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).", "title": "Configurations", "type": "array" }, "CustomAmiId": { "markdownDescription": "The custom AMI ID to use for the provisioned instance group.", "title": "CustomAmiId", "type": "string" }, "EbsConfiguration": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsConfiguration", "markdownDescription": "`EbsConfiguration` determines the EBS volumes to attach to EMR cluster instances.", "title": "EbsConfiguration" }, "InstanceCount": { "markdownDescription": "Target number of instances for the instance group.", "title": "InstanceCount", "type": "number" }, "InstanceRole": { "markdownDescription": "The role of the instance group in the cluster.\n\n*Allowed Values* : TASK", "title": "InstanceRole", "type": "string" }, "InstanceType": { "markdownDescription": "The Amazon EC2 instance type for all instances in the instance group.", "title": "InstanceType", "type": "string" }, "JobFlowId": { "markdownDescription": "The ID of an Amazon EMR cluster that you want to associate this instance group with.", "title": "JobFlowId", "type": "string" }, "Market": { "markdownDescription": "Market type of the Amazon EC2 instances used to create a cluster node.", "title": "Market", "type": "string" }, "Name": { "markdownDescription": "Friendly name given to the instance group.", "title": "Name", "type": "string" } }, "required": [ "InstanceCount", "InstanceRole", "InstanceType", "JobFlowId" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::InstanceGroupConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.AutoScalingPolicy": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingConstraints", "markdownDescription": "The upper and lower Amazon EC2 instance limits for an automatic scaling policy. Automatic scaling activity will not cause an instance group to grow above or below these limits.", "title": "Constraints" }, "Rules": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingRule" }, "markdownDescription": "The scale-in and scale-out rules that comprise the automatic scaling policy.", "title": "Rules", "type": "array" } }, "required": [ "Constraints", "Rules" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "Determines how the metric specified by `MetricName` is compared to the value specified by `Threshold` .", "title": "ComparisonOperator", "type": "string" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.MetricDimension" }, "markdownDescription": "A CloudWatch metric dimension.", "title": "Dimensions", "type": "array" }, "EvaluationPeriods": { "markdownDescription": "The number of periods, in five-minute increments, during which the alarm condition must exist before the alarm triggers automatic scaling activity. The default value is `1` .", "title": "EvaluationPeriods", "type": "number" }, "MetricName": { "markdownDescription": "The name of the CloudWatch metric that is watched to determine an alarm condition.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace for the CloudWatch metric. The default is `AWS/ElasticMapReduce` .", "title": "Namespace", "type": "string" }, "Period": { "markdownDescription": "The period, in seconds, over which the statistic is applied. CloudWatch metrics for Amazon EMR are emitted every five minutes (300 seconds), so if you specify a CloudWatch metric, specify `300` .", "title": "Period", "type": "number" }, "Statistic": { "markdownDescription": "The statistic to apply to the metric associated with the alarm. The default is `AVERAGE` .", "title": "Statistic", "type": "string" }, "Threshold": { "markdownDescription": "The value against which the specified statistic is compared.", "title": "Threshold", "type": "number" }, "Unit": { "markdownDescription": "The unit of measure associated with the CloudWatch metric being watched. The value specified for `Unit` must correspond to the units specified in the CloudWatch metric.", "title": "Unit", "type": "string" } }, "required": [ "ComparisonOperator", "MetricName", "Period", "Threshold" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.Configuration": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "The classification within a configuration.", "title": "Classification", "type": "string" }, "ConfigurationProperties": { "additionalProperties": true, "markdownDescription": "Within a configuration classification, a set of properties that represent the settings that you want to change in the configuration file. Duplicates not allowed.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ConfigurationProperties", "type": "object" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.Configuration" }, "markdownDescription": "A list of additional configurations to apply within a configuration object.", "title": "Configurations", "type": "array" } }, "type": "object" }, "AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig": { "additionalProperties": false, "properties": { "VolumeSpecification": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.VolumeSpecification", "markdownDescription": "EBS volume specifications such as volume type, IOPS, size (GiB) and throughput (MiB/s) that are requested for the EBS volume attached to an Amazon EC2 instance in the cluster.", "title": "VolumeSpecification" }, "VolumesPerInstance": { "markdownDescription": "Number of EBS volumes with a specific volume configuration that are associated with every instance in the instance group", "title": "VolumesPerInstance", "type": "number" } }, "required": [ "VolumeSpecification" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.EbsConfiguration": { "additionalProperties": false, "properties": { "EbsBlockDeviceConfigs": { "items": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.EbsBlockDeviceConfig" }, "markdownDescription": "An array of Amazon EBS volume specifications attached to a cluster instance.", "title": "EbsBlockDeviceConfigs", "type": "array" }, "EbsOptimized": { "markdownDescription": "Indicates whether an Amazon EBS volume is EBS-optimized.", "title": "EbsOptimized", "type": "boolean" } }, "type": "object" }, "AWS::EMR::InstanceGroupConfig.MetricDimension": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The dimension name.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The dimension value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.ScalingAction": { "additionalProperties": false, "properties": { "Market": { "markdownDescription": "Not available for instance groups. Instance groups use the market type specified for the group.", "title": "Market", "type": "string" }, "SimpleScalingPolicyConfiguration": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration", "markdownDescription": "The type of adjustment the automatic scaling activity makes when triggered, and the periodicity of the adjustment.", "title": "SimpleScalingPolicyConfiguration" } }, "required": [ "SimpleScalingPolicyConfiguration" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.ScalingConstraints": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The upper boundary of Amazon EC2 instances in an instance group beyond which scaling activities are not allowed to grow. Scale-out activities will not add instances beyond this boundary.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The lower boundary of Amazon EC2 instances in an instance group below which scaling activities are not allowed to shrink. Scale-in activities will not terminate instances below this boundary.", "title": "MinCapacity", "type": "number" } }, "required": [ "MaxCapacity", "MinCapacity" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.ScalingRule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingAction", "markdownDescription": "The conditions that trigger an automatic scaling activity.", "title": "Action" }, "Description": { "markdownDescription": "A friendly, more verbose description of the automatic scaling rule.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name used to identify an automatic scaling rule. Rule names must be unique within a scaling policy.", "title": "Name", "type": "string" }, "Trigger": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.ScalingTrigger", "markdownDescription": "The CloudWatch alarm definition that determines when automatic scaling activity is triggered.", "title": "Trigger" } }, "required": [ "Action", "Name", "Trigger" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.ScalingTrigger": { "additionalProperties": false, "properties": { "CloudWatchAlarmDefinition": { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig.CloudWatchAlarmDefinition", "markdownDescription": "The definition of a CloudWatch metric alarm. When the defined alarm conditions are met along with other trigger parameters, scaling activity begins.", "title": "CloudWatchAlarmDefinition" } }, "required": [ "CloudWatchAlarmDefinition" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.SimpleScalingPolicyConfiguration": { "additionalProperties": false, "properties": { "AdjustmentType": { "markdownDescription": "The way in which Amazon EC2 instances are added (if `ScalingAdjustment` is a positive number) or terminated (if `ScalingAdjustment` is a negative number) each time the scaling activity is triggered. `CHANGE_IN_CAPACITY` is the default. `CHANGE_IN_CAPACITY` indicates that the Amazon EC2 instance count increments or decrements by `ScalingAdjustment` , which should be expressed as an integer. `PERCENT_CHANGE_IN_CAPACITY` indicates the instance count increments or decrements by the percentage specified by `ScalingAdjustment` , which should be expressed as an integer. For example, 20 indicates an increase in 20% increments of cluster capacity. `EXACT_CAPACITY` indicates the scaling activity results in an instance group with the number of Amazon EC2 instances specified by `ScalingAdjustment` , which should be expressed as a positive integer.", "title": "AdjustmentType", "type": "string" }, "CoolDown": { "markdownDescription": "The amount of time, in seconds, after a scaling activity completes before any further trigger-related scaling activities can start. The default value is 0.", "title": "CoolDown", "type": "number" }, "ScalingAdjustment": { "markdownDescription": "The amount by which to scale in or scale out, based on the specified `AdjustmentType` . A positive value adds to the instance group's Amazon EC2 instance count while a negative number removes instances. If `AdjustmentType` is set to `EXACT_CAPACITY` , the number should only be a positive integer. If `AdjustmentType` is set to `PERCENT_CHANGE_IN_CAPACITY` , the value should express the percentage as an integer. For example, -20 indicates a decrease in 20% increments of cluster capacity.", "title": "ScalingAdjustment", "type": "number" } }, "required": [ "ScalingAdjustment" ], "type": "object" }, "AWS::EMR::InstanceGroupConfig.VolumeSpecification": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports.", "title": "Iops", "type": "number" }, "SizeInGB": { "markdownDescription": "The volume size, in gibibytes (GiB). This can be a number from 1 - 1024. If the volume type is EBS-optimized, the minimum value is 10.", "title": "SizeInGB", "type": "number" }, "Throughput": { "markdownDescription": "The throughput, in mebibyte per second (MiB/s). This optional parameter can be a number from 125 - 1000 and is valid only for gp3 volumes.", "title": "Throughput", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. Volume types supported are gp3, gp2, io1, st1, sc1, and standard.", "title": "VolumeType", "type": "string" } }, "required": [ "SizeInGB", "VolumeType" ], "type": "object" }, "AWS::EMR::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" }, "SecurityConfiguration": { "markdownDescription": "The security configuration details in JSON format. For JSON parameters and examples, see [Use Security Configurations to Set Up Cluster Security](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-security-configurations.html) in the *Amazon EMR Management Guide* .", "title": "SecurityConfiguration", "type": "object" } }, "required": [ "SecurityConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::SecurityConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::Step": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionOnFailure": { "markdownDescription": "This specifies what action to take when the cluster step fails. Possible values are `CANCEL_AND_WAIT` and `CONTINUE` .", "title": "ActionOnFailure", "type": "string" }, "HadoopJarStep": { "$ref": "#/definitions/AWS::EMR::Step.HadoopJarStepConfig", "markdownDescription": "The `HadoopJarStepConfig` property type specifies a job flow step consisting of a JAR file whose main function will be executed. The main function submits a job for the cluster to execute as a step on the master node, and then waits for the job to finish or fail before executing subsequent steps.", "title": "HadoopJarStep" }, "JobFlowId": { "markdownDescription": "A string that uniquely identifies the cluster (job flow).", "title": "JobFlowId", "type": "string" }, "Name": { "markdownDescription": "The name of the cluster step.", "title": "Name", "type": "string" } }, "required": [ "ActionOnFailure", "HadoopJarStep", "JobFlowId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::Step" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::Step.HadoopJarStepConfig": { "additionalProperties": false, "properties": { "Args": { "items": { "type": "string" }, "markdownDescription": "A list of command line arguments passed to the JAR file's main function when executed.", "title": "Args", "type": "array" }, "Jar": { "markdownDescription": "A path to a JAR file run during the step.", "title": "Jar", "type": "string" }, "MainClass": { "markdownDescription": "The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file.", "title": "MainClass", "type": "string" }, "StepProperties": { "items": { "$ref": "#/definitions/AWS::EMR::Step.KeyValue" }, "markdownDescription": "A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function.", "title": "StepProperties", "type": "array" } }, "required": [ "Jar" ], "type": "object" }, "AWS::EMR::Step.KeyValue": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The unique identifier of a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value part of the identified key.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::EMR::Studio": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthMode": { "markdownDescription": "Specifies whether the Studio authenticates users using IAM Identity Center or IAM.", "title": "AuthMode", "type": "string" }, "DefaultS3Location": { "markdownDescription": "The Amazon S3 location to back up EMR Studio Workspaces and notebook files.", "title": "DefaultS3Location", "type": "string" }, "Description": { "markdownDescription": "A detailed description of the Amazon EMR Studio.", "title": "Description", "type": "string" }, "EncryptionKeyArn": { "markdownDescription": "The AWS KMS key identifier (ARN) used to encrypt Amazon EMR Studio workspace and notebook files when backed up to Amazon S3.", "title": "EncryptionKeyArn", "type": "string" }, "EngineSecurityGroupId": { "markdownDescription": "The ID of the Amazon EMR Studio Engine security group. The Engine security group allows inbound network traffic from the Workspace security group, and it must be in the same VPC specified by `VpcId` .", "title": "EngineSecurityGroupId", "type": "string" }, "IdcInstanceArn": { "markdownDescription": "The ARN of the IAM Identity Center instance the Studio application belongs to.", "title": "IdcInstanceArn", "type": "string" }, "IdcUserAssignment": { "markdownDescription": "Indicates whether the Studio has `REQUIRED` or `OPTIONAL` IAM Identity Center user assignment. If the value is set to `REQUIRED` , users must be explicitly assigned to the Studio application to access the Studio.", "title": "IdcUserAssignment", "type": "string" }, "IdpAuthUrl": { "markdownDescription": "Your identity provider's authentication endpoint. Amazon EMR Studio redirects federated users to this endpoint for authentication when logging in to a Studio with the Studio URL.", "title": "IdpAuthUrl", "type": "string" }, "IdpRelayStateParameterName": { "markdownDescription": "The name of your identity provider's `RelayState` parameter.", "title": "IdpRelayStateParameterName", "type": "string" }, "Name": { "markdownDescription": "A descriptive name for the Amazon EMR Studio.", "title": "Name", "type": "string" }, "ServiceRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that will be assumed by the Amazon EMR Studio. The service role provides a way for Amazon EMR Studio to interoperate with other AWS services.", "title": "ServiceRole", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs to associate with the Amazon EMR Studio. A Studio can have a maximum of 5 subnets. The subnets must belong to the VPC specified by `VpcId` . Studio users can create a Workspace in any of the specified subnets.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "TrustedIdentityPropagationEnabled": { "markdownDescription": "Indicates whether the Studio has Trusted identity propagation enabled. The default value is `false` .", "title": "TrustedIdentityPropagationEnabled", "type": "boolean" }, "UserRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM user role that will be assumed by users and groups logged in to a Studio. The permissions attached to this IAM role can be scoped down for each user or group using session policies. You only need to specify `UserRole` when you set `AuthMode` to `SSO` .", "title": "UserRole", "type": "string" }, "VpcId": { "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) to associate with the Studio.", "title": "VpcId", "type": "string" }, "WorkspaceSecurityGroupId": { "markdownDescription": "The ID of the Workspace security group associated with the Amazon EMR Studio. The Workspace security group allows outbound network traffic to resources in the Engine security group and to the internet.", "title": "WorkspaceSecurityGroupId", "type": "string" } }, "required": [ "AuthMode", "DefaultS3Location", "EngineSecurityGroupId", "Name", "ServiceRole", "SubnetIds", "VpcId", "WorkspaceSecurityGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::Studio" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::StudioSessionMapping": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IdentityName": { "markdownDescription": "The name of the user or group. For more information, see [UserName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_User.html#singlesignon-Type-User-UserName) and [DisplayName](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_Group.html#singlesignon-Type-Group-DisplayName) in the *IAM Identity Center Identity Store API Reference* .", "title": "IdentityName", "type": "string" }, "IdentityType": { "markdownDescription": "Specifies whether the identity to map to the Amazon EMR Studio is a user or a group.", "title": "IdentityType", "type": "string" }, "SessionPolicyArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the session policy that will be applied to the user or group. Session policies refine Studio user permissions without the need to use multiple IAM user roles. For more information, see [Create an EMR Studio user role with session policies](https://docs.aws.amazon.com/emr/latest/ManagementGuide/emr-studio-user-role.html) in the *Amazon EMR Management Guide* .", "title": "SessionPolicyArn", "type": "string" }, "StudioId": { "markdownDescription": "The ID of the Amazon EMR Studio to which the user or group will be mapped.", "title": "StudioId", "type": "string" } }, "required": [ "IdentityName", "IdentityType", "SessionPolicyArn", "StudioId" ], "type": "object" }, "Type": { "enum": [ "AWS::EMR::StudioSessionMapping" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMR::WALWorkspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "WALWorkspaceName": { "markdownDescription": "", "title": "WALWorkspaceName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::EMR::WALWorkspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EMRContainers::VirtualCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerProvider": { "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerProvider", "markdownDescription": "The container provider of the virtual cluster.", "title": "ContainerProvider" }, "Name": { "markdownDescription": "The name of the virtual cluster.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "ContainerProvider", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::EMRContainers::VirtualCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMRContainers::VirtualCluster.ContainerInfo": { "additionalProperties": false, "properties": { "EksInfo": { "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.EksInfo", "markdownDescription": "The information about the Amazon EKS cluster.", "title": "EksInfo" } }, "required": [ "EksInfo" ], "type": "object" }, "AWS::EMRContainers::VirtualCluster.ContainerProvider": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the container cluster.\n\n*Minimum* : 1\n\n*Maximum* : 100\n\n*Pattern* : `^[0-9A-Za-z][A-Za-z0-9\\-_]*`", "title": "Id", "type": "string" }, "Info": { "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster.ContainerInfo", "markdownDescription": "The information about the container cluster.", "title": "Info" }, "Type": { "markdownDescription": "The type of the container provider. Amazon EKS is the only supported type as of now.", "title": "Type", "type": "string" } }, "required": [ "Id", "Info", "Type" ], "type": "object" }, "AWS::EMRContainers::VirtualCluster.EksInfo": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "The namespaces of the EKS cluster.\n\n*Minimum* : 1\n\n*Maximum* : 63\n\n*Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?`", "title": "Namespace", "type": "string" } }, "required": [ "Namespace" ], "type": "object" }, "AWS::EMRServerless::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Architecture": { "markdownDescription": "The CPU architecture of an application.", "title": "Architecture", "type": "string" }, "AutoStartConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStartConfiguration", "markdownDescription": "The configuration for an application to automatically start on job submission.", "title": "AutoStartConfiguration" }, "AutoStopConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.AutoStopConfiguration", "markdownDescription": "The configuration for an application to automatically stop after a certain amount of time being idle.", "title": "AutoStopConfiguration" }, "ImageConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", "markdownDescription": "The image configuration applied to all worker types.", "title": "ImageConfiguration" }, "InitialCapacity": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair" }, "markdownDescription": "The initial capacity of the application.", "title": "InitialCapacity", "type": "array" }, "MaximumCapacity": { "$ref": "#/definitions/AWS::EMRServerless::Application.MaximumAllowedResources", "markdownDescription": "The maximum capacity of the application. This is cumulative across all workers at any given point in time during the lifespan of the application is created. No new resources will be created once any one of the defined limits is hit.", "title": "MaximumCapacity" }, "MonitoringConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.MonitoringConfiguration", "markdownDescription": "A configuration specification to be used when provisioning an application. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file.", "title": "MonitoringConfiguration" }, "Name": { "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.NetworkConfiguration", "markdownDescription": "The network configuration for customer VPC connectivity for the application.", "title": "NetworkConfiguration" }, "ReleaseLabel": { "markdownDescription": "The EMR release associated with the application.", "title": "ReleaseLabel", "type": "string" }, "RuntimeConfiguration": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, "markdownDescription": "The [Configuration](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_Configuration.html) specifications of an application. Each configuration consists of a classification and properties. You use this parameter when creating or updating an application. To see the runtimeConfiguration object of an application, run the [GetApplication](https://docs.aws.amazon.com/emr-serverless/latest/APIReference/API_GetApplication.html) API operation.", "title": "RuntimeConfiguration", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the application.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of application, such as Spark or Hive.", "title": "Type", "type": "string" }, "WorkerTypeSpecifications": { "additionalProperties": false, "markdownDescription": "The specification applied to each worker type.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerTypeSpecificationInput" } }, "title": "WorkerTypeSpecifications", "type": "object" } }, "required": [ "ReleaseLabel", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EMRServerless::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EMRServerless::Application.AutoStartConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::EMRServerless::Application.AutoStopConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "", "title": "Enabled", "type": "boolean" }, "IdleTimeoutMinutes": { "markdownDescription": "", "title": "IdleTimeoutMinutes", "type": "number" } }, "type": "object" }, "AWS::EMRServerless::Application.CloudWatchLoggingConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables CloudWatch logging.", "title": "Enabled", "type": "boolean" }, "EncryptionKeyArn": { "markdownDescription": "The AWS Key Management Service (KMS) key ARN to encrypt the logs that you store in CloudWatch Logs.", "title": "EncryptionKeyArn", "type": "string" }, "LogGroupName": { "markdownDescription": "The name of the log group in Amazon CloudWatch Logs where you want to publish your logs.", "title": "LogGroupName", "type": "string" }, "LogStreamNamePrefix": { "markdownDescription": "Prefix for the CloudWatch log stream name.", "title": "LogStreamNamePrefix", "type": "string" }, "LogTypeMap": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.LogTypeMapKeyValuePair" }, "markdownDescription": "", "title": "LogTypeMap", "type": "array" } }, "type": "object" }, "AWS::EMRServerless::Application.ConfigurationObject": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "", "title": "Classification", "type": "string" }, "Configurations": { "items": { "$ref": "#/definitions/AWS::EMRServerless::Application.ConfigurationObject" }, "markdownDescription": "", "title": "Configurations", "type": "array" }, "Properties": { "additionalProperties": true, "markdownDescription": "", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Properties", "type": "object" } }, "required": [ "Classification" ], "type": "object" }, "AWS::EMRServerless::Application.ImageConfigurationInput": { "additionalProperties": false, "properties": { "ImageUri": { "markdownDescription": "The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration.", "title": "ImageUri", "type": "string" } }, "type": "object" }, "AWS::EMRServerless::Application.InitialCapacityConfig": { "additionalProperties": false, "properties": { "WorkerConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.WorkerConfiguration", "markdownDescription": "The resource configuration of the initial capacity configuration.", "title": "WorkerConfiguration" }, "WorkerCount": { "markdownDescription": "The number of workers in the initial capacity configuration.", "title": "WorkerCount", "type": "number" } }, "required": [ "WorkerConfiguration", "WorkerCount" ], "type": "object" }, "AWS::EMRServerless::Application.InitialCapacityConfigKeyValuePair": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::EMRServerless::Application.InitialCapacityConfig", "markdownDescription": "", "title": "Value" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EMRServerless::Application.LogTypeMapKeyValuePair": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "", "title": "Value", "type": "array" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables managed logging and defaults to true. If set to false, managed logging will be turned off.", "title": "Enabled", "type": "boolean" }, "EncryptionKeyArn": { "markdownDescription": "The KMS key ARN to encrypt the logs stored in managed log persistence.", "title": "EncryptionKeyArn", "type": "string" } }, "type": "object" }, "AWS::EMRServerless::Application.MaximumAllowedResources": { "additionalProperties": false, "properties": { "Cpu": { "markdownDescription": "The maximum allowed CPU for an application.", "title": "Cpu", "type": "string" }, "Disk": { "markdownDescription": "The maximum allowed disk for an application.", "title": "Disk", "type": "string" }, "Memory": { "markdownDescription": "The maximum allowed resources for an application.", "title": "Memory", "type": "string" } }, "required": [ "Cpu", "Memory" ], "type": "object" }, "AWS::EMRServerless::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLoggingConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.CloudWatchLoggingConfiguration", "markdownDescription": "The Amazon CloudWatch configuration for monitoring logs. You can configure your jobs to send log information to CloudWatch.", "title": "CloudWatchLoggingConfiguration" }, "ManagedPersistenceMonitoringConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.ManagedPersistenceMonitoringConfiguration", "markdownDescription": "The managed log persistence configuration for a job run.", "title": "ManagedPersistenceMonitoringConfiguration" }, "S3MonitoringConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.S3MonitoringConfiguration", "markdownDescription": "The Amazon S3 configuration for monitoring log publishing.", "title": "S3MonitoringConfiguration" } }, "type": "object" }, "AWS::EMRServerless::Application.NetworkConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The array of security group Ids for customer VPC connectivity.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The array of subnet Ids for customer VPC connectivity.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::EMRServerless::Application.S3MonitoringConfiguration": { "additionalProperties": false, "properties": { "EncryptionKeyArn": { "markdownDescription": "The KMS key ARN to encrypt the logs published to the given Amazon S3 destination.", "title": "EncryptionKeyArn", "type": "string" }, "LogUri": { "markdownDescription": "The Amazon S3 destination URI for log publishing.", "title": "LogUri", "type": "string" } }, "type": "object" }, "AWS::EMRServerless::Application.WorkerConfiguration": { "additionalProperties": false, "properties": { "Cpu": { "markdownDescription": "", "title": "Cpu", "type": "string" }, "Disk": { "markdownDescription": "", "title": "Disk", "type": "string" }, "Memory": { "markdownDescription": "", "title": "Memory", "type": "string" } }, "required": [ "Cpu", "Memory" ], "type": "object" }, "AWS::EMRServerless::Application.WorkerTypeSpecificationInput": { "additionalProperties": false, "properties": { "ImageConfiguration": { "$ref": "#/definitions/AWS::EMRServerless::Application.ImageConfigurationInput", "markdownDescription": "The image configuration for a worker type.", "title": "ImageConfiguration" } }, "type": "object" }, "AWS::ElastiCache::CacheCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AZMode": { "markdownDescription": "Specifies whether the nodes in this Memcached cluster are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region.\n\nThis parameter is only supported for Memcached clusters.\n\nIf the `AZMode` and `PreferredAvailabilityZones` are not specified, ElastiCache assumes `single-az` mode.", "title": "AZMode", "type": "string" }, "AutoMinorVersionUpgrade": { "markdownDescription": "If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "CacheNodeType": { "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts. Changing the CacheNodeType of a Memcached instance is currently not supported. If you need to scale using Memcached, we recommend forcing a replacement update by changing the `LogicalResourceId` of the resource.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.8xlarge` , `cache.m6g.12xlarge` , `cache.m6g.16xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.8xlarge` , `cache.r6g.12xlarge` , `cache.r6g.16xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)\n\n*Additional node type info*\n\n- All current generation instance types are created in Amazon VPC by default.\n- Redis append-only files (AOF) are not supported for T1 or T2 instances.\n- Redis Multi-AZ with automatic failover is not supported on T1 instances.\n- Redis configuration variables `appendonly` and `appendfsync` are not supported on Redis version 2.8.22 and later.", "title": "CacheNodeType", "type": "string" }, "CacheParameterGroupName": { "markdownDescription": "The name of the parameter group to associate with this cluster. If this argument is omitted, the default parameter group for the specified engine is used. You cannot use any parameter group which has `cluster-enabled='yes'` when creating a cluster.", "title": "CacheParameterGroupName", "type": "string" }, "CacheSecurityGroupNames": { "items": { "type": "string" }, "markdownDescription": "A list of security group names to associate with this cluster.\n\nUse this parameter only when you are creating a cluster outside of an Amazon Virtual Private Cloud (Amazon VPC).", "title": "CacheSecurityGroupNames", "type": "array" }, "CacheSubnetGroupName": { "markdownDescription": "The name of the subnet group to be used for the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see `[AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .`", "title": "CacheSubnetGroupName", "type": "string" }, "ClusterName": { "markdownDescription": "A name for the cache cluster. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the cache cluster. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nThe name must contain 1 to 50 alphanumeric characters or hyphens. The name must start with a letter and cannot end with a hyphen or contain two consecutive hyphens.", "title": "ClusterName", "type": "string" }, "Engine": { "markdownDescription": "The name of the cache engine to be used for this cluster.\n\nValid values for this parameter are: `memcached` | `redis`", "title": "Engine", "type": "string" }, "EngineVersion": { "markdownDescription": "The version number of the cache engine to be used for this cluster. To view the supported cache engine versions, use the DescribeCacheEngineVersions operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement) ), but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", "title": "EngineVersion", "type": "string" }, "IpDiscovery": { "markdownDescription": "The network type you choose when modifying a cluster, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Redis engine version 6.2 onward or Memcached engine version 1.6.6 on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", "title": "IpDiscovery", "type": "string" }, "LogDeliveryConfigurations": { "items": { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest" }, "markdownDescription": "Specifies the destination, format and type of the logs.", "title": "LogDeliveryConfigurations", "type": "array" }, "NetworkType": { "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Redis engine version 6.2 onward or Memcached engine version 1.6.6 on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", "title": "NetworkType", "type": "string" }, "NotificationTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", "title": "NotificationTopicArn", "type": "string" }, "NumCacheNodes": { "markdownDescription": "The number of cache nodes that the cache cluster should have.\n\n> However, if the `PreferredAvailabilityZone` and `PreferredAvailabilityZones` properties were not previously specified and you don't specify any new values, an update requires [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "NumCacheNodes", "type": "number" }, "Port": { "markdownDescription": "The port number on which each of the cache nodes accepts connections.", "title": "Port", "type": "number" }, "PreferredAvailabilityZone": { "markdownDescription": "The EC2 Availability Zone in which the cluster is created.\n\nAll nodes belonging to this cluster are placed in the preferred Availability Zone. If you want to create your nodes across multiple Availability Zones, use `PreferredAvailabilityZones` .\n\nDefault: System chosen Availability Zone.", "title": "PreferredAvailabilityZone", "type": "string" }, "PreferredAvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of the Availability Zones in which cache nodes are created. The order of the zones in the list is not important.\n\nThis option is only supported on Memcached.\n\n> If you are creating your cluster in an Amazon VPC (recommended) you can only locate nodes in Availability Zones that are associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheNodes` . \n\nIf you want all the nodes in the same Availability Zone, use `PreferredAvailabilityZone` instead, or repeat the Availability Zone multiple times in the list.\n\nDefault: System chosen Availability Zones.", "title": "PreferredAvailabilityZones", "type": "array" }, "PreferredMaintenanceWindow": { "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", "title": "PreferredMaintenanceWindow", "type": "string" }, "SnapshotArns": { "items": { "type": "string" }, "markdownDescription": "A single-element string list containing an Amazon Resource Name (ARN) that uniquely identifies a Redis RDB snapshot file stored in Amazon S3. The snapshot file is used to populate the node group (shard). The Amazon S3 object name in the ARN cannot contain any commas.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", "title": "SnapshotArns", "type": "array" }, "SnapshotName": { "markdownDescription": "The name of a Redis snapshot from which to restore data into the new node group (shard). The snapshot status changes to `restoring` while the new node group (shard) is being created.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", "title": "SnapshotName", "type": "string" }, "SnapshotRetentionLimit": { "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot taken today is retained for 5 days before being deleted.\n\n> This parameter is only valid if the `Engine` parameter is `redis` . \n\nDefault: 0 (i.e., automatic backups are disabled for this cache cluster).", "title": "SnapshotRetentionLimit", "type": "number" }, "SnapshotWindow": { "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.\n\n> This parameter is only valid if the `Engine` parameter is `redis` .", "title": "SnapshotWindow", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be added to this resource.", "title": "Tags", "type": "array" }, "TransitEncryptionEnabled": { "markdownDescription": "A flag that enables in-transit encryption when set to true.", "title": "TransitEncryptionEnabled", "type": "boolean" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "One or more VPC security groups associated with the cluster.\n\nUse this parameter only when you are creating a cluster in an Amazon Virtual Private Cloud (Amazon VPC).", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "CacheNodeType", "Engine", "NumCacheNodes" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::CacheCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { "LogGroup": { "markdownDescription": "The name of the CloudWatch Logs log group.", "title": "LogGroup", "type": "string" } }, "required": [ "LogGroup" ], "type": "object" }, "AWS::ElastiCache::CacheCluster.DestinationDetails": { "additionalProperties": false, "properties": { "CloudWatchLogsDetails": { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.CloudWatchLogsDestinationDetails", "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", "title": "CloudWatchLogsDetails" }, "KinesisFirehoseDetails": { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails", "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", "title": "KinesisFirehoseDetails" } }, "type": "object" }, "AWS::ElastiCache::CacheCluster.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { "DeliveryStream": { "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", "title": "DeliveryStream", "type": "string" } }, "required": [ "DeliveryStream" ], "type": "object" }, "AWS::ElastiCache::CacheCluster.LogDeliveryConfigurationRequest": { "additionalProperties": false, "properties": { "DestinationDetails": { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster.DestinationDetails", "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", "title": "DestinationDetails" }, "DestinationType": { "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", "title": "DestinationType", "type": "string" }, "LogFormat": { "markdownDescription": "Valid values are either `json` or `text` .", "title": "LogFormat", "type": "string" }, "LogType": { "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", "title": "LogType", "type": "string" } }, "required": [ "DestinationDetails", "DestinationType", "LogFormat", "LogType" ], "type": "object" }, "AWS::ElastiCache::GlobalReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutomaticFailoverEnabled": { "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Redis (cluster mode enabled) replication groups.", "title": "AutomaticFailoverEnabled", "type": "boolean" }, "CacheNodeType": { "markdownDescription": "The cache node type of the Global datastore", "title": "CacheNodeType", "type": "string" }, "CacheParameterGroupName": { "markdownDescription": "The name of the cache parameter group to use with the Global datastore. It must be compatible with the major engine version used by the Global datastore.", "title": "CacheParameterGroupName", "type": "string" }, "EngineVersion": { "markdownDescription": "The Elasticache Redis engine version.", "title": "EngineVersion", "type": "string" }, "GlobalNodeGroupCount": { "markdownDescription": "The number of node groups that comprise the Global Datastore.", "title": "GlobalNodeGroupCount", "type": "number" }, "GlobalReplicationGroupDescription": { "markdownDescription": "The optional description of the Global datastore", "title": "GlobalReplicationGroupDescription", "type": "string" }, "GlobalReplicationGroupIdSuffix": { "markdownDescription": "The suffix name of a Global Datastore. The suffix guarantees uniqueness of the Global Datastore name across multiple regions.", "title": "GlobalReplicationGroupIdSuffix", "type": "string" }, "Members": { "items": { "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember" }, "markdownDescription": "The replication groups that comprise the Global datastore.", "title": "Members", "type": "array" }, "RegionalConfigurations": { "items": { "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration" }, "markdownDescription": "The Regions that comprise the Global Datastore.", "title": "RegionalConfigurations", "type": "array" } }, "required": [ "Members" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::GlobalReplicationGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::GlobalReplicationGroup.GlobalReplicationGroupMember": { "additionalProperties": false, "properties": { "ReplicationGroupId": { "markdownDescription": "The replication group id of the Global datastore member.", "title": "ReplicationGroupId", "type": "string" }, "ReplicationGroupRegion": { "markdownDescription": "The Amazon region of the Global datastore member.", "title": "ReplicationGroupRegion", "type": "string" }, "Role": { "markdownDescription": "Indicates the role of the replication group, `PRIMARY` or `SECONDARY` .", "title": "Role", "type": "string" } }, "type": "object" }, "AWS::ElastiCache::GlobalReplicationGroup.RegionalConfiguration": { "additionalProperties": false, "properties": { "ReplicationGroupId": { "markdownDescription": "The name of the secondary cluster", "title": "ReplicationGroupId", "type": "string" }, "ReplicationGroupRegion": { "markdownDescription": "The Amazon region where the cluster is stored", "title": "ReplicationGroupRegion", "type": "string" }, "ReshardingConfigurations": { "items": { "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration" }, "markdownDescription": "A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster.", "title": "ReshardingConfigurations", "type": "array" } }, "type": "object" }, "AWS::ElastiCache::GlobalReplicationGroup.ReshardingConfiguration": { "additionalProperties": false, "properties": { "NodeGroupId": { "markdownDescription": "Either the ElastiCache for Redis supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", "title": "NodeGroupId", "type": "string" }, "PreferredAvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of preferred availability zones for the nodes in this cluster.", "title": "PreferredAvailabilityZones", "type": "array" } }, "type": "object" }, "AWS::ElastiCache::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CacheParameterGroupFamily": { "markdownDescription": "The name of the cache parameter group family that this cache parameter group is compatible with.\n\nValid values are: `memcached1.4` | `memcached1.5` | `memcached1.6` | `redis2.6` | `redis2.8` | `redis3.2` | `redis4.0` | `redis5.0` | `redis6.x` | `redis7`", "title": "CacheParameterGroupFamily", "type": "string" }, "Description": { "markdownDescription": "The description for this cache parameter group.", "title": "Description", "type": "string" }, "Properties": { "additionalProperties": true, "markdownDescription": "A comma-delimited list of parameter name/value pairs.\n\nFor example:\n\n```\n\"Properties\" : { \"cas_disabled\" : \"1\", \"chunk_size_growth_factor\" : \"1.02\"\n}\n```", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Properties", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag that can be added to an ElastiCache parameter group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your parameter groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ "CacheParameterGroupFamily", "Description" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::ParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::ReplicationGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AtRestEncryptionEnabled": { "markdownDescription": "A flag that enables encryption at rest when set to `true` .\n\nYou cannot modify the value of `AtRestEncryptionEnabled` after the replication group is created. To enable encryption at rest on a replication group you must set `AtRestEncryptionEnabled` to `true` when you create the replication group.\n\n*Required:* Only available when creating a replication group in an Amazon VPC using redis version `3.2.6` or `4.x` onward.\n\nDefault: `false`", "title": "AtRestEncryptionEnabled", "type": "boolean" }, "AuthToken": { "markdownDescription": "*Reserved parameter.* The password used to access a password protected server.\n\n`AuthToken` can be specified only on replication groups where `TransitEncryptionEnabled` is `true` . For more information, see [Authenticating Users with the Redis AUTH Command](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/auth.html) .\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` . \n\nPassword constraints:\n\n- Must be only printable ASCII characters.\n- Must be at least 16 characters and no more than 128 characters in length.\n- Nonalphanumeric characters are restricted to (!, &, #, $, ^, <, >, -, ).\n\nFor more information, see [AUTH password](https://docs.aws.amazon.com/http://redis.io/commands/AUTH) at http://redis.io/commands/AUTH.\n\n> If ADDING the AuthToken, update requires [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "AuthToken", "type": "string" }, "AutoMinorVersionUpgrade": { "markdownDescription": "If you are running Redis engine version 6.0 or later, set this parameter to yes if you want to opt-in to the next minor version upgrade campaign. This parameter is disabled for previous versions.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AutomaticFailoverEnabled": { "markdownDescription": "Specifies whether a read-only replica is automatically promoted to read/write primary if the existing primary fails.\n\n`AutomaticFailoverEnabled` must be enabled for Redis (cluster mode enabled) replication groups.\n\nDefault: false", "title": "AutomaticFailoverEnabled", "type": "boolean" }, "CacheNodeType": { "markdownDescription": "The compute and memory capacity of the nodes in the node group (shard).\n\nThe following node types are supported by ElastiCache. Generally speaking, the current generation types provide more memory and computational power at lower cost when compared to their equivalent previous generation counterparts.\n\n- General purpose:\n\n- Current generation:\n\n*M6g node types:* `cache.m6g.large` , `cache.m6g.xlarge` , `cache.m6g.2xlarge` , `cache.m6g.4xlarge` , `cache.m6g.12xlarge` , `cache.m6g.24xlarge`\n\n*M5 node types:* `cache.m5.large` , `cache.m5.xlarge` , `cache.m5.2xlarge` , `cache.m5.4xlarge` , `cache.m5.12xlarge` , `cache.m5.24xlarge`\n\n*M4 node types:* `cache.m4.large` , `cache.m4.xlarge` , `cache.m4.2xlarge` , `cache.m4.4xlarge` , `cache.m4.10xlarge`\n\n*T4g node types:* `cache.t4g.micro` , `cache.t4g.small` , `cache.t4g.medium`\n\n*T3 node types:* `cache.t3.micro` , `cache.t3.small` , `cache.t3.medium`\n\n*T2 node types:* `cache.t2.micro` , `cache.t2.small` , `cache.t2.medium`\n- Previous generation: (not recommended)\n\n*T1 node types:* `cache.t1.micro`\n\n*M1 node types:* `cache.m1.small` , `cache.m1.medium` , `cache.m1.large` , `cache.m1.xlarge`\n\n*M3 node types:* `cache.m3.medium` , `cache.m3.large` , `cache.m3.xlarge` , `cache.m3.2xlarge`\n- Compute optimized:\n\n- Previous generation: (not recommended)\n\n*C1 node types:* `cache.c1.xlarge`\n- Memory optimized:\n\n- Current generation:\n\n*R6gd node types:* `cache.r6gd.xlarge` , `cache.r6gd.2xlarge` , `cache.r6gd.4xlarge` , `cache.r6gd.8xlarge` , `cache.r6gd.12xlarge` , `cache.r6gd.16xlarge`\n\n> The `r6gd` family is available in the following regions: `us-east-2` , `us-east-1` , `us-west-2` , `us-west-1` , `eu-west-1` , `eu-central-1` , `ap-northeast-1` , `ap-southeast-1` , `ap-southeast-2` . \n\n*R6g node types:* `cache.r6g.large` , `cache.r6g.xlarge` , `cache.r6g.2xlarge` , `cache.r6g.4xlarge` , `cache.r6g.12xlarge` , `cache.r6g.24xlarge`\n\n*R5 node types:* `cache.r5.large` , `cache.r5.xlarge` , `cache.r5.2xlarge` , `cache.r5.4xlarge` , `cache.r5.12xlarge` , `cache.r5.24xlarge`\n\n*R4 node types:* `cache.r4.large` , `cache.r4.xlarge` , `cache.r4.2xlarge` , `cache.r4.4xlarge` , `cache.r4.8xlarge` , `cache.r4.16xlarge`\n- Previous generation: (not recommended)\n\n*M2 node types:* `cache.m2.xlarge` , `cache.m2.2xlarge` , `cache.m2.4xlarge`\n\n*R3 node types:* `cache.r3.large` , `cache.r3.xlarge` , `cache.r3.2xlarge` , `cache.r3.4xlarge` , `cache.r3.8xlarge`\n\nFor region availability, see [Supported Node Types by Amazon Region](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/CacheNodes.SupportedTypes.html#CacheNodes.SupportedTypesByRegion)", "title": "CacheNodeType", "type": "string" }, "CacheParameterGroupName": { "markdownDescription": "The name of the parameter group to associate with this replication group. If this argument is omitted, the default cache parameter group for the specified engine is used.\n\nIf you are running Redis version 3.2.4 or later, only one node group (shard), and want to use a default parameter group, we recommend that you specify the parameter group by name.\n\n- To create a Redis (cluster mode disabled) replication group, use `CacheParameterGroupName=default.redis3.2` .\n- To create a Redis (cluster mode enabled) replication group, use `CacheParameterGroupName=default.redis3.2.cluster.on` .", "title": "CacheParameterGroupName", "type": "string" }, "CacheSecurityGroupNames": { "items": { "type": "string" }, "markdownDescription": "A list of cache security group names to associate with this replication group.", "title": "CacheSecurityGroupNames", "type": "array" }, "CacheSubnetGroupName": { "markdownDescription": "The name of the cache subnet group to be used for the replication group.\n\n> If you're going to launch your cluster in an Amazon VPC, you need to create a subnet group before you start creating a cluster. For more information, see [AWS::ElastiCache::SubnetGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticache-subnetgroup.html) .", "title": "CacheSubnetGroupName", "type": "string" }, "ClusterMode": { "markdownDescription": "Enabled or Disabled. To modify cluster mode from Disabled to Enabled, you must first set the cluster mode to Compatible. Compatible mode allows your Redis clients to connect using both cluster mode enabled and cluster mode disabled. After you migrate all Redis clients to use cluster mode enabled, you can then complete cluster mode configuration and set the cluster mode to Enabled. For more information, see [Modify cluster mode](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/modify-cluster-mode.html) .", "title": "ClusterMode", "type": "string" }, "DataTieringEnabled": { "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/data-tiering.html) .", "title": "DataTieringEnabled", "type": "boolean" }, "Engine": { "markdownDescription": "The name of the cache engine to be used for the clusters in this replication group. The value must be set to `Redis` .", "title": "Engine", "type": "string" }, "EngineVersion": { "markdownDescription": "The version number of the cache engine to be used for the clusters in this replication group. To view the supported cache engine versions, use the `DescribeCacheEngineVersions` operation.\n\n*Important:* You can upgrade to a newer engine version (see [Selecting a Cache Engine and Version](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement) ) in the *ElastiCache User Guide* , but you cannot downgrade to an earlier engine version. If you want to use an earlier engine version, you must delete the existing cluster or replication group and create it anew with the earlier engine version.", "title": "EngineVersion", "type": "string" }, "GlobalReplicationGroupId": { "markdownDescription": "The name of the Global datastore", "title": "GlobalReplicationGroupId", "type": "string" }, "IpDiscovery": { "markdownDescription": "The network type you choose when creating a replication group, either `ipv4` | `ipv6` . IPv6 is supported for workloads using Redis engine version 6.2 onward or Memcached engine version 1.6.6 on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", "title": "IpDiscovery", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the KMS key used to encrypt the disk on the cluster.", "title": "KmsKeyId", "type": "string" }, "LogDeliveryConfigurations": { "items": { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest" }, "markdownDescription": "Specifies the destination, format and type of the logs.", "title": "LogDeliveryConfigurations", "type": "array" }, "MultiAZEnabled": { "markdownDescription": "A flag indicating if you have Multi-AZ enabled to enhance fault tolerance. For more information, see [Minimizing Downtime: Multi-AZ](https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/AutoFailover.html) .", "title": "MultiAZEnabled", "type": "boolean" }, "NetworkType": { "markdownDescription": "Must be either `ipv4` | `ipv6` | `dual_stack` . IPv6 is supported for workloads using Redis engine version 6.2 onward or Memcached engine version 1.6.6 on all instances built on the [Nitro system](https://docs.aws.amazon.com/ec2/nitro/) .", "title": "NetworkType", "type": "string" }, "NodeGroupConfiguration": { "items": { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration" }, "markdownDescription": "`NodeGroupConfiguration` is a property of the `AWS::ElastiCache::ReplicationGroup` resource that configures an Amazon ElastiCache (ElastiCache) Redis cluster node group.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NodeGroupConfiguration` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NodeGroupConfiguration` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "NodeGroupConfiguration", "type": "array" }, "NotificationTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Simple Notification Service (SNS) topic to which notifications are sent.\n\n> The Amazon SNS topic owner must be the same as the cluster owner.", "title": "NotificationTopicArn", "type": "string" }, "NumCacheClusters": { "markdownDescription": "The number of clusters this replication group initially has.\n\nThis parameter is not used if there is more than one node group (shard). You should use `ReplicasPerNodeGroup` instead.\n\nIf `AutomaticFailoverEnabled` is `true` , the value of this parameter must be at least 2. If `AutomaticFailoverEnabled` is `false` you can omit this parameter (it will default to 1), or you can explicitly set it to a value between 2 and 6.\n\nThe maximum permitted value for `NumCacheClusters` is 6 (1 primary plus 5 replicas).", "title": "NumCacheClusters", "type": "number" }, "NumNodeGroups": { "markdownDescription": "An optional parameter that specifies the number of node groups (shards) for this Redis (cluster mode enabled) replication group. For Redis (cluster mode disabled) either omit this parameter or set it to 1.\n\nIf you set [UseOnlineResharding](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) to `true` , you can update `NumNodeGroups` without interruption. When `UseOnlineResharding` is set to `false` , or is not specified, updating `NumNodeGroups` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .\n\nDefault: 1", "title": "NumNodeGroups", "type": "number" }, "Port": { "markdownDescription": "The port number on which each member of the replication group accepts connections.", "title": "Port", "type": "number" }, "PreferredCacheClusterAZs": { "items": { "type": "string" }, "markdownDescription": "A list of EC2 Availability Zones in which the replication group's clusters are created. The order of the Availability Zones in the list is the order in which clusters are allocated. The primary cluster is created in the first AZ in the list.\n\nThis parameter is not used if there is more than one node group (shard). You should use `NodeGroupConfiguration` instead.\n\n> If you are creating your replication group in an Amazon VPC (recommended), you can only locate clusters in Availability Zones associated with the subnets in the selected subnet group.\n> \n> The number of Availability Zones listed must equal the value of `NumCacheClusters` . \n\nDefault: system chosen Availability Zones.", "title": "PreferredCacheClusterAZs", "type": "array" }, "PreferredMaintenanceWindow": { "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\nValid values for `ddd` are:\n\n- `sun`\n- `mon`\n- `tue`\n- `wed`\n- `thu`\n- `fri`\n- `sat`\n\nExample: `sun:23:00-mon:01:30`", "title": "PreferredMaintenanceWindow", "type": "string" }, "PrimaryClusterId": { "markdownDescription": "The identifier of the cluster that serves as the primary for this replication group. This cluster must already exist and have a status of `available` .\n\nThis parameter is not required if `NumCacheClusters` , `NumNodeGroups` , or `ReplicasPerNodeGroup` is specified.", "title": "PrimaryClusterId", "type": "string" }, "ReplicasPerNodeGroup": { "markdownDescription": "An optional parameter that specifies the number of replica nodes in each node group (shard). Valid values are 0 to 5.", "title": "ReplicasPerNodeGroup", "type": "number" }, "ReplicationGroupDescription": { "markdownDescription": "A user-created description for the replication group.", "title": "ReplicationGroupDescription", "type": "string" }, "ReplicationGroupId": { "markdownDescription": "The replication group identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- A name must contain from 1 to 40 alphanumeric characters or hyphens.\n- The first character must be a letter.\n- A name cannot end with a hyphen or contain two consecutive hyphens.", "title": "ReplicationGroupId", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "One or more Amazon VPC security groups associated with this replication group.\n\nUse this parameter only when you are creating a replication group in an Amazon Virtual Private Cloud (Amazon VPC).", "title": "SecurityGroupIds", "type": "array" }, "SnapshotArns": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the Redis RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new replication group. The Amazon S3 object name in the ARN cannot contain any commas. The new replication group will have the number of node groups (console: shards) specified by the parameter *NumNodeGroups* or the number of node groups configured by *NodeGroupConfiguration* regardless of the number of ARNs specified here.\n\nExample of an Amazon S3 ARN: `arn:aws:s3:::my_bucket/snapshot1.rdb`", "title": "SnapshotArns", "type": "array" }, "SnapshotName": { "markdownDescription": "The name of a snapshot from which to restore data into the new replication group. The snapshot status changes to `restoring` while the new replication group is being created.", "title": "SnapshotName", "type": "string" }, "SnapshotRetentionLimit": { "markdownDescription": "The number of days for which ElastiCache retains automatic snapshots before deleting them. For example, if you set `SnapshotRetentionLimit` to 5, a snapshot that was taken today is retained for 5 days before being deleted.\n\nDefault: 0 (i.e., automatic backups are disabled for this cluster).", "title": "SnapshotRetentionLimit", "type": "number" }, "SnapshotWindow": { "markdownDescription": "The daily time range (in UTC) during which ElastiCache begins taking a daily snapshot of your node group (shard).\n\nExample: `05:00-09:00`\n\nIf you do not specify this parameter, ElastiCache automatically chooses an appropriate time range.", "title": "SnapshotWindow", "type": "string" }, "SnapshottingClusterId": { "markdownDescription": "The cluster ID that is used as the daily snapshot source for the replication group. This parameter cannot be set for Redis (cluster mode enabled) replication groups.", "title": "SnapshottingClusterId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be added to this resource. Tags are comma-separated key,value pairs (e.g. Key= `myKey` , Value= `myKeyValue` . You can include multiple tags as shown following: Key= `myKey` , Value= `myKeyValue` Key= `mySecondKey` , Value= `mySecondKeyValue` . Tags on replication groups will be replicated to all nodes.", "title": "Tags", "type": "array" }, "TransitEncryptionEnabled": { "markdownDescription": "A flag that enables in-transit encryption when set to `true` .\n\nYou cannot modify the value of `TransitEncryptionEnabled` after the cluster is created. To enable in-transit encryption on a cluster you must set `TransitEncryptionEnabled` to `true` when you create a cluster.\n\nThis parameter is valid only if the `Engine` parameter is `redis` , the `EngineVersion` parameter is `3.2.6` or `4.x` onward, and the cluster is being created in an Amazon VPC.\n\nIf you enable in-transit encryption, you must also specify a value for `CacheSubnetGroup` .\n\n*Required:* Only available when creating a replication group in an Amazon VPC using redis version `3.2.6` or `4.x` onward.\n\nDefault: `false`\n\n> For HIPAA compliance, you must specify `TransitEncryptionEnabled` as `true` , an `AuthToken` , and a `CacheSubnetGroup` .", "title": "TransitEncryptionEnabled", "type": "boolean" }, "TransitEncryptionMode": { "markdownDescription": "A setting that allows you to migrate your clients to use in-transit encryption, with no downtime.\n\nWhen setting `TransitEncryptionEnabled` to `true` , you can set your `TransitEncryptionMode` to `preferred` in the same request, to allow both encrypted and unencrypted connections at the same time. Once you migrate all your Redis clients to use encrypted connections you can modify the value to `required` to allow encrypted connections only.\n\nSetting `TransitEncryptionMode` to `required` is a two-step process that requires you to first set the `TransitEncryptionMode` to `preferred` , after that you can set `TransitEncryptionMode` to `required` .\n\nThis process will not trigger the replacement of the replication group.", "title": "TransitEncryptionMode", "type": "string" }, "UserGroupIds": { "items": { "type": "string" }, "markdownDescription": "The ID of user group to associate with the replication group.", "title": "UserGroupIds", "type": "array" } }, "required": [ "ReplicationGroupDescription" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::ReplicationGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails": { "additionalProperties": false, "properties": { "LogGroup": { "markdownDescription": "The name of the CloudWatch Logs log group.", "title": "LogGroup", "type": "string" } }, "required": [ "LogGroup" ], "type": "object" }, "AWS::ElastiCache::ReplicationGroup.DestinationDetails": { "additionalProperties": false, "properties": { "CloudWatchLogsDetails": { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.CloudWatchLogsDestinationDetails", "markdownDescription": "The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination.", "title": "CloudWatchLogsDetails" }, "KinesisFirehoseDetails": { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails", "markdownDescription": "The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination.", "title": "KinesisFirehoseDetails" } }, "type": "object" }, "AWS::ElastiCache::ReplicationGroup.KinesisFirehoseDestinationDetails": { "additionalProperties": false, "properties": { "DeliveryStream": { "markdownDescription": "The name of the Kinesis Data Firehose delivery stream.", "title": "DeliveryStream", "type": "string" } }, "required": [ "DeliveryStream" ], "type": "object" }, "AWS::ElastiCache::ReplicationGroup.LogDeliveryConfigurationRequest": { "additionalProperties": false, "properties": { "DestinationDetails": { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup.DestinationDetails", "markdownDescription": "Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination.", "title": "DestinationDetails" }, "DestinationType": { "markdownDescription": "Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either `cloudwatch-logs` or `kinesis-firehose` .", "title": "DestinationType", "type": "string" }, "LogFormat": { "markdownDescription": "Valid values are either `json` or `text` .", "title": "LogFormat", "type": "string" }, "LogType": { "markdownDescription": "Valid value is either `slow-log` , which refers to [slow-log](https://docs.aws.amazon.com/https://redis.io/commands/slowlog) or `engine-log` .", "title": "LogType", "type": "string" } }, "required": [ "DestinationDetails", "DestinationType", "LogFormat", "LogType" ], "type": "object" }, "AWS::ElastiCache::ReplicationGroup.NodeGroupConfiguration": { "additionalProperties": false, "properties": { "NodeGroupId": { "markdownDescription": "Either the ElastiCache for Redis supplied 4-digit id or a user supplied id for the node group these configuration values apply to.", "title": "NodeGroupId", "type": "string" }, "PrimaryAvailabilityZone": { "markdownDescription": "The Availability Zone where the primary node of this node group (shard) is launched.", "title": "PrimaryAvailabilityZone", "type": "string" }, "ReplicaAvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of `ReplicaCount` or `ReplicasPerNodeGroup` if not specified.", "title": "ReplicaAvailabilityZones", "type": "array" }, "ReplicaCount": { "markdownDescription": "The number of read replica nodes in this node group (shard).", "title": "ReplicaCount", "type": "number" }, "Slots": { "markdownDescription": "A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): `0,1,2,0-4999,5000-9999,10000-16,383` .\n\nIf you don't specify a value, ElastiCache allocates keys equally among each slot.\n\nWhen you use an `UseOnlineResharding` update policy to update the number of node groups without interruption, ElastiCache evenly distributes the keyspaces between the specified number of slots. This cannot be updated later. Therefore, after updating the number of node groups in this way, you should remove the value specified for the `Slots` property of each `NodeGroupConfiguration` from the stack template, as it no longer reflects the actual values in each node group. For more information, see [UseOnlineResharding Policy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-useonlineresharding) .", "title": "Slots", "type": "string" } }, "type": "object" }, "AWS::ElastiCache::SecurityGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the cache security group.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag that can be added to an ElastiCache security group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your security groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ "Description" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::SecurityGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::SecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CacheSecurityGroupName": { "markdownDescription": "The name of the Cache Security Group to authorize.", "title": "CacheSecurityGroupName", "type": "string" }, "EC2SecurityGroupName": { "markdownDescription": "Name of the EC2 Security Group to include in the authorization.", "title": "EC2SecurityGroupName", "type": "string" }, "EC2SecurityGroupOwnerId": { "markdownDescription": "Specifies the Amazon Account ID of the owner of the EC2 security group specified in the EC2SecurityGroupName property. The Amazon access key ID is not an acceptable value.", "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "required": [ "CacheSecurityGroupName", "EC2SecurityGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::SecurityGroupIngress" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::ServerlessCache": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CacheUsageLimits": { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.CacheUsageLimits", "markdownDescription": "The cache usage limit for the serverless cache.", "title": "CacheUsageLimits" }, "DailySnapshotTime": { "markdownDescription": "The daily time that a cache snapshot will be created. Default is NULL, i.e. snapshots will not be created at a specific time on a daily basis. Available for Redis and Serverless Memcached only.", "title": "DailySnapshotTime", "type": "string" }, "Description": { "markdownDescription": "A description of the serverless cache.", "title": "Description", "type": "string" }, "Endpoint": { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", "title": "Endpoint" }, "Engine": { "markdownDescription": "The engine the serverless cache is compatible with.", "title": "Engine", "type": "string" }, "FinalSnapshotName": { "markdownDescription": "The name of the final snapshot taken of a cache before the cache is deleted.", "title": "FinalSnapshotName", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service (KMS) key that is used to encrypt data at rest in the serverless cache.", "title": "KmsKeyId", "type": "string" }, "MajorEngineVersion": { "markdownDescription": "The version number of the engine the serverless cache is compatible with.", "title": "MajorEngineVersion", "type": "string" }, "ReaderEndpoint": { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.Endpoint", "markdownDescription": "Represents the information required for client programs to connect to a cache node. This value is read-only.", "title": "ReaderEndpoint" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the EC2 security groups associated with the serverless cache.", "title": "SecurityGroupIds", "type": "array" }, "ServerlessCacheName": { "markdownDescription": "The unique identifier of the serverless cache.", "title": "ServerlessCacheName", "type": "string" }, "SnapshotArnsToRestore": { "items": { "type": "string" }, "markdownDescription": "The ARN of the snapshot from which to restore data into the new cache.", "title": "SnapshotArnsToRestore", "type": "array" }, "SnapshotRetentionLimit": { "markdownDescription": "The current setting for the number of serverless cache snapshots the system will retain. Available for Redis and Serverless Memcached only.", "title": "SnapshotRetentionLimit", "type": "number" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "If no subnet IDs are given and your VPC is in us-west-1, then ElastiCache will select 2 default subnets across AZs in your VPC. For all other Regions, if no subnet IDs are given then ElastiCache will select 3 default subnets across AZs in your default VPC.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to be added to this resource.", "title": "Tags", "type": "array" }, "UserGroupId": { "markdownDescription": "The identifier of the user group associated with the serverless cache. Available for Redis only. Default is NULL.", "title": "UserGroupId", "type": "string" } }, "required": [ "Engine", "ServerlessCacheName" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::ServerlessCache" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::ServerlessCache.CacheUsageLimits": { "additionalProperties": false, "properties": { "DataStorage": { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.DataStorage", "markdownDescription": "The maximum data storage limit in the cache, expressed in Gigabytes.", "title": "DataStorage" }, "ECPUPerSecond": { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache.ECPUPerSecond", "markdownDescription": "The number of ElastiCache Processing Units (ECPU) the cache can consume per second.", "title": "ECPUPerSecond" } }, "type": "object" }, "AWS::ElastiCache::ServerlessCache.DataStorage": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The upper limit for data storage the cache is set to use.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "The lower limit for data storage the cache is set to use.", "title": "Minimum", "type": "number" }, "Unit": { "markdownDescription": "The unit that the storage is measured in, in GB.", "title": "Unit", "type": "string" } }, "required": [ "Unit" ], "type": "object" }, "AWS::ElastiCache::ServerlessCache.ECPUPerSecond": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The configuration for the maximum number of ECPUs the cache can consume per second.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "The configuration for the minimum number of ECPUs the cache should be able consume per second.", "title": "Minimum", "type": "number" } }, "type": "object" }, "AWS::ElastiCache::ServerlessCache.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The DNS hostname of the cache node.", "title": "Address", "type": "string" }, "Port": { "markdownDescription": "The port number that the cache engine is listening on.", "title": "Port", "type": "string" } }, "type": "object" }, "AWS::ElastiCache::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CacheSubnetGroupName": { "markdownDescription": "The name for the cache subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 alphanumeric characters or hyphens.\n\nExample: `mysubnetgroup`", "title": "CacheSubnetGroupName", "type": "string" }, "Description": { "markdownDescription": "The description for the cache subnet group.", "title": "Description", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The EC2 subnet IDs for the cache subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag that can be added to an ElastiCache subnet group. Tags are composed of a Key/Value pair. You can use tags to categorize and track all your subnet groups. A tag with a null Value is permitted.", "title": "Tags", "type": "array" } }, "required": [ "Description", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::SubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessString": { "markdownDescription": "Access permissions string used for this user.", "title": "AccessString", "type": "string" }, "AuthenticationMode": { "$ref": "#/definitions/AWS::ElastiCache::User.AuthenticationMode", "markdownDescription": "Specifies the authentication mode to use. Below is an example of the possible JSON values:\n\n```\n{ Passwords: [\"*****\", \"******\"] // If Type is password.\n}\n```", "title": "AuthenticationMode" }, "Engine": { "markdownDescription": "The current supported value is redis.", "title": "Engine", "type": "string" }, "NoPasswordRequired": { "markdownDescription": "Indicates a password is not required for this user.", "title": "NoPasswordRequired", "type": "boolean" }, "Passwords": { "items": { "type": "string" }, "markdownDescription": "Passwords used for this user. You can create up to two passwords for each user.", "title": "Passwords", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tags.", "title": "Tags", "type": "array" }, "UserId": { "markdownDescription": "The ID of the user.", "title": "UserId", "type": "string" }, "UserName": { "markdownDescription": "The username of the user.", "title": "UserName", "type": "string" } }, "required": [ "Engine", "UserId", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElastiCache::User.AuthenticationMode": { "additionalProperties": false, "properties": { "Passwords": { "items": { "type": "string" }, "markdownDescription": "Specifies the passwords to use for authentication if `Type` is set to `password` .", "title": "Passwords", "type": "array" }, "Type": { "markdownDescription": "Specifies the authentication type. Possible options are IAM authentication, password and no password.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElastiCache::UserGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Engine": { "markdownDescription": "The current supported value is redis.", "title": "Engine", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tags.", "title": "Tags", "type": "array" }, "UserGroupId": { "markdownDescription": "The ID of the user group.", "title": "UserGroupId", "type": "string" }, "UserIds": { "items": { "type": "string" }, "markdownDescription": "The list of user IDs that belong to the user group. A user named `default` must be included.", "title": "UserIds", "type": "array" } }, "required": [ "Engine", "UserGroupId", "UserIds" ], "type": "object" }, "Type": { "enum": [ "AWS::ElastiCache::UserGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticBeanstalk::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "A name for the Elastic Beanstalk application. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the application name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "ApplicationName", "type": "string" }, "Description": { "markdownDescription": "Your description of the application.", "title": "Description", "type": "string" }, "ResourceLifecycleConfig": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig", "markdownDescription": "Specifies an application resource lifecycle configuration to prevent your application from accumulating too many versions.", "title": "ResourceLifecycleConfig" } }, "type": "object" }, "Type": { "enum": [ "AWS::ElasticBeanstalk::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticBeanstalk::Application.ApplicationResourceLifecycleConfig": { "additionalProperties": false, "properties": { "ServiceRole": { "markdownDescription": "The ARN of an IAM service role that Elastic Beanstalk has permission to assume.\n\nThe `ServiceRole` property is required the first time that you provide a `ResourceLifecycleConfig` for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value.", "title": "ServiceRole", "type": "string" }, "VersionLifecycleConfig": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig", "markdownDescription": "Defines lifecycle settings for application versions.", "title": "VersionLifecycleConfig" } }, "type": "object" }, "AWS::ElasticBeanstalk::Application.ApplicationVersionLifecycleConfig": { "additionalProperties": false, "properties": { "MaxAgeRule": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxAgeRule", "markdownDescription": "Specify a max age rule to restrict the length of time that application versions are retained for an application.", "title": "MaxAgeRule" }, "MaxCountRule": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Application.MaxCountRule", "markdownDescription": "Specify a max count rule to restrict the number of application versions that are retained for an application.", "title": "MaxCountRule" } }, "type": "object" }, "AWS::ElasticBeanstalk::Application.MaxAgeRule": { "additionalProperties": false, "properties": { "DeleteSourceFromS3": { "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", "title": "DeleteSourceFromS3", "type": "boolean" }, "Enabled": { "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", "title": "Enabled", "type": "boolean" }, "MaxAgeInDays": { "markdownDescription": "Specify the number of days to retain an application versions.", "title": "MaxAgeInDays", "type": "number" } }, "type": "object" }, "AWS::ElasticBeanstalk::Application.MaxCountRule": { "additionalProperties": false, "properties": { "DeleteSourceFromS3": { "markdownDescription": "Set to `true` to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version.", "title": "DeleteSourceFromS3", "type": "boolean" }, "Enabled": { "markdownDescription": "Specify `true` to apply the rule, or `false` to disable it.", "title": "Enabled", "type": "boolean" }, "MaxCount": { "markdownDescription": "Specify the maximum number of application versions to retain.", "title": "MaxCount", "type": "number" } }, "type": "object" }, "AWS::ElasticBeanstalk::ApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the Elastic Beanstalk application that is associated with this application version.", "title": "ApplicationName", "type": "string" }, "Description": { "markdownDescription": "A description of this application version.", "title": "Description", "type": "string" }, "SourceBundle": { "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle", "markdownDescription": "The Amazon S3 bucket and key that identify the location of the source bundle for this version.\n\n> The Amazon S3 bucket must be in the same region as the environment.", "title": "SourceBundle" } }, "required": [ "ApplicationName", "SourceBundle" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticBeanstalk::ApplicationVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticBeanstalk::ApplicationVersion.SourceBundle": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The Amazon S3 bucket where the data is located.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The Amazon S3 key where the data is located.", "title": "S3Key", "type": "string" } }, "required": [ "S3Bucket", "S3Key" ], "type": "object" }, "AWS::ElasticBeanstalk::ConfigurationTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the Elastic Beanstalk application to associate with this configuration template.", "title": "ApplicationName", "type": "string" }, "Description": { "markdownDescription": "An optional description for this configuration.", "title": "Description", "type": "string" }, "EnvironmentId": { "markdownDescription": "The ID of an environment whose settings you want to use to create the configuration template. You must specify `EnvironmentId` if you don't specify `PlatformArn` , `SolutionStackName` , or `SourceConfiguration` .", "title": "EnvironmentId", "type": "string" }, "OptionSettings": { "items": { "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting" }, "markdownDescription": "Option values for the Elastic Beanstalk configuration, such as the instance type. If specified, these values override the values obtained from the solution stack or the source configuration template. For a complete list of Elastic Beanstalk configuration options, see [Option Values](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options.html) in the *AWS Elastic Beanstalk Developer Guide* .", "title": "OptionSettings", "type": "array" }, "PlatformArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , then don't specify `SolutionStackName` .", "title": "PlatformArn", "type": "string" }, "SolutionStackName": { "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) that this configuration uses. For example, `64bit Amazon Linux 2013.09 running Tomcat 7 Java 7` . A solution stack specifies the operating system, runtime, and application server for a configuration template. It also determines the set of configuration options as well as the possible and default values. For more information, see [Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/concepts.platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\nYou must specify `SolutionStackName` if you don't specify `PlatformArn` , `EnvironmentId` , or `SourceConfiguration` .\n\nUse the [`ListAvailableSolutionStacks`](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_ListAvailableSolutionStacks.html) API to obtain a list of available solution stacks.", "title": "SolutionStackName", "type": "string" }, "SourceConfiguration": { "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration", "markdownDescription": "An Elastic Beanstalk configuration template to base this one on. If specified, Elastic Beanstalk uses the configuration values from the specified configuration template to create a new configuration.\n\nValues specified in `OptionSettings` override any values obtained from the `SourceConfiguration` .\n\nYou must specify `SourceConfiguration` if you don't specify `PlatformArn` , `EnvironmentId` , or `SolutionStackName` .\n\nConstraint: If both solution stack name and source configuration are specified, the solution stack of the source configuration template must match the specified solution stack name.", "title": "SourceConfiguration" } }, "required": [ "ApplicationName" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticBeanstalk::ConfigurationTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticBeanstalk::ConfigurationTemplate.ConfigurationOptionSetting": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", "title": "Namespace", "type": "string" }, "OptionName": { "markdownDescription": "The name of the configuration option.", "title": "OptionName", "type": "string" }, "ResourceName": { "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", "title": "ResourceName", "type": "string" }, "Value": { "markdownDescription": "The current value for the configuration option.", "title": "Value", "type": "string" } }, "required": [ "Namespace", "OptionName" ], "type": "object" }, "AWS::ElasticBeanstalk::ConfigurationTemplate.SourceConfiguration": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the application associated with the configuration.", "title": "ApplicationName", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the configuration template.", "title": "TemplateName", "type": "string" } }, "required": [ "ApplicationName", "TemplateName" ], "type": "object" }, "AWS::ElasticBeanstalk::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the application that is associated with this environment.", "title": "ApplicationName", "type": "string" }, "CNAMEPrefix": { "markdownDescription": "If specified, the environment attempts to use this value as the prefix for the CNAME in your Elastic Beanstalk environment URL. If not specified, the CNAME is generated automatically by appending a random alphanumeric string to the environment name.", "title": "CNAMEPrefix", "type": "string" }, "Description": { "markdownDescription": "Your description for this environment.", "title": "Description", "type": "string" }, "EnvironmentName": { "markdownDescription": "A unique name for the environment.\n\nConstraint: Must be from 4 to 40 characters in length. The name can contain only letters, numbers, and hyphens. It can't start or end with a hyphen. This name must be unique within a region in your account.\n\nIf you don't specify the `CNAMEPrefix` parameter, the environment name becomes part of the CNAME, and therefore part of the visible URL for your application.\n\nIf you don't specify an environment name, AWS CloudFormation generates a unique physical ID and uses that ID for the environment name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "EnvironmentName", "type": "string" }, "OperationsRole": { "markdownDescription": "> The operations role feature of AWS Elastic Beanstalk is in beta release and is subject to change. \n\nThe Amazon Resource Name (ARN) of an existing IAM role to be used as the environment's operations role. If specified, Elastic Beanstalk uses the operations role for permissions to downstream services during this call and during subsequent calls acting on this environment. To specify an operations role, you must have the `iam:PassRole` permission for the role.", "title": "OperationsRole", "type": "string" }, "OptionSettings": { "items": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.OptionSetting" }, "markdownDescription": "Key-value pairs defining configuration options for this environment, such as the instance type. These options override the values that are defined in the solution stack or the [configuration template](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-beanstalk-configurationtemplate.html) . If you remove any options during a stack update, the removed options retain their current values.", "title": "OptionSettings", "type": "array" }, "PlatformArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the custom platform to use with the environment. For more information, see [Custom Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/custom-platforms.html) in the *AWS Elastic Beanstalk Developer Guide* .\n\n> If you specify `PlatformArn` , don't specify `SolutionStackName` .", "title": "PlatformArn", "type": "string" }, "SolutionStackName": { "markdownDescription": "The name of an Elastic Beanstalk solution stack (platform version) to use with the environment. If specified, Elastic Beanstalk sets the configuration values to the default values associated with the specified solution stack. For a list of current solution stacks, see [Elastic Beanstalk Supported Platforms](https://docs.aws.amazon.com/elasticbeanstalk/latest/platforms/platforms-supported.html) in the *AWS Elastic Beanstalk Platforms* guide.\n\n> If you specify `SolutionStackName` , don't specify `PlatformArn` or `TemplateName` .", "title": "SolutionStackName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies the tags applied to resources in the environment.", "title": "Tags", "type": "array" }, "TemplateName": { "markdownDescription": "The name of the Elastic Beanstalk configuration template to use with the environment.\n\n> If you specify `TemplateName` , then don't specify `SolutionStackName` .", "title": "TemplateName", "type": "string" }, "Tier": { "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment.Tier", "markdownDescription": "Specifies the tier to use in creating this environment. The environment tier that you choose determines whether Elastic Beanstalk provisions resources to support a web application that handles HTTP(S) requests or a web application that handles background-processing tasks.", "title": "Tier" }, "VersionLabel": { "markdownDescription": "The name of the application version to deploy.\n\nDefault: If not specified, Elastic Beanstalk attempts to deploy the sample application.", "title": "VersionLabel", "type": "string" } }, "required": [ "ApplicationName" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticBeanstalk::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticBeanstalk::Environment.OptionSetting": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "A unique namespace that identifies the option's associated AWS resource.", "title": "Namespace", "type": "string" }, "OptionName": { "markdownDescription": "The name of the configuration option.", "title": "OptionName", "type": "string" }, "ResourceName": { "markdownDescription": "A unique resource name for the option setting. Use it for a time\u2013based scaling configuration option.", "title": "ResourceName", "type": "string" }, "Value": { "markdownDescription": "The current value for the configuration option.", "title": "Value", "type": "string" } }, "required": [ "Namespace", "OptionName" ], "type": "object" }, "AWS::ElasticBeanstalk::Environment.Tier": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `WebServer`\n- For *Worker tier* \u2013 `Worker`", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of this environment tier.\n\nValid values:\n\n- For *Web server tier* \u2013 `Standard`\n- For *Worker tier* \u2013 `SQS/HTTP`", "title": "Type", "type": "string" }, "Version": { "markdownDescription": "The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version.\n\n> This member is deprecated. Any specific version that you set may become out of date. We recommend leaving it unspecified.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessLoggingPolicy": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy", "markdownDescription": "Information about where and how access logs are stored for the load balancer.", "title": "AccessLoggingPolicy" }, "AppCookieStickinessPolicy": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy" }, "markdownDescription": "Information about a policy for application-controlled session stickiness.", "title": "AppCookieStickinessPolicy", "type": "array" }, "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "The Availability Zones for a load balancer in a default VPC. For a load balancer in a nondefault VPC, specify `Subnets` instead.\n\nUpdate requires replacement if you did not previously specify an Availability Zone or if you are removing all Availability Zones. Otherwise, update requires no interruption.", "title": "AvailabilityZones", "type": "array" }, "ConnectionDrainingPolicy": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy", "markdownDescription": "If enabled, the load balancer allows existing requests to complete before the load balancer shifts traffic away from a deregistered or unhealthy instance.\n\nFor more information, see [Configure connection draining](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html) in the *User Guide for Classic Load Balancers* .", "title": "ConnectionDrainingPolicy" }, "ConnectionSettings": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings", "markdownDescription": "If enabled, the load balancer allows the connections to remain idle (no data is sent over the connection) for the specified duration.\n\nBy default, Elastic Load Balancing maintains a 60-second idle connection timeout for both front-end and back-end connections of your load balancer. For more information, see [Configure idle connection timeout](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html) in the *User Guide for Classic Load Balancers* .", "title": "ConnectionSettings" }, "CrossZone": { "markdownDescription": "If enabled, the load balancer routes the request traffic evenly across all instances regardless of the Availability Zones.\n\nFor more information, see [Configure cross-zone load balancing](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html) in the *User Guide for Classic Load Balancers* .", "title": "CrossZone", "type": "boolean" }, "HealthCheck": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck", "markdownDescription": "The health check settings to use when evaluating the health of your EC2 instances.\n\nUpdate requires replacement if you did not previously specify health check settings or if you are removing the health check settings. Otherwise, update requires no interruption.", "title": "HealthCheck" }, "Instances": { "items": { "type": "string" }, "markdownDescription": "The IDs of the instances for the load balancer.", "title": "Instances", "type": "array" }, "LBCookieStickinessPolicy": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy" }, "markdownDescription": "Information about a policy for duration-based session stickiness.", "title": "LBCookieStickinessPolicy", "type": "array" }, "Listeners": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Listeners" }, "markdownDescription": "The listeners for the load balancer. You can specify at most one listener per port.\n\nIf you update the properties for a listener, AWS CloudFormation deletes the existing listener and creates a new one with the specified properties. While the new listener is being created, clients cannot connect to the load balancer.", "title": "Listeners", "type": "array" }, "LoadBalancerName": { "markdownDescription": "The name of the load balancer. This name must be unique within your set of load balancers for the region.\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) . If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", "title": "LoadBalancerName", "type": "string" }, "Policies": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer.Policies" }, "markdownDescription": "The policies defined for your Classic Load Balancer. Specify only back-end server policies.", "title": "Policies", "type": "array" }, "Scheme": { "markdownDescription": "The type of load balancer. Valid only for load balancers in a VPC.\n\nIf `Scheme` is `internet-facing` , the load balancer has a public DNS name that resolves to a public IP address.\n\nIf `Scheme` is `internal` , the load balancer has a public DNS name that resolves to a private IP address.", "title": "Scheme", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups for the load balancer. Valid only for load balancers in a VPC.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets for the load balancer. You can specify at most one subnet per Availability Zone.\n\nUpdate requires replacement if you did not previously specify a subnet or if you are removing all subnets. Otherwise, update requires no interruption. To update to a different subnet in the current Availability Zone, you must first update to a subnet in a different Availability Zone, then update to the new subnet in the original Availability Zone.", "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with a load balancer.", "title": "Tags", "type": "array" } }, "required": [ "Listeners" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancing::LoadBalancer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.AccessLoggingPolicy": { "additionalProperties": false, "properties": { "EmitInterval": { "markdownDescription": "The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes.\n\nDefault: 60 minutes", "title": "EmitInterval", "type": "number" }, "Enabled": { "markdownDescription": "Specifies whether access logs are enabled for the load balancer.", "title": "Enabled", "type": "boolean" }, "S3BucketName": { "markdownDescription": "The name of the Amazon S3 bucket where the access logs are stored.", "title": "S3BucketName", "type": "string" }, "S3BucketPrefix": { "markdownDescription": "The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket.", "title": "S3BucketPrefix", "type": "string" } }, "required": [ "Enabled", "S3BucketName" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.AppCookieStickinessPolicy": { "additionalProperties": false, "properties": { "CookieName": { "markdownDescription": "The name of the application cookie used for stickiness.", "title": "CookieName", "type": "string" }, "PolicyName": { "markdownDescription": "The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer.", "title": "PolicyName", "type": "string" } }, "required": [ "CookieName", "PolicyName" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionDrainingPolicy": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether connection draining is enabled for the load balancer.", "title": "Enabled", "type": "boolean" }, "Timeout": { "markdownDescription": "The maximum time, in seconds, to keep the existing connections open before deregistering the instances.", "title": "Timeout", "type": "number" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.ConnectionSettings": { "additionalProperties": false, "properties": { "IdleTimeout": { "markdownDescription": "The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer.", "title": "IdleTimeout", "type": "number" } }, "required": [ "IdleTimeout" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.HealthCheck": { "additionalProperties": false, "properties": { "HealthyThreshold": { "markdownDescription": "The number of consecutive health checks successes required before moving the instance to the `Healthy` state.", "title": "HealthyThreshold", "type": "string" }, "Interval": { "markdownDescription": "The approximate interval, in seconds, between health checks of an individual instance.", "title": "Interval", "type": "string" }, "Target": { "markdownDescription": "The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535.\n\nTCP is the default, specified as a TCP: port pair, for example \"TCP:5000\". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy.\n\nSSL is also specified as SSL: port pair, for example, SSL:5000.\n\nFor HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example \"HTTP:80/weather/us/wa/seattle\". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than \"200 OK\" within the timeout period is considered unhealthy.\n\nThe total length of the HTTP ping target must be 1024 16-bit Unicode characters or less.", "title": "Target", "type": "string" }, "Timeout": { "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check.\n\nThis value must be less than the `Interval` value.", "title": "Timeout", "type": "string" }, "UnhealthyThreshold": { "markdownDescription": "The number of consecutive health check failures required before moving the instance to the `Unhealthy` state.", "title": "UnhealthyThreshold", "type": "string" } }, "required": [ "HealthyThreshold", "Interval", "Target", "Timeout", "UnhealthyThreshold" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.LBCookieStickinessPolicy": { "additionalProperties": false, "properties": { "CookieExpirationPeriod": { "markdownDescription": "The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session.", "title": "CookieExpirationPeriod", "type": "string" }, "PolicyName": { "markdownDescription": "The name of the policy. This name must be unique within the set of policies for this load balancer.", "title": "PolicyName", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.Listeners": { "additionalProperties": false, "properties": { "InstancePort": { "markdownDescription": "The port on which the instance is listening.", "title": "InstancePort", "type": "string" }, "InstanceProtocol": { "markdownDescription": "The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL.\n\nIf the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure.\n\nIf there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP.", "title": "InstanceProtocol", "type": "string" }, "LoadBalancerPort": { "markdownDescription": "The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535.", "title": "LoadBalancerPort", "type": "string" }, "PolicyNames": { "items": { "type": "string" }, "markdownDescription": "The names of the policies to associate with the listener.", "title": "PolicyNames", "type": "array" }, "Protocol": { "markdownDescription": "The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL.", "title": "Protocol", "type": "string" }, "SSLCertificateId": { "markdownDescription": "The Amazon Resource Name (ARN) of the server certificate.", "title": "SSLCertificateId", "type": "string" } }, "required": [ "InstancePort", "LoadBalancerPort", "Protocol" ], "type": "object" }, "AWS::ElasticLoadBalancing::LoadBalancer.Policies": { "additionalProperties": false, "properties": { "Attributes": { "items": { "type": "object" }, "markdownDescription": "The policy attributes.", "title": "Attributes", "type": "array" }, "InstancePorts": { "items": { "type": "string" }, "markdownDescription": "The instance ports for the policy. Required only for some policy types.", "title": "InstancePorts", "type": "array" }, "LoadBalancerPorts": { "items": { "type": "string" }, "markdownDescription": "The load balancer ports for the policy. Required only for some policy types.", "title": "LoadBalancerPorts", "type": "array" }, "PolicyName": { "markdownDescription": "The name of the policy.", "title": "PolicyName", "type": "string" }, "PolicyType": { "markdownDescription": "The name of the policy type.", "title": "PolicyType", "type": "string" } }, "required": [ "Attributes", "PolicyName", "PolicyType" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlpnPolicy": { "items": { "type": "string" }, "markdownDescription": "[TLS listener] The name of the Application-Layer Protocol Negotiation (ALPN) policy.", "title": "AlpnPolicy", "type": "array" }, "Certificates": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Certificate" }, "markdownDescription": "The default SSL server certificate for a secure listener. You must provide exactly one certificate if the listener protocol is HTTPS or TLS.\n\nTo create a certificate list for a secure listener, use [AWS::ElasticLoadBalancingV2::ListenerCertificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenercertificate.html) .", "title": "Certificates", "type": "array" }, "DefaultActions": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.Action" }, "markdownDescription": "The actions for the default rule. You cannot define a condition for a default rule.\n\nTo create additional rules for an Application Load Balancer, use [AWS::ElasticLoadBalancingV2::ListenerRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-listenerrule.html) .", "title": "DefaultActions", "type": "array" }, "LoadBalancerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the load balancer.", "title": "LoadBalancerArn", "type": "string" }, "MutualAuthentication": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication", "markdownDescription": "The mutual authentication configuration information.", "title": "MutualAuthentication" }, "Port": { "markdownDescription": "The port on which the load balancer is listening. You cannot specify a port for a Gateway Load Balancer.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol for connections from clients to the load balancer. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, and TCP_UDP. You can\u2019t specify the UDP or TCP_UDP protocol if dual-stack mode is enabled. You cannot specify a protocol for a Gateway Load Balancer.", "title": "Protocol", "type": "string" }, "SslPolicy": { "markdownDescription": "[HTTPS and TLS listeners] The security policy that defines which protocols and ciphers are supported.\n\nUpdating the security policy can result in interruptions if the load balancer is handling a high volume of traffic.\n\nFor more information, see [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies) in the *Application Load Balancers Guide* and [Security policies](https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies) in the *Network Load Balancers Guide* .", "title": "SslPolicy", "type": "string" } }, "required": [ "DefaultActions", "LoadBalancerArn" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::Listener" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.Action": { "additionalProperties": false, "properties": { "AuthenticateCognitoConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig", "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", "title": "AuthenticateCognitoConfig" }, "AuthenticateOidcConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig", "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", "title": "AuthenticateOidcConfig" }, "FixedResponseConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig", "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", "title": "FixedResponseConfig" }, "ForwardConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.ForwardConfig", "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", "title": "ForwardConfig" }, "Order": { "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", "title": "Order", "type": "number" }, "RedirectConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.RedirectConfig", "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", "title": "RedirectConfig" }, "TargetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", "title": "TargetGroupArn", "type": "string" }, "Type": { "markdownDescription": "The type of action.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { "AuthenticationRequestExtraParams": { "additionalProperties": true, "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AuthenticationRequestExtraParams", "type": "object" }, "OnUnauthenticatedRequest": { "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", "title": "OnUnauthenticatedRequest", "type": "string" }, "Scope": { "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", "title": "Scope", "type": "string" }, "SessionCookieName": { "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", "title": "SessionCookieName", "type": "string" }, "SessionTimeout": { "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", "title": "SessionTimeout", "type": "string" }, "UserPoolArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", "title": "UserPoolArn", "type": "string" }, "UserPoolClientId": { "markdownDescription": "The ID of the Amazon Cognito user pool client.", "title": "UserPoolClientId", "type": "string" }, "UserPoolDomain": { "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", "title": "UserPoolDomain", "type": "string" } }, "required": [ "UserPoolArn", "UserPoolClientId", "UserPoolDomain" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { "AuthenticationRequestExtraParams": { "additionalProperties": true, "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AuthenticationRequestExtraParams", "type": "object" }, "AuthorizationEndpoint": { "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "AuthorizationEndpoint", "type": "string" }, "ClientId": { "markdownDescription": "The OAuth 2.0 client identifier.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", "title": "ClientSecret", "type": "string" }, "Issuer": { "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "Issuer", "type": "string" }, "OnUnauthenticatedRequest": { "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", "title": "OnUnauthenticatedRequest", "type": "string" }, "Scope": { "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", "title": "Scope", "type": "string" }, "SessionCookieName": { "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", "title": "SessionCookieName", "type": "string" }, "SessionTimeout": { "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", "title": "SessionTimeout", "type": "string" }, "TokenEndpoint": { "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "TokenEndpoint", "type": "string" }, "UseExistingClientSecret": { "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", "title": "UseExistingClientSecret", "type": "boolean" }, "UserInfoEndpoint": { "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "UserInfoEndpoint", "type": "string" } }, "required": [ "AuthorizationEndpoint", "ClientId", "Issuer", "TokenEndpoint", "UserInfoEndpoint" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.Certificate": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", "title": "CertificateArn", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.FixedResponseConfig": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", "title": "ContentType", "type": "string" }, "MessageBody": { "markdownDescription": "The message.", "title": "MessageBody", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.ForwardConfig": { "additionalProperties": false, "properties": { "TargetGroupStickinessConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig", "markdownDescription": "Information about the target group stickiness for a rule.", "title": "TargetGroupStickinessConfig" }, "TargetGroups": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple" }, "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", "title": "TargetGroups", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.MutualAuthentication": { "additionalProperties": false, "properties": { "IgnoreClientCertificateExpiry": { "markdownDescription": "Indicates whether expired client certificates are ignored.", "title": "IgnoreClientCertificateExpiry", "type": "boolean" }, "Mode": { "markdownDescription": "The client certificate handling method. Options are `off` , `passthrough` or `verify` . The default value is `off` .", "title": "Mode", "type": "string" }, "TrustStoreArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", "title": "TrustStoreArn", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.RedirectConfig": { "additionalProperties": false, "properties": { "Host": { "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", "title": "Host", "type": "string" }, "Path": { "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", "title": "Path", "type": "string" }, "Port": { "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", "title": "Port", "type": "string" }, "Protocol": { "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP.", "title": "Protocol", "type": "string" }, "Query": { "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", "title": "Query", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { "DurationSeconds": { "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).", "title": "DurationSeconds", "type": "number" }, "Enabled": { "markdownDescription": "Indicates whether target group stickiness is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::Listener.TargetGroupTuple": { "additionalProperties": false, "properties": { "TargetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", "title": "TargetGroupArn", "type": "string" }, "Weight": { "markdownDescription": "The weight. The range is 0 to 999.", "title": "Weight", "type": "number" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerCertificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Certificates": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate" }, "markdownDescription": "The certificate. You can specify one certificate per resource.", "title": "Certificates", "type": "array" }, "ListenerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", "title": "ListenerArn", "type": "string" } }, "required": [ "Certificates", "ListenerArn" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::ListenerCertificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerCertificate.Certificate": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", "title": "CertificateArn", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.Action" }, "markdownDescription": "The actions.\n\nThe rule must include exactly one of the following types of actions: `forward` , `fixed-response` , or `redirect` , and it must be the last action to be performed. If the rule is for an HTTPS listener, it can also optionally include an authentication action.", "title": "Actions", "type": "array" }, "Conditions": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition" }, "markdownDescription": "The conditions.\n\nThe rule can optionally include up to one of each of the following conditions: `http-request-method` , `host-header` , `path-pattern` , and `source-ip` . A rule can also optionally include one or more of each of the following conditions: `http-header` and `query-string` .", "title": "Conditions", "type": "array" }, "ListenerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", "title": "ListenerArn", "type": "string" }, "Priority": { "markdownDescription": "The rule priority. A listener can't have multiple rules with the same priority.\n\nIf you try to reorder rules by updating their priorities, do not specify a new priority if an existing rule already uses this priority, as this can cause an error. If you need to reuse a priority with a different rule, you must remove it as a priority first, and then specify it in a subsequent update.", "title": "Priority", "type": "number" } }, "required": [ "Actions", "Conditions", "Priority" ], "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::ListenerRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.Action": { "additionalProperties": false, "properties": { "AuthenticateCognitoConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig", "markdownDescription": "[HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when `Type` is `authenticate-cognito` .", "title": "AuthenticateCognitoConfig" }, "AuthenticateOidcConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig", "markdownDescription": "[HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when `Type` is `authenticate-oidc` .", "title": "AuthenticateOidcConfig" }, "FixedResponseConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig", "markdownDescription": "[Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when `Type` is `fixed-response` .", "title": "FixedResponseConfig" }, "ForwardConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig", "markdownDescription": "Information for creating an action that distributes requests among one or more target groups. For Network Load Balancers, you can specify a single target group. Specify only when `Type` is `forward` . If you specify both `ForwardConfig` and `TargetGroupArn` , you can specify only one target group using `ForwardConfig` and it must be the same target group specified in `TargetGroupArn` .", "title": "ForwardConfig" }, "Order": { "markdownDescription": "The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first.", "title": "Order", "type": "number" }, "RedirectConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig", "markdownDescription": "[Application Load Balancer] Information for creating a redirect action. Specify only when `Type` is `redirect` .", "title": "RedirectConfig" }, "TargetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target group. Specify only when `Type` is `forward` and you want to route to a single target group. To route to one or more target groups, use `ForwardConfig` instead.", "title": "TargetGroupArn", "type": "string" }, "Type": { "markdownDescription": "The type of action.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateCognitoConfig": { "additionalProperties": false, "properties": { "AuthenticationRequestExtraParams": { "additionalProperties": true, "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AuthenticationRequestExtraParams", "type": "object" }, "OnUnauthenticatedRequest": { "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", "title": "OnUnauthenticatedRequest", "type": "string" }, "Scope": { "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", "title": "Scope", "type": "string" }, "SessionCookieName": { "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", "title": "SessionCookieName", "type": "string" }, "SessionTimeout": { "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", "title": "SessionTimeout", "type": "number" }, "UserPoolArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Cognito user pool.", "title": "UserPoolArn", "type": "string" }, "UserPoolClientId": { "markdownDescription": "The ID of the Amazon Cognito user pool client.", "title": "UserPoolClientId", "type": "string" }, "UserPoolDomain": { "markdownDescription": "The domain prefix or fully-qualified domain name of the Amazon Cognito user pool.", "title": "UserPoolDomain", "type": "string" } }, "required": [ "UserPoolArn", "UserPoolClientId", "UserPoolDomain" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.AuthenticateOidcConfig": { "additionalProperties": false, "properties": { "AuthenticationRequestExtraParams": { "additionalProperties": true, "markdownDescription": "The query parameters (up to 10) to include in the redirect request to the authorization endpoint.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AuthenticationRequestExtraParams", "type": "object" }, "AuthorizationEndpoint": { "markdownDescription": "The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "AuthorizationEndpoint", "type": "string" }, "ClientId": { "markdownDescription": "The OAuth 2.0 client identifier.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set `UseExistingClientSecret` to true.", "title": "ClientSecret", "type": "string" }, "Issuer": { "markdownDescription": "The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "Issuer", "type": "string" }, "OnUnauthenticatedRequest": { "markdownDescription": "The behavior if the user is not authenticated. The following are possible values:\n\n- deny `` - Return an HTTP 401 Unauthorized error.\n- allow `` - Allow the request to be forwarded to the target.\n- authenticate `` - Redirect the request to the IdP authorization endpoint. This is the default value.", "title": "OnUnauthenticatedRequest", "type": "string" }, "Scope": { "markdownDescription": "The set of user claims to be requested from the IdP. The default is `openid` .\n\nTo verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP.", "title": "Scope", "type": "string" }, "SessionCookieName": { "markdownDescription": "The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie.", "title": "SessionCookieName", "type": "string" }, "SessionTimeout": { "markdownDescription": "The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days).", "title": "SessionTimeout", "type": "number" }, "TokenEndpoint": { "markdownDescription": "The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "TokenEndpoint", "type": "string" }, "UseExistingClientSecret": { "markdownDescription": "Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false.", "title": "UseExistingClientSecret", "type": "boolean" }, "UserInfoEndpoint": { "markdownDescription": "The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path.", "title": "UserInfoEndpoint", "type": "string" } }, "required": [ "AuthorizationEndpoint", "ClientId", "Issuer", "TokenEndpoint", "UserInfoEndpoint" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.FixedResponseConfig": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type.\n\nValid Values: text/plain | text/css | text/html | application/javascript | application/json", "title": "ContentType", "type": "string" }, "MessageBody": { "markdownDescription": "The message.", "title": "MessageBody", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP response code (2XX, 4XX, or 5XX).", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.ForwardConfig": { "additionalProperties": false, "properties": { "TargetGroupStickinessConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig", "markdownDescription": "Information about the target group stickiness for a rule.", "title": "TargetGroupStickinessConfig" }, "TargetGroups": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple" }, "markdownDescription": "Information about how traffic will be distributed between multiple target groups in a forward rule.", "title": "TargetGroups", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The host names. The maximum size of each name is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the host name.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig": { "additionalProperties": false, "properties": { "HttpHeaderName": { "markdownDescription": "The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported.", "title": "HttpHeaderName", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The strings to compare against the value of the HTTP header. The maximum size of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf the same header appears multiple times in the request, we search them in order until a match is found.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The name of the request method. The maximum size is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match.\n\nIf you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character).\n\nIf you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue" }, "markdownDescription": "The key/value pairs or values to find in the query string. The maximum size of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in `Values` using a '\\' character.\n\nIf you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringKeyValue": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key. You can omit the key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.RedirectConfig": { "additionalProperties": false, "properties": { "Host": { "markdownDescription": "The hostname. This component is not percent-encoded. The hostname can contain #{host}.", "title": "Host", "type": "string" }, "Path": { "markdownDescription": "The absolute path, starting with the leading \"/\". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}.", "title": "Path", "type": "string" }, "Port": { "markdownDescription": "The port. You can specify a value from 1 to 65535 or #{port}.", "title": "Port", "type": "string" }, "Protocol": { "markdownDescription": "The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You cannot redirect HTTPS to HTTP.", "title": "Protocol", "type": "string" }, "Query": { "markdownDescription": "The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading \"?\", as it is automatically added. You can specify any of the reserved keywords.", "title": "Query", "type": "string" }, "StatusCode": { "markdownDescription": "The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302).", "title": "StatusCode", "type": "string" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.RuleCondition": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The field in the HTTP request. The following are the possible values:\n\n- `http-header`\n- `http-request-method`\n- `host-header`\n- `path-pattern`\n- `query-string`\n- `source-ip`", "title": "Field", "type": "string" }, "HostHeaderConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HostHeaderConfig", "markdownDescription": "Information for a host header condition. Specify only when `Field` is `host-header` .", "title": "HostHeaderConfig" }, "HttpHeaderConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpHeaderConfig", "markdownDescription": "Information for an HTTP header condition. Specify only when `Field` is `http-header` .", "title": "HttpHeaderConfig" }, "HttpRequestMethodConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.HttpRequestMethodConfig", "markdownDescription": "Information for an HTTP method condition. Specify only when `Field` is `http-request-method` .", "title": "HttpRequestMethodConfig" }, "PathPatternConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.PathPatternConfig", "markdownDescription": "Information for a path pattern condition. Specify only when `Field` is `path-pattern` .", "title": "PathPatternConfig" }, "QueryStringConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.QueryStringConfig", "markdownDescription": "Information for a query string condition. Specify only when `Field` is `query-string` .", "title": "QueryStringConfig" }, "SourceIpConfig": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig", "markdownDescription": "Information for a source IP condition. Specify only when `Field` is `source-ip` .", "title": "SourceIpConfig" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The condition value. Specify only when `Field` is `host-header` or `path-pattern` . Alternatively, to specify multiple host names or multiple path patterns, use `HostHeaderConfig` or `PathPatternConfig` .\n\nIf `Field` is `host-header` and you're not using `HostHeaderConfig` , you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- - .\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)\n\nIf `Field` is `path-pattern` and you're not using `PathPatternConfig` , you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters.\n\n- A-Z, a-z, 0-9\n- _ - . $ / ~ \" ' @ : +\n- & (using &)\n- * (matches 0 or more characters)\n- ? (matches exactly 1 character)", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.SourceIpConfig": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported.\n\nIf you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupStickinessConfig": { "additionalProperties": false, "properties": { "DurationSeconds": { "markdownDescription": "The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days).", "title": "DurationSeconds", "type": "number" }, "Enabled": { "markdownDescription": "Indicates whether target group stickiness is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::ListenerRule.TargetGroupTuple": { "additionalProperties": false, "properties": { "TargetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target group.", "title": "TargetGroupArn", "type": "string" }, "Weight": { "markdownDescription": "The weight. The range is 0 to 999.", "title": "Weight", "type": "number" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic": { "markdownDescription": "Indicates whether to evaluate inbound security group rules for traffic sent to a Network Load Balancer through AWS PrivateLink .", "title": "EnforceSecurityGroupInboundRulesOnPrivateLinkTraffic", "type": "string" }, "IpAddressType": { "markdownDescription": "Note: Internal load balancers must use the `ipv4` IP address type.\n\n[Application Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses), `dualstack` (for IPv4 and IPv6 addresses), and `dualstack-without-public-ipv4` (for IPv6 only public addresses, with private IPv4 and IPv6 addresses).\n\nNote: Application Load Balancer authentication only supports IPv4 addresses when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors.\n\n[Network Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses) and `dualstack` (for IPv4 and IPv6 addresses). You can\u2019t specify `dualstack` for a load balancer with a UDP or TCP_UDP listener.\n\n[Gateway Load Balancers] The IP address type. The possible values are `ipv4` (for only IPv4 addresses) and `dualstack` (for IPv4 and IPv6 addresses).", "title": "IpAddressType", "type": "string" }, "LoadBalancerAttributes": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute" }, "markdownDescription": "The load balancer attributes.", "title": "LoadBalancerAttributes", "type": "array" }, "Name": { "markdownDescription": "The name of the load balancer. This name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, must not begin or end with a hyphen, and must not begin with \"internal-\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID for the load balancer. If you specify a name, you cannot perform updates that require replacement of this resource, but you can perform other updates. To replace the resource, specify a new name.", "title": "Name", "type": "string" }, "Scheme": { "markdownDescription": "The nodes of an Internet-facing load balancer have public IP addresses. The DNS name of an Internet-facing load balancer is publicly resolvable to the public IP addresses of the nodes. Therefore, Internet-facing load balancers can route requests from clients over the internet.\n\nThe nodes of an internal load balancer have only private IP addresses. The DNS name of an internal load balancer is publicly resolvable to the private IP addresses of the nodes. Therefore, internal load balancers can route requests only from clients with access to the VPC for the load balancer.\n\nThe default is an Internet-facing load balancer.\n\nYou cannot specify a scheme for a Gateway Load Balancer.", "title": "Scheme", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "[Application Load Balancers and Network Load Balancers] The IDs of the security groups for the load balancer.", "title": "SecurityGroups", "type": "array" }, "SubnetMappings": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping" }, "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones. You cannot specify Elastic IP addresses for your subnets.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones. You can specify one Elastic IP address per subnet if you need static IP addresses for your internet-facing load balancer. For internal load balancers, you can specify one private IP address per subnet from the IPv4 range of the subnet. For internet-facing load balancer, you can specify one IPv6 address per subnet.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones. You cannot specify Elastic IP addresses for your subnets.", "title": "SubnetMappings", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets. You can specify only one subnet per Availability Zone. You must specify either subnets or subnet mappings, but not both. To specify an Elastic IP address, specify subnet mappings instead of subnets.\n\n[Application Load Balancers] You must specify subnets from at least two Availability Zones.\n\n[Application Load Balancers on Outposts] You must specify one Outpost subnet.\n\n[Application Load Balancers on Local Zones] You can specify subnets from one or more Local Zones.\n\n[Network Load Balancers] You can specify subnets from one or more Availability Zones.\n\n[Gateway Load Balancers] You can specify subnets from one or more Availability Zones.", "title": "Subnets", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the load balancer.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of load balancer. The default is `application` .", "title": "Type", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::LoadBalancer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::LoadBalancer.LoadBalancerAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deletion_protection.enabled` - Indicates whether deletion protection is enabled. The value is `true` or `false` . The default is `false` .\n- `load_balancing.cross_zone.enabled` - Indicates whether cross-zone load balancing is enabled. The possible values are `true` and `false` . The default for Network Load Balancers and Gateway Load Balancers is `false` . The default for Application Load Balancers is `true` , and cannot be changed.\n\nThe following attributes are supported by both Application Load Balancers and Network Load Balancers:\n\n- `access_logs.s3.enabled` - Indicates whether access logs are enabled. The value is `true` or `false` . The default is `false` .\n- `access_logs.s3.bucket` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `access_logs.s3.prefix` - The prefix for the location in the S3 bucket for the access logs.\n- `ipv6.deny_all_igw_traffic` - Blocks internet gateway (IGW) access to the load balancer. It is set to `false` for internet-facing load balancers and `true` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway.\n\nThe following attributes are supported by only Application Load Balancers:\n\n- `idle_timeout.timeout_seconds` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds.\n- `client_keep_alive.seconds` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds.\n- `connection_logs.s3.enabled` - Indicates whether connection logs are enabled. The value is `true` or `false` . The default is `false` .\n- `connection_logs.s3.bucket` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket.\n- `connection_logs.s3.prefix` - The prefix for the location in the S3 bucket for the connection logs.\n- `routing.http.desync_mitigation_mode` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are `monitor` , `defensive` , and `strictest` . The default is `defensive` .\n- `routing.http.drop_invalid_header_fields.enabled` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer ( `true` ) or routed to targets ( `false` ). The default is `false` .\n- `routing.http.preserve_host_header.enabled` - Indicates whether the Application Load Balancer should preserve the `Host` header in the HTTP request and send it to the target without any change. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.x_amzn_tls_version_and_cipher_suite.enabled` - Indicates whether the two headers ( `x-amzn-tls-version` and `x-amzn-tls-cipher-suite` ), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The `x-amzn-tls-version` header has information about the TLS protocol version negotiated with the client, and the `x-amzn-tls-cipher-suite` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are `true` and `false` . The default is `false` .\n- `routing.http.xff_client_port.enabled` - Indicates whether the `X-Forwarded-For` header should preserve the source port that the client used to connect to the load balancer. The possible values are `true` and `false` . The default is `false` .\n- `routing.http.xff_header_processing.mode` - Enables you to modify, preserve, or remove the `X-Forwarded-For` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are `append` , `preserve` , and `remove` . The default is `append` .\n\n- If the value is `append` , the Application Load Balancer adds the client IP address (of the last hop) to the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- If the value is `preserve` the Application Load Balancer preserves the `X-Forwarded-For` header in the HTTP request, and sends it to targets without any change.\n- If the value is `remove` , the Application Load Balancer removes the `X-Forwarded-For` header in the HTTP request before it sends it to targets.\n- `routing.http2.enabled` - Indicates whether HTTP/2 is enabled. The possible values are `true` and `false` . The default is `true` . Elastic Load Balancing requires that message header names contain only alphanumeric characters and hyphens.\n- `waf.fail_open.enabled` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are `true` and `false` . The default is `false` .\n\nThe following attributes are supported by only Network Load Balancers:\n\n- `dns_record.client_routing_policy` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are `availability_zone_affinity` with 100 percent zonal affinity, `partial_availability_zone_affinity` with 85 percent zonal affinity, and `any_availability_zone` with 0 percent zonal affinity.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the attribute.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::LoadBalancer.SubnetMapping": { "additionalProperties": false, "properties": { "AllocationId": { "markdownDescription": "[Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer.", "title": "AllocationId", "type": "string" }, "IPv6Address": { "markdownDescription": "[Network Load Balancers] The IPv6 address.", "title": "IPv6Address", "type": "string" }, "PrivateIPv4Address": { "markdownDescription": "[Network Load Balancers] The private IPv4 address for an internal load balancer.", "title": "PrivateIPv4Address", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet.", "title": "SubnetId", "type": "string" } }, "required": [ "SubnetId" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HealthCheckEnabled": { "markdownDescription": "Indicates whether health checks are enabled. If the target type is `lambda` , health checks are disabled by default but can be enabled. If the target type is `instance` , `ip` , or `alb` , health checks are always enabled and cannot be disabled.", "title": "HealthCheckEnabled", "type": "boolean" }, "HealthCheckIntervalSeconds": { "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5-300. If the target group protocol is TCP, TLS, UDP, TCP_UDP, HTTP or HTTPS, the default is 30 seconds. If the target group protocol is GENEVE, the default is 10 seconds. If the target type is `lambda` , the default is 35 seconds.", "title": "HealthCheckIntervalSeconds", "type": "number" }, "HealthCheckPath": { "markdownDescription": "[HTTP/HTTPS health checks] The destination for health checks on the targets.\n\n[HTTP1 or HTTP2 protocol version] The ping path. The default is /.\n\n[GRPC protocol version] The path of a custom health check method with the format /package.service/method. The default is / AWS .ALB/healthcheck.", "title": "HealthCheckPath", "type": "string" }, "HealthCheckPort": { "markdownDescription": "The port the load balancer uses when performing health checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS, UDP, or TCP_UDP, the default is `traffic-port` , which is the port on which each target receives traffic from the load balancer. If the protocol is GENEVE, the default is port 80.", "title": "HealthCheckPort", "type": "string" }, "HealthCheckProtocol": { "markdownDescription": "The protocol the load balancer uses when performing health checks on targets. For Application Load Balancers, the default is HTTP. For Network Load Balancers and Gateway Load Balancers, the default is TCP. The TCP protocol is not supported for health checks if the protocol of the target group is HTTP or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not supported for health checks.", "title": "HealthCheckProtocol", "type": "string" }, "HealthCheckTimeoutSeconds": { "markdownDescription": "The amount of time, in seconds, during which no response from a target means a failed health check. The range is 2\u2013120 seconds. For target groups with a protocol of HTTP, the default is 6 seconds. For target groups with a protocol of TCP, TLS or HTTPS, the default is 10 seconds. For target groups with a protocol of GENEVE, the default is 5 seconds. If the target type is `lambda` , the default is 30 seconds.", "title": "HealthCheckTimeoutSeconds", "type": "number" }, "HealthyThresholdCount": { "markdownDescription": "The number of consecutive health check successes required before considering a target healthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 5. For target groups with a protocol of GENEVE, the default is 5. If the target type is `lambda` , the default is 5.", "title": "HealthyThresholdCount", "type": "number" }, "IpAddressType": { "markdownDescription": "The type of IP address used for this target group. The possible values are `ipv4` and `ipv6` . This is an optional parameter. If not specified, the IP address type defaults to `ipv4` .", "title": "IpAddressType", "type": "string" }, "Matcher": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.Matcher", "markdownDescription": "[HTTP/HTTPS health checks] The HTTP or gRPC codes to use when checking for a successful response from a target. For target groups with a protocol of TCP, TCP_UDP, UDP or TLS the range is 200-599. For target groups with a protocol of HTTP or HTTPS, the range is 200-499. For target groups with a protocol of GENEVE, the range is 200-399.", "title": "Matcher" }, "Name": { "markdownDescription": "The name of the target group.\n\nThis name must be unique per region per account, can have a maximum of 32 characters, must contain only alphanumeric characters or hyphens, and must not begin or end with a hyphen.", "title": "Name", "type": "string" }, "Port": { "markdownDescription": "The port on which the targets receive traffic. This port is used unless you specify a port override when registering the target. If the target is a Lambda function, this parameter does not apply. If the protocol is GENEVE, the supported port is 6081.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol to use for routing traffic to the targets. For Application Load Balancers, the supported protocols are HTTP and HTTPS. For Network Load Balancers, the supported protocols are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the supported protocol is GENEVE. A TCP_UDP listener must be associated with a TCP_UDP target group. If the target is a Lambda function, this parameter does not apply.", "title": "Protocol", "type": "string" }, "ProtocolVersion": { "markdownDescription": "[HTTP/HTTPS protocol] The protocol version. The possible values are `GRPC` , `HTTP1` , and `HTTP2` .", "title": "ProtocolVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags.", "title": "Tags", "type": "array" }, "TargetGroupAttributes": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute" }, "markdownDescription": "The attributes.", "title": "TargetGroupAttributes", "type": "array" }, "TargetType": { "markdownDescription": "The type of target that you must specify when registering targets with this target group. You can't specify targets for a target group using more than one target type.\n\n- `instance` - Register targets by instance ID. This is the default value.\n- `ip` - Register targets by IP address. You can specify IP addresses from the subnets of the virtual private cloud (VPC) for the target group, the RFC 1918 range (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range (100.64.0.0/10). You can't specify publicly routable IP addresses.\n- `lambda` - Register a single Lambda function as a target.\n- `alb` - Register a single Application Load Balancer as a target.", "title": "TargetType", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription" }, "markdownDescription": "The targets.", "title": "Targets", "type": "array" }, "UnhealthyThresholdCount": { "markdownDescription": "The number of consecutive health check failures required before considering a target unhealthy. The range is 2-10. If the target group protocol is TCP, TCP_UDP, UDP, TLS, HTTP or HTTPS, the default is 2. For target groups with a protocol of GENEVE, the default is 2. If the target type is `lambda` , the default is 5.", "title": "UnhealthyThresholdCount", "type": "number" }, "VpcId": { "markdownDescription": "The identifier of the virtual private cloud (VPC). If the target is a Lambda function, this parameter does not apply. Otherwise, this parameter is required.", "title": "VpcId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::TargetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::TargetGroup.Matcher": { "additionalProperties": false, "properties": { "GrpcCode": { "markdownDescription": "You can specify values between 0 and 99. You can specify multiple values (for example, \"0,1\") or a range of values (for example, \"0-5\"). The default value is 12.", "title": "GrpcCode", "type": "string" }, "HttpCode": { "markdownDescription": "For Application Load Balancers, you can specify values between 200 and 499, with the default value being 200. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Network Load Balancers, you can specify values between 200 and 599, with the default value being 200-399. You can specify multiple values (for example, \"200,202\") or a range of values (for example, \"200-299\").\n\nFor Gateway Load Balancers, this must be \"200\u2013399\".\n\nNote that when using shorthand syntax, some values such as commas need to be escaped.", "title": "HttpCode", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::TargetGroup.TargetDescription": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "An Availability Zone or `all` . This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer.\n\nFor Application Load Balancer target groups, the specified Availability Zone value is only applicable when cross-zone load balancing is off. Otherwise the parameter is ignored and treated as `all` .\n\nThis parameter is not supported if the target type of the target group is `instance` or `alb` .\n\nIf the target type is `ip` and the IP address is in a subnet of the VPC for the target group, the Availability Zone is automatically detected and this parameter is optional. If the IP address is outside the VPC, this parameter is required.\n\nFor Application Load Balancer target groups with cross-zone load balancing off, if the target type is `ip` and the IP address is outside of the VPC for the target group, this should be an Availability Zone inside the VPC for the target group.\n\nIf the target type is `lambda` , this parameter is optional and the only supported value is `all` .", "title": "AvailabilityZone", "type": "string" }, "Id": { "markdownDescription": "The ID of the target. If the target type of the target group is `instance` , specify an instance ID. If the target type is `ip` , specify an IP address. If the target type is `lambda` , specify the ARN of the Lambda function. If the target type is `alb` , specify the ARN of the Application Load Balancer target.", "title": "Id", "type": "string" }, "Port": { "markdownDescription": "The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is `alb` , the targeted Application Load Balancer must have at least one listener whose port matches the target group port. This parameter is not used if the target is a Lambda function.", "title": "Port", "type": "number" } }, "required": [ "Id" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::TargetGroup.TargetGroupAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of the attribute.\n\nThe following attributes are supported by all load balancers:\n\n- `deregistration_delay.timeout_seconds` - The amount of time, in seconds, for Elastic Load Balancing to wait before changing the state of a deregistering target from `draining` to `unused` . The range is 0-3600 seconds. The default value is 300 seconds. If the target is a Lambda function, this attribute is not supported.\n- `stickiness.enabled` - Indicates whether target stickiness is enabled. The value is `true` or `false` . The default is `false` .\n- `stickiness.type` - Indicates the type of stickiness. The possible values are:\n\n- `lb_cookie` and `app_cookie` for Application Load Balancers.\n- `source_ip` for Network Load Balancers.\n- `source_ip_dest_ip` and `source_ip_dest_ip_proto` for Gateway Load Balancers.\n\nThe following attributes are supported by Application Load Balancers and Network Load Balancers:\n\n- `load_balancing.cross_zone.enabled` - Indicates whether cross zone load balancing is enabled. The value is `true` , `false` or `use_load_balancer_configuration` . The default is `use_load_balancer_configuration` .\n- `target_group_health.dns_failover.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to the maximum number of targets. The default is `off` .\n- `target_group_health.dns_failover.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, mark the zone as unhealthy in DNS, so that traffic is routed only to healthy zones. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.count` - The minimum number of targets that must be healthy. If the number of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are 1 to the maximum number of targets. The default is 1.\n- `target_group_health.unhealthy_state_routing.minimum_healthy_targets.percentage` - The minimum percentage of targets that must be healthy. If the percentage of healthy targets is below this value, send traffic to all targets, including unhealthy targets. The possible values are `off` or an integer from 1 to 100. The default is `off` .\n\nThe following attributes are supported only if the load balancer is an Application Load Balancer and the target is an instance or an IP address:\n\n- `load_balancing.algorithm.type` - The load balancing algorithm determines how the load balancer selects targets when routing requests. The value is `round_robin` , `least_outstanding_requests` , or `weighted_random` . The default is `round_robin` .\n- `load_balancing.algorithm.anomaly_mitigation` - Only available when `load_balancing.algorithm.type` is `weighted_random` . Indicates whether anomaly mitigation is enabled. The value is `on` or `off` . The default is `off` .\n- `slow_start.duration_seconds` - The time period, in seconds, during which a newly registered target receives an increasing share of the traffic to the target group. After this time period ends, the target receives its full share of traffic. The range is 30-900 seconds (15 minutes). The default is 0 seconds (disabled).\n- `stickiness.app_cookie.cookie_name` - Indicates the name of the application-based cookie. Names that start with the following prefixes are not allowed: `AWSALB` , `AWSALBAPP` , and `AWSALBTG` ; they're reserved for use by the load balancer.\n- `stickiness.app_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the application-based cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n- `stickiness.lb_cookie.duration_seconds` - The time period, in seconds, during which requests from a client should be routed to the same target. After this time period expires, the load balancer-generated cookie is considered stale. The range is 1 second to 1 week (604800 seconds). The default value is 1 day (86400 seconds).\n\nThe following attribute is supported only if the load balancer is an Application Load Balancer and the target is a Lambda function:\n\n- `lambda.multi_value_headers.enabled` - Indicates whether the request and response headers that are exchanged between the load balancer and the Lambda function include arrays of values or strings. The value is `true` or `false` . The default is `false` . If the value is `false` and the request contains a duplicate header field name or query parameter key, the load balancer uses the last value sent by the client.\n\nThe following attributes are supported only by Network Load Balancers:\n\n- `deregistration_delay.connection_termination.enabled` - Indicates whether the load balancer terminates connections at the end of the deregistration timeout. The value is `true` or `false` . For new UDP/TCP_UDP target groups the default is `true` . Otherwise, the default is `false` .\n- `preserve_client_ip.enabled` - Indicates whether client IP preservation is enabled. The value is `true` or `false` . The default is disabled if the target group type is IP address and the target group protocol is TCP or TLS. Otherwise, the default is enabled. Client IP preservation cannot be disabled for UDP and TCP_UDP target groups.\n- `proxy_protocol_v2.enabled` - Indicates whether Proxy Protocol version 2 is enabled. The value is `true` or `false` . The default is `false` .\n- `target_health_state.unhealthy.connection_termination.enabled` - Indicates whether the load balancer terminates connections to unhealthy targets. The value is `true` or `false` . The default is `true` .\n- `target_health_state.unhealthy.draining_interval_seconds` - The amount of time for Elastic Load Balancing to wait before changing the state of an unhealthy target from `unhealthy.draining` to `unhealthy` . The range is 0-360000 seconds. The default value is 0 seconds.\n\nNote: This attribute can only be configured when `target_health_state.unhealthy.connection_termination.enabled` is `false` .\n\nThe following attributes are supported only by Gateway Load Balancers:\n\n- `target_failover.on_deregistration` - Indicates how the Gateway Load Balancer handles existing flows when a target is deregistered. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) can't be set independently. The value you set for both attributes must be the same.\n- `target_failover.on_unhealthy` - Indicates how the Gateway Load Balancer handles existing flows when a target is unhealthy. The possible values are `rebalance` and `no_rebalance` . The default is `no_rebalance` . The two attributes ( `target_failover.on_deregistration` and `target_failover.on_unhealthy` ) cannot be set independently. The value you set for both attributes must be the same.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the attribute.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::TrustStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CaCertificatesBundleS3Bucket": { "markdownDescription": "The Amazon S3 bucket for the ca certificates bundle.", "title": "CaCertificatesBundleS3Bucket", "type": "string" }, "CaCertificatesBundleS3Key": { "markdownDescription": "The Amazon S3 path for the ca certificates bundle.", "title": "CaCertificatesBundleS3Key", "type": "string" }, "CaCertificatesBundleS3ObjectVersion": { "markdownDescription": "The Amazon S3 object version for the ca certificates bundle. If undefined the current version is used.", "title": "CaCertificatesBundleS3ObjectVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the trust store.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the trust store.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::TrustStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::TrustStoreRevocation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RevocationContents": { "items": { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent" }, "markdownDescription": "The revocation file to add.", "title": "RevocationContents", "type": "array" }, "TrustStoreArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", "title": "TrustStoreArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ElasticLoadBalancingV2::TrustStoreRevocation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.RevocationContent": { "additionalProperties": false, "properties": { "RevocationType": { "markdownDescription": "The type of revocation file.", "title": "RevocationType", "type": "string" }, "S3Bucket": { "markdownDescription": "The Amazon S3 bucket for the revocation file.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The Amazon S3 path for the revocation file.", "title": "S3Key", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "The Amazon S3 object version of the revocation file.", "title": "S3ObjectVersion", "type": "string" } }, "type": "object" }, "AWS::ElasticLoadBalancingV2::TrustStoreRevocation.TrustStoreRevocation": { "additionalProperties": false, "properties": { "NumberOfRevokedEntries": { "markdownDescription": "The number of revoked certificates.", "title": "NumberOfRevokedEntries", "type": "number" }, "RevocationId": { "markdownDescription": "The revocation ID of the revocation file.", "title": "RevocationId", "type": "string" }, "RevocationType": { "markdownDescription": "The type of revocation file.", "title": "RevocationType", "type": "string" }, "TrustStoreArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the trust store.", "title": "TrustStoreArn", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPolicies": { "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guid* e.", "title": "AccessPolicies", "type": "object" }, "AdvancedOptions": { "additionalProperties": true, "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [Advanced cluster parameters](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) in the *Amazon OpenSearch Service Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdvancedOptions", "type": "object" }, "AdvancedSecurityOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput", "markdownDescription": "Specifies options for fine-grained access control.", "title": "AdvancedSecurityOptions" }, "CognitoOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.CognitoOptions", "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", "title": "CognitoOptions" }, "DomainEndpointOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.DomainEndpointOptions", "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", "title": "DomainEndpointOptions" }, "DomainName": { "markdownDescription": "A name for the OpenSearch Service domain. For valid values, see the [DomainName](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/configuration-api.html#configuration-api-datatypes-domainname) data type in the *Amazon OpenSearch Service Developer Guide* . If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "DomainName", "type": "string" }, "EBSOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.EBSOptions", "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", "title": "EBSOptions" }, "ElasticsearchClusterConfig": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.ElasticsearchClusterConfig", "markdownDescription": "ElasticsearchClusterConfig is a property of the AWS::Elasticsearch::Domain resource that configures the cluster of an Amazon OpenSearch Service domain.", "title": "ElasticsearchClusterConfig" }, "ElasticsearchVersion": { "markdownDescription": "The version of Elasticsearch to use, such as 2.3. If not specified, 1.5 is used as the default. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `ElasticsearchVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `ElasticsearchVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "ElasticsearchVersion", "type": "string" }, "EncryptionAtRestOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.EncryptionAtRestOptions", "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .", "title": "EncryptionAtRestOptions" }, "LogPublishingOptions": { "additionalProperties": false, "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.LogPublishingOption" } }, "title": "LogPublishingOptions", "type": "object" }, "NodeToNodeEncryptionOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions", "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", "title": "NodeToNodeEncryptionOptions" }, "SnapshotOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.SnapshotOptions", "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indices.", "title": "SnapshotOptions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", "type": "array" }, "VPCOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.VPCOptions", "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .", "title": "VPCOptions" } }, "type": "object" }, "Type": { "enum": [ "AWS::Elasticsearch::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Elasticsearch::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { "AnonymousAuthEnabled": { "markdownDescription": "", "title": "AnonymousAuthEnabled", "type": "boolean" }, "Enabled": { "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption.", "title": "Enabled", "type": "boolean" }, "InternalUserDatabaseEnabled": { "markdownDescription": "True to enable the internal user database.", "title": "InternalUserDatabaseEnabled", "type": "boolean" }, "MasterUserOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.MasterUserOptions", "markdownDescription": "Specifies information about the master user.", "title": "MasterUserOptions" } }, "type": "object" }, "AWS::Elasticsearch::Domain.CognitoOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", "title": "Enabled", "type": "boolean" }, "IdentityPoolId": { "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", "title": "IdentityPoolId", "type": "string" }, "RoleArn": { "markdownDescription": "The `AmazonESCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. Required if you enable Cognito authentication.", "title": "RoleArn", "type": "string" }, "UserPoolId": { "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. Required if you enable Cognito authentication.", "title": "UserPoolId", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage in order to enable cold storage.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::Elasticsearch::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { "CustomEndpoint": { "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", "title": "CustomEndpoint", "type": "string" }, "CustomEndpointCertificateArn": { "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", "title": "CustomEndpointCertificateArn", "type": "string" }, "CustomEndpointEnabled": { "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", "title": "CustomEndpointEnabled", "type": "boolean" }, "EnforceHTTPS": { "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS.", "title": "EnforceHTTPS", "type": "boolean" }, "TLSSecurityPolicy": { "markdownDescription": "The minimum TLS version required for traffic to the domain. Valid values are TLS 1.3 (recommended) or 1.2:\n\n- `Policy-Min-TLS-1-0-2019-07`\n- `Policy-Min-TLS-1-2-2019-07`", "title": "TLSSecurityPolicy", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain.EBSOptions": { "additionalProperties": false, "properties": { "EBSEnabled": { "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", "title": "EBSEnabled", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to provisioned IOPS EBS volume types.", "title": "Iops", "type": "number" }, "VolumeSize": { "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain, such as standard, gp2, or io1. For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain.ElasticsearchClusterConfig": { "additionalProperties": false, "properties": { "ColdStorageOptions": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.ColdStorageOptions", "markdownDescription": "Specifies cold storage options for the domain.", "title": "ColdStorageOptions" }, "DedicatedMasterCount": { "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify true for the DedicatedMasterEnabled property.", "title": "DedicatedMasterCount", "type": "number" }, "DedicatedMasterEnabled": { "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", "title": "DedicatedMasterEnabled", "type": "boolean" }, "DedicatedMasterType": { "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.elasticsearch` . If you specify this property, you must specify true for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", "title": "DedicatedMasterType", "type": "string" }, "InstanceCount": { "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The instance type for your data nodes, such as `m3.medium.elasticsearch` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", "title": "InstanceType", "type": "string" }, "WarmCount": { "markdownDescription": "The number of warm nodes in the cluster. Required if you enable warm storage.", "title": "WarmCount", "type": "number" }, "WarmEnabled": { "markdownDescription": "Whether to enable warm storage for the cluster.", "title": "WarmEnabled", "type": "boolean" }, "WarmType": { "markdownDescription": "The instance type for the cluster's warm nodes. Required if you enable warm storage.", "title": "WarmType", "type": "string" }, "ZoneAwarenessConfig": { "$ref": "#/definitions/AWS::Elasticsearch::Domain.ZoneAwarenessConfig", "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", "title": "ZoneAwarenessConfig" }, "ZoneAwarenessEnabled": { "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", "title": "ZoneAwarenessEnabled", "type": "boolean" } }, "type": "object" }, "AWS::Elasticsearch::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specify `true` to enable encryption at rest.", "title": "Enabled", "type": "boolean" }, "KmsKeyId": { "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { "CloudWatchLogsLogGroupArn": { "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing for the domain.", "title": "CloudWatchLogsLogGroupArn", "type": "string" }, "Enabled": { "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::Elasticsearch::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { "MasterUserARN": { "markdownDescription": "ARN for the master user. Only specify if `InternalUserDatabaseEnabled` is false in `AdvancedSecurityOptions` .", "title": "MasterUserARN", "type": "string" }, "MasterUserName": { "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", "title": "MasterUserName", "type": "string" }, "MasterUserPassword": { "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in `AdvancedSecurityOptions` .", "title": "MasterUserPassword", "type": "string" } }, "type": "object" }, "AWS::Elasticsearch::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether node-to-node encryption is enabled, as a Boolean.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::Elasticsearch::Domain.SnapshotOptions": { "additionalProperties": false, "properties": { "AutomatedSnapshotStartHour": { "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indices in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", "title": "AutomatedSnapshotStartHour", "type": "number" } }, "type": "object" }, "AWS::Elasticsearch::Domain.VPCOptions": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nRequired if you're creating your domain inside a VPC.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::Elasticsearch::Domain.ZoneAwarenessConfig": { "additionalProperties": false, "properties": { "AvailabilityZoneCount": { "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", "title": "AvailabilityZoneCount", "type": "number" } }, "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the workflow.", "title": "Description", "type": "string" }, "IdMappingTechniques": { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques", "markdownDescription": "An object which defines the `idMappingType` and the `providerProperties` .", "title": "IdMappingTechniques" }, "InputSourceConfig": { "items": { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource" }, "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", "title": "InputSourceConfig", "type": "array" }, "OutputSourceConfig": { "items": { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource" }, "markdownDescription": "A list of `IdMappingWorkflowOutputSource` objects, each of which contains fields `OutputS3Path` and `Output` .", "title": "OutputSourceConfig", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "WorkflowName": { "markdownDescription": "The name of the workflow. There can't be multiple `IdMappingWorkflows` with the same name.", "title": "WorkflowName", "type": "string" } }, "required": [ "IdMappingTechniques", "InputSourceConfig", "RoleArn", "WorkflowName" ], "type": "object" }, "Type": { "enum": [ "AWS::EntityResolution::IdMappingWorkflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow.IdMappingTechniques": { "additionalProperties": false, "properties": { "IdMappingType": { "markdownDescription": "The type of ID mapping.", "title": "IdMappingType", "type": "string" }, "ProviderProperties": { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.ProviderProperties", "markdownDescription": "An object which defines any additional configurations required by the provider service.", "title": "ProviderProperties" } }, "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowInputSource": { "additionalProperties": false, "properties": { "InputSourceARN": { "markdownDescription": "An AWS Glue table ARN for the input source table.", "title": "InputSourceARN", "type": "string" }, "SchemaArn": { "markdownDescription": "The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` .", "title": "SchemaArn", "type": "string" }, "Type": { "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` to which all `sourceIds` will resolve to.", "title": "Type", "type": "string" } }, "required": [ "InputSourceARN" ], "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow.IdMappingWorkflowOutputSource": { "additionalProperties": false, "properties": { "KMSArn": { "markdownDescription": "Customer AWS KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", "title": "KMSArn", "type": "string" }, "OutputS3Path": { "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", "title": "OutputS3Path", "type": "string" } }, "required": [ "OutputS3Path" ], "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { "IntermediateS3Path": { "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", "title": "IntermediateS3Path", "type": "string" } }, "required": [ "IntermediateS3Path" ], "type": "object" }, "AWS::EntityResolution::IdMappingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { "IntermediateSourceConfiguration": { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow.IntermediateSourceConfiguration", "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", "title": "IntermediateSourceConfiguration" }, "ProviderConfiguration": { "additionalProperties": true, "markdownDescription": "The required configuration fields to use with the provider service.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ProviderConfiguration", "type": "object" }, "ProviderServiceArn": { "markdownDescription": "The ARN of the provider service.", "title": "ProviderServiceArn", "type": "string" } }, "required": [ "ProviderServiceArn" ], "type": "object" }, "AWS::EntityResolution::IdNamespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the ID namespace.", "title": "Description", "type": "string" }, "IdMappingWorkflowProperties": { "items": { "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties" }, "markdownDescription": "Determines the properties of `IdMappingWorflow` where this `IdNamespace` can be used as a `Source` or a `Target` .", "title": "IdMappingWorkflowProperties", "type": "array" }, "IdNamespaceName": { "markdownDescription": "The name of the ID namespace.", "title": "IdNamespaceName", "type": "string" }, "InputSourceConfig": { "items": { "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.IdNamespaceInputSource" }, "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", "title": "InputSourceConfig", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to access the resources defined in this `IdNamespace` on your behalf as part of the workflow run.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of ID namespace. There are two types: `SOURCE` and `TARGET` .\n\nThe `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow.\n\nThe `TARGET` contains a configuration of `targetId` to which all `sourceIds` will resolve to.", "title": "Type", "type": "string" } }, "required": [ "IdNamespaceName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EntityResolution::IdNamespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EntityResolution::IdNamespace.IdNamespaceIdMappingWorkflowProperties": { "additionalProperties": false, "properties": { "IdMappingType": { "markdownDescription": "The type of ID mapping.", "title": "IdMappingType", "type": "string" }, "ProviderProperties": { "$ref": "#/definitions/AWS::EntityResolution::IdNamespace.NamespaceProviderProperties", "markdownDescription": "An object which defines any additional configurations required by the provider service.", "title": "ProviderProperties" } }, "required": [ "IdMappingType" ], "type": "object" }, "AWS::EntityResolution::IdNamespace.IdNamespaceInputSource": { "additionalProperties": false, "properties": { "InputSourceARN": { "markdownDescription": "An AWS Glue table ARN for the input source table.", "title": "InputSourceARN", "type": "string" }, "SchemaName": { "markdownDescription": "The name of the schema.", "title": "SchemaName", "type": "string" } }, "required": [ "InputSourceARN" ], "type": "object" }, "AWS::EntityResolution::IdNamespace.NamespaceProviderProperties": { "additionalProperties": false, "properties": { "ProviderConfiguration": { "additionalProperties": true, "markdownDescription": "An object which defines any additional configurations required by the provider service.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ProviderConfiguration", "type": "object" }, "ProviderServiceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the provider service.", "title": "ProviderServiceArn", "type": "string" } }, "required": [ "ProviderServiceArn" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the workflow.", "title": "Description", "type": "string" }, "InputSourceConfig": { "items": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.InputSource" }, "markdownDescription": "A list of `InputSource` objects, which have the fields `InputSourceARN` and `SchemaName` .", "title": "InputSourceConfig", "type": "array" }, "OutputSourceConfig": { "items": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputSource" }, "markdownDescription": "A list of `OutputSource` objects, each of which contains fields `OutputS3Path` , `ApplyNormalization` , and `Output` .", "title": "OutputSourceConfig", "type": "array" }, "ResolutionTechniques": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques", "markdownDescription": "An object which defines the `resolutionType` and the `ruleBasedProperties` .", "title": "ResolutionTechniques" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role. AWS Entity Resolution assumes this role to create resources on your behalf as part of workflow execution.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "WorkflowName": { "markdownDescription": "The name of the workflow. There can't be multiple `MatchingWorkflows` with the same name.", "title": "WorkflowName", "type": "string" } }, "required": [ "InputSourceConfig", "OutputSourceConfig", "ResolutionTechniques", "RoleArn", "WorkflowName" ], "type": "object" }, "Type": { "enum": [ "AWS::EntityResolution::MatchingWorkflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.InputSource": { "additionalProperties": false, "properties": { "ApplyNormalization": { "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", "title": "ApplyNormalization", "type": "boolean" }, "InputSourceARN": { "markdownDescription": "An object containing `InputSourceARN` , `SchemaName` , and `ApplyNormalization` .", "title": "InputSourceARN", "type": "string" }, "SchemaArn": { "markdownDescription": "The name of the schema.", "title": "SchemaArn", "type": "string" } }, "required": [ "InputSourceARN", "SchemaArn" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration": { "additionalProperties": false, "properties": { "IntermediateS3Path": { "markdownDescription": "The Amazon S3 location (bucket and prefix). For example: `s3://provider_bucket/DOC-EXAMPLE-BUCKET`", "title": "IntermediateS3Path", "type": "string" } }, "required": [ "IntermediateS3Path" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.OutputAttribute": { "additionalProperties": false, "properties": { "Hashed": { "markdownDescription": "Enables the ability to hash the column values in the output.", "title": "Hashed", "type": "boolean" }, "Name": { "markdownDescription": "A name of a column to be written to the output. This must be an `InputField` name in the schema mapping.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.OutputSource": { "additionalProperties": false, "properties": { "ApplyNormalization": { "markdownDescription": "Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890.", "title": "ApplyNormalization", "type": "boolean" }, "KMSArn": { "markdownDescription": "Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key.", "title": "KMSArn", "type": "string" }, "Output": { "items": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.OutputAttribute" }, "markdownDescription": "A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed.", "title": "Output", "type": "array" }, "OutputS3Path": { "markdownDescription": "The S3 path to which AWS Entity Resolution will write the output table.", "title": "OutputS3Path", "type": "string" } }, "required": [ "Output", "OutputS3Path" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.ProviderProperties": { "additionalProperties": false, "properties": { "IntermediateSourceConfiguration": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.IntermediateSourceConfiguration", "markdownDescription": "The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently.", "title": "IntermediateSourceConfiguration" }, "ProviderConfiguration": { "additionalProperties": true, "markdownDescription": "The required configuration fields to use with the provider service.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ProviderConfiguration", "type": "object" }, "ProviderServiceArn": { "markdownDescription": "The ARN of the provider service.", "title": "ProviderServiceArn", "type": "string" } }, "required": [ "ProviderServiceArn" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.ResolutionTechniques": { "additionalProperties": false, "properties": { "ProviderProperties": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.ProviderProperties", "markdownDescription": "The properties of the provider service.", "title": "ProviderProperties" }, "ResolutionType": { "markdownDescription": "The type of matching. There are three types of matching: `RULE_MATCHING` , `ML_MATCHING` , and `PROVIDER` .", "title": "ResolutionType", "type": "string" }, "RuleBasedProperties": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties", "markdownDescription": "An object which defines the list of matching rules to run and has a field `Rules` , which is a list of rule objects.", "title": "RuleBasedProperties" } }, "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.Rule": { "additionalProperties": false, "properties": { "MatchingKeys": { "items": { "type": "string" }, "markdownDescription": "A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match.", "title": "MatchingKeys", "type": "array" }, "RuleName": { "markdownDescription": "A name for the matching rule.", "title": "RuleName", "type": "string" } }, "required": [ "MatchingKeys", "RuleName" ], "type": "object" }, "AWS::EntityResolution::MatchingWorkflow.RuleBasedProperties": { "additionalProperties": false, "properties": { "AttributeMatchingModel": { "markdownDescription": "The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the AttributeMatchingModel. When choosing `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` type. When choosing `ONE_TO_ONE` ,the system can only match if the sub-types are exact matches. For example, only when the value of the `Email` field of Profile A and the value of the `Email` field of Profile B matches, the two profiles are matched on the `Email` type.", "title": "AttributeMatchingModel", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow.Rule" }, "markdownDescription": "A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` .", "title": "Rules", "type": "array" } }, "required": [ "AttributeMatchingModel", "Rules" ], "type": "object" }, "AWS::EntityResolution::PolicyStatement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "items": { "type": "string" }, "markdownDescription": "The action that the principal can use on the resource.\n\nFor example, `entityresolution:GetIdMappingJob` , `entityresolution:GetMatchingJob` .", "title": "Action", "type": "array" }, "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource that will be accessed by the principal.", "title": "Arn", "type": "string" }, "Condition": { "markdownDescription": "A set of condition keys that you can use in key policies.", "title": "Condition", "type": "string" }, "Effect": { "markdownDescription": "Determines whether the permissions specified in the policy are to be allowed ( `Allow` ) or denied ( `Deny` ).\n\n> If you set the value of the `effect` parameter to `Deny` for the `AddPolicyStatement` operation, you must also set the value of the `effect` parameter in the `policy` to `Deny` for the `PutPolicy` operation.", "title": "Effect", "type": "string" }, "Principal": { "items": { "type": "string" }, "markdownDescription": "The AWS service or AWS account that can access the resource defined as ARN.", "title": "Principal", "type": "array" }, "StatementId": { "markdownDescription": "A statement identifier that differentiates the statement from others in the same policy.", "title": "StatementId", "type": "string" } }, "required": [ "Arn", "StatementId" ], "type": "object" }, "Type": { "enum": [ "AWS::EntityResolution::PolicyStatement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EntityResolution::SchemaMapping": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the schema.", "title": "Description", "type": "string" }, "MappedInputFields": { "items": { "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping.SchemaInputAttribute" }, "markdownDescription": "A list of `MappedInputFields` . Each `MappedInputField` corresponds to a column the source data table, and contains column name plus additional information that AWS Entity Resolution uses for matching.", "title": "MappedInputFields", "type": "array" }, "SchemaName": { "markdownDescription": "The name of the schema. There can't be multiple `SchemaMappings` with the same name.", "title": "SchemaName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "MappedInputFields", "SchemaName" ], "type": "object" }, "Type": { "enum": [ "AWS::EntityResolution::SchemaMapping" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EntityResolution::SchemaMapping.SchemaInputAttribute": { "additionalProperties": false, "properties": { "FieldName": { "markdownDescription": "A string containing the field name.", "title": "FieldName", "type": "string" }, "GroupName": { "markdownDescription": "A string that instructs AWS Entity Resolution to combine several columns into a unified column with the identical attribute type.\n\nFor example, when working with columns such as `first_name` , `middle_name` , and `last_name` , assigning them a common `groupName` will prompt AWS Entity Resolution to concatenate them into a single value.", "title": "GroupName", "type": "string" }, "MatchKey": { "markdownDescription": "A key that allows grouping of multiple input attributes into a unified matching group. For example, consider a scenario where the source table contains various addresses, such as `business_address` and `shipping_address` . By assigning a `matchKey` called `address` to both attributes, AWS Entity Resolution will match records across these fields to create a consolidated matching group. If no `matchKey` is specified for a column, it won't be utilized for matching purposes but will still be included in the output table.", "title": "MatchKey", "type": "string" }, "SubType": { "markdownDescription": "The subtype of the attribute, selected from a list of values.", "title": "SubType", "type": "string" }, "Type": { "markdownDescription": "The type of the attribute, selected from a list of values.", "title": "Type", "type": "string" } }, "required": [ "FieldName", "Type" ], "type": "object" }, "AWS::EventSchemas::Discoverer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CrossAccount": { "markdownDescription": "Allows for the discovery of the event schemas that are sent to the event bus from another account.", "title": "CrossAccount", "type": "boolean" }, "Description": { "markdownDescription": "A description for the discoverer.", "title": "Description", "type": "string" }, "SourceArn": { "markdownDescription": "The ARN of the event bus.", "title": "SourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::EventSchemas::Discoverer.TagsEntry" }, "markdownDescription": "Tags associated with the resource.", "title": "Tags", "type": "array" } }, "required": [ "SourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::EventSchemas::Discoverer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EventSchemas::Discoverer.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of a key-value pair.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EventSchemas::Registry": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the registry to be created.", "title": "Description", "type": "string" }, "RegistryName": { "markdownDescription": "The name of the schema registry.", "title": "RegistryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::EventSchemas::Registry.TagsEntry" }, "markdownDescription": "Tags to associate with the registry.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::EventSchemas::Registry" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::EventSchemas::Registry.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of a key-value pair.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::EventSchemas::RegistryPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Policy": { "markdownDescription": "A resource-based policy.", "title": "Policy", "type": "object" }, "RegistryName": { "markdownDescription": "The name of the registry.", "title": "RegistryName", "type": "string" }, "RevisionId": { "markdownDescription": "The revision ID of the policy.", "title": "RevisionId", "type": "string" } }, "required": [ "Policy", "RegistryName" ], "type": "object" }, "Type": { "enum": [ "AWS::EventSchemas::RegistryPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EventSchemas::Schema": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The source of the schema definition.", "title": "Content", "type": "string" }, "Description": { "markdownDescription": "A description of the schema.", "title": "Description", "type": "string" }, "RegistryName": { "markdownDescription": "The name of the schema registry.", "title": "RegistryName", "type": "string" }, "SchemaName": { "markdownDescription": "The name of the schema.", "title": "SchemaName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::EventSchemas::Schema.TagsEntry" }, "markdownDescription": "Tags associated with the schema.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of schema.\n\nValid types include `OpenApi3` and `JSONSchemaDraft4` .", "title": "Type", "type": "string" } }, "required": [ "Content", "RegistryName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::EventSchemas::Schema" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::EventSchemas::Schema.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of a key-value pair.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of a key-value pair.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Events::ApiDestination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionArn": { "markdownDescription": "The ARN of the connection to use for the API destination. The destination endpoint must support the authorization type specified for the connection.", "title": "ConnectionArn", "type": "string" }, "Description": { "markdownDescription": "A description for the API destination to create.", "title": "Description", "type": "string" }, "HttpMethod": { "markdownDescription": "The method to use for the request to the HTTP invocation endpoint.", "title": "HttpMethod", "type": "string" }, "InvocationEndpoint": { "markdownDescription": "The URL to the HTTP invocation endpoint for the API destination.", "title": "InvocationEndpoint", "type": "string" }, "InvocationRateLimitPerSecond": { "markdownDescription": "The maximum number of requests per second to send to the HTTP invocation endpoint.", "title": "InvocationRateLimitPerSecond", "type": "number" }, "Name": { "markdownDescription": "The name for the API destination to create.", "title": "Name", "type": "string" } }, "required": [ "ConnectionArn", "HttpMethod", "InvocationEndpoint" ], "type": "object" }, "Type": { "enum": [ "AWS::Events::ApiDestination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Events::Archive": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ArchiveName": { "markdownDescription": "The name for the archive to create.", "title": "ArchiveName", "type": "string" }, "Description": { "markdownDescription": "A description for the archive.", "title": "Description", "type": "string" }, "EventPattern": { "markdownDescription": "An event pattern to use to filter events sent to the archive.", "title": "EventPattern", "type": "object" }, "RetentionDays": { "markdownDescription": "The number of days to retain events for. Default value is 0. If set to 0, events are retained indefinitely", "title": "RetentionDays", "type": "number" }, "SourceArn": { "markdownDescription": "The ARN of the event bus that sends events to the archive.", "title": "SourceArn", "type": "string" } }, "required": [ "SourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Events::Archive" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Events::Connection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthParameters": { "$ref": "#/definitions/AWS::Events::Connection.AuthParameters", "markdownDescription": "A `CreateConnectionAuthRequestParameters` object that contains the authorization parameters to use to authorize with the endpoint.", "title": "AuthParameters" }, "AuthorizationType": { "markdownDescription": "The type of authorization to use for the connection.\n\n> OAUTH tokens are refreshed when a 401 or 407 response is returned.", "title": "AuthorizationType", "type": "string" }, "Description": { "markdownDescription": "A description for the connection to create.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name for the connection to create.", "title": "Name", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Events::Connection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Events::Connection.ApiKeyAuthParameters": { "additionalProperties": false, "properties": { "ApiKeyName": { "markdownDescription": "The name of the API key to use for authorization.", "title": "ApiKeyName", "type": "string" }, "ApiKeyValue": { "markdownDescription": "The value for the API key to use for authorization.", "title": "ApiKeyValue", "type": "string" } }, "required": [ "ApiKeyName", "ApiKeyValue" ], "type": "object" }, "AWS::Events::Connection.AuthParameters": { "additionalProperties": false, "properties": { "ApiKeyAuthParameters": { "$ref": "#/definitions/AWS::Events::Connection.ApiKeyAuthParameters", "markdownDescription": "The API Key parameters to use for authorization.", "title": "ApiKeyAuthParameters" }, "BasicAuthParameters": { "$ref": "#/definitions/AWS::Events::Connection.BasicAuthParameters", "markdownDescription": "The authorization parameters for Basic authorization.", "title": "BasicAuthParameters" }, "InvocationHttpParameters": { "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", "markdownDescription": "Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint.", "title": "InvocationHttpParameters" }, "OAuthParameters": { "$ref": "#/definitions/AWS::Events::Connection.OAuthParameters", "markdownDescription": "The OAuth parameters to use for authorization.", "title": "OAuthParameters" } }, "type": "object" }, "AWS::Events::Connection.BasicAuthParameters": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The password associated with the user name to use for Basic authorization.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "The user name to use for Basic authorization.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::Events::Connection.ClientParameters": { "additionalProperties": false, "properties": { "ClientID": { "markdownDescription": "The client ID to use for OAuth authorization.", "title": "ClientID", "type": "string" }, "ClientSecret": { "markdownDescription": "The client secret assciated with the client ID to use for OAuth authorization.", "title": "ClientSecret", "type": "string" } }, "required": [ "ClientID", "ClientSecret" ], "type": "object" }, "AWS::Events::Connection.ConnectionHttpParameters": { "additionalProperties": false, "properties": { "BodyParameters": { "items": { "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, "markdownDescription": "Contains additional body string parameters for the connection.", "title": "BodyParameters", "type": "array" }, "HeaderParameters": { "items": { "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, "markdownDescription": "Contains additional header parameters for the connection.", "title": "HeaderParameters", "type": "array" }, "QueryStringParameters": { "items": { "$ref": "#/definitions/AWS::Events::Connection.Parameter" }, "markdownDescription": "Contains additional query string parameters for the connection.", "title": "QueryStringParameters", "type": "array" } }, "type": "object" }, "AWS::Events::Connection.OAuthParameters": { "additionalProperties": false, "properties": { "AuthorizationEndpoint": { "markdownDescription": "The URL to the authorization endpoint when OAuth is specified as the authorization type.", "title": "AuthorizationEndpoint", "type": "string" }, "ClientParameters": { "$ref": "#/definitions/AWS::Events::Connection.ClientParameters", "markdownDescription": "A `CreateConnectionOAuthClientRequestParameters` object that contains the client parameters for OAuth authorization.", "title": "ClientParameters" }, "HttpMethod": { "markdownDescription": "The method to use for the authorization request.", "title": "HttpMethod", "type": "string" }, "OAuthHttpParameters": { "$ref": "#/definitions/AWS::Events::Connection.ConnectionHttpParameters", "markdownDescription": "A `ConnectionHttpParameters` object that contains details about the additional parameters to use for the connection.", "title": "OAuthHttpParameters" } }, "required": [ "AuthorizationEndpoint", "ClientParameters", "HttpMethod" ], "type": "object" }, "AWS::Events::Connection.Parameter": { "additionalProperties": false, "properties": { "IsValueSecret": { "markdownDescription": "Specifies whether the value is secret.", "title": "IsValueSecret", "type": "boolean" }, "Key": { "markdownDescription": "The key for a query string parameter.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value associated with the key for the query string parameter.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Events::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the endpoint.", "title": "Description", "type": "string" }, "EventBuses": { "items": { "$ref": "#/definitions/AWS::Events::Endpoint.EndpointEventBus" }, "markdownDescription": "The event buses being used by the endpoint.\n\n*Exactly* : `2`", "title": "EventBuses", "type": "array" }, "Name": { "markdownDescription": "The name of the endpoint.", "title": "Name", "type": "string" }, "ReplicationConfig": { "$ref": "#/definitions/AWS::Events::Endpoint.ReplicationConfig", "markdownDescription": "Whether event replication was enabled or disabled for this endpoint. The default state is `ENABLED` which means you must supply a `RoleArn` . If you don't have a `RoleArn` or you don't want event replication enabled, set the state to `DISABLED` .", "title": "ReplicationConfig" }, "RoleArn": { "markdownDescription": "The ARN of the role used by event replication for the endpoint.", "title": "RoleArn", "type": "string" }, "RoutingConfig": { "$ref": "#/definitions/AWS::Events::Endpoint.RoutingConfig", "markdownDescription": "The routing configuration of the endpoint.", "title": "RoutingConfig" } }, "required": [ "EventBuses", "RoutingConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::Events::Endpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Events::Endpoint.EndpointEventBus": { "additionalProperties": false, "properties": { "EventBusArn": { "markdownDescription": "The ARN of the event bus the endpoint is associated with.", "title": "EventBusArn", "type": "string" } }, "required": [ "EventBusArn" ], "type": "object" }, "AWS::Events::Endpoint.FailoverConfig": { "additionalProperties": false, "properties": { "Primary": { "$ref": "#/definitions/AWS::Events::Endpoint.Primary", "markdownDescription": "The main Region of the endpoint.", "title": "Primary" }, "Secondary": { "$ref": "#/definitions/AWS::Events::Endpoint.Secondary", "markdownDescription": "The Region that events are routed to when failover is triggered or event replication is enabled.", "title": "Secondary" } }, "required": [ "Primary", "Secondary" ], "type": "object" }, "AWS::Events::Endpoint.Primary": { "additionalProperties": false, "properties": { "HealthCheck": { "markdownDescription": "The ARN of the health check used by the endpoint to determine whether failover is triggered.", "title": "HealthCheck", "type": "string" } }, "required": [ "HealthCheck" ], "type": "object" }, "AWS::Events::Endpoint.ReplicationConfig": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "The state of event replication.", "title": "State", "type": "string" } }, "required": [ "State" ], "type": "object" }, "AWS::Events::Endpoint.RoutingConfig": { "additionalProperties": false, "properties": { "FailoverConfig": { "$ref": "#/definitions/AWS::Events::Endpoint.FailoverConfig", "markdownDescription": "The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.", "title": "FailoverConfig" } }, "required": [ "FailoverConfig" ], "type": "object" }, "AWS::Events::Endpoint.Secondary": { "additionalProperties": false, "properties": { "Route": { "markdownDescription": "Defines the secondary Region.", "title": "Route", "type": "string" } }, "required": [ "Route" ], "type": "object" }, "AWS::Events::EventBus": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EventSourceName": { "markdownDescription": "If you are creating a partner event bus, this specifies the partner event source that the new event bus will be matched with.", "title": "EventSourceName", "type": "string" }, "Name": { "markdownDescription": "The name of the new event bus.\n\nCustom event bus names can't contain the `/` character, but you can use the `/` character in partner event bus names. In addition, for partner event buses, the name must exactly match the name of the partner event source that this event bus is matched to.\n\nYou can't use the name `default` for a custom event bus, as this name is already used for your account's default event bus.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The permissions policy of the event bus, describing which other AWS accounts can write events to this event bus.", "title": "Policy", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to associate with the event bus.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Events::EventBus" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Events::EventBusPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that you are enabling the other account to perform.", "title": "Action", "type": "string" }, "Condition": { "$ref": "#/definitions/AWS::Events::EventBusPolicy.Condition", "markdownDescription": "This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. For more information about AWS Organizations, see [What Is AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) in the *AWS Organizations User Guide* .\n\nIf you specify `Condition` with an AWS organization ID, and specify \"*\" as the value for `Principal` , you grant permission to all the accounts in the named organization.\n\nThe `Condition` is a JSON string which must contain `Type` , `Key` , and `Value` fields.", "title": "Condition" }, "EventBusName": { "markdownDescription": "The name of the event bus associated with the rule. If you omit this, the default event bus is used.", "title": "EventBusName", "type": "string" }, "Principal": { "markdownDescription": "The 12-digit AWS account ID that you are permitting to put events to your default event bus. Specify \"*\" to permit any account to put events to your default event bus.\n\nIf you specify \"*\" without specifying `Condition` , avoid creating rules that may match undesirable events. To create more secure rules, make sure that the event pattern for each rule contains an `account` field with a specific account ID from which to receive events. Rules with an account field do not match any events sent from other accounts.", "title": "Principal", "type": "string" }, "Statement": { "markdownDescription": "A JSON string that describes the permission policy statement. You can include a `Policy` parameter in the request instead of using the `StatementId` , `Action` , `Principal` , or `Condition` parameters.", "title": "Statement", "type": "object" }, "StatementId": { "markdownDescription": "An identifier string for the external account that you are granting permissions to. If you later want to revoke the permission for this external account, specify this `StatementId` when you run [RemovePermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_RemovePermission.html) .\n\n> Each `StatementId` must be unique.", "title": "StatementId", "type": "string" } }, "required": [ "StatementId" ], "type": "object" }, "Type": { "enum": [ "AWS::Events::EventBusPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Events::EventBusPolicy.Condition": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "Specifies the key for the condition. Currently the only supported key is `aws:PrincipalOrgID` .", "title": "Key", "type": "string" }, "Type": { "markdownDescription": "Specifies the type of condition. Currently the only supported value is `StringEquals` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Specifies the value for the key. Currently, this must be the ID of the organization.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Events::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the rule.", "title": "Description", "type": "string" }, "EventBusName": { "markdownDescription": "The name or ARN of the event bus associated with the rule. If you omit this, the default event bus is used.", "title": "EventBusName", "type": "string" }, "EventPattern": { "markdownDescription": "The event pattern of the rule. For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the **Amazon EventBridge User Guide** .", "title": "EventPattern", "type": "object" }, "Name": { "markdownDescription": "The name of the rule.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that is used for target invocation.\n\nIf you're setting an event bus in another account as the target and that account granted permission to your account through an organization instead of directly by the account ID, you must specify a `RoleArn` with proper permissions in the `Target` structure, instead of here in this parameter.", "title": "RoleArn", "type": "string" }, "ScheduleExpression": { "markdownDescription": "The scheduling expression. For example, \"cron(0 20 * * ? *)\", \"rate(5 minutes)\". For more information, see [Creating an Amazon EventBridge rule that runs on a schedule](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html) .", "title": "ScheduleExpression", "type": "string" }, "State": { "markdownDescription": "The state of the rule.\n\nValid values include:\n\n- `DISABLED` : The rule is disabled. EventBridge does not match any events against the rule.\n- `ENABLED` : The rule is enabled. EventBridge matches events against the rule, *except* for AWS management events delivered through CloudTrail.\n- `ENABLED_WITH_ALL_CLOUDTRAIL_MANAGEMENT_EVENTS` : The rule is enabled for all events, including AWS management events delivered through CloudTrail.\n\nManagement events provide visibility into management operations that are performed on resources in your AWS account. These are also known as control plane operations. For more information, see [Logging management events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-events-with-cloudtrail.html#logging-management-events) in the *CloudTrail User Guide* , and [Filtering management events from AWS services](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-service-event.html#eb-service-event-cloudtrail) in the **Amazon EventBridge User Guide** .\n\nThis value is only valid for rules on the [default](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is-how-it-works-concepts.html#eb-bus-concepts-buses) event bus or [custom event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-event-bus.html) . It does not apply to [partner event buses](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-saas.html) .", "title": "State", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::Events::Rule.Target" }, "markdownDescription": "Adds the specified targets to the specified rule, or updates the targets if they are already associated with the rule.\n\nTargets are the resources that are invoked when a rule is triggered.\n\nThe maximum number of entries per request is 10.\n\n> Each rule can have up to five (5) targets associated with it at one time. \n\nFor a list of services you can configure as targets for events, see [EventBridge targets](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-targets.html) in the **Amazon EventBridge User Guide** .\n\nCreating rules with built-in targets is supported only in the AWS Management Console . The built-in targets are:\n\n- `Amazon EBS CreateSnapshot API call`\n- `Amazon EC2 RebootInstances API call`\n- `Amazon EC2 StopInstances API call`\n- `Amazon EC2 TerminateInstances API call`\n\nFor some target types, `PutTargets` provides target-specific parameters. If the target is a Kinesis data stream, you can optionally specify which shard the event goes to by using the `KinesisParameters` argument. To invoke a command on multiple EC2 instances with one rule, you can use the `RunCommandParameters` field.\n\nTo be able to make API calls against the resources that you own, Amazon EventBridge needs the appropriate permissions:\n\n- For AWS Lambda and Amazon SNS resources, EventBridge relies on resource-based policies.\n- For EC2 instances, Kinesis Data Streams, AWS Step Functions state machines and API Gateway APIs, EventBridge relies on IAM roles that you specify in the `RoleARN` argument in `PutTargets` .\n\nFor more information, see [Authentication and Access Control](https://docs.aws.amazon.com/eventbridge/latest/userguide/auth-and-access-control-eventbridge.html) in the **Amazon EventBridge User Guide** .\n\nIf another AWS account is in the same region and has granted you permission (using `PutPermission` ), you can send events to that account. Set that account's event bus as a target of the rules in your account. To send the matched events to the other account, specify that account's event bus as the `Arn` value when you run `PutTargets` . If your account sends events to another account, your account is charged for each sent event. Each event sent to another account is charged as a custom event. The account receiving the event is not charged. For more information, see [Amazon EventBridge Pricing](https://docs.aws.amazon.com/eventbridge/pricing/) .\n\n> `Input` , `InputPath` , and `InputTransformer` are not available with `PutTarget` if the target is an event bus of a different AWS account. \n\nIf you are setting the event bus of another account as the target, and that account granted permission to your account through an organization instead of directly by the account ID, then you must specify a `RoleArn` with proper permissions in the `Target` structure. For more information, see [Sending and Receiving Events Between AWS Accounts](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-cross-account-event-delivery.html) in the *Amazon EventBridge User Guide* .\n\n> If you have an IAM role on a cross-account event bus target, a `PutTargets` call without a role on the same target (same `Id` and `Arn` ) will not remove the role. \n\nFor more information about enabling cross-account events, see [PutPermission](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutPermission.html) .\n\n*Input* , *InputPath* , and *InputTransformer* are mutually exclusive and optional parameters of a target. When a rule is triggered due to a matched event:\n\n- If none of the following arguments are specified for a target, then the entire event is passed to the target in JSON format (unless the target is Amazon EC2 Run Command or Amazon ECS task, in which case nothing from the event is passed to the target).\n- If *Input* is specified in the form of valid JSON, then the matched event is overridden with this constant.\n- If *InputPath* is specified in the form of JSONPath (for example, `$.detail` ), then only the part of the event specified in the path is passed to the target (for example, only the detail part of the event is passed).\n- If *InputTransformer* is specified, then one or more specified JSONPaths are extracted from the event and used as values in a template that you specify as the input to the target.\n\nWhen you specify `InputPath` or `InputTransformer` , you must use JSON dot notation, not bracket notation.\n\nWhen you add targets to a rule and the associated rule triggers soon after, new or updated targets might not be immediately invoked. Allow a short period of time for changes to take effect.\n\nThis action can partially fail if too many requests are made at the same time. If that happens, `FailedEntryCount` is non-zero in the response and each entry in `FailedEntries` provides the ID of the failed target and the error code.", "title": "Targets", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Events::Rule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Events::Rule.AppSyncParameters": { "additionalProperties": false, "properties": { "GraphQLOperation": { "markdownDescription": "The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service.\n\nFor more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* .", "title": "GraphQLOperation", "type": "string" } }, "required": [ "GraphQLOperation" ], "type": "object" }, "AWS::Events::Rule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", "title": "AssignPublicIp", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", "title": "Subnets", "type": "array" } }, "required": [ "Subnets" ], "type": "object" }, "AWS::Events::Rule.BatchArrayProperties": { "additionalProperties": false, "properties": { "Size": { "markdownDescription": "The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000.", "title": "Size", "type": "number" } }, "type": "object" }, "AWS::Events::Rule.BatchParameters": { "additionalProperties": false, "properties": { "ArrayProperties": { "$ref": "#/definitions/AWS::Events::Rule.BatchArrayProperties", "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", "title": "ArrayProperties" }, "JobDefinition": { "markdownDescription": "The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist.", "title": "JobDefinition", "type": "string" }, "JobName": { "markdownDescription": "The name to use for this execution of the job, if the target is an AWS Batch job.", "title": "JobName", "type": "string" }, "RetryStrategy": { "$ref": "#/definitions/AWS::Events::Rule.BatchRetryStrategy", "markdownDescription": "The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1\u201310. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition.", "title": "RetryStrategy" } }, "required": [ "JobDefinition", "JobName" ], "type": "object" }, "AWS::Events::Rule.BatchRetryStrategy": { "additionalProperties": false, "properties": { "Attempts": { "markdownDescription": "The number of times to attempt to retry, if the job fails. Valid values are 1\u201310.", "title": "Attempts", "type": "number" } }, "type": "object" }, "AWS::Events::Rule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", "title": "Weight", "type": "number" } }, "required": [ "CapacityProvider" ], "type": "object" }, "AWS::Events::Rule.DeadLetterConfig": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The ARN of the SQS queue specified as the target for the dead-letter queue.", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::Events::Rule.EcsParameters": { "additionalProperties": false, "properties": { "CapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::Events::Rule.CapacityProviderStrategyItem" }, "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", "title": "CapacityProviderStrategy", "type": "array" }, "EnableECSManagedTags": { "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", "title": "EnableECSManagedTags", "type": "boolean" }, "EnableExecuteCommand": { "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", "title": "EnableExecuteCommand", "type": "boolean" }, "Group": { "markdownDescription": "Specifies an ECS task group for the task. The maximum length is 255 characters.", "title": "Group", "type": "string" }, "LaunchType": { "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LaunchType", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::Events::Rule.NetworkConfiguration", "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", "title": "NetworkConfiguration" }, "PlacementConstraints": { "items": { "$ref": "#/definitions/AWS::Events::Rule.PlacementConstraint" }, "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", "title": "PlacementConstraints", "type": "array" }, "PlacementStrategies": { "items": { "$ref": "#/definitions/AWS::Events::Rule.PlacementStrategy" }, "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", "title": "PlacementStrategies", "type": "array" }, "PlatformVersion": { "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "PlatformVersion", "type": "string" }, "PropagateTags": { "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action.", "title": "PropagateTags", "type": "string" }, "ReferenceId": { "markdownDescription": "The reference ID to use for the task.", "title": "ReferenceId", "type": "string" }, "TagList": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", "title": "TagList", "type": "array" }, "TaskCount": { "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", "title": "TaskCount", "type": "number" }, "TaskDefinitionArn": { "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", "title": "TaskDefinitionArn", "type": "string" } }, "required": [ "TaskDefinitionArn" ], "type": "object" }, "AWS::Events::Rule.HttpParameters": { "additionalProperties": false, "properties": { "HeaderParameters": { "additionalProperties": true, "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "HeaderParameters", "type": "object" }, "PathParameterValues": { "items": { "type": "string" }, "markdownDescription": "The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards (\"*\").", "title": "PathParameterValues", "type": "array" }, "QueryStringParameters": { "additionalProperties": true, "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "QueryStringParameters", "type": "object" } }, "type": "object" }, "AWS::Events::Rule.InputTransformer": { "additionalProperties": false, "properties": { "InputPathsMap": { "additionalProperties": true, "markdownDescription": "Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target.\n\n`InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation.\n\nThe keys cannot start with \" AWS .\"", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "InputPathsMap", "type": "object" }, "InputTemplate": { "markdownDescription": "Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* >\n\nIf `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply:\n\n- The placeholder cannot be used as an object key.\n\nThe following example shows the syntax for using `InputPathsMap` and `InputTemplate` .\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \"`\n\n`}`\n\nTo have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": \" is in state \\\"\\\"\"`\n\n`}`\n\nThe `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example:\n\n`\"InputTransformer\":`\n\n`{`\n\n`\"InputPathsMap\": {\"instance\": \"$.detail.instance\",\"status\": \"$.detail.status\"},`\n\n`\"InputTemplate\": '{\"myInstance\": ,\"myStatus\": \" is in state \\\"\\\"\"}'`\n\n`}`", "title": "InputTemplate", "type": "string" } }, "required": [ "InputTemplate" ], "type": "object" }, "AWS::Events::Rule.KinesisParameters": { "additionalProperties": false, "properties": { "PartitionKeyPath": { "markdownDescription": "The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* .", "title": "PartitionKeyPath", "type": "string" } }, "required": [ "PartitionKeyPath" ], "type": "object" }, "AWS::Events::Rule.NetworkConfiguration": { "additionalProperties": false, "properties": { "AwsVpcConfiguration": { "$ref": "#/definitions/AWS::Events::Rule.AwsVpcConfiguration", "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", "title": "AwsVpcConfiguration" } }, "type": "object" }, "AWS::Events::Rule.PlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Events::Rule.PlacementStrategy": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", "title": "Field", "type": "string" }, "Type": { "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Events::Rule.RedshiftDataParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", "title": "Database", "type": "string" }, "DbUser": { "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", "title": "DbUser", "type": "string" }, "SecretManagerArn": { "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager.", "title": "SecretManagerArn", "type": "string" }, "Sql": { "markdownDescription": "The SQL statement text to run.", "title": "Sql", "type": "string" }, "Sqls": { "items": { "type": "string" }, "markdownDescription": "One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back.", "title": "Sqls", "type": "array" }, "StatementName": { "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", "title": "StatementName", "type": "string" }, "WithEvent": { "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", "title": "WithEvent", "type": "boolean" } }, "required": [ "Database" ], "type": "object" }, "AWS::Events::Rule.RetryPolicy": { "additionalProperties": false, "properties": { "MaximumEventAgeInSeconds": { "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", "title": "MaximumEventAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met.", "title": "MaximumRetryAttempts", "type": "number" } }, "type": "object" }, "AWS::Events::Rule.RunCommandParameters": { "additionalProperties": false, "properties": { "RunCommandTargets": { "items": { "$ref": "#/definitions/AWS::Events::Rule.RunCommandTarget" }, "markdownDescription": "Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag.", "title": "RunCommandTargets", "type": "array" } }, "required": [ "RunCommandTargets" ], "type": "object" }, "AWS::Events::Rule.RunCommandTarget": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "Can be either `tag:` *tag-key* or `InstanceIds` .", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs.", "title": "Values", "type": "array" } }, "required": [ "Key", "Values" ], "type": "object" }, "AWS::Events::Rule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::Events::Rule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { "PipelineParameterList": { "items": { "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameter" }, "markdownDescription": "List of Parameter names and values for SageMaker Model Building Pipeline execution.", "title": "PipelineParameterList", "type": "array" } }, "type": "object" }, "AWS::Events::Rule.SqsParameters": { "additionalProperties": false, "properties": { "MessageGroupId": { "markdownDescription": "The FIFO message group ID to use as the target.", "title": "MessageGroupId", "type": "string" } }, "required": [ "MessageGroupId" ], "type": "object" }, "AWS::Events::Rule.Target": { "additionalProperties": false, "properties": { "AppSyncParameters": { "$ref": "#/definitions/AWS::Events::Rule.AppSyncParameters", "markdownDescription": "Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API.", "title": "AppSyncParameters" }, "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target.", "title": "Arn", "type": "string" }, "BatchParameters": { "$ref": "#/definitions/AWS::Events::Rule.BatchParameters", "markdownDescription": "If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* .", "title": "BatchParameters" }, "DeadLetterConfig": { "$ref": "#/definitions/AWS::Events::Rule.DeadLetterConfig", "markdownDescription": "The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to.", "title": "DeadLetterConfig" }, "EcsParameters": { "$ref": "#/definitions/AWS::Events::Rule.EcsParameters", "markdownDescription": "Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* .", "title": "EcsParameters" }, "HttpParameters": { "$ref": "#/definitions/AWS::Events::Rule.HttpParameters", "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", "title": "HttpParameters" }, "Id": { "markdownDescription": "The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string.", "title": "Id", "type": "string" }, "Input": { "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .", "title": "Input", "type": "string" }, "InputPath": { "markdownDescription": "The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) .", "title": "InputPath", "type": "string" }, "InputTransformer": { "$ref": "#/definitions/AWS::Events::Rule.InputTransformer", "markdownDescription": "Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target.", "title": "InputTransformer" }, "KinesisParameters": { "$ref": "#/definitions/AWS::Events::Rule.KinesisParameters", "markdownDescription": "The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key.", "title": "KinesisParameters" }, "RedshiftDataParameters": { "$ref": "#/definitions/AWS::Events::Rule.RedshiftDataParameters", "markdownDescription": "Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster.\n\nIf you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events.", "title": "RedshiftDataParameters" }, "RetryPolicy": { "$ref": "#/definitions/AWS::Events::Rule.RetryPolicy", "markdownDescription": "The `RetryPolicy` object that contains the retry policy configuration to use for the dead-letter queue.", "title": "RetryPolicy" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target.", "title": "RoleArn", "type": "string" }, "RunCommandParameters": { "$ref": "#/definitions/AWS::Events::Rule.RunCommandParameters", "markdownDescription": "Parameters used when you are using the rule to invoke Amazon EC2 Run Command.", "title": "RunCommandParameters" }, "SageMakerPipelineParameters": { "$ref": "#/definitions/AWS::Events::Rule.SageMakerPipelineParameters", "markdownDescription": "Contains the SageMaker Model Building Pipeline parameters to start execution of a SageMaker Model Building Pipeline.\n\nIf you specify a SageMaker Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events.", "title": "SageMakerPipelineParameters" }, "SqsParameters": { "$ref": "#/definitions/AWS::Events::Rule.SqsParameters", "markdownDescription": "Contains the message group ID to use when the target is a FIFO queue.\n\nIf you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled.", "title": "SqsParameters" } }, "required": [ "Arn", "Id" ], "type": "object" }, "AWS::Evidently::Experiment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description of the experiment.", "title": "Description", "type": "string" }, "MetricGoals": { "items": { "$ref": "#/definitions/AWS::Evidently::Experiment.MetricGoalObject" }, "markdownDescription": "An array of structures that defines the metrics used for the experiment, and whether a higher or lower value for each metric is the goal. You can use up to three metrics in an experiment.", "title": "MetricGoals", "type": "array" }, "Name": { "markdownDescription": "A name for the new experiment.", "title": "Name", "type": "string" }, "OnlineAbConfig": { "$ref": "#/definitions/AWS::Evidently::Experiment.OnlineAbConfigObject", "markdownDescription": "A structure that contains the configuration of which variation to use as the \"control\" version. The \"control\" version is used for comparison with other variations. This structure also specifies how much experiment traffic is allocated to each variation.", "title": "OnlineAbConfig" }, "Project": { "markdownDescription": "The name or the ARN of the project where this experiment is to be created.", "title": "Project", "type": "string" }, "RandomizationSalt": { "markdownDescription": "When Evidently assigns a particular user session to an experiment, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the experiment name as the `randomizationSalt` .", "title": "RandomizationSalt", "type": "string" }, "RemoveSegment": { "markdownDescription": "Set this to `true` to remove the segment that is associated with this experiment. You can't use this parameter if the experiment is currently running.", "title": "RemoveSegment", "type": "boolean" }, "RunningStatus": { "$ref": "#/definitions/AWS::Evidently::Experiment.RunningStatusObject", "markdownDescription": "A structure that you can use to start and stop the experiment.", "title": "RunningStatus" }, "SamplingRate": { "markdownDescription": "The portion of the available audience that you want to allocate to this experiment, in thousandths of a percent. The available audience is the total audience minus the audience that you have allocated to overrides or current launches of this feature.\n\nThis is represented in thousandths of a percent. For example, specify 10,000 to allocate 10% of the available audience.", "title": "SamplingRate", "type": "number" }, "Segment": { "markdownDescription": "Specifies an audience *segment* to use in the experiment. When a segment is used in an experiment, only user sessions that match the segment pattern are used in the experiment.\n\nFor more information, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", "title": "Segment", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the experiment.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an experiment.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" }, "Treatments": { "items": { "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentObject" }, "markdownDescription": "An array of structures that describe the configuration of each feature variation used in the experiment.", "title": "Treatments", "type": "array" } }, "required": [ "MetricGoals", "Name", "OnlineAbConfig", "Project", "Treatments" ], "type": "object" }, "Type": { "enum": [ "AWS::Evidently::Experiment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Evidently::Experiment.MetricGoalObject": { "additionalProperties": false, "properties": { "DesiredChange": { "markdownDescription": "`INCREASE` means that a variation with a higher number for this metric is performing better.\n\n`DECREASE` means that a variation with a lower number for this metric is performing better.", "title": "DesiredChange", "type": "string" }, "EntityIdKey": { "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", "title": "EntityIdKey", "type": "string" }, "EventPattern": { "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", "title": "EventPattern", "type": "string" }, "MetricName": { "markdownDescription": "A name for the metric. It can include up to 255 characters.", "title": "MetricName", "type": "string" }, "UnitLabel": { "markdownDescription": "A label for the units that the metric is measuring.", "title": "UnitLabel", "type": "string" }, "ValueKey": { "markdownDescription": "The JSON path to reference the numerical metric value in the event.", "title": "ValueKey", "type": "string" } }, "required": [ "DesiredChange", "EntityIdKey", "MetricName", "ValueKey" ], "type": "object" }, "AWS::Evidently::Experiment.OnlineAbConfigObject": { "additionalProperties": false, "properties": { "ControlTreatmentName": { "markdownDescription": "The name of the variation that is to be the default variation that the other variations are compared to.", "title": "ControlTreatmentName", "type": "string" }, "TreatmentWeights": { "items": { "$ref": "#/definitions/AWS::Evidently::Experiment.TreatmentToWeight" }, "markdownDescription": "A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation.", "title": "TreatmentWeights", "type": "array" } }, "type": "object" }, "AWS::Evidently::Experiment.RunningStatusObject": { "additionalProperties": false, "properties": { "AnalysisCompleteTime": { "markdownDescription": "If you are using AWS CloudFormation to start the experiment, use this field to specify when the experiment is to end. The format is as a UNIX timestamp. For more information about this format, see [The Current Epoch Unix Timestamp](https://docs.aws.amazon.com/https://www.unixtimestamp.com/index.php) .", "title": "AnalysisCompleteTime", "type": "string" }, "DesiredState": { "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment.", "title": "DesiredState", "type": "string" }, "Reason": { "markdownDescription": "If you are using AWS CloudFormation to stop this experiment, this is an optional field that you can use to record why the experiment is being stopped or cancelled.", "title": "Reason", "type": "string" }, "Status": { "markdownDescription": "To start the experiment now, specify `START` for this parameter. If this experiment is currently running and you want to stop it now, specify `STOP` .", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::Evidently::Experiment.TreatmentObject": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the treatment.", "title": "Description", "type": "string" }, "Feature": { "markdownDescription": "The name of the feature for this experiment.", "title": "Feature", "type": "string" }, "TreatmentName": { "markdownDescription": "A name for this treatment. It can include up to 127 characters.", "title": "TreatmentName", "type": "string" }, "Variation": { "markdownDescription": "The name of the variation to use for this treatment.", "title": "Variation", "type": "string" } }, "required": [ "Feature", "TreatmentName", "Variation" ], "type": "object" }, "AWS::Evidently::Experiment.TreatmentToWeight": { "additionalProperties": false, "properties": { "SplitWeight": { "markdownDescription": "The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment.", "title": "SplitWeight", "type": "number" }, "Treatment": { "markdownDescription": "The name of the treatment.", "title": "Treatment", "type": "string" } }, "required": [ "SplitWeight", "Treatment" ], "type": "object" }, "AWS::Evidently::Feature": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultVariation": { "markdownDescription": "The name of the variation to use as the default variation. The default variation is served to users who are not allocated to any ongoing launches or experiments of this feature.\n\nThis variation must also be listed in the `Variations` structure.\n\nIf you omit `DefaultVariation` , the first variation listed in the `Variations` structure is used as the default variation.", "title": "DefaultVariation", "type": "string" }, "Description": { "markdownDescription": "An optional description of the feature.", "title": "Description", "type": "string" }, "EntityOverrides": { "items": { "$ref": "#/definitions/AWS::Evidently::Feature.EntityOverride" }, "markdownDescription": "Specify users that should always be served a specific variation of a feature. Each user is specified by a key-value pair . For each key, specify a user by entering their user ID, account ID, or some other identifier. For the value, specify the name of the variation that they are to be served.", "title": "EntityOverrides", "type": "array" }, "EvaluationStrategy": { "markdownDescription": "Specify `ALL_RULES` to activate the traffic allocation specified by any ongoing launches or experiments. Specify `DEFAULT_VARIATION` to serve the default variation to all users instead.", "title": "EvaluationStrategy", "type": "string" }, "Name": { "markdownDescription": "The name for the feature. It can include up to 127 characters.", "title": "Name", "type": "string" }, "Project": { "markdownDescription": "The name or ARN of the project that is to contain the new feature.", "title": "Project", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" }, "Variations": { "items": { "$ref": "#/definitions/AWS::Evidently::Feature.VariationObject" }, "markdownDescription": "An array of structures that contain the configuration of the feature's different variations.\n\nEach `VariationObject` in the `Variations` array for a feature must have the same type of value ( `BooleanValue` , `DoubleValue` , `LongValue` or `StringValue` ).", "title": "Variations", "type": "array" } }, "required": [ "Name", "Project", "Variations" ], "type": "object" }, "Type": { "enum": [ "AWS::Evidently::Feature" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Evidently::Feature.EntityOverride": { "additionalProperties": false, "properties": { "EntityId": { "markdownDescription": "The entity ID to be served the variation specified in `Variation` .", "title": "EntityId", "type": "string" }, "Variation": { "markdownDescription": "The name of the variation to serve to the user session that matches the `EntityId` .", "title": "Variation", "type": "string" } }, "type": "object" }, "AWS::Evidently::Feature.VariationObject": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "The value assigned to this variation, if the variation type is boolean.", "title": "BooleanValue", "type": "boolean" }, "DoubleValue": { "markdownDescription": "The value assigned to this variation, if the variation type is a double.", "title": "DoubleValue", "type": "number" }, "LongValue": { "markdownDescription": "The value assigned to this variation, if the variation type is a long.", "title": "LongValue", "type": "number" }, "StringValue": { "markdownDescription": "The value assigned to this variation, if the variation type is a string.", "title": "StringValue", "type": "string" }, "VariationName": { "markdownDescription": "A name for the variation. It can include up to 127 characters.", "title": "VariationName", "type": "string" } }, "required": [ "VariationName" ], "type": "object" }, "AWS::Evidently::Launch": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description for the launch.", "title": "Description", "type": "string" }, "ExecutionStatus": { "$ref": "#/definitions/AWS::Evidently::Launch.ExecutionStatusObject", "markdownDescription": "A structure that you can use to start and stop the launch.", "title": "ExecutionStatus" }, "Groups": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.LaunchGroupObject" }, "markdownDescription": "An array of structures that contains the feature and variations that are to be used for the launch. You can up to five launch groups in a launch.", "title": "Groups", "type": "array" }, "MetricMonitors": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.MetricDefinitionObject" }, "markdownDescription": "An array of structures that define the metrics that will be used to monitor the launch performance. You can have up to three metric monitors in the array.", "title": "MetricMonitors", "type": "array" }, "Name": { "markdownDescription": "The name for the launch. It can include up to 127 characters.", "title": "Name", "type": "string" }, "Project": { "markdownDescription": "The name or ARN of the project that you want to create the launch in.", "title": "Project", "type": "string" }, "RandomizationSalt": { "markdownDescription": "When Evidently assigns a particular user session to a launch, it must use a randomization ID to determine which variation the user session is served. This randomization ID is a combination of the entity ID and `randomizationSalt` . If you omit `randomizationSalt` , Evidently uses the launch name as the `randomizationsSalt` .", "title": "RandomizationSalt", "type": "string" }, "ScheduledSplitsConfig": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.StepConfig" }, "markdownDescription": "An array of structures that define the traffic allocation percentages among the feature variations during each step of the launch.", "title": "ScheduledSplitsConfig", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the launch.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a launch.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "Groups", "Name", "Project", "ScheduledSplitsConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::Evidently::Launch" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Evidently::Launch.ExecutionStatusObject": { "additionalProperties": false, "properties": { "DesiredState": { "markdownDescription": "If you are using AWS CloudFormation to stop this launch, specify either `COMPLETED` or `CANCELLED` here to indicate how to classify this experiment. If you omit this parameter, the default of `COMPLETED` is used.", "title": "DesiredState", "type": "string" }, "Reason": { "markdownDescription": "If you are using AWS CloudFormation to stop this launch, this is an optional field that you can use to record why the launch is being stopped or cancelled.", "title": "Reason", "type": "string" }, "Status": { "markdownDescription": "To start the launch now, specify `START` for this parameter. If this launch is currently running and you want to stop it now, specify `STOP` .", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::Evidently::Launch.GroupToWeight": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the launch group. It can include up to 127 characters.", "title": "GroupName", "type": "string" }, "SplitWeight": { "markdownDescription": "The portion of launch traffic to allocate to this launch group.\n\nThis is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group.", "title": "SplitWeight", "type": "number" } }, "required": [ "GroupName", "SplitWeight" ], "type": "object" }, "AWS::Evidently::Launch.LaunchGroupObject": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the launch group.", "title": "Description", "type": "string" }, "Feature": { "markdownDescription": "The feature that this launch is using.", "title": "Feature", "type": "string" }, "GroupName": { "markdownDescription": "A name for this launch group. It can include up to 127 characters.", "title": "GroupName", "type": "string" }, "Variation": { "markdownDescription": "The feature variation to use for this launch group.", "title": "Variation", "type": "string" } }, "required": [ "Feature", "GroupName", "Variation" ], "type": "object" }, "AWS::Evidently::Launch.MetricDefinitionObject": { "additionalProperties": false, "properties": { "EntityIdKey": { "markdownDescription": "The entity, such as a user or session, that does an action that causes a metric value to be recorded. An example is `userDetails.userID` .", "title": "EntityIdKey", "type": "string" }, "EventPattern": { "markdownDescription": "The EventBridge event pattern that defines how the metric is recorded.\n\nFor more information about EventBridge event patterns, see [Amazon EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) .", "title": "EventPattern", "type": "string" }, "MetricName": { "markdownDescription": "A name for the metric. It can include up to 255 characters.", "title": "MetricName", "type": "string" }, "UnitLabel": { "markdownDescription": "A label for the units that the metric is measuring.", "title": "UnitLabel", "type": "string" }, "ValueKey": { "markdownDescription": "The value that is tracked to produce the metric.", "title": "ValueKey", "type": "string" } }, "required": [ "EntityIdKey", "MetricName", "ValueKey" ], "type": "object" }, "AWS::Evidently::Launch.SegmentOverride": { "additionalProperties": false, "properties": { "EvaluationOrder": { "markdownDescription": "A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first.", "title": "EvaluationOrder", "type": "number" }, "Segment": { "markdownDescription": "The ARN of the segment to use for this override.", "title": "Segment", "type": "string" }, "Weights": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" }, "markdownDescription": "The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic.", "title": "Weights", "type": "array" } }, "required": [ "EvaluationOrder", "Segment", "Weights" ], "type": "object" }, "AWS::Evidently::Launch.StepConfig": { "additionalProperties": false, "properties": { "GroupWeights": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.GroupToWeight" }, "markdownDescription": "An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch.", "title": "GroupWeights", "type": "array" }, "SegmentOverrides": { "items": { "$ref": "#/definitions/AWS::Evidently::Launch.SegmentOverride" }, "markdownDescription": "An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age.\n\nFor more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) .", "title": "SegmentOverrides", "type": "array" }, "StartTime": { "markdownDescription": "The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z`", "title": "StartTime", "type": "string" } }, "required": [ "GroupWeights", "StartTime" ], "type": "object" }, "AWS::Evidently::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppConfigResource": { "$ref": "#/definitions/AWS::Evidently::Project.AppConfigResourceObject", "markdownDescription": "Use this parameter if the project will use *client-side evaluation powered by AWS AppConfig* . Client-side evaluation allows your application to assign variations to user sessions locally instead of by calling the [EvaluateFeature](https://docs.aws.amazon.com/cloudwatchevidently/latest/APIReference/API_EvaluateFeature.html) operation. This mitigates the latency and availability risks that come with an API call. For more information, see [Use client-side evaluation - powered by AWS AppConfig .](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-client-side-evaluation.html)\n\nThis parameter is a structure that contains information about the AWS AppConfig application that will be used as for client-side evaluation.\n\nTo create a project that uses client-side evaluation, you must have the `evidently:ExportProjectAsConfiguration` permission.", "title": "AppConfigResource" }, "DataDelivery": { "$ref": "#/definitions/AWS::Evidently::Project.DataDeliveryObject", "markdownDescription": "A structure that contains information about where Evidently is to store evaluation events for longer term storage, if you choose to do so. If you choose not to store these events, Evidently deletes them after using them to produce metrics and other experiment results that you can view.\n\nYou can't specify both `CloudWatchLogs` and `S3Destination` in the same operation.", "title": "DataDelivery" }, "Description": { "markdownDescription": "An optional description of the project.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name for the project. It can include up to 127 characters.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the project.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a project.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Evidently::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Evidently::Project.AppConfigResourceObject": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The ID of the AWS AppConfig application to use for client-side evaluation.", "title": "ApplicationId", "type": "string" }, "EnvironmentId": { "markdownDescription": "The ID of the AWS AppConfig environment to use for client-side evaluation.", "title": "EnvironmentId", "type": "string" } }, "required": [ "ApplicationId", "EnvironmentId" ], "type": "object" }, "AWS::Evidently::Project.DataDeliveryObject": { "additionalProperties": false, "properties": { "LogGroup": { "markdownDescription": "If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name.", "title": "LogGroup", "type": "string" }, "S3": { "$ref": "#/definitions/AWS::Evidently::Project.S3Destination", "markdownDescription": "If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix.", "title": "S3" } }, "type": "object" }, "AWS::Evidently::Project.S3Destination": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the bucket in which Evidently stores evaluation events.", "title": "BucketName", "type": "string" }, "Prefix": { "markdownDescription": "The bucket prefix in which Evidently stores evaluation events.", "title": "Prefix", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::Evidently::Segment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description for this segment.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the segment.", "title": "Name", "type": "string" }, "Pattern": { "markdownDescription": "The pattern to use for the segment. For more information about pattern syntax, see [Segment rule pattern syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html#CloudWatch-Evidently-segments-syntax) .", "title": "Pattern", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the feature.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with a feature.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Evidently::Segment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FIS::ExperimentTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "additionalProperties": false, "markdownDescription": "The actions for the experiment.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateAction" } }, "title": "Actions", "type": "object" }, "Description": { "markdownDescription": "The description for the experiment template.", "title": "Description", "type": "string" }, "ExperimentOptions": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions", "markdownDescription": "The experiment options for an experiment template.", "title": "ExperimentOptions" }, "LogConfiguration": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration", "markdownDescription": "The configuration for experiment logging.", "title": "LogConfiguration" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role.", "title": "RoleArn", "type": "string" }, "StopConditions": { "items": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition" }, "markdownDescription": "The stop conditions for the experiment.", "title": "StopConditions", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags for the experiment template.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Targets": { "additionalProperties": false, "markdownDescription": "The targets for the experiment.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget" } }, "title": "Targets", "type": "object" } }, "required": [ "Description", "RoleArn", "StopConditions", "Tags", "Targets" ], "type": "object" }, "Type": { "enum": [ "AWS::FIS::ExperimentTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration": { "additionalProperties": false, "properties": { "LogGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination Amazon CloudWatch Logs log group.", "title": "LogGroupArn", "type": "string" } }, "required": [ "LogGroupArn" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { "additionalProperties": false, "properties": { "ActionId": { "markdownDescription": "The ID of the action.", "title": "ActionId", "type": "string" }, "Description": { "markdownDescription": "A description for the action.", "title": "Description", "type": "string" }, "Parameters": { "additionalProperties": true, "markdownDescription": "The parameters for the action.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "StartAfter": { "items": { "type": "string" }, "markdownDescription": "The name of the action that must be completed before the current action starts.", "title": "StartAfter", "type": "array" }, "Targets": { "additionalProperties": true, "markdownDescription": "The targets for the action.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Targets", "type": "object" } }, "required": [ "ActionId" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateExperimentOptions": { "additionalProperties": false, "properties": { "AccountTargeting": { "markdownDescription": "The account targeting setting for an experiment template.", "title": "AccountTargeting", "type": "string" }, "EmptyTargetResolutionMode": { "markdownDescription": "The empty target resolution mode for an experiment template.", "title": "EmptyTargetResolutionMode", "type": "string" } }, "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateLogConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLogsConfiguration": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.CloudWatchLogsConfiguration", "markdownDescription": "The configuration for experiment logging to CloudWatch Logs .", "title": "CloudWatchLogsConfiguration" }, "LogSchemaVersion": { "markdownDescription": "The schema version.", "title": "LogSchemaVersion", "type": "number" }, "S3Configuration": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.S3Configuration", "markdownDescription": "The configuration for experiment logging to Amazon S3 .", "title": "S3Configuration" } }, "required": [ "LogSchemaVersion" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { "additionalProperties": false, "properties": { "Source": { "markdownDescription": "The source for the stop condition.", "title": "Source", "type": "string" }, "Value": { "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch alarm, if applicable.", "title": "Value", "type": "string" } }, "required": [ "Source" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { "additionalProperties": false, "properties": { "Filters": { "items": { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter" }, "markdownDescription": "The filters to apply to identify target resources using specific attributes.", "title": "Filters", "type": "array" }, "Parameters": { "additionalProperties": true, "markdownDescription": "The parameters for the resource type.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "ResourceArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the targets.", "title": "ResourceArns", "type": "array" }, "ResourceTags": { "additionalProperties": true, "markdownDescription": "The tags for the target resources.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResourceTags", "type": "object" }, "ResourceType": { "markdownDescription": "The resource type.", "title": "ResourceType", "type": "string" }, "SelectionMode": { "markdownDescription": "Scopes the identified resources to a specific count or percentage.", "title": "SelectionMode", "type": "string" } }, "required": [ "ResourceType", "SelectionMode" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The attribute path for the filter.", "title": "Path", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The attribute values for the filter.", "title": "Values", "type": "array" } }, "required": [ "Path", "Values" ], "type": "object" }, "AWS::FIS::ExperimentTemplate.S3Configuration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the destination bucket.", "title": "BucketName", "type": "string" }, "Prefix": { "markdownDescription": "The bucket prefix.", "title": "Prefix", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::FIS::TargetAccountConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The AWS account ID of the target account.", "title": "AccountId", "type": "string" }, "Description": { "markdownDescription": "The description of the target account.", "title": "Description", "type": "string" }, "ExperimentTemplateId": { "markdownDescription": "The ID of the experiment template.", "title": "ExperimentTemplateId", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role for the target account.", "title": "RoleArn", "type": "string" } }, "required": [ "AccountId", "ExperimentTemplateId", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::FIS::TargetAccountConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FMS::NotificationChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SnsRoleName": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.", "title": "SnsRoleName", "type": "string" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager .", "title": "SnsTopicArn", "type": "string" } }, "required": [ "SnsRoleName", "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::FMS::NotificationChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FMS::Policy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeleteAllPolicyResources": { "markdownDescription": "Used when deleting a policy. If `true` , Firewall Manager performs cleanup according to the policy type.\n\nFor AWS WAF and Shield Advanced policies, Firewall Manager does the following:\n\n- Deletes rule groups created by Firewall Manager\n- Removes web ACLs from in-scope resources\n- Deletes web ACLs that contain no rules or rule groups\n\nFor security group policies, Firewall Manager does the following for each security group in the policy:\n\n- Disassociates the security group from in-scope resources\n- Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy\n\nAfter the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.", "title": "DeleteAllPolicyResources", "type": "boolean" }, "ExcludeMap": { "$ref": "#/definitions/AWS::FMS::Policy.IEMap", "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", "title": "ExcludeMap" }, "ExcludeResourceTags": { "markdownDescription": "Used only when tags are specified in the `ResourceTags` property. If this property is `True` , resources with the specified tags are not in scope of the policy. If it's `False` , only resources with the specified tags are in scope of the policy.", "title": "ExcludeResourceTags", "type": "boolean" }, "IncludeMap": { "$ref": "#/definitions/AWS::FMS::Policy.IEMap", "markdownDescription": "Specifies the AWS account IDs and AWS Organizations organizational units (OUs) to include in the policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.\n\nYou can specify inclusions or exclusions, but not both. If you specify an `IncludeMap` , AWS Firewall Manager applies the policy to all accounts specified by the `IncludeMap` , and does not evaluate any `ExcludeMap` specifications. If you do not specify an `IncludeMap` , then Firewall Manager applies the policy to all accounts except for those specified by the `ExcludeMap` .\n\nYou can specify account IDs, OUs, or a combination:\n\n- Specify account IDs by setting the key to `ACCOUNT` . For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d]}` .\n- Specify OUs by setting the key to `ORGUNIT` . For example, the following is a valid map: `{\u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .\n- Specify accounts and OUs together in a single map, separated with a comma. For example, the following is a valid map: `{\u201cACCOUNT\u201d : [\u201caccountID1\u201d, \u201caccountID2\u201d], \u201cORGUNIT\u201d : [\u201couid111\u201d, \u201couid112\u201d]}` .", "title": "IncludeMap" }, "PolicyDescription": { "markdownDescription": "Your description of the AWS Firewall Manager policy.", "title": "PolicyDescription", "type": "string" }, "PolicyName": { "markdownDescription": "The name of the AWS Firewall Manager policy.", "title": "PolicyName", "type": "string" }, "RemediationEnabled": { "markdownDescription": "Indicates if the policy should be automatically applied to new resources.", "title": "RemediationEnabled", "type": "boolean" }, "ResourceSetIds": { "items": { "type": "string" }, "markdownDescription": "The unique identifiers of the resource sets used by the policy.", "title": "ResourceSetIds", "type": "array" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::FMS::Policy.ResourceTag" }, "markdownDescription": "An array of `ResourceTag` objects, used to explicitly include resources in the policy scope or explicitly exclude them. If this isn't set, then tags aren't used to modify policy scope. See also `ExcludeResourceTags` .", "title": "ResourceTags", "type": "array" }, "ResourceType": { "markdownDescription": "The type of resource protected by or in scope of the policy. This is in the format shown in the [AWS Resource Types Reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) . To apply this policy to multiple resource types, specify a resource type of `ResourceTypeList` and then specify the resource types in a `ResourceTypeList` .\n\nThe following are valid resource types for each Firewall Manager policy type:\n\n- AWS WAF Classic - `AWS::ApiGateway::Stage` , `AWS::CloudFront::Distribution` , and `AWS::ElasticLoadBalancingV2::LoadBalancer` .\n- AWS WAF - `AWS::ApiGateway::Stage` , `AWS::ElasticLoadBalancingV2::LoadBalancer` , and `AWS::CloudFront::Distribution` .\n- Shield Advanced - `AWS::ElasticLoadBalancingV2::LoadBalancer` , `AWS::ElasticLoadBalancing::LoadBalancer` , `AWS::EC2::EIP` , and `AWS::CloudFront::Distribution` .\n- Network ACL - `AWS::EC2::Subnet` .\n- Security group usage audit - `AWS::EC2::SecurityGroup` .\n- Security group content audit - `AWS::EC2::SecurityGroup` , `AWS::EC2::NetworkInterface` , and `AWS::EC2::Instance` .\n- DNS Firewall, AWS Network Firewall , and third-party firewall - `AWS::EC2::VPC` .", "title": "ResourceType", "type": "string" }, "ResourceTypeList": { "items": { "type": "string" }, "markdownDescription": "An array of `ResourceType` objects. Use this only to specify multiple resource types. To specify a single resource type, use `ResourceType` .", "title": "ResourceTypeList", "type": "array" }, "ResourcesCleanUp": { "markdownDescription": "Indicates whether AWS Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope.\n\nBy default, Firewall Manager doesn't remove protections or delete Firewall Manager managed resources.\n\nThis option is not available for Shield Advanced or AWS WAF Classic policies.", "title": "ResourcesCleanUp", "type": "boolean" }, "SecurityServicePolicyData": { "$ref": "#/definitions/AWS::FMS::Policy.SecurityServicePolicyData", "markdownDescription": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", "title": "SecurityServicePolicyData" }, "Tags": { "items": { "$ref": "#/definitions/AWS::FMS::Policy.PolicyTag" }, "markdownDescription": "A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", "title": "Tags", "type": "array" } }, "required": [ "ExcludeResourceTags", "PolicyName", "RemediationEnabled", "SecurityServicePolicyData" ], "type": "object" }, "Type": { "enum": [ "AWS::FMS::Policy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FMS::Policy.IEMap": { "additionalProperties": false, "properties": { "ACCOUNT": { "items": { "type": "string" }, "markdownDescription": "The account list for the map.", "title": "ACCOUNT", "type": "array" }, "ORGUNIT": { "items": { "type": "string" }, "markdownDescription": "The organizational unit list for the map.", "title": "ORGUNIT", "type": "array" } }, "type": "object" }, "AWS::FMS::Policy.NetworkFirewallPolicy": { "additionalProperties": false, "properties": { "FirewallDeploymentModel": { "markdownDescription": "Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .", "title": "FirewallDeploymentModel", "type": "string" } }, "required": [ "FirewallDeploymentModel" ], "type": "object" }, "AWS::FMS::Policy.PolicyOption": { "additionalProperties": false, "properties": { "NetworkFirewallPolicy": { "$ref": "#/definitions/AWS::FMS::Policy.NetworkFirewallPolicy", "markdownDescription": "Defines the deployment model to use for the firewall policy.", "title": "NetworkFirewallPolicy" }, "ThirdPartyFirewallPolicy": { "$ref": "#/definitions/AWS::FMS::Policy.ThirdPartyFirewallPolicy", "markdownDescription": "Defines the policy options for a third-party firewall policy.", "title": "ThirdPartyFirewallPolicy" } }, "type": "object" }, "AWS::FMS::Policy.PolicyTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as \"customer.\" Tag keys are case-sensitive.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::FMS::Policy.ResourceTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The resource tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The resource tag value.", "title": "Value", "type": "string" } }, "required": [ "Key" ], "type": "object" }, "AWS::FMS::Policy.SecurityServicePolicyData": { "additionalProperties": false, "properties": { "ManagedServiceData": { "markdownDescription": "Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n> Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`", "title": "ManagedServiceData", "type": "string" }, "PolicyOption": { "$ref": "#/definitions/AWS::FMS::Policy.PolicyOption", "markdownDescription": "Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy.", "title": "PolicyOption" }, "Type": { "markdownDescription": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::FMS::Policy.ThirdPartyFirewallPolicy": { "additionalProperties": false, "properties": { "FirewallDeploymentModel": { "markdownDescription": "Defines the deployment model to use for the third-party firewall policy.", "title": "FirewallDeploymentModel", "type": "string" } }, "required": [ "FirewallDeploymentModel" ], "type": "object" }, "AWS::FMS::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the resource set.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The descriptive name of the resource set. You can't change the name of a resource set after you create it.", "title": "Name", "type": "string" }, "ResourceTypeList": { "items": { "type": "string" }, "markdownDescription": "Determines the resources that can be associated to the resource set. Depending on your setting for max results and the number of resource sets, a single call might not return the full list.", "title": "ResourceTypeList", "type": "array" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "", "title": "Resources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Name", "ResourceTypeList" ], "type": "object" }, "Type": { "enum": [ "AWS::FMS::ResourceSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::DataRepositoryAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BatchImportMetaDataOnCreate": { "markdownDescription": "A boolean flag indicating whether an import data repository task to import metadata should run after the data repository association is created. The task runs if this flag is set to `true` .", "title": "BatchImportMetaDataOnCreate", "type": "boolean" }, "DataRepositoryPath": { "markdownDescription": "The path to the Amazon S3 data repository that will be linked to the file system. The path can be an S3 bucket or prefix in the format `s3://myBucket/myPrefix/` . This path specifies where in the S3 data repository files will be imported from or exported to.", "title": "DataRepositoryPath", "type": "string" }, "FileSystemId": { "markdownDescription": "The ID of the file system on which the data repository association is configured.", "title": "FileSystemId", "type": "string" }, "FileSystemPath": { "markdownDescription": "A path on the Amazon FSx for Lustre file system that points to a high-level directory (such as `/ns1/` ) or subdirectory (such as `/ns1/subdir/` ) that will be mapped 1-1 with `DataRepositoryPath` . The leading forward slash in the name is required. Two data repository associations cannot have overlapping file system paths. For example, if a data repository is associated with file system path `/ns1/` , then you cannot link another data repository with file system path `/ns1/ns2` .\n\nThis path specifies where in your file system files will be exported from or imported to. This file system directory can be linked to only one Amazon S3 bucket, and no other S3 bucket can be linked to the directory.\n\n> If you specify only a forward slash ( `/` ) as the file system path, you can link only one data repository to the file system. You can only specify \"/\" as the file system path for the first data repository associated with a file system.", "title": "FileSystemPath", "type": "string" }, "ImportedFileChunkSize": { "markdownDescription": "For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system or cache.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.", "title": "ImportedFileChunkSize", "type": "number" }, "S3": { "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.S3", "markdownDescription": "The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository.", "title": "S3" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" } }, "required": [ "DataRepositoryPath", "FileSystemId", "FileSystemPath" ], "type": "object" }, "Type": { "enum": [ "AWS::FSx::DataRepositoryAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::DataRepositoryAssociation.AutoExportPolicy": { "additionalProperties": false, "properties": { "Events": { "items": { "type": "string" }, "markdownDescription": "The `AutoExportPolicy` can have the following event values:\n\n- `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system.\n- `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository.\n- `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system.\n\nYou can define any combination of event types for your `AutoExportPolicy` .", "title": "Events", "type": "array" } }, "required": [ "Events" ], "type": "object" }, "AWS::FSx::DataRepositoryAssociation.AutoImportPolicy": { "additionalProperties": false, "properties": { "Events": { "items": { "type": "string" }, "markdownDescription": "The `AutoImportPolicy` can have the following event values:\n\n- `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository.\n- `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository.\n\nYou can define any combination of event types for your `AutoImportPolicy` .", "title": "Events", "type": "array" } }, "required": [ "Events" ], "type": "object" }, "AWS::FSx::DataRepositoryAssociation.S3": { "additionalProperties": false, "properties": { "AutoExportPolicy": { "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoExportPolicy", "markdownDescription": "Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file.\n\nThe `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", "title": "AutoExportPolicy" }, "AutoImportPolicy": { "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation.AutoImportPolicy", "markdownDescription": "Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket.\n\nThe `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association.", "title": "AutoImportPolicy" } }, "type": "object" }, "AWS::FSx::FileSystem": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BackupId": { "markdownDescription": "The ID of the file system backup that you are using to create a file system. For more information, see [CreateFileSystemFromBackup](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemFromBackup.html) .", "title": "BackupId", "type": "string" }, "FileSystemType": { "markdownDescription": "The type of Amazon FSx file system, which can be `LUSTRE` , `WINDOWS` , `ONTAP` , or `OPENZFS` .", "title": "FileSystemType", "type": "string" }, "FileSystemTypeVersion": { "markdownDescription": "For FSx for Lustre file systems, sets the Lustre version for the file system that you're creating. Valid values are `2.10` , `2.12` , and `2.15` :\n\n- `2.10` is supported by the Scratch and Persistent_1 Lustre deployment types.\n- `2.12` is supported by all Lustre deployment types, except for `PERSISTENT_2` with a metadata configuration mode.\n- `2.15` is supported by all Lustre deployment types and is recommended for all new file systems.\n\nDefault value is `2.10` , except for the following deployments:\n\n- Default value is `2.12` when `DeploymentType` is set to `PERSISTENT_2` without a metadata configuration mode.\n- Default value is `2.15` when `DeploymentType` is set to `PERSISTENT_2` with a metadata configuration mode.", "title": "FileSystemTypeVersion", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key used to encrypt Amazon FSx file system data. Used as follows with Amazon FSx file system types:\n\n- Amazon FSx for Lustre `PERSISTENT_1` and `PERSISTENT_2` deployment types only.\n\n`SCRATCH_1` and `SCRATCH_2` types are encrypted using the Amazon FSx service AWS KMS key for your account.\n- Amazon FSx for NetApp ONTAP\n- Amazon FSx for OpenZFS\n- Amazon FSx for Windows File Server", "title": "KmsKeyId", "type": "string" }, "LustreConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.LustreConfiguration", "markdownDescription": "The Lustre configuration for the file system being created.\n\n> The following parameters are not supported when creating Lustre file systems with a data repository association.\n> \n> - `AutoImportPolicy`\n> - `ExportPath`\n> - `ImportedChunkSize`\n> - `ImportPath`", "title": "LustreConfiguration" }, "OntapConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.OntapConfiguration", "markdownDescription": "The ONTAP configuration properties of the FSx for ONTAP file system that you are creating.", "title": "OntapConfiguration" }, "OpenZFSConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.OpenZFSConfiguration", "markdownDescription": "The Amazon FSx for OpenZFS configuration properties for the file system that you are creating.", "title": "OpenZFSConfiguration" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of IDs specifying the security groups to apply to all network interfaces created for file system access. This list isn't returned in later requests to describe the file system.\n\n> You must specify a security group if you are creating a Multi-AZ FSx for ONTAP file system in a VPC subnet that has been shared with you.", "title": "SecurityGroupIds", "type": "array" }, "StorageCapacity": { "markdownDescription": "Sets the storage capacity of the file system that you're creating.\n\n`StorageCapacity` is required if you are creating a new file system. It is not required if you are creating a file system by restoring a backup.\n\n*FSx for Lustre file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` and the Lustre `DeploymentType` , as follows:\n\n- For `SCRATCH_2` , `PERSISTENT_2` and `PERSISTENT_1` deployment types using SSD storage type, the valid values are 1200 GiB, 2400 GiB, and increments of 2400 GiB.\n- For `PERSISTENT_1` HDD file systems, valid values are increments of 6000 GiB for 12 MB/s/TiB file systems and increments of 1800 GiB for 40 MB/s/TiB file systems.\n- For `SCRATCH_1` deployment type, valid values are 1200 GiB, 2400 GiB, and increments of 3600 GiB.\n\n*FSx for ONTAP file systems* - The amount of SSD storage capacity that you can configure depends on the value of the `HAPairs` property. The minimum value is calculated as 1,024 GiB * HAPairs and the maximum is calculated as 524,288 GiB * HAPairs, up to a maximum amount of SSD storage capacity of 1,048,576 GiB (1 pebibyte).\n\n*FSx for OpenZFS file systems* - The amount of storage capacity that you can configure is from 64 GiB up to 524,288 GiB (512 TiB). If you are creating a file system from a backup, you can specify a storage capacity equal to or greater than the original file system's storage capacity.\n\n*FSx for Windows File Server file systems* - The amount of storage capacity that you can configure depends on the value that you set for `StorageType` as follows:\n\n- For SSD storage, valid values are 32 GiB-65,536 GiB (64 TiB).\n- For HDD storage, valid values are 2000 GiB-65,536 GiB (64 TiB).", "title": "StorageCapacity", "type": "number" }, "StorageType": { "markdownDescription": "Sets the storage type for the file system that you're creating. Valid values are `SSD` and `HDD` .\n\n- Set to `SSD` to use solid state drive storage. SSD is supported on all Windows, Lustre, ONTAP, and OpenZFS deployment types.\n- Set to `HDD` to use hard disk drive storage. HDD is supported on `SINGLE_AZ_2` and `MULTI_AZ_1` Windows file system deployment types, and on `PERSISTENT_1` Lustre file system deployment types.\n\nDefault value is `SSD` . For more information, see [Storage type options](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/optimize-fsx-costs.html#storage-type-options) in the *FSx for Windows File Server User Guide* and [Multiple storage options](https://docs.aws.amazon.com/fsx/latest/LustreGuide/what-is.html#storage-options) in the *FSx for Lustre User Guide* .", "title": "StorageType", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Specifies the IDs of the subnets that the file system will be accessible from. For Windows and ONTAP `MULTI_AZ_1` deployment types,provide exactly two subnet IDs, one for the preferred file server and one for the standby file server. You specify one of these subnets as the preferred subnet using the `WindowsConfiguration > PreferredSubnetID` or `OntapConfiguration > PreferredSubnetID` properties. For more information about Multi-AZ file system configuration, see [Availability and durability: Single-AZ and Multi-AZ file systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) in the *Amazon FSx for Windows User Guide* and [Availability and durability](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html) in the *Amazon FSx for ONTAP User Guide* .\n\nFor Windows `SINGLE_AZ_1` and `SINGLE_AZ_2` and all Lustre deployment types, provide exactly one subnet ID. The file server is launched in that subnet's Availability Zone.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to associate with the file system. For more information, see [Tagging your Amazon FSx resources](https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) in the *Amazon FSx for Lustre User Guide* .", "title": "Tags", "type": "array" }, "WindowsConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.WindowsConfiguration", "markdownDescription": "The configuration object for the Microsoft Windows file system you are creating.\n\nThis value is required if `FileSystemType` is set to `WINDOWS` .", "title": "WindowsConfiguration" } }, "required": [ "FileSystemType", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::FSx::FileSystem" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::FileSystem.AuditLogConfiguration": { "additionalProperties": false, "properties": { "AuditLogDestination": { "markdownDescription": "The Amazon Resource Name (ARN) for the destination of the audit logs. The destination can be any Amazon CloudWatch Logs log group ARN or Amazon Kinesis Data Firehose delivery stream ARN.\n\nThe name of the Amazon CloudWatch Logs log group must begin with the `/aws/fsx` prefix. The name of the Amazon Kinesis Data Firehose delivery stream must begin with the `aws-fsx` prefix.\n\nThe destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose delivery stream) must be in the same AWS partition, AWS Region , and AWS account as your Amazon FSx file system.", "title": "AuditLogDestination", "type": "string" }, "FileAccessAuditLogLevel": { "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file and folder accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access files or folders are logged.\n- `FAILURE_ONLY` - only failed attempts to access files or folders are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access files or folders are logged.\n- `DISABLED` - access auditing of files and folders is turned off.", "title": "FileAccessAuditLogLevel", "type": "string" }, "FileShareAccessAuditLogLevel": { "markdownDescription": "Sets which attempt type is logged by Amazon FSx for file share accesses.\n\n- `SUCCESS_ONLY` - only successful attempts to access file shares are logged.\n- `FAILURE_ONLY` - only failed attempts to access file shares are logged.\n- `SUCCESS_AND_FAILURE` - both successful attempts and failed attempts to access file shares are logged.\n- `DISABLED` - access auditing of file shares is turned off.", "title": "FileShareAccessAuditLogLevel", "type": "string" } }, "required": [ "FileAccessAuditLogLevel", "FileShareAccessAuditLogLevel" ], "type": "object" }, "AWS::FSx::FileSystem.ClientConfigurations": { "additionalProperties": false, "properties": { "Clients": { "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", "title": "Clients", "type": "string" }, "Options": { "items": { "type": "string" }, "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", "title": "Options", "type": "array" } }, "type": "object" }, "AWS::FSx::FileSystem.DiskIopsConfiguration": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The total number of SSD IOPS provisioned for the file system.\n\nThe minimum and maximum values for this property depend on the value of `HAPairs` and `StorageCapacity` . The minimum value is calculated as `StorageCapacity` * 3 * `HAPairs` (3 IOPS per GB of `StorageCapacity` ). The maximum value is calculated as 200,000 * `HAPairs` .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) if the value of `Iops` is outside of the minimum or maximum values.", "title": "Iops", "type": "number" }, "Mode": { "markdownDescription": "Specifies whether the file system is using the `AUTOMATIC` setting of SSD IOPS of 3 IOPS per GB of storage capacity, or if it using a `USER_PROVISIONED` value.", "title": "Mode", "type": "string" } }, "type": "object" }, "AWS::FSx::FileSystem.LustreConfiguration": { "additionalProperties": false, "properties": { "AutoImportPolicy": { "markdownDescription": "(Optional) When you create your file system, your existing S3 objects appear as file and directory listings. Use this property to choose how Amazon FSx keeps your file and directory listings up to date as you add or modify objects in your linked S3 bucket. `AutoImportPolicy` can have the following values:\n\n- `NONE` - (Default) AutoImport is off. Amazon FSx only updates file and directory listings from the linked S3 bucket when the file system is created. FSx does not update file and directory listings for any new or changed objects after choosing this option.\n- `NEW` - AutoImport is on. Amazon FSx automatically imports directory listings of any new objects added to the linked S3 bucket that do not currently exist in the FSx file system.\n- `NEW_CHANGED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket and any existing objects that are changed in the S3 bucket after you choose this option.\n- `NEW_CHANGED_DELETED` - AutoImport is on. Amazon FSx automatically imports file and directory listings of any new objects added to the S3 bucket, any existing objects that are changed in the S3 bucket, and any objects that were deleted in the S3 bucket.\n\nFor more information, see [Automatically import updates from your S3 bucket](https://docs.aws.amazon.com/fsx/latest/LustreGuide/autoimport-data-repo.html) .\n\n> This parameter is not supported for Lustre file systems with a data repository association.", "title": "AutoImportPolicy", "type": "string" }, "AutomaticBackupRetentionDays": { "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `0` .", "title": "AutomaticBackupRetentionDays", "type": "number" }, "CopyTagsToBackups": { "markdownDescription": "(Optional) Not available for use with file systems that are linked to a data repository. A boolean flag indicating whether tags for the file system should be copied to backups. The default value is false. If `CopyTagsToBackups` is set to true, all file system tags are copied to all automatic and user-initiated backups when the user doesn't specify any backup-specific tags. If `CopyTagsToBackups` is set to true and you specify one or more backup tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.\n\n(Default = `false` )\n\nFor more information, see [Working with backups](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-backups-fsx.html) in the *Amazon FSx for Lustre User Guide* .", "title": "CopyTagsToBackups", "type": "boolean" }, "DailyAutomaticBackupStartTime": { "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", "title": "DailyAutomaticBackupStartTime", "type": "string" }, "DataCompressionType": { "markdownDescription": "Sets the data compression configuration for the file system. `DataCompressionType` can have the following values:\n\n- `NONE` - (Default) Data compression is turned off when the file system is created.\n- `LZ4` - Data compression is turned on with the LZ4 algorithm.\n\nFor more information, see [Lustre data compression](https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-compression.html) in the *Amazon FSx for Lustre User Guide* .", "title": "DataCompressionType", "type": "string" }, "DeploymentType": { "markdownDescription": "(Optional) Choose `SCRATCH_1` and `SCRATCH_2` deployment types when you need temporary storage and shorter-term processing of data. The `SCRATCH_2` deployment type provides in-transit encryption of data and higher burst throughput capacity than `SCRATCH_1` .\n\nChoose `PERSISTENT_1` for longer-term storage and for throughput-focused workloads that aren\u2019t latency-sensitive. `PERSISTENT_1` supports encryption of data in transit, and is available in all AWS Regions in which FSx for Lustre is available.\n\nChoose `PERSISTENT_2` for longer-term storage and for latency-sensitive workloads that require the highest levels of IOPS/throughput. `PERSISTENT_2` supports SSD storage, and offers higher `PerUnitStorageThroughput` (up to 1000 MB/s/TiB). You can optionally specify a metadata configuration mode for `PERSISTENT_2` which supports increasing metadata performance. `PERSISTENT_2` is available in a limited number of AWS Regions . For more information, and an up-to-date list of AWS Regions in which `PERSISTENT_2` is available, see [File system deployment options for FSx for Lustre](https://docs.aws.amazon.com/fsx/latest/LustreGuide/using-fsx-lustre.html#lustre-deployment-types) in the *Amazon FSx for Lustre User Guide* .\n\n> If you choose `PERSISTENT_2` , and you set `FileSystemTypeVersion` to `2.10` , the `CreateFileSystem` operation fails. \n\nEncryption of data in transit is automatically turned on when you access `SCRATCH_2` , `PERSISTENT_1` , and `PERSISTENT_2` file systems from Amazon EC2 instances that support automatic encryption in the AWS Regions where they are available. For more information about encryption in transit for FSx for Lustre file systems, see [Encrypting data in transit](https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) in the *Amazon FSx for Lustre User Guide* .\n\n(Default = `SCRATCH_1` )", "title": "DeploymentType", "type": "string" }, "DriveCacheType": { "markdownDescription": "The type of drive cache used by `PERSISTENT_1` file systems that are provisioned with HDD storage devices. This parameter is required when storage type is HDD. Set this property to `READ` to improve the performance for frequently accessed files by caching up to 20% of the total storage capacity of the file system.\n\nThis parameter is required when `StorageType` is set to `HDD` and `DeploymentType` is `PERSISTENT_1` .", "title": "DriveCacheType", "type": "string" }, "ExportPath": { "markdownDescription": "(Optional) Specifies the path in the Amazon S3 bucket where the root of your Amazon FSx file system is exported. The path must use the same Amazon S3 bucket as specified in ImportPath. You can provide an optional prefix to which new and changed data is to be exported from your Amazon FSx for Lustre file system. If an `ExportPath` value is not provided, Amazon FSx sets a default export path, `s3://import-bucket/FSxLustre[creation-timestamp]` . The timestamp is in UTC format, for example `s3://import-bucket/FSxLustre20181105T222312Z` .\n\nThe Amazon S3 export bucket must be the same as the import bucket specified by `ImportPath` . If you specify only a bucket name, such as `s3://import-bucket` , you get a 1:1 mapping of file system objects to S3 bucket objects. This mapping means that the input data in S3 is overwritten on export. If you provide a custom prefix in the export path, such as `s3://import-bucket/[custom-optional-prefix]` , Amazon FSx exports the contents of your file system to that export prefix in the Amazon S3 bucket.\n\n> This parameter is not supported for file systems with a data repository association.", "title": "ExportPath", "type": "string" }, "ImportPath": { "markdownDescription": "(Optional) The path to the Amazon S3 bucket (including the optional prefix) that you're using as the data repository for your Amazon FSx for Lustre file system. The root of your FSx for Lustre file system will be mapped to the root of the Amazon S3 bucket you select. An example is `s3://import-bucket/optional-prefix` . If you specify a prefix after the Amazon S3 bucket name, only object keys with that prefix are loaded into the file system.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", "title": "ImportPath", "type": "string" }, "ImportedFileChunkSize": { "markdownDescription": "(Optional) For files imported from a data repository, this value determines the stripe count and maximum amount of data per file (in MiB) stored on a single physical disk. The maximum number of disks that a single file can be striped across is limited by the total number of disks that make up the file system.\n\nThe default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB.\n\n> This parameter is not supported for Lustre file systems with a data repository association.", "title": "ImportedFileChunkSize", "type": "number" }, "PerUnitStorageThroughput": { "markdownDescription": "Required with `PERSISTENT_1` and `PERSISTENT_2` deployment types, provisions the amount of read and write throughput for each 1 tebibyte (TiB) of file system storage capacity, in MB/s/TiB. File system throughput capacity is calculated by multiplying \ufb01le system storage capacity (TiB) by the `PerUnitStorageThroughput` (MB/s/TiB). For a 2.4-TiB \ufb01le system, provisioning 50 MB/s/TiB of `PerUnitStorageThroughput` yields 120 MB/s of \ufb01le system throughput. You pay for the amount of throughput that you provision.\n\nValid values:\n\n- For `PERSISTENT_1` SSD storage: 50, 100, 200 MB/s/TiB.\n- For `PERSISTENT_1` HDD storage: 12, 40 MB/s/TiB.\n- For `PERSISTENT_2` SSD storage: 125, 250, 500, 1000 MB/s/TiB.", "title": "PerUnitStorageThroughput", "type": "number" }, "WeeklyMaintenanceStartTime": { "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "type": "object" }, "AWS::FSx::FileSystem.NfsExports": { "additionalProperties": false, "properties": { "ClientConfigurations": { "items": { "$ref": "#/definitions/AWS::FSx::FileSystem.ClientConfigurations" }, "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", "title": "ClientConfigurations", "type": "array" } }, "type": "object" }, "AWS::FSx::FileSystem.OntapConfiguration": { "additionalProperties": false, "properties": { "AutomaticBackupRetentionDays": { "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", "title": "AutomaticBackupRetentionDays", "type": "number" }, "DailyAutomaticBackupStartTime": { "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", "title": "DailyAutomaticBackupStartTime", "type": "string" }, "DeploymentType": { "markdownDescription": "Specifies the FSx for ONTAP file system deployment type to use in creating the file system.\n\n- `MULTI_AZ_1` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. This is a first-generation FSx for ONTAP file system.\n- `MULTI_AZ_2` - A high availability file system configured for Multi-AZ redundancy to tolerate temporary AZ unavailability. This is a second-generation FSx for ONTAP file system.\n- `SINGLE_AZ_1` - A file system configured for Single-AZ redundancy. This is a first-generation FSx for ONTAP file system.\n- `SINGLE_AZ_2` - A file system configured with multiple high-availability (HA) pairs for Single-AZ redundancy. This is a second-generation FSx for ONTAP file system.\n\nFor information about the use cases for Multi-AZ and Single-AZ deployments, refer to [Choosing a file system deployment type](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html) .", "title": "DeploymentType", "type": "string" }, "DiskIopsConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", "markdownDescription": "The SSD IOPS configuration for the FSx for ONTAP file system.", "title": "DiskIopsConfiguration" }, "EndpointIpAddressRange": { "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API, Amazon FSx selects an unused IP address range for you from the 198.19.* range. By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses from the VPC\u2019s primary CIDR range to use as the endpoint IP address range for the file system. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables, as long as they don't overlap with any subnet.", "title": "EndpointIpAddressRange", "type": "string" }, "FsxAdminPassword": { "markdownDescription": "The ONTAP administrative password for the `fsxadmin` user with which you administer your file system using the NetApp ONTAP CLI and REST API.", "title": "FsxAdminPassword", "type": "string" }, "HAPairs": { "markdownDescription": "Specifies how many high-availability (HA) pairs of file servers will power your file system. First-generation file systems are powered by 1 HA pair. Second-generation multi-AZ file systems are powered by 1 HA pair. Second generation single-AZ file systems are powered by up to 12 HA pairs. The default value is 1. The value of this property affects the values of `StorageCapacity` , `Iops` , and `ThroughputCapacity` . For more information, see [High-availability (HA) pairs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/administering-file-systems.html#HA-pairs) in the FSx for ONTAP user guide. Block storage protocol support (iSCSI and NVMe over TCP) is disabled on file systems with more than 6 HA pairs. For more information, see [Using block storage protocols](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/supported-fsx-clients.html#using-block-storage) .\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `HAPairs` is less than 1 or greater than 12.\n- The value of `HAPairs` is greater than 1 and the value of `DeploymentType` is `SINGLE_AZ_1` , `MULTI_AZ_1` , or `MULTI_AZ_2` .", "title": "HAPairs", "type": "number" }, "PreferredSubnetId": { "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` or `MULTI_AZ_2` . This specifies the subnet in which you want the preferred file server to be located.", "title": "PreferredSubnetId", "type": "string" }, "RouteTableIds": { "items": { "type": "string" }, "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.\n\n> Amazon FSx manages these route tables for Multi-AZ file systems using tag-based authentication. These route tables are tagged with `Key: AmazonFSx; Value: ManagedByAmazonFSx` . When creating FSx for ONTAP Multi-AZ file systems using AWS CloudFormation we recommend that you add the `Key: AmazonFSx; Value: ManagedByAmazonFSx` tag manually.", "title": "RouteTableIds", "type": "array" }, "ThroughputCapacity": { "markdownDescription": "Sets the throughput capacity for the file system that you're creating in megabytes per second (MBps). For more information, see [Managing throughput capacity](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) in the FSx for ONTAP User Guide.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value.\n- The value of `ThroughputCapacity` when divided by the value of `HAPairs` is outside of the valid range for `ThroughputCapacity` .", "title": "ThroughputCapacity", "type": "number" }, "ThroughputCapacityPerHAPair": { "markdownDescription": "Use to choose the throughput capacity per HA pair, rather than the total throughput for the file system.\n\nYou can define either the `ThroughputCapacityPerHAPair` or the `ThroughputCapacity` when creating a file system, but not both.\n\nThis field and `ThroughputCapacity` are the same for file systems powered by one HA pair.\n\n- For `SINGLE_AZ_1` and `MULTI_AZ_1` file systems, valid values are 128, 256, 512, 1024, 2048, or 4096 MBps.\n- For `SINGLE_AZ_2` , valid values are 1536, 3072, or 6144 MBps.\n- For `MULTI_AZ_2` , valid values are 384, 768, 1536, 3072, or 6144 MBps.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The value of `ThroughputCapacity` and `ThroughputCapacityPerHAPair` are not the same value for file systems with one HA pair.\n- The value of deployment type is `SINGLE_AZ_2` and `ThroughputCapacity` / `ThroughputCapacityPerHAPair` is not a valid HA pair (a value between 1 and 12).\n- The value of `ThroughputCapacityPerHAPair` is not a valid value.", "title": "ThroughputCapacityPerHAPair", "type": "number" }, "WeeklyMaintenanceStartTime": { "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ "DeploymentType" ], "type": "object" }, "AWS::FSx::FileSystem.OpenZFSConfiguration": { "additionalProperties": false, "properties": { "AutomaticBackupRetentionDays": { "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", "title": "AutomaticBackupRetentionDays", "type": "number" }, "CopyTagsToBackups": { "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to backups. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", "title": "CopyTagsToBackups", "type": "boolean" }, "CopyTagsToVolumes": { "markdownDescription": "A Boolean value indicating whether tags for the file system should be copied to volumes. This value defaults to `false` . If it's set to `true` , all tags for the file system are copied to volumes where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to volumes. If you specify one or more tags when creating the volume, no tags are copied from the file system, regardless of this value.", "title": "CopyTagsToVolumes", "type": "boolean" }, "DailyAutomaticBackupStartTime": { "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", "title": "DailyAutomaticBackupStartTime", "type": "string" }, "DeploymentType": { "markdownDescription": "Specifies the file system deployment type. Valid values are the following:\n\n- `MULTI_AZ_1` - Creates file systems with high availability and durability by replicating your data and supporting failover across multiple Availability Zones in the same AWS Region .\n- `SINGLE_AZ_HA_2` - Creates file systems with high availability and throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_HA_1` - Creates file systems with high availability and throughput capacities of 64 - 4,096 MB/s by deploying a primary and standby file system within the same Availability Zone.\n- `SINGLE_AZ_2` - Creates file systems with throughput capacities of 160 - 10,240 MB/s using an NVMe L2ARC cache that automatically recover within a single Availability Zone.\n- `SINGLE_AZ_1` - Creates file systems with throughput capacities of 64 - 4,096 MBs that automatically recover within a single Availability Zone.\n\nFor a list of which AWS Regions each deployment type is available in, see [Deployment type availability](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) . For more information on the differences in performance between deployment types, see [File system performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) in the *Amazon FSx for OpenZFS User Guide* .", "title": "DeploymentType", "type": "string" }, "DiskIopsConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS file system. By default, Amazon FSx automatically provisions 3 IOPS per GB of storage capacity. You can provision additional IOPS per GB of storage. The configuration consists of the total number of provisioned SSD IOPS and how it is was provisioned, or the mode (by the customer or by Amazon FSx).", "title": "DiskIopsConfiguration" }, "EndpointIpAddressRange": { "markdownDescription": "(Multi-AZ only) Specifies the IP address range in which the endpoints to access your file system will be created. By default in the Amazon FSx API and Amazon FSx console, Amazon FSx selects an available /28 IP address range for you from one of the VPC's CIDR ranges. You can have overlapping endpoint IP addresses for file systems deployed in the same VPC/route tables.", "title": "EndpointIpAddressRange", "type": "string" }, "Options": { "items": { "type": "string" }, "markdownDescription": "To delete a file system if there are child volumes present below the root volume, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` . If your file system has child volumes and you don't use this option, the delete request will fail.", "title": "Options", "type": "array" }, "PreferredSubnetId": { "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located.", "title": "PreferredSubnetId", "type": "string" }, "RootVolumeConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.RootVolumeConfiguration", "markdownDescription": "The configuration Amazon FSx uses when creating the root value of the Amazon FSx for OpenZFS file system. All volumes are children of the root volume.", "title": "RootVolumeConfiguration" }, "RouteTableIds": { "items": { "type": "string" }, "markdownDescription": "(Multi-AZ only) Specifies the route tables in which Amazon FSx creates the rules for routing traffic to the correct file server. You should specify all virtual private cloud (VPC) route tables associated with the subnets in which your clients are located. By default, Amazon FSx selects your VPC's default route table.", "title": "RouteTableIds", "type": "array" }, "ThroughputCapacity": { "markdownDescription": "Specifies the throughput of an Amazon FSx for OpenZFS file system, measured in megabytes per second (MBps). Valid values depend on the DeploymentType you choose, as follows:\n\n- For `MULTI_AZ_1` and `SINGLE_AZ_2` , valid values are 160, 320, 640, 1280, 2560, 3840, 5120, 7680, or 10240 MBps.\n- For `SINGLE_AZ_1` , valid values are 64, 128, 256, 512, 1024, 2048, 3072, or 4096 MBps.\n\nYou pay for additional throughput capacity that you provision.", "title": "ThroughputCapacity", "type": "number" }, "WeeklyMaintenanceStartTime": { "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ "DeploymentType" ], "type": "object" }, "AWS::FSx::FileSystem.RootVolumeConfiguration": { "additionalProperties": false, "properties": { "CopyTagsToSnapshots": { "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots of the volume. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", "title": "CopyTagsToSnapshots", "type": "boolean" }, "DataCompressionType": { "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", "title": "DataCompressionType", "type": "string" }, "NfsExports": { "items": { "$ref": "#/definitions/AWS::FSx::FileSystem.NfsExports" }, "markdownDescription": "The configuration object for mounting a file system.", "title": "NfsExports", "type": "array" }, "ReadOnly": { "markdownDescription": "A Boolean value indicating whether the volume is read-only. Setting this value to `true` can be useful after you have completed changes to a volume and no longer want changes to occur.", "title": "ReadOnly", "type": "boolean" }, "RecordSizeKiB": { "markdownDescription": "Specifies the record size of an OpenZFS root volume, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. Most workloads should use the default record size. Database workflows can benefit from a smaller record size, while streaming workflows can benefit from a larger record size. For additional guidance on setting a custom record size, see [Tips for maximizing performance](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#performance-tips-zfs) in the *Amazon FSx for OpenZFS User Guide* .", "title": "RecordSizeKiB", "type": "number" }, "UserAndGroupQuotas": { "items": { "$ref": "#/definitions/AWS::FSx::FileSystem.UserAndGroupQuotas" }, "markdownDescription": "An object specifying how much storage users or groups can use on the volume.", "title": "UserAndGroupQuotas", "type": "array" } }, "type": "object" }, "AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { "DnsIps": { "items": { "type": "string" }, "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", "title": "DnsIps", "type": "array" }, "DomainName": { "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", "title": "DomainName", "type": "string" }, "FileSystemAdministratorsGroup": { "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", "title": "FileSystemAdministratorsGroup", "type": "string" }, "OrganizationalUnitDistinguishedName": { "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", "title": "OrganizationalUnitDistinguishedName", "type": "string" }, "Password": { "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", "title": "Password", "type": "string" }, "UserName": { "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", "title": "UserName", "type": "string" } }, "type": "object" }, "AWS::FSx::FileSystem.UserAndGroupQuotas": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the user or group that the quota applies to.", "title": "Id", "type": "number" }, "StorageCapacityQuotaGiB": { "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", "title": "StorageCapacityQuotaGiB", "type": "number" }, "Type": { "markdownDescription": "Specifies whether the quota applies to a user or group.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::FSx::FileSystem.WindowsConfiguration": { "additionalProperties": false, "properties": { "ActiveDirectoryId": { "markdownDescription": "The ID for an existing AWS Managed Microsoft Active Directory (AD) instance that the file system should join when it's created. Required if you are joining the file system to an existing AWS Managed Microsoft AD.", "title": "ActiveDirectoryId", "type": "string" }, "Aliases": { "items": { "type": "string" }, "markdownDescription": "An array of one or more DNS alias names that you want to associate with the Amazon FSx file system. Aliases allow you to use existing DNS names to access the data in your Amazon FSx file system. You can associate up to 50 aliases with a file system at any time.\n\nFor more information, see [Working with DNS Aliases](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html) and [Walkthrough 5: Using DNS aliases to access your file system](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/walkthrough05-file-system-custom-CNAME.html) , including additional steps you must take to be able to access your file system using a DNS alias.\n\nAn alias name has to meet the following requirements:\n\n- Formatted as a fully-qualified domain name (FQDN), `hostname.domain` , for example, `accounting.example.com` .\n- Can contain alphanumeric characters, the underscore (_), and the hyphen (-).\n- Cannot start or end with a hyphen.\n- Can start with a numeric.\n\nFor DNS alias names, Amazon FSx stores alphabetical characters as lowercase letters (a-z), regardless of how you specify them: as uppercase letters, lowercase letters, or the corresponding letters in escape codes.", "title": "Aliases", "type": "array" }, "AuditLogConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.AuditLogConfiguration", "markdownDescription": "The configuration that Amazon FSx for Windows File Server uses to audit and log user accesses of files, folders, and file shares on the Amazon FSx for Windows File Server file system.", "title": "AuditLogConfiguration" }, "AutomaticBackupRetentionDays": { "markdownDescription": "The number of days to retain automatic backups. Setting this property to `0` disables automatic backups. You can retain automatic backups for a maximum of 90 days. The default is `30` .", "title": "AutomaticBackupRetentionDays", "type": "number" }, "CopyTagsToBackups": { "markdownDescription": "A boolean flag indicating whether tags for the file system should be copied to backups. This value defaults to false. If it's set to true, all tags for the file system are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the file system, regardless of this value.", "title": "CopyTagsToBackups", "type": "boolean" }, "DailyAutomaticBackupStartTime": { "markdownDescription": "A recurring daily time, in the format `HH:MM` . `HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour. For example, `05:00` specifies 5 AM daily.", "title": "DailyAutomaticBackupStartTime", "type": "string" }, "DeploymentType": { "markdownDescription": "Specifies the file system deployment type, valid values are the following:\n\n- `MULTI_AZ_1` - Deploys a high availability file system that is configured for Multi-AZ redundancy to tolerate temporary Availability Zone (AZ) unavailability. You can only deploy a Multi-AZ file system in AWS Regions that have a minimum of three Availability Zones. Also supports HDD storage type\n- `SINGLE_AZ_1` - (Default) Choose to deploy a file system that is configured for single AZ redundancy.\n- `SINGLE_AZ_2` - The latest generation Single AZ file system. Specifies a file system that is configured for single AZ redundancy and supports HDD storage type.\n\nFor more information, see [Availability and Durability: Single-AZ and Multi-AZ File Systems](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html) .", "title": "DeploymentType", "type": "string" }, "DiskIopsConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.DiskIopsConfiguration", "markdownDescription": "The SSD IOPS (input/output operations per second) configuration for an Amazon FSx for Windows file system. By default, Amazon FSx automatically provisions 3 IOPS per GiB of storage capacity. You can provision additional IOPS per GiB of storage, up to the maximum limit associated with your chosen throughput capacity.", "title": "DiskIopsConfiguration" }, "PreferredSubnetId": { "markdownDescription": "Required when `DeploymentType` is set to `MULTI_AZ_1` . This specifies the subnet in which you want the preferred file server to be located. For in- AWS applications, we recommend that you launch your clients in the same availability zone as your preferred file server to reduce cross-availability zone data transfer costs and minimize latency.", "title": "PreferredSubnetId", "type": "string" }, "SelfManagedActiveDirectoryConfiguration": { "$ref": "#/definitions/AWS::FSx::FileSystem.SelfManagedActiveDirectoryConfiguration", "markdownDescription": "The configuration that Amazon FSx uses to join a FSx for Windows File Server file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed (including on-premises) Microsoft Active Directory (AD) directory. For more information, see [Using Amazon FSx for Windows with your self-managed Microsoft Active Directory](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) or [Managing FSx for ONTAP SVMs](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html) .", "title": "SelfManagedActiveDirectoryConfiguration" }, "ThroughputCapacity": { "markdownDescription": "Sets the throughput capacity of an Amazon FSx file system, measured in megabytes per second (MB/s), in 2 to the *n* th increments, between 2^3 (8) and 2^11 (2048).\n\n> To increase storage capacity, a file system must have a minimum throughput capacity of 16 MB/s.", "title": "ThroughputCapacity", "type": "number" }, "WeeklyMaintenanceStartTime": { "markdownDescription": "A recurring weekly time, in the format `D:HH:MM` .\n\n`D` is the day of the week, for which 1 represents Monday and 7 represents Sunday. For further details, see [the ISO-8601 spec as described on Wikipedia](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_week_date) .\n\n`HH` is the zero-padded hour of the day (0-23), and `MM` is the zero-padded minute of the hour.\n\nFor example, `1:05:00` specifies maintenance at 5 AM Monday.", "title": "WeeklyMaintenanceStartTime", "type": "string" } }, "required": [ "ThroughputCapacity" ], "type": "object" }, "AWS::FSx::Snapshot": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the snapshot.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" }, "VolumeId": { "markdownDescription": "The ID of the volume that the snapshot is of.", "title": "VolumeId", "type": "string" } }, "required": [ "Name", "VolumeId" ], "type": "object" }, "Type": { "enum": [ "AWS::FSx::Snapshot" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::StorageVirtualMachine": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActiveDirectoryConfiguration": { "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration", "markdownDescription": "Describes the Microsoft Active Directory configuration to which the SVM is joined, if applicable.", "title": "ActiveDirectoryConfiguration" }, "FileSystemId": { "markdownDescription": "Specifies the FSx for ONTAP file system on which to create the SVM.", "title": "FileSystemId", "type": "string" }, "Name": { "markdownDescription": "The name of the SVM.", "title": "Name", "type": "string" }, "RootVolumeSecurityStyle": { "markdownDescription": "The security style of the root volume of the SVM. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Microsoft Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Microsoft Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) in the Amazon FSx for NetApp ONTAP User Guide.", "title": "RootVolumeSecurityStyle", "type": "string" }, "SvmAdminPassword": { "markdownDescription": "Specifies the password to use when logging on to the SVM using a secure shell (SSH) connection to the SVM's management endpoint. Doing so enables you to manage the SVM using the NetApp ONTAP CLI or REST API. If you do not specify a password, you can still use the file system's `fsxadmin` user to manage the SVM. For more information, see [Managing SVMs using the NetApp ONTAP CLI](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html#vsadmin-ontap-cli) in the *FSx for ONTAP User Guide* .", "title": "SvmAdminPassword", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of `Tag` values, with a maximum of 50 elements.", "title": "Tags", "type": "array" } }, "required": [ "FileSystemId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FSx::StorageVirtualMachine" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::StorageVirtualMachine.ActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { "NetBiosName": { "markdownDescription": "The NetBIOS name of the Active Directory computer object that will be created for your SVM.", "title": "NetBiosName", "type": "string" }, "SelfManagedActiveDirectoryConfiguration": { "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration", "markdownDescription": "The configuration that Amazon FSx uses to join the ONTAP storage virtual machine (SVM) to your self-managed (including on-premises) Microsoft Active Directory directory.", "title": "SelfManagedActiveDirectoryConfiguration" } }, "type": "object" }, "AWS::FSx::StorageVirtualMachine.SelfManagedActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { "DnsIps": { "items": { "type": "string" }, "markdownDescription": "A list of up to three IP addresses of DNS servers or domain controllers in the self-managed AD directory.", "title": "DnsIps", "type": "array" }, "DomainName": { "markdownDescription": "The fully qualified domain name of the self-managed AD directory, such as `corp.example.com` .", "title": "DomainName", "type": "string" }, "FileSystemAdministratorsGroup": { "markdownDescription": "(Optional) The name of the domain group whose members are granted administrative privileges for the file system. Administrative privileges include taking ownership of files and folders, setting audit controls (audit ACLs) on files and folders, and administering the file system remotely by using the FSx Remote PowerShell. The group that you specify must already exist in your domain. If you don't provide one, your AD domain's Domain Admins group is used.", "title": "FileSystemAdministratorsGroup", "type": "string" }, "OrganizationalUnitDistinguishedName": { "markdownDescription": "(Optional) The fully qualified distinguished name of the organizational unit within your self-managed AD directory. Amazon FSx only accepts OU as the direct parent of the file system. An example is `OU=FSx,DC=yourdomain,DC=corp,DC=com` . To learn more, see [RFC 2253](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2253) . If none is provided, the FSx file system is created in the default location of your self-managed AD directory.\n\n> Only Organizational Unit (OU) objects can be the direct parent of the file system that you're creating.", "title": "OrganizationalUnitDistinguishedName", "type": "string" }, "Password": { "markdownDescription": "The password for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain.", "title": "Password", "type": "string" }, "UserName": { "markdownDescription": "The user name for the service account on your self-managed AD domain that Amazon FSx will use to join to your AD domain. This account must have the permission to join computers to the domain in the organizational unit provided in `OrganizationalUnitDistinguishedName` , or in the default location of your AD domain.", "title": "UserName", "type": "string" } }, "type": "object" }, "AWS::FSx::Volume": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BackupId": { "markdownDescription": "Specifies the ID of the volume backup to use to create a new volume.", "title": "BackupId", "type": "string" }, "Name": { "markdownDescription": "The name of the volume.", "title": "Name", "type": "string" }, "OntapConfiguration": { "$ref": "#/definitions/AWS::FSx::Volume.OntapConfiguration", "markdownDescription": "The configuration of an Amazon FSx for NetApp ONTAP volume.", "title": "OntapConfiguration" }, "OpenZFSConfiguration": { "$ref": "#/definitions/AWS::FSx::Volume.OpenZFSConfiguration", "markdownDescription": "The configuration of an Amazon FSx for OpenZFS volume.", "title": "OpenZFSConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VolumeType": { "markdownDescription": "The type of the volume.", "title": "VolumeType", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FSx::Volume" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FSx::Volume.AggregateConfiguration": { "additionalProperties": false, "properties": { "Aggregates": { "items": { "type": "string" }, "markdownDescription": "The list of aggregates that this volume resides on. Aggregates are storage pools which make up your primary storage tier. Each high-availability (HA) pair has one aggregate. The names of the aggregates map to the names of the aggregates in the ONTAP CLI and REST API. For FlexVols, there will always be a single entry.\n\nAmazon FSx responds with an HTTP status code 400 (Bad Request) for the following conditions:\n\n- The strings in the value of `Aggregates` are not are not formatted as `aggrX` , where X is a number between 1 and 12.\n- The value of `Aggregates` contains aggregates that are not present.\n- One or more of the aggregates supplied are too close to the volume limit to support adding more volumes.", "title": "Aggregates", "type": "array" }, "ConstituentsPerAggregate": { "markdownDescription": "Used to explicitly set the number of constituents within the FlexGroup per storage aggregate. This field is optional when creating a FlexGroup volume. If unspecified, the default value will be 8. This field cannot be provided when creating a FlexVol volume.", "title": "ConstituentsPerAggregate", "type": "number" } }, "type": "object" }, "AWS::FSx::Volume.AutocommitPeriod": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Defines the type of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. Setting this value to `NONE` disables autocommit. The default value is `NONE` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Defines the amount of time for the autocommit period of a file in an FSx for ONTAP SnapLock volume. The following ranges are valid:\n\n- `Minutes` : 5 - 65,535\n- `Hours` : 1 - 65,535\n- `Days` : 1 - 3,650\n- `Months` : 1 - 120\n- `Years` : 1 - 10", "title": "Value", "type": "number" } }, "required": [ "Type" ], "type": "object" }, "AWS::FSx::Volume.ClientConfigurations": { "additionalProperties": false, "properties": { "Clients": { "markdownDescription": "A value that specifies who can mount the file system. You can provide a wildcard character ( `*` ), an IP address ( `0.0.0.0` ), or a CIDR address ( `192.0.2.0/24` ). By default, Amazon FSx uses the wildcard character when specifying the client.", "title": "Clients", "type": "string" }, "Options": { "items": { "type": "string" }, "markdownDescription": "The options to use when mounting the file system. For a list of options that you can use with Network File System (NFS), see the [exports(5) - Linux man page](https://docs.aws.amazon.com/https://linux.die.net/man/5/exports) . When choosing your options, consider the following:\n\n- `crossmnt` is used by default. If you don't specify `crossmnt` when changing the client configuration, you won't be able to see or access snapshots in your file system's snapshot directory.\n- `sync` is used by default. If you instead specify `async` , the system acknowledges writes before writing to disk. If the system crashes before the writes are finished, you lose the unwritten data.", "title": "Options", "type": "array" } }, "required": [ "Clients", "Options" ], "type": "object" }, "AWS::FSx::Volume.NfsExports": { "additionalProperties": false, "properties": { "ClientConfigurations": { "items": { "$ref": "#/definitions/AWS::FSx::Volume.ClientConfigurations" }, "markdownDescription": "A list of configuration objects that contain the client and options for mounting the OpenZFS file system.", "title": "ClientConfigurations", "type": "array" } }, "required": [ "ClientConfigurations" ], "type": "object" }, "AWS::FSx::Volume.OntapConfiguration": { "additionalProperties": false, "properties": { "AggregateConfiguration": { "$ref": "#/definitions/AWS::FSx::Volume.AggregateConfiguration", "markdownDescription": "Used to specify the configuration options for an FSx for ONTAP volume's storage aggregate or aggregates.", "title": "AggregateConfiguration" }, "CopyTagsToBackups": { "markdownDescription": "A boolean flag indicating whether tags for the volume should be copied to backups. This value defaults to false. If it's set to true, all tags for the volume are copied to all automatic and user-initiated backups where the user doesn't specify tags. If this value is true, and you specify one or more tags, only the specified tags are copied to backups. If you specify one or more tags when creating a user-initiated backup, no tags are copied from the volume, regardless of this value.", "title": "CopyTagsToBackups", "type": "string" }, "JunctionPath": { "markdownDescription": "Specifies the location in the SVM's namespace where the volume is mounted. This parameter is required. The `JunctionPath` must have a leading forward slash, such as `/vol3` .", "title": "JunctionPath", "type": "string" }, "OntapVolumeType": { "markdownDescription": "Specifies the type of volume you are creating. Valid values are the following:\n\n- `RW` specifies a read/write volume. `RW` is the default.\n- `DP` specifies a data-protection volume. A `DP` volume is read-only and can be used as the destination of a NetApp SnapMirror relationship.\n\nFor more information, see [Volume types](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-types) in the Amazon FSx for NetApp ONTAP User Guide.", "title": "OntapVolumeType", "type": "string" }, "SecurityStyle": { "markdownDescription": "Specifies the security style for the volume. If a volume's security style is not specified, it is automatically set to the root volume's security style. The security style determines the type of permissions that FSx for ONTAP uses to control data access. Specify one of the following values:\n\n- `UNIX` if the file system is managed by a UNIX administrator, the majority of users are NFS clients, and an application accessing the data uses a UNIX user as the service account.\n- `NTFS` if the file system is managed by a Windows administrator, the majority of users are SMB clients, and an application accessing the data uses a Windows user as the service account.\n- `MIXED` This is an advanced setting. For more information, see the topic [What the security styles and their effects are](https://docs.aws.amazon.com/https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) in the NetApp Documentation Center.\n\nFor more information, see [Volume security style](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) in the FSx for ONTAP User Guide.", "title": "SecurityStyle", "type": "string" }, "SizeInBytes": { "markdownDescription": "Specifies the configured size of the volume, in bytes.", "title": "SizeInBytes", "type": "string" }, "SizeInMegabytes": { "markdownDescription": "Use `SizeInBytes` instead. Specifies the size of the volume, in megabytes (MB), that you are creating.", "title": "SizeInMegabytes", "type": "string" }, "SnaplockConfiguration": { "$ref": "#/definitions/AWS::FSx::Volume.SnaplockConfiguration", "markdownDescription": "The SnapLock configuration object for an FSx for ONTAP SnapLock volume.", "title": "SnaplockConfiguration" }, "SnapshotPolicy": { "markdownDescription": "Specifies the snapshot policy for the volume. There are three built-in snapshot policies:\n\n- `default` : This is the default policy. A maximum of six hourly snapshots taken five minutes past the hour. A maximum of two daily snapshots taken Monday through Saturday at 10 minutes after midnight. A maximum of two weekly snapshots taken every Sunday at 15 minutes after midnight.\n- `default-1weekly` : This policy is the same as the `default` policy except that it only retains one snapshot from the weekly schedule.\n- `none` : This policy does not take any snapshots. This policy can be assigned to volumes to prevent automatic snapshots from being taken.\n\nYou can also provide the name of a custom policy that you created with the ONTAP CLI or REST API.\n\nFor more information, see [Snapshot policies](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snapshots-ontap.html#snapshot-policies) in the Amazon FSx for NetApp ONTAP User Guide.", "title": "SnapshotPolicy", "type": "string" }, "StorageEfficiencyEnabled": { "markdownDescription": "Set to true to enable deduplication, compression, and compaction storage efficiency features on the volume, or set to false to disable them.\n\n`StorageEfficiencyEnabled` is required when creating a `RW` volume ( `OntapVolumeType` set to `RW` ).", "title": "StorageEfficiencyEnabled", "type": "string" }, "StorageVirtualMachineId": { "markdownDescription": "Specifies the ONTAP SVM in which to create the volume.", "title": "StorageVirtualMachineId", "type": "string" }, "TieringPolicy": { "$ref": "#/definitions/AWS::FSx::Volume.TieringPolicy", "markdownDescription": "Describes the data tiering policy for an ONTAP volume. When enabled, Amazon FSx for ONTAP's intelligent tiering automatically transitions a volume's data between the file system's primary storage and capacity pool storage based on your access patterns.\n\nValid tiering policies are the following:\n\n- `SNAPSHOT_ONLY` - (Default value) moves cold snapshots to the capacity pool storage tier.\n\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", "title": "TieringPolicy" }, "VolumeStyle": { "markdownDescription": "Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles of volumes that you can use for different purposes, FlexVol and FlexGroup volumes. For more information, see [Volume styles](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-styles) in the Amazon FSx for NetApp ONTAP User Guide.", "title": "VolumeStyle", "type": "string" } }, "required": [ "StorageVirtualMachineId" ], "type": "object" }, "AWS::FSx::Volume.OpenZFSConfiguration": { "additionalProperties": false, "properties": { "CopyTagsToSnapshots": { "markdownDescription": "A Boolean value indicating whether tags for the volume should be copied to snapshots. This value defaults to `false` . If it's set to `true` , all tags for the volume are copied to snapshots where the user doesn't specify tags. If this value is `true` , and you specify one or more tags, only the specified tags are copied to snapshots. If you specify one or more tags when creating the snapshot, no tags are copied from the volume, regardless of this value.", "title": "CopyTagsToSnapshots", "type": "boolean" }, "DataCompressionType": { "markdownDescription": "Specifies the method used to compress the data on the volume. The compression type is `NONE` by default.\n\n- `NONE` - Doesn't compress the data on the volume. `NONE` is the default.\n- `ZSTD` - Compresses the data in the volume using the Zstandard (ZSTD) compression algorithm. Compared to LZ4, Z-Standard provides a better compression ratio to minimize on-disk storage utilization.\n- `LZ4` - Compresses the data in the volume using the LZ4 compression algorithm. Compared to Z-Standard, LZ4 is less compute-intensive and delivers higher write throughput speeds.", "title": "DataCompressionType", "type": "string" }, "NfsExports": { "items": { "$ref": "#/definitions/AWS::FSx::Volume.NfsExports" }, "markdownDescription": "The configuration object for mounting a Network File System (NFS) file system.", "title": "NfsExports", "type": "array" }, "Options": { "items": { "type": "string" }, "markdownDescription": "To delete the volume's child volumes, snapshots, and clones, use the string `DELETE_CHILD_VOLUMES_AND_SNAPSHOTS` .", "title": "Options", "type": "array" }, "OriginSnapshot": { "$ref": "#/definitions/AWS::FSx::Volume.OriginSnapshot", "markdownDescription": "The configuration object that specifies the snapshot to use as the origin of the data for the volume.", "title": "OriginSnapshot" }, "ParentVolumeId": { "markdownDescription": "The ID of the volume to use as the parent volume of the volume that you are creating.", "title": "ParentVolumeId", "type": "string" }, "ReadOnly": { "markdownDescription": "A Boolean value indicating whether the volume is read-only.", "title": "ReadOnly", "type": "boolean" }, "RecordSizeKiB": { "markdownDescription": "Specifies the suggested block size for a volume in a ZFS dataset, in kibibytes (KiB). Valid values are 4, 8, 16, 32, 64, 128, 256, 512, or 1024 KiB. The default is 128 KiB. We recommend using the default setting for the majority of use cases. Generally, workloads that write in fixed small or large record sizes may benefit from setting a custom record size, like database workloads (small record size) or media streaming workloads (large record size). For additional guidance on when to set a custom record size, see [ZFS Record size](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#record-size-performance) in the *Amazon FSx for OpenZFS User Guide* .", "title": "RecordSizeKiB", "type": "number" }, "StorageCapacityQuotaGiB": { "markdownDescription": "Sets the maximum storage size in gibibytes (GiB) for the volume. You can specify a quota that is larger than the storage on the parent volume. A volume quota limits the amount of storage that the volume can consume to the configured amount, but does not guarantee the space will be available on the parent volume. To guarantee quota space, you must also set `StorageCapacityReservationGiB` . To *not* specify a storage capacity quota, set this to `-1` .\n\nFor more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", "title": "StorageCapacityQuotaGiB", "type": "number" }, "StorageCapacityReservationGiB": { "markdownDescription": "Specifies the amount of storage in gibibytes (GiB) to reserve from the parent volume. Setting `StorageCapacityReservationGiB` guarantees that the specified amount of storage space on the parent volume will always be available for the volume. You can't reserve more storage than the parent volume has. To *not* specify a storage capacity reservation, set this to `0` or `-1` . For more information, see [Volume properties](https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) in the *Amazon FSx for OpenZFS User Guide* .", "title": "StorageCapacityReservationGiB", "type": "number" }, "UserAndGroupQuotas": { "items": { "$ref": "#/definitions/AWS::FSx::Volume.UserAndGroupQuotas" }, "markdownDescription": "Configures how much storage users and groups can use on the volume.", "title": "UserAndGroupQuotas", "type": "array" } }, "required": [ "ParentVolumeId" ], "type": "object" }, "AWS::FSx::Volume.OriginSnapshot": { "additionalProperties": false, "properties": { "CopyStrategy": { "markdownDescription": "Specifies the strategy used when copying data from the snapshot to the new volume.\n\n- `CLONE` - The new volume references the data in the origin snapshot. Cloning a snapshot is faster than copying data from the snapshot to a new volume and doesn't consume disk throughput. However, the origin snapshot can't be deleted if there is a volume using its copied data.\n- `FULL_COPY` - Copies all data from the snapshot to the new volume.\n\nSpecify this option to create the volume from a snapshot on another FSx for OpenZFS file system.\n\n> The `INCREMENTAL_COPY` option is only for updating an existing volume by using a snapshot from another FSx for OpenZFS file system. For more information, see [CopySnapshotAndUpdateVolume](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html) .", "title": "CopyStrategy", "type": "string" }, "SnapshotARN": { "markdownDescription": "Specifies the snapshot to use when creating an OpenZFS volume from a snapshot.", "title": "SnapshotARN", "type": "string" } }, "required": [ "CopyStrategy", "SnapshotARN" ], "type": "object" }, "AWS::FSx::Volume.RetentionPeriod": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Defines the type of time for the retention period of an FSx for ONTAP SnapLock volume. Set it to one of the valid types. If you set it to `INFINITE` , the files are retained forever. If you set it to `UNSPECIFIED` , the files are retained until you set an explicit retention period.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Defines the amount of time for the retention period of an FSx for ONTAP SnapLock volume. You can't set a value for `INFINITE` or `UNSPECIFIED` . For all other options, the following ranges are valid:\n\n- `Seconds` : 0 - 65,535\n- `Minutes` : 0 - 65,535\n- `Hours` : 0 - 24\n- `Days` : 0 - 365\n- `Months` : 0 - 12\n- `Years` : 0 - 100", "title": "Value", "type": "number" } }, "required": [ "Type" ], "type": "object" }, "AWS::FSx::Volume.SnaplockConfiguration": { "additionalProperties": false, "properties": { "AuditLogVolume": { "markdownDescription": "Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is `false` . If you set `AuditLogVolume` to `true` , the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.\n\nFor more information, see [SnapLock audit log volumes](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume) .", "title": "AuditLogVolume", "type": "string" }, "AutocommitPeriod": { "$ref": "#/definitions/AWS::FSx::Volume.AutocommitPeriod", "markdownDescription": "The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.", "title": "AutocommitPeriod" }, "PrivilegedDelete": { "markdownDescription": "Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. `PERMANENTLY_DISABLED` is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is `DISABLED` .\n\nFor more information, see [Privileged delete](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete) .", "title": "PrivilegedDelete", "type": "string" }, "RetentionPeriod": { "$ref": "#/definitions/AWS::FSx::Volume.SnaplockRetentionPeriod", "markdownDescription": "Specifies the retention period of an FSx for ONTAP SnapLock volume.", "title": "RetentionPeriod" }, "SnaplockType": { "markdownDescription": "Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:\n\n- `COMPLIANCE` : Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see [SnapLock Compliance](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html) .\n- `ENTERPRISE` : Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see [SnapLock Enterprise](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html) .", "title": "SnaplockType", "type": "string" }, "VolumeAppendModeEnabled": { "markdownDescription": "Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is `false` .\n\nFor more information, see [Volume-append mode](https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append) .", "title": "VolumeAppendModeEnabled", "type": "string" } }, "required": [ "SnaplockType" ], "type": "object" }, "AWS::FSx::Volume.SnaplockRetentionPeriod": { "additionalProperties": false, "properties": { "DefaultRetention": { "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", "markdownDescription": "The retention period assigned to a write once, read many (WORM) file by default if an explicit retention period is not set for an FSx for ONTAP SnapLock volume. The default retention period must be greater than or equal to the minimum retention period and less than or equal to the maximum retention period.", "title": "DefaultRetention" }, "MaximumRetention": { "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", "markdownDescription": "The longest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", "title": "MaximumRetention" }, "MinimumRetention": { "$ref": "#/definitions/AWS::FSx::Volume.RetentionPeriod", "markdownDescription": "The shortest retention period that can be assigned to a WORM file on an FSx for ONTAP SnapLock volume.", "title": "MinimumRetention" } }, "required": [ "DefaultRetention", "MaximumRetention", "MinimumRetention" ], "type": "object" }, "AWS::FSx::Volume.TieringPolicy": { "additionalProperties": false, "properties": { "CoolingPeriod": { "markdownDescription": "Specifies the number of days that user data in a volume must remain inactive before it is considered \"cold\" and moved to the capacity pool. Used with the `AUTO` and `SNAPSHOT_ONLY` tiering policies. Enter a whole number between 2 and 183. Default values are 31 days for `AUTO` and 2 days for `SNAPSHOT_ONLY` .", "title": "CoolingPeriod", "type": "number" }, "Name": { "markdownDescription": "Specifies the tiering policy used to transition data. Default value is `SNAPSHOT_ONLY` .\n\n- `SNAPSHOT_ONLY` - moves cold snapshots to the capacity pool storage tier.\n- `AUTO` - moves cold user data and snapshots to the capacity pool storage tier based on your access patterns.\n- `ALL` - moves all user data blocks in both the active file system and Snapshot copies to the storage pool tier.\n- `NONE` - keeps a volume's data in the primary storage tier, preventing it from being moved to the capacity pool tier.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::FSx::Volume.UserAndGroupQuotas": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the user or group that the quota applies to.", "title": "Id", "type": "number" }, "StorageCapacityQuotaGiB": { "markdownDescription": "The user or group's storage quota, in gibibytes (GiB).", "title": "StorageCapacityQuotaGiB", "type": "number" }, "Type": { "markdownDescription": "Specifies whether the quota applies to a user or group.", "title": "Type", "type": "string" } }, "required": [ "Id", "StorageCapacityQuotaGiB", "Type" ], "type": "object" }, "AWS::FinSpace::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the FinSpace environment.", "title": "Description", "type": "string" }, "FederationMode": { "markdownDescription": "The authentication mode for the environment.", "title": "FederationMode", "type": "string" }, "FederationParameters": { "$ref": "#/definitions/AWS::FinSpace::Environment.FederationParameters", "markdownDescription": "Configuration information when authentication mode is FEDERATED.", "title": "FederationParameters" }, "KmsKeyId": { "markdownDescription": "The KMS key id used to encrypt in the FinSpace environment.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the FinSpace environment.", "title": "Name", "type": "string" }, "SuperuserParameters": { "$ref": "#/definitions/AWS::FinSpace::Environment.SuperuserParameters", "markdownDescription": "Configuration information for the superuser.", "title": "SuperuserParameters" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FinSpace::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FinSpace::Environment.AttributeMapItems": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::FinSpace::Environment.FederationParameters": { "additionalProperties": false, "properties": { "ApplicationCallBackURL": { "markdownDescription": "The redirect or sign-in URL that should be entered into the SAML 2.0 compliant identity provider configuration (IdP).", "title": "ApplicationCallBackURL", "type": "string" }, "AttributeMap": { "items": { "$ref": "#/definitions/AWS::FinSpace::Environment.AttributeMapItems" }, "markdownDescription": "SAML attribute name and value. The name must always be `Email` and the value should be set to the attribute definition in which user email is set. For example, name would be `Email` and value `http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress` . Please check your SAML 2.0 compliant identity provider (IdP) documentation for details.", "title": "AttributeMap", "type": "array" }, "FederationProviderName": { "markdownDescription": "Name of the identity provider (IdP).", "title": "FederationProviderName", "type": "string" }, "FederationURN": { "markdownDescription": "The Uniform Resource Name (URN). Also referred as Service Provider URN or Audience URI or Service Provider Entity ID.", "title": "FederationURN", "type": "string" }, "SamlMetadataDocument": { "markdownDescription": "SAML 2.0 Metadata document from identity provider (IdP).", "title": "SamlMetadataDocument", "type": "string" }, "SamlMetadataURL": { "markdownDescription": "Provide the metadata URL from your SAML 2.0 compliant identity provider (IdP).", "title": "SamlMetadataURL", "type": "string" } }, "type": "object" }, "AWS::FinSpace::Environment.SuperuserParameters": { "additionalProperties": false, "properties": { "EmailAddress": { "markdownDescription": "The email address of the superuser.", "title": "EmailAddress", "type": "string" }, "FirstName": { "markdownDescription": "The first name of the superuser.", "title": "FirstName", "type": "string" }, "LastName": { "markdownDescription": "The last name of the superuser.", "title": "LastName", "type": "string" } }, "type": "object" }, "AWS::Forecast::Dataset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataFrequency": { "markdownDescription": "The frequency of data collection. This parameter is required for RELATED_TIME_SERIES datasets.\n\nValid intervals are an integer followed by Y (Year), M (Month), W (Week), D (Day), H (Hour), and min (Minute). For example, \"1D\" indicates every day and \"15min\" indicates every 15 minutes. You cannot specify a value that would overlap with the next larger frequency. That means, for example, you cannot specify a frequency of 60 minutes, because that is equivalent to 1 hour. The valid values for each frequency are the following:\n\n- Minute - 1-59\n- Hour - 1-23\n- Day - 1-6\n- Week - 1-4\n- Month - 1-11\n- Year - 1\n\nThus, if you want every other week forecasts, specify \"2W\". Or, if you want quarterly forecasts, you specify \"3M\".", "title": "DataFrequency", "type": "string" }, "DatasetName": { "markdownDescription": "The name of the dataset.", "title": "DatasetName", "type": "string" }, "DatasetType": { "markdownDescription": "The dataset type.", "title": "DatasetType", "type": "string" }, "Domain": { "markdownDescription": "The domain associated with the dataset.", "title": "Domain", "type": "string" }, "EncryptionConfig": { "$ref": "#/definitions/AWS::Forecast::Dataset.EncryptionConfig", "markdownDescription": "A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key.", "title": "EncryptionConfig" }, "Schema": { "$ref": "#/definitions/AWS::Forecast::Dataset.Schema", "markdownDescription": "The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) .", "title": "Schema" }, "Tags": { "items": { "$ref": "#/definitions/AWS::Forecast::Dataset.TagsItems" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DatasetName", "DatasetType", "Domain", "Schema" ], "type": "object" }, "Type": { "enum": [ "AWS::Forecast::Dataset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Forecast::Dataset.AttributesItems": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "", "title": "AttributeName", "type": "string" }, "AttributeType": { "markdownDescription": "", "title": "AttributeType", "type": "string" } }, "type": "object" }, "AWS::Forecast::Dataset.EncryptionConfig": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key.", "title": "KmsKeyArn", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.\n\nPassing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::Forecast::Dataset.Schema": { "additionalProperties": false, "properties": { "Attributes": { "items": { "$ref": "#/definitions/AWS::Forecast::Dataset.AttributesItems" }, "markdownDescription": "An array of attributes specifying the name and type of each field in a dataset.", "title": "Attributes", "type": "array" } }, "type": "object" }, "AWS::Forecast::Dataset.TagsItems": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Forecast::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatasetArns": { "items": { "type": "string" }, "markdownDescription": "An array of Amazon Resource Names (ARNs) of the datasets that you want to include in the dataset group.", "title": "DatasetArns", "type": "array" }, "DatasetGroupName": { "markdownDescription": "The name of the dataset group.", "title": "DatasetGroupName", "type": "string" }, "Domain": { "markdownDescription": "The domain associated with the dataset group. When you add a dataset to a dataset group, this value and the value specified for the `Domain` parameter of the [CreateDataset](https://docs.aws.amazon.com/forecast/latest/dg/API_CreateDataset.html) operation must match.\n\nThe `Domain` and `DatasetType` that you choose determine the fields that must be present in training data that you import to a dataset. For example, if you choose the `RETAIL` domain and `TARGET_TIME_SERIES` as the `DatasetType` , Amazon Forecast requires that `item_id` , `timestamp` , and `demand` fields are present in your data. For more information, see [Dataset groups](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-datasets-groups.html) .", "title": "Domain", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DatasetGroupName", "Domain" ], "type": "object" }, "Type": { "enum": [ "AWS::Forecast::DatasetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::Detector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociatedModels": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.Model" }, "markdownDescription": "The models to associate with this detector. You must provide the ARNs of all the models you want to associate.", "title": "AssociatedModels", "type": "array" }, "Description": { "markdownDescription": "The detector description.", "title": "Description", "type": "string" }, "DetectorId": { "markdownDescription": "The name of the detector.", "title": "DetectorId", "type": "string" }, "DetectorVersionStatus": { "markdownDescription": "The status of the detector version. If a value is not provided for this property, AWS CloudFormation assumes `DRAFT` status.\n\nValid values: `ACTIVE | DRAFT`", "title": "DetectorVersionStatus", "type": "string" }, "EventType": { "$ref": "#/definitions/AWS::FraudDetector::Detector.EventType", "markdownDescription": "The event type associated with this detector.", "title": "EventType" }, "RuleExecutionMode": { "markdownDescription": "The rule execution mode for the rules included in the detector version.\n\nValid values: `FIRST_MATCHED | ALL_MATCHED` Default value: `FIRST_MATCHED`\n\nYou can define and edit the rule mode at the detector version level, when it is in draft status.\n\nIf you specify `FIRST_MATCHED` , Amazon Fraud Detector evaluates rules sequentially, first to last, stopping at the first matched rule. Amazon Fraud dectector then provides the outcomes for that single rule.\n\nIf you specifiy `ALL_MATCHED` , Amazon Fraud Detector evaluates all rules and returns the outcomes for all matched rules.", "title": "RuleExecutionMode", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.Rule" }, "markdownDescription": "The rules to include in the detector version.", "title": "Rules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DetectorId", "EventType", "Rules" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::Detector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::Detector.EntityType": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The entity type ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp of when the entity type was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The entity type description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp of when the entity type was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The entity type name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::Detector.EventType": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The entity type ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp of when the event type was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The event type description.", "title": "Description", "type": "string" }, "EntityTypes": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.EntityType" }, "markdownDescription": "The event type entity types.", "title": "EntityTypes", "type": "array" }, "EventVariables": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.EventVariable" }, "markdownDescription": "The event type event variables.", "title": "EventVariables", "type": "array" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "Labels": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.Label" }, "markdownDescription": "The event type labels.", "title": "Labels", "type": "array" }, "LastUpdatedTime": { "markdownDescription": "Timestamp of when the event type was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The event type name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::Detector.EventVariable": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The event variable ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp for when the event variable was created.", "title": "CreatedTime", "type": "string" }, "DataSource": { "markdownDescription": "The data source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", "title": "DataSource", "type": "string" }, "DataType": { "markdownDescription": "The data type of the event variable.\n\nValid values: `STRING | INTEGER | BOOLEAN | FLOAT`", "title": "DataType", "type": "string" }, "DefaultValue": { "markdownDescription": "The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN.", "title": "DefaultValue", "type": "string" }, "Description": { "markdownDescription": "The description of the event variable.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp for when the event variable was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The name of the event variable.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VariableType": { "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .", "title": "VariableType", "type": "string" } }, "type": "object" }, "AWS::FraudDetector::Detector.Label": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The label ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp of when the event type was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The label description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp of when the label was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The label name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::Detector.Model": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The ARN of the model.", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::FraudDetector::Detector.Outcome": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The outcome ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "The timestamp when the outcome was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The outcome description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "The timestamp when the outcome was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The outcome name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::Detector.Rule": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The rule ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp for when the rule was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The rule description.", "title": "Description", "type": "string" }, "DetectorId": { "markdownDescription": "The detector for which the rule is associated.", "title": "DetectorId", "type": "string" }, "Expression": { "markdownDescription": "The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) .", "title": "Expression", "type": "string" }, "Language": { "markdownDescription": "The rule language.\n\nValid Value: DETECTORPL", "title": "Language", "type": "string" }, "LastUpdatedTime": { "markdownDescription": "Timestamp for when the rule was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Outcomes": { "items": { "$ref": "#/definitions/AWS::FraudDetector::Detector.Outcome" }, "markdownDescription": "The rule outcome.", "title": "Outcomes", "type": "array" }, "RuleId": { "markdownDescription": "The rule ID.", "title": "RuleId", "type": "string" }, "RuleVersion": { "markdownDescription": "The rule version.", "title": "RuleVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::EntityType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The entity type description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The entity type name.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A key and value pair.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::EntityType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::EventType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The event type description.", "title": "Description", "type": "string" }, "EntityTypes": { "items": { "$ref": "#/definitions/AWS::FraudDetector::EventType.EntityType" }, "markdownDescription": "The event type entity types.", "title": "EntityTypes", "type": "array" }, "EventVariables": { "items": { "$ref": "#/definitions/AWS::FraudDetector::EventType.EventVariable" }, "markdownDescription": "The event type event variables.", "title": "EventVariables", "type": "array" }, "Labels": { "items": { "$ref": "#/definitions/AWS::FraudDetector::EventType.Label" }, "markdownDescription": "The event type labels.", "title": "Labels", "type": "array" }, "Name": { "markdownDescription": "The event type name.\n\nPattern : `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "EntityTypes", "EventVariables", "Labels", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::EventType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::EventType.EntityType": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The entity type ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp of when the entity type was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The entity type description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp of when the entity type was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The entity type name.\n\n`^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::EventType.EventVariable": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The event variable ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp for when event variable was created.", "title": "CreatedTime", "type": "string" }, "DataSource": { "markdownDescription": "The source of the event variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", "title": "DataSource", "type": "string" }, "DataType": { "markdownDescription": "The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) .", "title": "DataType", "type": "string" }, "DefaultValue": { "markdownDescription": "The default value of the event variable", "title": "DefaultValue", "type": "string" }, "Description": { "markdownDescription": "The event variable description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp for when the event variable was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The name of the event variable.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VariableType": { "markdownDescription": "The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) .", "title": "VariableType", "type": "string" } }, "type": "object" }, "AWS::FraudDetector::EventType.Label": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The label ARN.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "Timestamp of when the event type was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The label description.", "title": "Description", "type": "string" }, "Inline": { "markdownDescription": "Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object.\n\nFor example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables.", "title": "Inline", "type": "boolean" }, "LastUpdatedTime": { "markdownDescription": "Timestamp of when the label was last updated.", "title": "LastUpdatedTime", "type": "string" }, "Name": { "markdownDescription": "The label name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::FraudDetector::Label": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The label description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The label name.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::Label" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::List": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the list.", "title": "Description", "type": "string" }, "Elements": { "items": { "type": "string" }, "markdownDescription": "The elements in the list.", "title": "Elements", "type": "array" }, "Name": { "markdownDescription": "The name of the list.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VariableType": { "markdownDescription": "The variable type of the list. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types)", "title": "VariableType", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::List" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::Outcome": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The outcome description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The outcome name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::Outcome" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::FraudDetector::Variable": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataSource": { "markdownDescription": "The data source of the variable.\n\nValid values: `EVENT | EXTERNAL_MODEL_SCORE`\n\nWhen defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource.", "title": "DataSource", "type": "string" }, "DataType": { "markdownDescription": "The data type of the variable.\n\nValid data types: `STRING | INTEGER | BOOLEAN | FLOAT`", "title": "DataType", "type": "string" }, "DefaultValue": { "markdownDescription": "The default value of the variable.", "title": "DefaultValue", "type": "string" }, "Description": { "markdownDescription": "The description of the variable.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the variable.\n\nPattern: `^[0-9a-z_-]+$`", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VariableType": { "markdownDescription": "The type of the variable. For more information see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) .\n\nValid Values: `AUTH_CODE | AVS | BILLING_ADDRESS_L1 | BILLING_ADDRESS_L2 | BILLING_CITY | BILLING_COUNTRY | BILLING_NAME | BILLING_PHONE | BILLING_STATE | BILLING_ZIP | CARD_BIN | CATEGORICAL | CURRENCY_CODE | EMAIL_ADDRESS | FINGERPRINT | FRAUD_LABEL | FREE_FORM_TEXT | IP_ADDRESS | NUMERIC | ORDER_ID | PAYMENT_TYPE | PHONE_NUMBER | PRICE | PRODUCT_CATEGORY | SHIPPING_ADDRESS_L1 | SHIPPING_ADDRESS_L2 | SHIPPING_CITY | SHIPPING_COUNTRY | SHIPPING_NAME | SHIPPING_PHONE | SHIPPING_STATE | SHIPPING_ZIP | USERAGENT`", "title": "VariableType", "type": "string" } }, "required": [ "DataSource", "DataType", "DefaultValue", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::FraudDetector::Variable" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::Alias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A human-readable description of the alias.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A descriptive label that is associated with an alias. Alias names do not need to be unique.", "title": "Name", "type": "string" }, "RoutingStrategy": { "$ref": "#/definitions/AWS::GameLift::Alias.RoutingStrategy", "markdownDescription": "The routing configuration, including routing type and fleet target, for the alias.", "title": "RoutingStrategy" } }, "required": [ "Name", "RoutingStrategy" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::Alias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::Alias.RoutingStrategy": { "additionalProperties": false, "properties": { "FleetId": { "markdownDescription": "A unique identifier for a fleet that the alias points to. If you specify `SIMPLE` for the `Type` property, you must specify this property.", "title": "FleetId", "type": "string" }, "Message": { "markdownDescription": "The message text to be used with a terminal routing strategy. If you specify `TERMINAL` for the `Type` property, you must specify this property.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "A type of routing strategy.\n\nPossible routing types include the following:\n\n- *SIMPLE* - The alias resolves to one specific fleet. Use this type when routing to active fleets.\n- *TERMINAL* - The alias does not resolve to a fleet but instead can be used to display a message to the user. A terminal alias throws a `TerminalRoutingStrategyException` with the message that you specified in the `Message` property.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::GameLift::Build": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A descriptive label that is associated with a build. Build names do not need to be unique.", "title": "Name", "type": "string" }, "OperatingSystem": { "markdownDescription": "The operating system that your game server binaries run on. This value determines the type of fleet resources that you use for this build. If your game build contains multiple executables, they all must run on the same operating system. You must specify a valid operating system in this request. There is no default value. You can't change a build's operating system later.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/https://aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use Amazon GameLift server SDK 4.x., first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to Amazon GameLift server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "title": "OperatingSystem", "type": "string" }, "ServerSdkVersion": { "markdownDescription": "A server SDK version you used when integrating your game server build with Amazon GameLift. For more information see [Integrate games with custom game servers](https://docs.aws.amazon.com/gamelift/latest/developerguide/integration-custom-intro.html) . By default Amazon GameLift sets this value to `4.0.2` .", "title": "ServerSdkVersion", "type": "string" }, "StorageLocation": { "$ref": "#/definitions/AWS::GameLift::Build.StorageLocation", "markdownDescription": "Information indicating where your game build files are stored. Use this parameter only when creating a build with files stored in an Amazon S3 bucket that you own. The storage location must specify an Amazon S3 bucket name and key. The location must also specify a role ARN that you set up to allow Amazon GameLift to access your Amazon S3 bucket. The S3 bucket and your new build must be in the same Region.\n\nIf a `StorageLocation` is specified, the size of your file can be found in your Amazon S3 bucket. Amazon GameLift will report a `SizeOnDisk` of 0.", "title": "StorageLocation" }, "Version": { "markdownDescription": "Version information that is associated with this build. Version strings do not need to be unique.", "title": "Version", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::GameLift::Build" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::GameLift::Build.StorageLocation": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "An Amazon S3 bucket identifier. The name of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name of the zip file that contains the build files or script files.", "title": "Key", "type": "string" }, "ObjectVersion": { "markdownDescription": "A version of a stored file to retrieve, if the object versioning feature is turned on for the S3 bucket. Use this parameter to specify a specific version. If this parameter isn't set, Amazon GameLift retrieves the latest version of the file.", "title": "ObjectVersion", "type": "string" }, "RoleArn": { "markdownDescription": "The ARNfor an IAM role that allows Amazon GameLift to access the S3 bucket.", "title": "RoleArn", "type": "string" } }, "required": [ "Bucket", "Key", "RoleArn" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerDefinitions": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDefinition" }, "markdownDescription": "The set of container definitions that are included in the container group.", "title": "ContainerDefinitions", "type": "array" }, "Name": { "markdownDescription": "A descriptive identifier for the container group definition. The name value is unique in an AWS Region.", "title": "Name", "type": "string" }, "OperatingSystem": { "markdownDescription": "The platform required for all containers in the container group definition.\n\n> Amazon Linux 2 (AL2) will reach end of support on 6/30/2025. See more details in the [Amazon Linux 2 FAQs](https://docs.aws.amazon.com/https://aws.amazon.com/amazon-linux-2/faqs/) . For game servers that are hosted on AL2 and use Amazon GameLift server SDK 4.x., first update the game server build to server SDK 5.x, and then deploy to AL2023 instances. See [Migrate to Amazon GameLift server SDK version 5.](https://docs.aws.amazon.com/gamelift/latest/developerguide/reference-serversdk5-migration.html)", "title": "OperatingSystem", "type": "string" }, "SchedulingStrategy": { "markdownDescription": "The method for deploying the container group across fleet instances. A replica container group might have multiple copies on each fleet instance. A daemon container group maintains only one copy per fleet instance.", "title": "SchedulingStrategy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "TotalCpuLimit": { "markdownDescription": "The amount of CPU units on a fleet instance to allocate for the container group. All containers in the group share these resources. This property is an integer value in CPU units (1 vCPU is equal to 1024 CPU units).\n\nYou can set additional limits for each `ContainerDefinition` in the group. If individual containers have limits, this value must be equal to or greater than the sum of all container-specific CPU limits in the group.\n\nFor more details on memory allocation, see the [Container fleet design guide](https://docs.aws.amazon.com/gamelift/latest/developerguide/containers-design-fleet) .", "title": "TotalCpuLimit", "type": "number" }, "TotalMemoryLimit": { "markdownDescription": "The amount of memory (in MiB) on a fleet instance to allocate for the container group. All containers in the group share these resources.\n\nYou can set additional limits for each `ContainerDefinition` in the group. If individual containers have limits, this value must meet the following requirements:\n\n- Equal to or greater than the sum of all container-specific soft memory limits in the group.\n- Equal to or greater than any container-specific hard limits in the group.\n\nFor more details on memory allocation, see the [Container fleet design guide](https://docs.aws.amazon.com/gamelift/latest/developerguide/containers-design-fleet) .", "title": "TotalMemoryLimit", "type": "number" } }, "required": [ "ContainerDefinitions", "Name", "OperatingSystem", "TotalCpuLimit", "TotalMemoryLimit" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::ContainerGroupDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.ContainerDefinition": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "A command that's passed to the container on startup. Each argument for the command is an additional string in the array. See the [ContainerDefinition::command](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-command) parameter in the *Amazon Elastic Container Service API reference.*", "title": "Command", "type": "array" }, "ContainerName": { "markdownDescription": "The container definition identifier. Container names are unique within a container group definition.", "title": "ContainerName", "type": "string" }, "Cpu": { "markdownDescription": "The number of CPU units that are reserved for the container. Note: 1 vCPU unit equals 1024 CPU units. If no resources are reserved, the container shares the total CPU limit for the container group.\n\n*Related data type:* `ContainerGroupDefinition$TotalCpuLimit`", "title": "Cpu", "type": "number" }, "DependsOn": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerDependency" }, "markdownDescription": "Indicates that the container relies on the status of other containers in the same container group during its startup and shutdown sequences. A container might have dependencies on multiple containers.", "title": "DependsOn", "type": "array" }, "EntryPoint": { "items": { "type": "string" }, "markdownDescription": "The entry point that's passed to the container on startup. If there are multiple arguments, each argument is an additional string in the array. See the [ContainerDefinition::entryPoint](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-entryPoint) parameter in the *Amazon Elastic Container Service API Reference* .", "title": "EntryPoint", "type": "array" }, "Environment": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment" }, "markdownDescription": "A set of environment variables that's passed to the container on startup. See the [ContainerDefinition::environment](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-environment) parameter in the *Amazon Elastic Container Service API Reference* .", "title": "Environment", "type": "array" }, "Essential": { "markdownDescription": "Indicates whether the container is vital to the container group. If an essential container fails, the entire container group is restarted.", "title": "Essential", "type": "boolean" }, "HealthCheck": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck", "markdownDescription": "A configuration for a non-terminal health check. A container, which automatically restarts if it stops functioning, also restarts if it fails this health check. If an essential container in the daemon group fails a health check, the entire container group is restarted. The essential container in the replica group doesn't use this health check mechanism, because the Amazon GameLift Agent automatically handles the task.", "title": "HealthCheck" }, "ImageUri": { "markdownDescription": "The URI to the image that $short; copied and deployed to a container fleet. For a more specific identifier, see `ResolvedImageDigest` .", "title": "ImageUri", "type": "string" }, "MemoryLimits": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.MemoryLimits", "markdownDescription": "The amount of memory that Amazon GameLift makes available to the container. If memory limits aren't set for an individual container, the container shares the container group's total memory allocation.\n\n*Related data type:* `ContainerGroupDefinition$TotalMemoryLimit`", "title": "MemoryLimits" }, "PortConfiguration": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.PortConfiguration", "markdownDescription": "Defines the ports that are available to assign to processes in the container. For example, a game server process requires a container port to allow game clients to connect to it. Container ports aren't directly accessed by inbound traffic. Amazon GameLift maps these container ports to externally accessible connection ports, which are assigned as needed from the container fleet's `ConnectionPortRange` .", "title": "PortConfiguration" }, "ResolvedImageDigest": { "markdownDescription": "A unique and immutable identifier for the container image that is deployed to a container fleet. The digest is a SHA 256 hash of the container image manifest.", "title": "ResolvedImageDigest", "type": "string" }, "WorkingDirectory": { "markdownDescription": "The directory in the container where commands are run. See the [ContainerDefinition::workingDirectory](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html#ECS-Type-ContainerDefinition-workingDirectory) parameter in the *Amazon Elastic Container Service API Reference* .", "title": "WorkingDirectory", "type": "string" } }, "required": [ "ContainerName", "ImageUri" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.ContainerDependency": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "The condition that the dependency container must reach before the dependent container can start. Valid conditions include:\n\n- START - The dependency container must have started.\n- COMPLETE - The dependency container has run to completion (exits). Use this condition with nonessential containers, such as those that run a script and then exit. The dependency container can't be an essential container.\n- SUCCESS - The dependency container has run to completion and exited with a zero status. The dependency container can't be an essential container.\n- HEALTHY - The dependency container has passed its Docker health check. Use this condition with dependency containers that have health checks configured. This condition is confirmed at container group startup only.", "title": "Condition", "type": "string" }, "ContainerName": { "markdownDescription": "A descriptive label for the container definition that this container depends on.", "title": "ContainerName", "type": "string" } }, "required": [ "Condition", "ContainerName" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.ContainerEnvironment": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The environment variable name.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The environment variable value.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.ContainerHealthCheck": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "A string array that specifies the command that the container runs to determine if it's healthy.", "title": "Command", "type": "array" }, "Interval": { "markdownDescription": "The time period (in seconds) between each health check.", "title": "Interval", "type": "number" }, "Retries": { "markdownDescription": "The number of times to retry a failed health check before the container is considered unhealthy. The first run of the command does not count as a retry.", "title": "Retries", "type": "number" }, "StartPeriod": { "markdownDescription": "The optional grace period (in seconds) to give a container time to bootstrap before the first failed health check counts toward the number of retries.", "title": "StartPeriod", "type": "number" }, "Timeout": { "markdownDescription": "The time period (in seconds) to wait for a health check to succeed before a failed health check is counted.", "title": "Timeout", "type": "number" } }, "required": [ "Command" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.ContainerPortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "A starting value for the range of allowed port numbers.", "title": "FromPort", "type": "number" }, "Protocol": { "markdownDescription": "The network protocol that these ports support.", "title": "Protocol", "type": "string" }, "ToPort": { "markdownDescription": "An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "Protocol", "ToPort" ], "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.MemoryLimits": { "additionalProperties": false, "properties": { "HardLimit": { "markdownDescription": "", "title": "HardLimit", "type": "number" }, "SoftLimit": { "markdownDescription": "", "title": "SoftLimit", "type": "number" } }, "type": "object" }, "AWS::GameLift::ContainerGroupDefinition.PortConfiguration": { "additionalProperties": false, "properties": { "ContainerPortRanges": { "items": { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition.ContainerPortRange" }, "markdownDescription": "", "title": "ContainerPortRanges", "type": "array" } }, "required": [ "ContainerPortRanges" ], "type": "object" }, "AWS::GameLift::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AnywhereConfiguration": { "$ref": "#/definitions/AWS::GameLift::Fleet.AnywhereConfiguration", "markdownDescription": "Amazon GameLift Anywhere configuration options.", "title": "AnywhereConfiguration" }, "ApplyCapacity": { "markdownDescription": "Current resource capacity settings for managed EC2 fleets and container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", "title": "ApplyCapacity", "type": "string" }, "BuildId": { "markdownDescription": "A unique identifier for a build to be deployed on the new fleet. If you are deploying the fleet with a custom game build, you must specify this property. The build must have been successfully uploaded to Amazon GameLift and be in a `READY` status. This fleet setting cannot be changed once the fleet is created.", "title": "BuildId", "type": "string" }, "CertificateConfiguration": { "$ref": "#/definitions/AWS::GameLift::Fleet.CertificateConfiguration", "markdownDescription": "Prompts Amazon GameLift to generate a TLS/SSL certificate for the fleet. Amazon GameLift uses the certificates to encrypt traffic between game clients and the game servers running on Amazon GameLift. By default, the `CertificateConfiguration` is `DISABLED` . You can't change this property after you create the fleet.\n\nAWS Certificate Manager (ACM) certificates expire after 13 months. Certificate expiration can cause fleets to fail, preventing players from connecting to instances in the fleet. We recommend you replace fleets before 13 months, consider using fleet aliases for a smooth transition.\n\n> ACM isn't available in all AWS regions. A fleet creation request with certificate generation enabled in an unsupported Region, fails with a 4xx error. For more information about the supported Regions, see [Supported Regions](https://docs.aws.amazon.com/acm/latest/userguide/acm-regions.html) in the *AWS Certificate Manager User Guide* .", "title": "CertificateConfiguration" }, "ComputeType": { "markdownDescription": "The type of compute resource used to host your game servers.\n\n- `EC2` \u2013 The game server build is deployed to Amazon EC2 instances for cloud hosting. This is the default setting.\n- `CONTAINER` \u2013 Container images with your game server build and supporting software are deployed to Amazon EC2 instances for cloud hosting. With this compute type, you must specify the `ContainerGroupsConfiguration` parameter.\n- `ANYWHERE` \u2013 Game servers or container images with your game server and supporting software are deployed to compute resources that are provided and managed by you. With this compute type, you can also set the `AnywhereConfiguration` parameter.", "title": "ComputeType", "type": "string" }, "ContainerGroupsConfiguration": { "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsConfiguration", "markdownDescription": "*This data type is used with the Amazon GameLift containers feature, which is currently in public preview.*\n\nConfiguration details for a set of container groups, for use when creating a fleet with compute type `CONTAINER` .\n\n*Used with:* `CreateFleet`", "title": "ContainerGroupsConfiguration" }, "Description": { "markdownDescription": "A description for the fleet.", "title": "Description", "type": "string" }, "DesiredEC2Instances": { "markdownDescription": "The number of EC2 instances that you want this fleet to host. When creating a new fleet, GameLift automatically sets this value to \"1\" and initiates a single instance. Once the fleet is active, update this value to trigger GameLift to add or remove instances from the fleet.", "title": "DesiredEC2Instances", "type": "number" }, "EC2InboundPermissions": { "items": { "$ref": "#/definitions/AWS::GameLift::Fleet.IpPermission" }, "markdownDescription": "The IP address ranges and port settings that allow inbound traffic to access game server processes and other processes on this fleet. Set this parameter for EC2 and container fleets. You can leave this parameter empty when creating the fleet, but you must call `UpdateFleetPortSettings` to set it before players can connect to game sessions. As a best practice, we recommend opening ports for remote access only when you need them and closing them when you're finished. For Realtime Servers fleets, Amazon GameLift automatically sets TCP and UDP ranges.\n\nTo manage inbound access for a container fleet, set this parameter to the same port numbers that you set for the fleet's connection port range. During the life of the fleet, update this parameter to control which connection ports are open to inbound traffic.", "title": "EC2InboundPermissions", "type": "array" }, "EC2InstanceType": { "markdownDescription": "The Amazon GameLift-supported Amazon EC2 instance type to use with EC2 and container fleets. Instance type determines the computing resources that will be used to host your game servers, including CPU, memory, storage, and networking capacity. See [Amazon Elastic Compute Cloud Instance Types](https://docs.aws.amazon.com/ec2/instance-types/) for detailed descriptions of Amazon EC2 instance types.", "title": "EC2InstanceType", "type": "string" }, "FleetType": { "markdownDescription": "Indicates whether to use On-Demand or Spot instances for this fleet. By default, this property is set to `ON_DEMAND` . Learn more about when to use [On-Demand versus Spot Instances](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-ec2-instances.html#gamelift-ec2-instances-spot) . This fleet property can't be changed after the fleet is created.", "title": "FleetType", "type": "string" }, "InstanceRoleARN": { "markdownDescription": "A unique identifier for an IAM role with access permissions to other AWS services. Any application that runs on an instance in the fleet--including install scripts, server processes, and other processes--can use these permissions to interact with AWS resources that you own or have access to. For more information about using the role with your game server builds, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is \"EC2\" or \"Container\".", "title": "InstanceRoleARN", "type": "string" }, "InstanceRoleCredentialsProvider": { "markdownDescription": "Indicates that fleet instances maintain a shared credentials file for the IAM role defined in `InstanceRoleArn` . Shared credentials allow applications that are deployed with the game server executable to communicate with other AWS resources. This property is used only when the game server is integrated with the server SDK version 5.x. For more information about using shared credentials, see [Communicate with other AWS resources from your fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-resources.html) . This attribute is used with fleets where `ComputeType` is \"EC2\" or \"Container\".", "title": "InstanceRoleCredentialsProvider", "type": "string" }, "Locations": { "items": { "$ref": "#/definitions/AWS::GameLift::Fleet.LocationConfiguration" }, "markdownDescription": "A set of remote locations to deploy additional instances to and manage as part of the fleet. This parameter can only be used when creating fleets in AWS Regions that support multiple locations. You can add any Amazon GameLift-supported AWS Region as a remote location, in the form of an AWS Region code, such as `us-west-2` or Local Zone code. To create a fleet with instances in the home Region only, don't set this parameter.\n\nWhen using this parameter, Amazon GameLift requires you to include your home location in the request.", "title": "Locations", "type": "array" }, "MaxSize": { "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", "title": "MaxSize", "type": "number" }, "MetricGroups": { "items": { "type": "string" }, "markdownDescription": "The name of an AWS CloudWatch metric group to add this fleet to. A metric group is used to aggregate the metrics for multiple fleets. You can specify an existing metric group name or set a new name to create a new metric group. A fleet can be included in only one metric group at a time.", "title": "MetricGroups", "type": "array" }, "MinSize": { "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", "title": "MinSize", "type": "number" }, "Name": { "markdownDescription": "A descriptive label that is associated with a fleet. Fleet names do not need to be unique.", "title": "Name", "type": "string" }, "NewGameSessionProtectionPolicy": { "markdownDescription": "The status of termination protection for active game sessions on the fleet. By default, this property is set to `NoProtection` .\n\n- *NoProtection* - Game sessions can be terminated during active gameplay as a result of a scale-down event.\n- *FullProtection* - Game sessions in `ACTIVE` status cannot be terminated during a scale-down event.", "title": "NewGameSessionProtectionPolicy", "type": "string" }, "PeerVpcAwsAccountId": { "markdownDescription": "Used when peering your Amazon GameLift fleet with a VPC, the unique identifier for the AWS account that owns the VPC. You can find your account ID in the AWS Management Console under account settings.", "title": "PeerVpcAwsAccountId", "type": "string" }, "PeerVpcId": { "markdownDescription": "A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the [VPC Dashboard](https://docs.aws.amazon.com/vpc/) in the AWS Management Console . Learn more about VPC peering in [VPC Peering with Amazon GameLift Fleets](https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html) .", "title": "PeerVpcId", "type": "string" }, "ResourceCreationLimitPolicy": { "$ref": "#/definitions/AWS::GameLift::Fleet.ResourceCreationLimitPolicy", "markdownDescription": "A policy that limits the number of game sessions that an individual player can create on instances in this fleet within a specified span of time.", "title": "ResourceCreationLimitPolicy" }, "RuntimeConfiguration": { "$ref": "#/definitions/AWS::GameLift::Fleet.RuntimeConfiguration", "markdownDescription": "Instructions for how to launch and maintain server processes on instances in the fleet. The runtime configuration defines one or more server process configurations, each identifying a build executable or Realtime script file and the number of processes of that type to run concurrently.\n\n> The `RuntimeConfiguration` parameter is required unless the fleet is being configured using the older parameters `ServerLaunchPath` and `ServerLaunchParameters` , which are still supported for backward compatibility.", "title": "RuntimeConfiguration" }, "ScalingPolicies": { "items": { "$ref": "#/definitions/AWS::GameLift::Fleet.ScalingPolicy" }, "markdownDescription": "Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID.", "title": "ScalingPolicies", "type": "array" }, "ScriptId": { "markdownDescription": "The unique identifier for a Realtime configuration script to be deployed on fleet instances. You can use either the script ID or ARN. Scripts must be uploaded to Amazon GameLift prior to creating the fleet. This fleet property cannot be changed later.\n\n> You can't use the `!Ref` command to reference a script created with a CloudFormation template for the fleet property `ScriptId` . Instead, use `Fn::GetAtt Script.Arn` or `Fn::GetAtt Script.Id` to retrieve either of these properties as input for `ScriptId` . Alternatively, enter a `ScriptId` string manually.", "title": "ScriptId", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::Fleet.AnywhereConfiguration": { "additionalProperties": false, "properties": { "Cost": { "markdownDescription": "The cost to run your fleet per hour. Amazon GameLift uses the provided cost of your fleet to balance usage in queues. For more information about queues, see [Setting up queues](https://docs.aws.amazon.com/gamelift/latest/developerguide/queues-intro.html) in the *Amazon GameLift Developer Guide* .", "title": "Cost", "type": "string" } }, "required": [ "Cost" ], "type": "object" }, "AWS::GameLift::Fleet.CertificateConfiguration": { "additionalProperties": false, "properties": { "CertificateType": { "markdownDescription": "Indicates whether a TLS/SSL certificate is generated for a fleet.\n\nValid values include:\n\n- *GENERATED* - Generate a TLS/SSL certificate for this fleet.\n- *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet.", "title": "CertificateType", "type": "string" } }, "required": [ "CertificateType" ], "type": "object" }, "AWS::GameLift::Fleet.ConnectionPortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "Starting value for the port range.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "Ending value for the port. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "ToPort" ], "type": "object" }, "AWS::GameLift::Fleet.ContainerGroupsConfiguration": { "additionalProperties": false, "properties": { "ConnectionPortRange": { "$ref": "#/definitions/AWS::GameLift::Fleet.ConnectionPortRange", "markdownDescription": "A set of ports to allow inbound traffic, including game clients, to connect to processes running in the container fleet.\n\nConnection ports are dynamically mapped to container ports, which are assigned to individual processes running in a container. The connection port range must have enough ports to map to all container ports across a fleet instance. To calculate the minimum connection ports needed, use the following formula:\n\n*[Total number of container ports as defined for containers in the replica container group] * [Desired or calculated number of replica container groups per instance] + [Total number of container ports as defined for containers in the daemon container group]*\n\nAs a best practice, double the minimum number of connection ports.\n\n> Use the fleet's `EC2InboundPermissions` property to control external access to connection ports. Set this property to the connection port numbers that you want to open access to. See `IpPermission` for more details.", "title": "ConnectionPortRange" }, "ContainerGroupDefinitionNames": { "items": { "type": "string" }, "markdownDescription": "The list of container group definition names to deploy to a new container fleet.", "title": "ContainerGroupDefinitionNames", "type": "array" }, "ContainerGroupsPerInstance": { "$ref": "#/definitions/AWS::GameLift::Fleet.ContainerGroupsPerInstance", "markdownDescription": "", "title": "ContainerGroupsPerInstance" } }, "required": [ "ConnectionPortRange", "ContainerGroupDefinitionNames" ], "type": "object" }, "AWS::GameLift::Fleet.ContainerGroupsPerInstance": { "additionalProperties": false, "properties": { "DesiredReplicaContainerGroupsPerInstance": { "markdownDescription": "The desired number of replica container groups to place on each fleet instance.", "title": "DesiredReplicaContainerGroupsPerInstance", "type": "number" }, "MaxReplicaContainerGroupsPerInstance": { "markdownDescription": "The maximum possible number of replica container groups that each fleet instance can have.", "title": "MaxReplicaContainerGroupsPerInstance", "type": "number" } }, "type": "object" }, "AWS::GameLift::Fleet.IpPermission": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "A starting value for a range of allowed port numbers.\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", "title": "FromPort", "type": "number" }, "IpRange": { "markdownDescription": "A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: \" `000.000.000.000/[subnet mask]` \" or optionally the shortened version \" `0.0.0.0/[subnet mask]` \".", "title": "IpRange", "type": "string" }, "Protocol": { "markdownDescription": "The network communication protocol used by the fleet.", "title": "Protocol", "type": "string" }, "ToPort": { "markdownDescription": "An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than `FromPort` .\n\nFor fleets using Linux builds, only ports `22` and `1026-60000` are valid.\n\nFor fleets using Windows builds, only ports `1026-60000` are valid.", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "IpRange", "Protocol", "ToPort" ], "type": "object" }, "AWS::GameLift::Fleet.LocationCapacity": { "additionalProperties": false, "properties": { "DesiredEC2Instances": { "markdownDescription": "The number of Amazon EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. Changes in desired instance value can take up to 1 minute to be reflected when viewing the fleet's capacity settings.", "title": "DesiredEC2Instances", "type": "number" }, "MaxSize": { "markdownDescription": "The maximum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 1.", "title": "MaxSize", "type": "number" }, "MinSize": { "markdownDescription": "The minimum number of instances that are allowed in the specified fleet location. If this parameter is not set, the default is 0.", "title": "MinSize", "type": "number" } }, "required": [ "DesiredEC2Instances", "MaxSize", "MinSize" ], "type": "object" }, "AWS::GameLift::Fleet.LocationConfiguration": { "additionalProperties": false, "properties": { "Location": { "markdownDescription": "An AWS Region code, such as `us-west-2` .", "title": "Location", "type": "string" }, "LocationCapacity": { "$ref": "#/definitions/AWS::GameLift::Fleet.LocationCapacity", "markdownDescription": "Current resource capacity settings for managed EC2 fleets and container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region.\n\n*Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html)", "title": "LocationCapacity" } }, "required": [ "Location" ], "type": "object" }, "AWS::GameLift::Fleet.ResourceCreationLimitPolicy": { "additionalProperties": false, "properties": { "NewGameSessionsPerCreator": { "markdownDescription": "A policy that puts limits on the number of game sessions that a player can create within a specified span of time. With this policy, you can control players' ability to consume available resources.\n\nThe policy is evaluated when a player tries to create a new game session. On receiving a `CreateGameSession` request, Amazon GameLift checks that the player (identified by `CreatorId` ) has created fewer than game session limit in the specified time period.", "title": "NewGameSessionsPerCreator", "type": "number" }, "PolicyPeriodInMinutes": { "markdownDescription": "The time span used in evaluating the resource creation limit policy.", "title": "PolicyPeriodInMinutes", "type": "number" } }, "type": "object" }, "AWS::GameLift::Fleet.RuntimeConfiguration": { "additionalProperties": false, "properties": { "GameSessionActivationTimeoutSeconds": { "markdownDescription": "The maximum amount of time (in seconds) allowed to launch a new game session and have it report ready to host players. During this time, the game session is in status `ACTIVATING` . If the game session does not become active before the timeout, it is ended and the game session status is changed to `TERMINATED` .", "title": "GameSessionActivationTimeoutSeconds", "type": "number" }, "MaxConcurrentGameSessionActivations": { "markdownDescription": "The number of game sessions in status `ACTIVATING` to allow on an instance or container. This setting limits the instance resources that can be used for new game activations at any one time.", "title": "MaxConcurrentGameSessionActivations", "type": "number" }, "ServerProcesses": { "items": { "$ref": "#/definitions/AWS::GameLift::Fleet.ServerProcess" }, "markdownDescription": "A collection of server process configurations that identify what server processes to run on fleet computes.", "title": "ServerProcesses", "type": "array" } }, "type": "object" }, "AWS::GameLift::Fleet.ScalingPolicy": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "Comparison operator to use when measuring a metric against the threshold value.", "title": "ComparisonOperator", "type": "string" }, "EvaluationPeriods": { "markdownDescription": "Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered.", "title": "EvaluationPeriods", "type": "number" }, "Location": { "markdownDescription": "The fleet location.", "title": "Location", "type": "string" }, "MetricName": { "markdownDescription": "Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment. For detailed descriptions of fleet metrics, see [Monitor Amazon GameLift with Amazon CloudWatch](https://docs.aws.amazon.com/gamelift/latest/developerguide/monitoring-cloudwatch.html) .\n\n- *ActivatingGameSessions* -- Game sessions in the process of being created.\n- *ActiveGameSessions* -- Game sessions that are currently running.\n- *ActiveInstances* -- Fleet instances that are currently running at least one game session.\n- *AvailableGameSessions* -- Additional game sessions that fleet could host simultaneously, given current capacity.\n- *AvailablePlayerSessions* -- Empty player slots in currently active game sessions. This includes game sessions that are not currently accepting players. Reserved player slots are not included.\n- *CurrentPlayerSessions* -- Player slots in active game sessions that are being used by a player or are reserved for a player.\n- *IdleInstances* -- Active instances that are currently hosting zero game sessions.\n- *PercentAvailableGameSessions* -- Unused percentage of the total number of game sessions that a fleet could host simultaneously, given current capacity. Use this metric for a target-based scaling policy.\n- *PercentIdleInstances* -- Percentage of the total number of active instances that are hosting zero game sessions.\n- *QueueDepth* -- Pending game session placement requests, in any queue, where the current fleet is the top-priority destination.\n- *WaitTime* -- Current wait time for pending game session placement requests, in any queue, where the current fleet is the top-priority destination.", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique.", "title": "Name", "type": "string" }, "PolicyType": { "markdownDescription": "The type of scaling policy to create. For a target-based policy, set the parameter *MetricName* to 'PercentAvailableGameSessions' and specify a *TargetConfiguration* . For a rule-based policy set the following parameters: *MetricName* , *ComparisonOperator* , *Threshold* , *EvaluationPeriods* , *ScalingAdjustmentType* , and *ScalingAdjustment* .", "title": "PolicyType", "type": "string" }, "ScalingAdjustment": { "markdownDescription": "Amount of adjustment to make, based on the scaling adjustment type.", "title": "ScalingAdjustment", "type": "number" }, "ScalingAdjustmentType": { "markdownDescription": "The type of adjustment to make to a fleet's instance count.\n\n- *ChangeInCapacity* -- add (or subtract) the scaling adjustment value from the current instance count. Positive values scale up while negative values scale down.\n- *ExactCapacity* -- set the instance count to the scaling adjustment value.\n- *PercentChangeInCapacity* -- increase or reduce the current instance count by the scaling adjustment, read as a percentage. Positive values scale up while negative values scale down.", "title": "ScalingAdjustmentType", "type": "string" }, "Status": { "markdownDescription": "Current status of the scaling policy. The scaling policy can be in force only when in an `ACTIVE` status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change.\n\n- *ACTIVE* -- The scaling policy can be used for auto-scaling a fleet.\n- *UPDATE_REQUESTED* -- A request to update the scaling policy has been received.\n- *UPDATING* -- A change is being made to the scaling policy.\n- *DELETE_REQUESTED* -- A request to delete the scaling policy has been received.\n- *DELETING* -- The scaling policy is being deleted.\n- *DELETED* -- The scaling policy has been deleted.\n- *ERROR* -- An error occurred in creating the policy. It should be removed and recreated.", "title": "Status", "type": "string" }, "TargetConfiguration": { "$ref": "#/definitions/AWS::GameLift::Fleet.TargetConfiguration", "markdownDescription": "An object that contains settings for a target-based scaling policy.", "title": "TargetConfiguration" }, "Threshold": { "markdownDescription": "Metric value used to trigger a scaling event.", "title": "Threshold", "type": "number" }, "UpdateStatus": { "markdownDescription": "The current status of the fleet's scaling policies in a requested fleet location. The status `PENDING_UPDATE` indicates that an update was requested for the fleet but has not yet been completed for the location.", "title": "UpdateStatus", "type": "string" } }, "required": [ "MetricName", "Name" ], "type": "object" }, "AWS::GameLift::Fleet.ServerProcess": { "additionalProperties": false, "properties": { "ConcurrentExecutions": { "markdownDescription": "The number of server processes using this configuration that run concurrently on each instance or container..", "title": "ConcurrentExecutions", "type": "number" }, "LaunchPath": { "markdownDescription": "The location of a game build executable or Realtime script. Game builds and Realtime scripts are installed on instances at the root:\n\n- Windows (custom game builds only): `C:\\game` . Example: \" `C:\\game\\MyGame\\server.exe` \"\n- Linux: `/local/game` . Examples: \" `/local/game/MyGame/server.exe` \" or \" `/local/game/MyRealtimeScript.js` \"\n\n> Amazon GameLift doesn't support the use of setup scripts that launch the game executable. For custom game builds, this parameter must indicate the executable that calls the server SDK operations `initSDK()` and `ProcessReady()` .", "title": "LaunchPath", "type": "string" }, "Parameters": { "markdownDescription": "An optional list of parameters to pass to the server executable or Realtime script on launch.\n\nLength Constraints: Minimum length of 1. Maximum length of 1024.\n\nPattern: [A-Za-z0-9_:.+\\/\\\\\\- =@{},?'\\[\\]\"]+", "title": "Parameters", "type": "string" } }, "required": [ "ConcurrentExecutions", "LaunchPath" ], "type": "object" }, "AWS::GameLift::Fleet.TargetConfiguration": { "additionalProperties": false, "properties": { "TargetValue": { "markdownDescription": "Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions).", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::GameLift::GameServerGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoScalingPolicy": { "$ref": "#/definitions/AWS::GameLift::GameServerGroup.AutoScalingPolicy", "markdownDescription": "Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. The scaling policy uses the metric `\"PercentUtilizedGameServers\"` to maintain a buffer of idle game servers that can immediately accommodate new games and players. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", "title": "AutoScalingPolicy" }, "BalancingStrategy": { "markdownDescription": "Indicates how Amazon GameLift FleetIQ balances the use of Spot Instances and On-Demand Instances in the game server group. Method options include the following:\n\n- `SPOT_ONLY` - Only Spot Instances are used in the game server group. If Spot Instances are unavailable or not viable for game hosting, the game server group provides no hosting capacity until Spot Instances can again be used. Until then, no new instances are started, and the existing nonviable Spot Instances are terminated (after current gameplay ends) and are not replaced.\n- `SPOT_PREFERRED` - (default value) Spot Instances are used whenever available in the game server group. If Spot Instances are unavailable, the game server group continues to provide hosting capacity by falling back to On-Demand Instances. Existing nonviable Spot Instances are terminated (after current gameplay ends) and are replaced with new On-Demand Instances.\n- `ON_DEMAND_ONLY` - Only On-Demand Instances are used in the game server group. No Spot Instances are used, even when available, while this balancing strategy is in force.", "title": "BalancingStrategy", "type": "string" }, "DeleteOption": { "markdownDescription": "The type of delete to perform. To delete a game server group, specify the `DeleteOption` . Options include the following:\n\n- `SAFE_DELETE` \u2013 (default) Terminates the game server group and Amazon EC2 Auto Scaling group only when it has no game servers that are in `UTILIZED` status.\n- `FORCE_DELETE` \u2013 Terminates the game server group, including all active game servers regardless of their utilization status, and the Amazon EC2 Auto Scaling group.\n- `RETAIN` \u2013 Does a safe delete of the game server group but retains the Amazon EC2 Auto Scaling group as is.", "title": "DeleteOption", "type": "string" }, "GameServerGroupName": { "markdownDescription": "A developer-defined identifier for the game server group. The name is unique for each Region in each AWS account.", "title": "GameServerGroupName", "type": "string" }, "GameServerProtectionPolicy": { "markdownDescription": "A flag that indicates whether instances in the game server group are protected from early termination. Unprotected instances that have active game servers running might be terminated during a scale-down event, causing players to be dropped from the game. Protected instances cannot be terminated while there are active game servers running except in the event of a forced game server group deletion (see ). An exception to this is with Spot Instances, which can be terminated by AWS regardless of protection status.", "title": "GameServerProtectionPolicy", "type": "string" }, "InstanceDefinitions": { "items": { "$ref": "#/definitions/AWS::GameLift::GameServerGroup.InstanceDefinition" }, "markdownDescription": "The set of Amazon EC2 instance types that Amazon GameLift FleetIQ can use when balancing and automatically scaling instances in the corresponding Auto Scaling group.", "title": "InstanceDefinitions", "type": "array" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::GameLift::GameServerGroup.LaunchTemplate", "markdownDescription": "The Amazon EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. You can specify the template using either the template name or ID. For help with creating a launch template, see [Creating a Launch Template for an Auto Scaling Group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.\n\n> If you specify network interfaces in your launch template, you must explicitly set the property `AssociatePublicIpAddress` to \"true\". If no network interface is specified in the launch template, Amazon GameLift FleetIQ uses your account's default VPC.", "title": "LaunchTemplate" }, "MaxSize": { "markdownDescription": "The maximum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift FleetIQ and EC2 do not scale up the group above this maximum. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", "title": "MaxSize", "type": "number" }, "MinSize": { "markdownDescription": "The minimum number of instances allowed in the Amazon EC2 Auto Scaling group. During automatic scaling events, Amazon GameLift FleetIQ and Amazon EC2 do not scale down the group below this minimum. In production, this value should be set to at least 1. After the Auto Scaling group is created, update this value directly in the Auto Scaling group using the AWS console or APIs.", "title": "MinSize", "type": "number" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift to access your Amazon EC2 Auto Scaling groups.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new game server group resource. Tags are developer-defined key-value pairs. Tagging AWS resources is useful for resource management, access management, and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags, respectively. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, "VpcSubnets": { "items": { "type": "string" }, "markdownDescription": "A list of virtual private cloud (VPC) subnets to use with instances in the game server group. By default, all Amazon GameLift FleetIQ-supported Availability Zones are used. You can use this parameter to specify VPCs that you've set up. This property cannot be updated after the game server group is created, and the corresponding Auto Scaling group will always use the property value that is set with this request, even if the Auto Scaling group is updated directly.", "title": "VpcSubnets", "type": "array" } }, "required": [ "GameServerGroupName", "InstanceDefinitions", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::GameServerGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::GameServerGroup.AutoScalingPolicy": { "additionalProperties": false, "properties": { "EstimatedInstanceWarmup": { "markdownDescription": "Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances.", "title": "EstimatedInstanceWarmup", "type": "number" }, "TargetTrackingConfiguration": { "$ref": "#/definitions/AWS::GameLift::GameServerGroup.TargetTrackingConfiguration", "markdownDescription": "Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value.", "title": "TargetTrackingConfiguration" } }, "required": [ "TargetTrackingConfiguration" ], "type": "object" }, "AWS::GameLift::GameServerGroup.InstanceDefinition": { "additionalProperties": false, "properties": { "InstanceType": { "markdownDescription": "An Amazon EC2 instance type designation.", "title": "InstanceType", "type": "string" }, "WeightedCapacity": { "markdownDescription": "Instance weighting that indicates how much this instance type contributes to the total capacity of a game server group. Instance weights are used by Amazon GameLift FleetIQ to calculate the instance type's cost per unit hour and better identify the most cost-effective options. For detailed information on weighting instance capacity, see [Instance Weighting](https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-weighting.html) in the *Amazon Elastic Compute Cloud Auto Scaling User Guide* . Default value is \"1\".", "title": "WeightedCapacity", "type": "string" } }, "required": [ "InstanceType" ], "type": "object" }, "AWS::GameLift::GameServerGroup.LaunchTemplate": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "A unique identifier for an existing Amazon EC2 launch template.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "A readable identifier for an existing Amazon EC2 launch template.", "title": "LaunchTemplateName", "type": "string" }, "Version": { "markdownDescription": "The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::GameLift::GameServerGroup.TargetTrackingConfiguration": { "additionalProperties": false, "properties": { "TargetValue": { "markdownDescription": "Desired value to use with a game server group target-based scaling policy.", "title": "TargetValue", "type": "number" } }, "required": [ "TargetValue" ], "type": "object" }, "AWS::GameLift::GameSessionQueue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomEventData": { "markdownDescription": "Information to be added to all events that are related to this game session queue.", "title": "CustomEventData", "type": "string" }, "Destinations": { "items": { "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.GameSessionQueueDestination" }, "markdownDescription": "A list of fleets and/or fleet aliases that can be used to fulfill game session placement requests in the queue. Destinations are identified by either a fleet ARN or a fleet alias ARN, and are listed in order of placement preference.", "title": "Destinations", "type": "array" }, "FilterConfiguration": { "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.FilterConfiguration", "markdownDescription": "A list of locations where a queue is allowed to place new game sessions. Locations are specified in the form of AWS Region codes, such as `us-west-2` . If this parameter is not set, game sessions can be placed in any queue location.", "title": "FilterConfiguration" }, "Name": { "markdownDescription": "A descriptive label that is associated with game session queue. Queue names must be unique within each Region.", "title": "Name", "type": "string" }, "NotificationTarget": { "markdownDescription": "An SNS topic ARN that is set up to receive game session placement notifications. See [Setting up notifications for game session placement](https://docs.aws.amazon.com/gamelift/latest/developerguide/queue-notification.html) .", "title": "NotificationTarget", "type": "string" }, "PlayerLatencyPolicies": { "items": { "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy" }, "markdownDescription": "A set of policies that act as a sliding cap on player latency. FleetIQ works to deliver low latency for most players in a game session. These policies ensure that no individual player can be placed into a game with unreasonably high latency. Use multiple policies to gradually relax latency requirements a step at a time. Multiple policies are applied based on their maximum allowed latency, starting with the lowest value.", "title": "PlayerLatencyPolicies", "type": "array" }, "PriorityConfiguration": { "$ref": "#/definitions/AWS::GameLift::GameSessionQueue.PriorityConfiguration", "markdownDescription": "Custom settings to use when prioritizing destinations and locations for game session placements. This configuration replaces the FleetIQ default prioritization process. Priority types that are not explicitly named will be automatically applied at the end of the prioritization process.", "title": "PriorityConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new game session queue resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, "TimeoutInSeconds": { "markdownDescription": "The maximum time, in seconds, that a new game session placement request remains in the queue. When a request exceeds this time, the game session placement changes to a `TIMED_OUT` status. By default, this property is set to `600` .", "title": "TimeoutInSeconds", "type": "number" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::GameSessionQueue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::GameSessionQueue.FilterConfiguration": { "additionalProperties": false, "properties": { "AllowedLocations": { "items": { "type": "string" }, "markdownDescription": "A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` .", "title": "AllowedLocations", "type": "array" } }, "type": "object" }, "AWS::GameLift::GameSessionQueue.GameSessionQueueDestination": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions.", "title": "DestinationArn", "type": "string" } }, "type": "object" }, "AWS::GameLift::GameSessionQueue.PlayerLatencyPolicy": { "additionalProperties": false, "properties": { "MaximumIndividualPlayerLatencyMilliseconds": { "markdownDescription": "The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property.", "title": "MaximumIndividualPlayerLatencyMilliseconds", "type": "number" }, "PolicyDurationSeconds": { "markdownDescription": "The length of time, in seconds, that the policy is enforced while placing a new game session. A null value for this property means that the policy is enforced until the queue times out.", "title": "PolicyDurationSeconds", "type": "number" } }, "type": "object" }, "AWS::GameLift::GameSessionQueue.PriorityConfiguration": { "additionalProperties": false, "properties": { "LocationOrder": { "items": { "type": "string" }, "markdownDescription": "The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations are identified by AWS Region codes such as `us-west-2` . Each location can only be listed once.", "title": "LocationOrder", "type": "array" }, "PriorityOrder": { "items": { "type": "string" }, "markdownDescription": "The recommended sequence to use when prioritizing where to place new game sessions. Each type can only be listed once.\n\n- `LATENCY` -- FleetIQ prioritizes locations where the average player latency (provided in each game session request) is lowest.\n- `COST` -- FleetIQ prioritizes destinations with the lowest current hosting costs. Cost is evaluated based on the location, instance type, and fleet type (Spot or On-Demand) for each destination in the queue.\n- `DESTINATION` -- FleetIQ prioritizes based on the order that destinations are listed in the queue configuration.\n- `LOCATION` -- FleetIQ prioritizes based on the provided order of locations, as defined in `LocationOrder` .", "title": "PriorityOrder", "type": "array" } }, "type": "object" }, "AWS::GameLift::Location": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LocationName": { "markdownDescription": "A descriptive name for the custom location.", "title": "LocationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Rareference* .", "title": "Tags", "type": "array" } }, "required": [ "LocationName" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::Location" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::MatchmakingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptanceRequired": { "markdownDescription": "A flag that determines whether a match that was created with this configuration must be accepted by the matched players. To require acceptance, set to `TRUE` . With this option enabled, matchmaking tickets use the status `REQUIRES_ACCEPTANCE` to indicate when a completed potential match is waiting for player acceptance.", "title": "AcceptanceRequired", "type": "boolean" }, "AcceptanceTimeoutSeconds": { "markdownDescription": "The length of time (in seconds) to wait for players to accept a proposed match, if acceptance is required.", "title": "AcceptanceTimeoutSeconds", "type": "number" }, "AdditionalPlayerCount": { "markdownDescription": "The number of player slots in a match to keep open for future players. For example, if the configuration's rule set specifies a match for a single 10-person team, and the additional player count is set to 2, 10 players will be selected for the match and 2 more player slots will be open for future players. This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", "title": "AdditionalPlayerCount", "type": "number" }, "BackfillMode": { "markdownDescription": "The method used to backfill game sessions that are created with this matchmaking configuration. Specify `MANUAL` when your game manages backfill requests manually or does not use the match backfill feature. Specify `AUTOMATIC` to have GameLift create a `StartMatchBackfill` request whenever a game session has one or more open slots. Learn more about manual and automatic backfill in [Backfill Existing Games with FlexMatch](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-backfill.html) . Automatic backfill is not available when `FlexMatchMode` is set to `STANDALONE` .", "title": "BackfillMode", "type": "string" }, "CreationTime": { "markdownDescription": "A time stamp indicating when this data object was created. Format is a number expressed in Unix time as milliseconds (for example `\"1469498468.057\"` ).", "title": "CreationTime", "type": "string" }, "CustomEventData": { "markdownDescription": "Information to add to all events related to the matchmaking configuration.", "title": "CustomEventData", "type": "string" }, "Description": { "markdownDescription": "A description for the matchmaking configuration.", "title": "Description", "type": "string" }, "FlexMatchMode": { "markdownDescription": "Indicates whether this matchmaking configuration is being used with Amazon GameLift hosting or as a standalone matchmaking solution.\n\n- *STANDALONE* - FlexMatch forms matches and returns match information, including players and team assignments, in a [MatchmakingSucceeded](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-events.html#match-events-matchmakingsucceeded) event.\n- *WITH_QUEUE* - FlexMatch forms matches and uses the specified Amazon GameLift queue to start a game session for the match.", "title": "FlexMatchMode", "type": "string" }, "GameProperties": { "items": { "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration.GameProperty" }, "markdownDescription": "A set of custom properties for a game session, formatted as key-value pairs. These properties are passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", "title": "GameProperties", "type": "array" }, "GameSessionData": { "markdownDescription": "A set of custom game session properties, formatted as a single string value. This data is passed to a game server process with a request to start a new game session. See [Start a Game Session](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-sdk-server-api.html#gamelift-sdk-server-startsession) . This parameter is not used if `FlexMatchMode` is set to `STANDALONE` .", "title": "GameSessionData", "type": "string" }, "GameSessionQueueArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) that is assigned to a Amazon GameLift game session queue resource and uniquely identifies it. ARNs are unique across all Regions. Format is `arn:aws:gamelift:::gamesessionqueue/` . Queues can be located in any Region. Queues are used to start new Amazon GameLift-hosted game sessions for matches that are created with this matchmaking configuration. If `FlexMatchMode` is set to `STANDALONE` , do not set this parameter.", "title": "GameSessionQueueArns", "type": "array" }, "Name": { "markdownDescription": "A unique identifier for the matchmaking configuration. This name is used to identify the configuration associated with a matchmaking request or ticket.", "title": "Name", "type": "string" }, "NotificationTarget": { "markdownDescription": "An SNS topic ARN that is set up to receive matchmaking notifications. See [Setting up notifications for matchmaking](https://docs.aws.amazon.com/gamelift/latest/flexmatchguide/match-notification.html) for more information.", "title": "NotificationTarget", "type": "string" }, "RequestTimeoutSeconds": { "markdownDescription": "The maximum duration, in seconds, that a matchmaking ticket can remain in process before timing out. Requests that fail due to timing out can be resubmitted as needed.", "title": "RequestTimeoutSeconds", "type": "number" }, "RuleSetArn": { "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) associated with the GameLift matchmaking rule set resource that this configuration uses.", "title": "RuleSetArn", "type": "string" }, "RuleSetName": { "markdownDescription": "A unique identifier for the matchmaking rule set to use with this configuration. You can use either the rule set name or ARN value. A matchmaking configuration can only use rule sets that are defined in the same Region.", "title": "RuleSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new matchmaking configuration resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" } }, "required": [ "AcceptanceRequired", "Name", "RequestTimeoutSeconds", "RuleSetName" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::MatchmakingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::MatchmakingConfiguration.GameProperty": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The game property identifier.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The game property value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::GameLift::MatchmakingRuleSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A unique identifier for the matchmaking rule set. A matchmaking configuration identifies the rule set it uses by this name value. Note that the rule set name is different from the optional `name` field in the rule set body.", "title": "Name", "type": "string" }, "RuleSetBody": { "markdownDescription": "A collection of matchmaking rules, formatted as a JSON string. Comments are not allowed in JSON, but most elements support a description field.", "title": "RuleSetBody", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new matchmaking rule set resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" } }, "required": [ "Name", "RuleSetBody" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::MatchmakingRuleSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::Script": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A descriptive label that is associated with a script. Script names do not need to be unique.", "title": "Name", "type": "string" }, "StorageLocation": { "$ref": "#/definitions/AWS::GameLift::Script.S3Location", "markdownDescription": "The location of the Amazon S3 bucket where a zipped file containing your Realtime scripts is stored. The storage location must specify the Amazon S3 bucket name, the zip file name (the \"key\"), and a role ARN that allows Amazon GameLift to access the Amazon S3 storage location. The S3 bucket must be in the same Region where you want to create a new script. By default, Amazon GameLift uploads the latest version of the zip file; if you have S3 object versioning turned on, you can use the `ObjectVersion` parameter to specify an earlier version.", "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of labels to assign to the new script resource. Tags are developer-defined key-value pairs. Tagging AWS resources are useful for resource management, access management and cost allocation. For more information, see [Tagging AWS Resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference* . Once the resource is created, you can use TagResource, UntagResource, and ListTagsForResource to add, remove, and view tags. The maximum tag limit may be lower than stated. See the AWS General Reference for actual tagging limits.", "title": "Tags", "type": "array" }, "Version": { "markdownDescription": "The version that is associated with a build or script. Version strings do not need to be unique.", "title": "Version", "type": "string" } }, "required": [ "StorageLocation" ], "type": "object" }, "Type": { "enum": [ "AWS::GameLift::Script" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GameLift::Script.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "An Amazon S3 bucket identifier. Thename of the S3 bucket.\n\n> Amazon GameLift doesn't support uploading from Amazon S3 buckets with names that contain a dot (.).", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name of the zip file that contains the build files or script files.", "title": "Key", "type": "string" }, "ObjectVersion": { "markdownDescription": "The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from an S3 bucket that you own. Use this parameter to specify a specific version of the file. If not set, the latest version of the file is retrieved.", "title": "ObjectVersion", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name ( [ARN](https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html) ) for an IAM role that allows Amazon GameLift to access the S3 bucket.", "title": "RoleArn", "type": "string" } }, "required": [ "Bucket", "Key", "RoleArn" ], "type": "object" }, "AWS::GlobalAccelerator::Accelerator": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether the accelerator is enabled. The value is true or false. The default value is true.\n\nIf the value is set to true, the accelerator cannot be deleted. If set to false, accelerator can be deleted.", "title": "Enabled", "type": "boolean" }, "IpAddressType": { "markdownDescription": "The IP address type that an accelerator supports. For a standard accelerator, the value can be IPV4 or DUAL_STACK.", "title": "IpAddressType", "type": "string" }, "IpAddresses": { "items": { "type": "string" }, "markdownDescription": "Optionally, if you've added your own IP address pool to Global Accelerator (BYOIP), you can choose IP addresses from your own pool to use for the accelerator's static IP addresses when you create an accelerator. You can specify one or two addresses, separated by a comma. Do not include the /32 suffix.\n\nOnly one IP address from each of your IP address ranges can be used for each accelerator. If you specify only one IP address from your IP address range, Global Accelerator assigns a second static IP address for the accelerator from the AWS IP address pool.\n\nNote that you can't update IP addresses for an existing accelerator. To change them, you must create a new accelerator with the new addresses.\n\nFor more information, see [Bring Your Own IP Addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the *AWS Global Accelerator Developer Guide* .", "title": "IpAddresses", "type": "array" }, "Name": { "markdownDescription": "The name of the accelerator. The name must contain only alphanumeric characters or hyphens (-), and must not begin or end with a hyphen.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Create tags for an accelerator.\n\nFor more information, see [Tagging](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::GlobalAccelerator::Accelerator" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GlobalAccelerator::CrossAccountAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the cross-account attachment.", "title": "Name", "type": "string" }, "Principals": { "items": { "type": "string" }, "markdownDescription": "The principals included in the cross-account attachment.", "title": "Principals", "type": "array" }, "Resources": { "items": { "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment.Resource" }, "markdownDescription": "The resources included in the cross-account attachment.", "title": "Resources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Add tags for a cross-account attachment.\n\nFor more information, see [Tagging in AWS Global Accelerator](https://docs.aws.amazon.com/global-accelerator/latest/dg/tagging-in-global-accelerator.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::GlobalAccelerator::CrossAccountAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GlobalAccelerator::CrossAccountAttachment.Resource": { "additionalProperties": false, "properties": { "EndpointId": { "markdownDescription": "The endpoint ID for the endpoint that is specified as a AWS resource.\n\nAn endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.", "title": "EndpointId", "type": "string" }, "Region": { "markdownDescription": "The AWS Region where a shared endpoint resource is located.", "title": "Region", "type": "string" } }, "required": [ "EndpointId" ], "type": "object" }, "AWS::GlobalAccelerator::EndpointGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointConfigurations": { "items": { "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration" }, "markdownDescription": "The list of endpoint objects.", "title": "EndpointConfigurations", "type": "array" }, "EndpointGroupRegion": { "markdownDescription": "The AWS Regions where the endpoint group is located.", "title": "EndpointGroupRegion", "type": "string" }, "HealthCheckIntervalSeconds": { "markdownDescription": "The time\u201410 seconds or 30 seconds\u2014between health checks for each endpoint. The default value is 30.", "title": "HealthCheckIntervalSeconds", "type": "number" }, "HealthCheckPath": { "markdownDescription": "If the protocol is HTTP/S, then this value provides the ping path that Global Accelerator uses for the destination on the endpoints for health checks. The default is slash (/).", "title": "HealthCheckPath", "type": "string" }, "HealthCheckPort": { "markdownDescription": "The port that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group.\n\nThe default port is the port for the listener that this endpoint group is associated with. If the listener port is a list, Global Accelerator uses the first specified port in the list of ports.", "title": "HealthCheckPort", "type": "number" }, "HealthCheckProtocol": { "markdownDescription": "The protocol that Global Accelerator uses to perform health checks on endpoints that are part of this endpoint group. The default value is TCP.", "title": "HealthCheckProtocol", "type": "string" }, "ListenerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the listener.", "title": "ListenerArn", "type": "string" }, "PortOverrides": { "items": { "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup.PortOverride" }, "markdownDescription": "Allows you to override the destination ports used to route traffic to an endpoint. Using a port override lets you map a list of external destination ports (that your users send traffic to) to a list of internal destination ports that you want an application endpoint to receive traffic on.", "title": "PortOverrides", "type": "array" }, "ThresholdCount": { "markdownDescription": "The number of consecutive health checks required to set the state of a healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. The default value is 3.", "title": "ThresholdCount", "type": "number" }, "TrafficDialPercentage": { "markdownDescription": "The percentage of traffic to send to an AWS Regions . Additional traffic is distributed to other endpoint groups for this listener.\n\nUse this action to increase (dial up) or decrease (dial down) traffic to a specific Region. The percentage is applied to the traffic that would otherwise have been routed to the Region based on optimal routing.\n\nThe default value is 100.", "title": "TrafficDialPercentage", "type": "number" } }, "required": [ "EndpointGroupRegion", "ListenerArn" ], "type": "object" }, "Type": { "enum": [ "AWS::GlobalAccelerator::EndpointGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GlobalAccelerator::EndpointGroup.EndpointConfiguration": { "additionalProperties": false, "properties": { "AttachmentArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the cross-account attachment that specifies the endpoints (resources) that can be added to accelerators and principals that have permission to add the endpoints.", "title": "AttachmentArn", "type": "string" }, "ClientIPPreservationEnabled": { "markdownDescription": "Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint. The value is true or false. The default value is true for new accelerators.\n\nIf the value is set to true, the client's IP address is preserved in the `X-Forwarded-For` request header as traffic travels to applications on the Application Load Balancer endpoint fronted by the accelerator.\n\nFor more information, see [Preserve Client IP Addresses](https://docs.aws.amazon.com/global-accelerator/latest/dg/preserve-client-ip-address.html) in the *AWS Global Accelerator Developer Guide* .", "title": "ClientIPPreservationEnabled", "type": "boolean" }, "EndpointId": { "markdownDescription": "An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, this is the Elastic IP address allocation ID. For Amazon EC2 instances, this is the EC2 instance ID. A resource must be valid and active when you add it as an endpoint.\n\nFor cross-account endpoints, this must be the ARN of the resource.", "title": "EndpointId", "type": "string" }, "Weight": { "markdownDescription": "The weight associated with the endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. For more information, see [Endpoint Weights](https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html) in the *AWS Global Accelerator Developer Guide* .", "title": "Weight", "type": "number" } }, "required": [ "EndpointId" ], "type": "object" }, "AWS::GlobalAccelerator::EndpointGroup.PortOverride": { "additionalProperties": false, "properties": { "EndpointPort": { "markdownDescription": "The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance.", "title": "EndpointPort", "type": "number" }, "ListenerPort": { "markdownDescription": "The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on.", "title": "ListenerPort", "type": "number" } }, "required": [ "EndpointPort", "ListenerPort" ], "type": "object" }, "AWS::GlobalAccelerator::Listener": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceleratorArn": { "markdownDescription": "The Amazon Resource Name (ARN) of your accelerator.", "title": "AcceleratorArn", "type": "string" }, "ClientAffinity": { "markdownDescription": "Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, regardless of the port and protocol of the client request. Client affinity gives you control over whether to always route each client to the same specific endpoint.\n\nAWS Global Accelerator uses a consistent-flow hashing algorithm to choose the optimal endpoint for a connection. If client affinity is `NONE` , Global Accelerator uses the \"five-tuple\" (5-tuple) properties\u2014source IP address, source port, destination IP address, destination port, and protocol\u2014to select the hash value, and then chooses the best endpoint. However, with this setting, if someone uses different ports to connect to Global Accelerator, their connections might not be always routed to the same endpoint because the hash value changes.\n\nIf you want a given client to always be routed to the same endpoint, set client affinity to `SOURCE_IP` instead. When you use the `SOURCE_IP` setting, Global Accelerator uses the \"two-tuple\" (2-tuple) properties\u2014 source (client) IP address and destination IP address\u2014to select the hash value.\n\nThe default value is `NONE` .", "title": "ClientAffinity", "type": "string" }, "PortRanges": { "items": { "$ref": "#/definitions/AWS::GlobalAccelerator::Listener.PortRange" }, "markdownDescription": "The list of port ranges for the connections from clients to the accelerator.", "title": "PortRanges", "type": "array" }, "Protocol": { "markdownDescription": "The protocol for the connections from clients to the accelerator.", "title": "Protocol", "type": "string" } }, "required": [ "AcceleratorArn", "PortRanges", "Protocol" ], "type": "object" }, "Type": { "enum": [ "AWS::GlobalAccelerator::Listener" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GlobalAccelerator::Listener.PortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "The first port in the range of ports, inclusive.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "The last port in the range of ports, inclusive.", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "ToPort" ], "type": "object" }, "AWS::Glue::Classifier": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CsvClassifier": { "$ref": "#/definitions/AWS::Glue::Classifier.CsvClassifier", "markdownDescription": "A classifier for comma-separated values (CSV).", "title": "CsvClassifier" }, "GrokClassifier": { "$ref": "#/definitions/AWS::Glue::Classifier.GrokClassifier", "markdownDescription": "A classifier that uses `grok` .", "title": "GrokClassifier" }, "JsonClassifier": { "$ref": "#/definitions/AWS::Glue::Classifier.JsonClassifier", "markdownDescription": "A classifier for JSON content.", "title": "JsonClassifier" }, "XMLClassifier": { "$ref": "#/definitions/AWS::Glue::Classifier.XMLClassifier", "markdownDescription": "A classifier for XML content.", "title": "XMLClassifier" } }, "type": "object" }, "Type": { "enum": [ "AWS::Glue::Classifier" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Glue::Classifier.CsvClassifier": { "additionalProperties": false, "properties": { "AllowSingleColumn": { "markdownDescription": "Enables the processing of files that contain only one column.", "title": "AllowSingleColumn", "type": "boolean" }, "ContainsCustomDatatype": { "items": { "type": "string" }, "markdownDescription": "Indicates whether the CSV file contains custom data types.", "title": "ContainsCustomDatatype", "type": "array" }, "ContainsHeader": { "markdownDescription": "Indicates whether the CSV file contains a header.\n\nA value of `UNKNOWN` specifies that the classifier will detect whether the CSV file contains headings.\n\nA value of `PRESENT` specifies that the CSV file contains headings.\n\nA value of `ABSENT` specifies that the CSV file does not contain headings.", "title": "ContainsHeader", "type": "string" }, "CustomDatatypeConfigured": { "markdownDescription": "Enables the configuration of custom data types.", "title": "CustomDatatypeConfigured", "type": "boolean" }, "Delimiter": { "markdownDescription": "A custom symbol to denote what separates each column entry in the row.", "title": "Delimiter", "type": "string" }, "DisableValueTrimming": { "markdownDescription": "Specifies not to trim values before identifying the type of column values. The default value is `true` .", "title": "DisableValueTrimming", "type": "boolean" }, "Header": { "items": { "type": "string" }, "markdownDescription": "A list of strings representing column names.", "title": "Header", "type": "array" }, "Name": { "markdownDescription": "The name of the classifier.", "title": "Name", "type": "string" }, "QuoteSymbol": { "markdownDescription": "A custom symbol to denote what combines content into a single column value. It must be different from the column delimiter.", "title": "QuoteSymbol", "type": "string" } }, "type": "object" }, "AWS::Glue::Classifier.GrokClassifier": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "An identifier of the data format that the classifier matches, such as Twitter, JSON, Omniture logs, and so on.", "title": "Classification", "type": "string" }, "CustomPatterns": { "markdownDescription": "Optional custom grok patterns defined by this classifier. For more information, see custom patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", "title": "CustomPatterns", "type": "string" }, "GrokPattern": { "markdownDescription": "The grok pattern applied to a data store by this classifier. For more information, see built-in patterns in [Writing Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html) .", "title": "GrokPattern", "type": "string" }, "Name": { "markdownDescription": "The name of the classifier.", "title": "Name", "type": "string" } }, "required": [ "Classification", "GrokPattern" ], "type": "object" }, "AWS::Glue::Classifier.JsonClassifier": { "additionalProperties": false, "properties": { "JsonPath": { "markdownDescription": "A `JsonPath` string defining the JSON data for the classifier to classify. AWS Glue supports a subset of `JsonPath` , as described in [Writing JsonPath Custom Classifiers](https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json) .", "title": "JsonPath", "type": "string" }, "Name": { "markdownDescription": "The name of the classifier.", "title": "Name", "type": "string" } }, "required": [ "JsonPath" ], "type": "object" }, "AWS::Glue::Classifier.XMLClassifier": { "additionalProperties": false, "properties": { "Classification": { "markdownDescription": "An identifier of the data format that the classifier matches.", "title": "Classification", "type": "string" }, "Name": { "markdownDescription": "The name of the classifier.", "title": "Name", "type": "string" }, "RowTag": { "markdownDescription": "The XML tag designating the element that contains each record in an XML document being parsed. This can't identify a self-closing element (closed by `/>` ). An empty row element that contains only attributes can be parsed as long as it ends with a closing tag (for example, `` is okay, but `` is not).", "title": "RowTag", "type": "string" } }, "required": [ "Classification", "RowTag" ], "type": "object" }, "AWS::Glue::Connection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the data catalog to create the catalog object in. Currently, this should be the AWS account ID.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId` .", "title": "CatalogId", "type": "string" }, "ConnectionInput": { "$ref": "#/definitions/AWS::Glue::Connection.ConnectionInput", "markdownDescription": "The connection that you want to create.", "title": "ConnectionInput" } }, "required": [ "CatalogId", "ConnectionInput" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Connection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Connection.ConnectionInput": { "additionalProperties": false, "properties": { "ConnectionProperties": { "markdownDescription": "These key-value pairs define parameters for the connection.", "title": "ConnectionProperties", "type": "object" }, "ConnectionType": { "markdownDescription": "The type of the connection. Currently, these types are supported:\n\n- `JDBC` - Designates a connection to a database through Java Database Connectivity (JDBC).\n\n`JDBC` Connections use the following ConnectionParameters.\n\n- Required: All of ( `HOST` , `PORT` , `JDBC_ENGINE` ) or `JDBC_CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- Optional: `JDBC_ENFORCE_SSL` , `CUSTOM_JDBC_CERT` , `CUSTOM_JDBC_CERT_STRING` , `SKIP_CUSTOM_JDBC_CERT_VALIDATION` . These parameters are used to configure SSL with JDBC.\n- `KAFKA` - Designates a connection to an Apache Kafka streaming platform.\n\n`KAFKA` Connections use the following ConnectionParameters.\n\n- Required: `KAFKA_BOOTSTRAP_SERVERS` .\n- Optional: `KAFKA_SSL_ENABLED` , `KAFKA_CUSTOM_CERT` , `KAFKA_SKIP_CUSTOM_CERT_VALIDATION` . These parameters are used to configure SSL with `KAFKA` .\n- Optional: `KAFKA_CLIENT_KEYSTORE` , `KAFKA_CLIENT_KEYSTORE_PASSWORD` , `KAFKA_CLIENT_KEY_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEYSTORE_PASSWORD` , `ENCRYPTED_KAFKA_CLIENT_KEY_PASSWORD` . These parameters are used to configure TLS client configuration with SSL in `KAFKA` .\n- Optional: `KAFKA_SASL_MECHANISM` . Can be specified as `SCRAM-SHA-512` , `GSSAPI` , or `AWS_MSK_IAM` .\n- Optional: `KAFKA_SASL_SCRAM_USERNAME` , `KAFKA_SASL_SCRAM_PASSWORD` , `ENCRYPTED_KAFKA_SASL_SCRAM_PASSWORD` . These parameters are used to configure SASL/SCRAM-SHA-512 authentication with `KAFKA` .\n- Optional: `KAFKA_SASL_GSSAPI_KEYTAB` , `KAFKA_SASL_GSSAPI_KRB5_CONF` , `KAFKA_SASL_GSSAPI_SERVICE` , `KAFKA_SASL_GSSAPI_PRINCIPAL` . These parameters are used to configure SASL/GSSAPI authentication with `KAFKA` .\n- `MONGODB` - Designates a connection to a MongoDB document database.\n\n`MONGODB` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTION_URL` .\n- Required: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `SALESFORCE` - Designates a connection to Salesforce using OAuth authencation.\n\n- Requires the `AuthenticationConfiguration` member to be configured.\n- `NETWORK` - Designates a network connection to a data source within an Amazon Virtual Private Cloud environment (Amazon VPC).\n\n`NETWORK` Connections do not require ConnectionParameters. Instead, provide a PhysicalConnectionRequirements.\n- `MARKETPLACE` - Uses configuration settings contained in a connector purchased from AWS Marketplace to read from and write to data stores that are not natively supported by AWS Glue .\n\n`MARKETPLACE` Connections use the following ConnectionParameters.\n\n- Required: `CONNECTOR_TYPE` , `CONNECTOR_URL` , `CONNECTOR_CLASS_NAME` , `CONNECTION_URL` .\n- Required for `JDBC` `CONNECTOR_TYPE` connections: All of ( `USERNAME` , `PASSWORD` ) or `SECRET_ID` .\n- `CUSTOM` - Uses configuration settings contained in a custom connector to read from and write to data stores that are not natively supported by AWS Glue .\n\n`SFTP` is not supported.\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue , consult [AWS Glue connection properties](https://docs.aws.amazon.com/glue/latest/dg/connection-defining.html) .\n\nFor more information about how optional ConnectionProperties are used to configure features in AWS Glue Studio, consult [Using connectors and connections](https://docs.aws.amazon.com/glue/latest/ug/connectors-chapter.html) .", "title": "ConnectionType", "type": "string" }, "Description": { "markdownDescription": "The description of the connection.", "title": "Description", "type": "string" }, "MatchCriteria": { "items": { "type": "string" }, "markdownDescription": "A list of criteria that can be used in selecting this connection.", "title": "MatchCriteria", "type": "array" }, "Name": { "markdownDescription": "The name of the connection.", "title": "Name", "type": "string" }, "PhysicalConnectionRequirements": { "$ref": "#/definitions/AWS::Glue::Connection.PhysicalConnectionRequirements", "markdownDescription": "The physical connection requirements, such as virtual private cloud (VPC) and `SecurityGroup` , that are needed to successfully make this connection.", "title": "PhysicalConnectionRequirements" } }, "required": [ "ConnectionType" ], "type": "object" }, "AWS::Glue::Connection.PhysicalConnectionRequirements": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The connection's Availability Zone.", "title": "AvailabilityZone", "type": "string" }, "SecurityGroupIdList": { "items": { "type": "string" }, "markdownDescription": "The security group ID list used by the connection.", "title": "SecurityGroupIdList", "type": "array" }, "SubnetId": { "markdownDescription": "The subnet ID used by the connection.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Classifiers": { "items": { "type": "string" }, "markdownDescription": "A list of UTF-8 strings that specify the names of custom classifiers that are associated with the crawler.", "title": "Classifiers", "type": "array" }, "Configuration": { "markdownDescription": "Crawler configuration information. This versioned JSON string allows users to specify aspects of a crawler's behavior. For more information, see [Configuring a Crawler](https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html) .", "title": "Configuration", "type": "string" }, "CrawlerSecurityConfiguration": { "markdownDescription": "The name of the `SecurityConfiguration` structure to be used by this crawler.", "title": "CrawlerSecurityConfiguration", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database in which the crawler's output is stored.", "title": "DatabaseName", "type": "string" }, "Description": { "markdownDescription": "A description of the crawler.", "title": "Description", "type": "string" }, "LakeFormationConfiguration": { "$ref": "#/definitions/AWS::Glue::Crawler.LakeFormationConfiguration", "markdownDescription": "Specifies whether the crawler should use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", "title": "LakeFormationConfiguration" }, "Name": { "markdownDescription": "The name of the crawler.", "title": "Name", "type": "string" }, "RecrawlPolicy": { "$ref": "#/definitions/AWS::Glue::Crawler.RecrawlPolicy", "markdownDescription": "A policy that specifies whether to crawl the entire dataset again, or to crawl only folders that were added since the last crawler run.", "title": "RecrawlPolicy" }, "Role": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that's used to access customer resources, such as Amazon Simple Storage Service (Amazon S3) data.", "title": "Role", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::Glue::Crawler.Schedule", "markdownDescription": "For scheduled crawlers, the schedule when the crawler runs.", "title": "Schedule" }, "SchemaChangePolicy": { "$ref": "#/definitions/AWS::Glue::Crawler.SchemaChangePolicy", "markdownDescription": "The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The `SchemaChangePolicy` does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the `SchemaChangePolicy` on a crawler.\n\nThe SchemaChangePolicy consists of two components, `UpdateBehavior` and `DeleteBehavior` .", "title": "SchemaChangePolicy" }, "TablePrefix": { "markdownDescription": "The prefix added to the names of tables that are created.", "title": "TablePrefix", "type": "string" }, "Tags": { "markdownDescription": "The tags to use with this crawler.", "title": "Tags", "type": "object" }, "Targets": { "$ref": "#/definitions/AWS::Glue::Crawler.Targets", "markdownDescription": "A collection of targets to crawl.", "title": "Targets" } }, "required": [ "Role", "Targets" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Crawler" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Crawler.CatalogTarget": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a `Catalog` connection type paired with a `NETWORK` Connection type.", "title": "ConnectionName", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database to be synchronized.", "title": "DatabaseName", "type": "string" }, "DlqEventQueueArn": { "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", "title": "DlqEventQueueArn", "type": "string" }, "EventQueueArn": { "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", "title": "EventQueueArn", "type": "string" }, "Tables": { "items": { "type": "string" }, "markdownDescription": "A list of the tables to be synchronized.", "title": "Tables", "type": "array" } }, "type": "object" }, "AWS::Glue::Crawler.DeltaTarget": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection to use to connect to the Delta table target.", "title": "ConnectionName", "type": "string" }, "CreateNativeDeltaTable": { "markdownDescription": "Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly.", "title": "CreateNativeDeltaTable", "type": "boolean" }, "DeltaTables": { "items": { "type": "string" }, "markdownDescription": "A list of the Amazon S3 paths to the Delta tables.", "title": "DeltaTables", "type": "array" }, "WriteManifest": { "markdownDescription": "Specifies whether to write the manifest files to the Delta table path.", "title": "WriteManifest", "type": "boolean" } }, "type": "object" }, "AWS::Glue::Crawler.DynamoDBTarget": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The name of the DynamoDB table to crawl.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.IcebergTarget": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection to use to connect to the Iceberg target.", "title": "ConnectionName", "type": "string" }, "Exclusions": { "items": { "type": "string" }, "markdownDescription": "A list of global patterns used to exclude from the crawl.", "title": "Exclusions", "type": "array" }, "MaximumTraversalDepth": { "markdownDescription": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time.", "title": "MaximumTraversalDepth", "type": "number" }, "Paths": { "items": { "type": "string" }, "markdownDescription": "One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix .", "title": "Paths", "type": "array" } }, "type": "object" }, "AWS::Glue::Crawler.JdbcTarget": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection to use to connect to the JDBC target.", "title": "ConnectionName", "type": "string" }, "Exclusions": { "items": { "type": "string" }, "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", "title": "Exclusions", "type": "array" }, "Path": { "markdownDescription": "The path of the JDBC target.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.LakeFormationConfiguration": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "Required for cross account crawls. For same account crawls as the target data, this can be left as null.", "title": "AccountId", "type": "string" }, "UseLakeFormationCredentials": { "markdownDescription": "Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials.", "title": "UseLakeFormationCredentials", "type": "boolean" } }, "type": "object" }, "AWS::Glue::Crawler.MongoDBTarget": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target.", "title": "ConnectionName", "type": "string" }, "Path": { "markdownDescription": "The path of the Amazon DocumentDB or MongoDB target (database/collection).", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.RecrawlPolicy": { "additionalProperties": false, "properties": { "RecrawlBehavior": { "markdownDescription": "Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVERYTHING` specifies crawling the entire dataset again.\n\nA value of `CRAWL_NEW_FOLDERS_ONLY` specifies crawling only folders that were added since the last crawler run.\n\nA value of `CRAWL_EVENT_MODE` specifies crawling only the changes identified by Amazon S3 events.", "title": "RecrawlBehavior", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.S3Target": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC).", "title": "ConnectionName", "type": "string" }, "DlqEventQueueArn": { "markdownDescription": "A valid Amazon dead-letter SQS ARN. For example, `arn:aws:sqs:region:account:deadLetterQueue` .", "title": "DlqEventQueueArn", "type": "string" }, "EventQueueArn": { "markdownDescription": "A valid Amazon SQS ARN. For example, `arn:aws:sqs:region:account:sqs` .", "title": "EventQueueArn", "type": "string" }, "Exclusions": { "items": { "type": "string" }, "markdownDescription": "A list of glob patterns used to exclude from the crawl. For more information, see [Catalog Tables with a Crawler](https://docs.aws.amazon.com/glue/latest/dg/add-crawler.html) .", "title": "Exclusions", "type": "array" }, "Path": { "markdownDescription": "The path to the Amazon S3 target.", "title": "Path", "type": "string" }, "SampleSize": { "markdownDescription": "Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249.", "title": "SampleSize", "type": "number" } }, "type": "object" }, "AWS::Glue::Crawler.Schedule": { "additionalProperties": false, "properties": { "ScheduleExpression": { "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", "title": "ScheduleExpression", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.SchemaChangePolicy": { "additionalProperties": false, "properties": { "DeleteBehavior": { "markdownDescription": "The deletion behavior when the crawler finds a deleted object.\n\nA value of `LOG` specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist.\n\nA value of `DELETE_FROM_DATABASE` specifies that if a table or partition is found to have been removed, delete it from the database.\n\nA value of `DEPRECATE_IN_DATABASE` specifies that if a table has been found to no longer exist, to add a property to the table that says \"DEPRECATED\" and includes a timestamp with the time of deprecation.", "title": "DeleteBehavior", "type": "string" }, "UpdateBehavior": { "markdownDescription": "The update behavior when the crawler finds a changed schema.\n\nA value of `LOG` specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables).\n\nA value of `UPDATE_IN_DATABASE` specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions.", "title": "UpdateBehavior", "type": "string" } }, "type": "object" }, "AWS::Glue::Crawler.Targets": { "additionalProperties": false, "properties": { "CatalogTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.CatalogTarget" }, "markdownDescription": "Specifies AWS Glue Data Catalog targets.", "title": "CatalogTargets", "type": "array" }, "DeltaTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.DeltaTarget" }, "markdownDescription": "Specifies an array of Delta data store targets.", "title": "DeltaTargets", "type": "array" }, "DynamoDBTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.DynamoDBTarget" }, "markdownDescription": "Specifies Amazon DynamoDB targets.", "title": "DynamoDBTargets", "type": "array" }, "IcebergTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.IcebergTarget" }, "markdownDescription": "Specifies Apache Iceberg data store targets.", "title": "IcebergTargets", "type": "array" }, "JdbcTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.JdbcTarget" }, "markdownDescription": "Specifies JDBC targets.", "title": "JdbcTargets", "type": "array" }, "MongoDBTargets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.MongoDBTarget" }, "markdownDescription": "A list of Mongo DB targets.", "title": "MongoDBTargets", "type": "array" }, "S3Targets": { "items": { "$ref": "#/definitions/AWS::Glue::Crawler.S3Target" }, "markdownDescription": "Specifies Amazon Simple Storage Service (Amazon S3) targets.", "title": "S3Targets", "type": "array" } }, "type": "object" }, "AWS::Glue::CustomEntityType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContextWords": { "items": { "type": "string" }, "markdownDescription": "A list of context words. If none of these context words are found within the vicinity of the regular expression the data will not be detected as sensitive data.\n\nIf no context words are passed only a regular expression is checked.", "title": "ContextWords", "type": "array" }, "Name": { "markdownDescription": "A name for the custom pattern that allows it to be retrieved or deleted later. This name must be unique per AWS account.", "title": "Name", "type": "string" }, "RegexString": { "markdownDescription": "A regular expression string that is used for detecting sensitive data in a custom pattern.", "title": "RegexString", "type": "string" }, "Tags": { "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::Glue::CustomEntityType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Glue::DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the Data Catalog in which the settings are created.", "title": "CatalogId", "type": "string" }, "DataCatalogEncryptionSettings": { "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings", "markdownDescription": "Contains configuration information for maintaining Data Catalog security.", "title": "DataCatalogEncryptionSettings" } }, "required": [ "CatalogId", "DataCatalogEncryptionSettings" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::DataCatalogEncryptionSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "An AWS KMS key that is used to encrypt the connection password.\n\nIf connection password protection is enabled, the caller of `CreateConnection` and `UpdateConnection` needs at least `kms:Encrypt` permission on the specified AWS KMS key, to encrypt passwords before storing them in the Data Catalog. You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.", "title": "KmsKeyId", "type": "string" }, "ReturnConnectionPasswordEncrypted": { "markdownDescription": "When the `ReturnConnectionPasswordEncrypted` flag is set to \"true\", passwords remain encrypted in the responses of `GetConnection` and `GetConnections` . This encryption takes effect independently from catalog encryption.", "title": "ReturnConnectionPasswordEncrypted", "type": "boolean" } }, "type": "object" }, "AWS::Glue::DataCatalogEncryptionSettings.DataCatalogEncryptionSettings": { "additionalProperties": false, "properties": { "ConnectionPasswordEncryption": { "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.ConnectionPasswordEncryption", "markdownDescription": "When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of `CreateConnection` or `UpdateConnection` and store it in the `ENCRYPTED_PASSWORD` field in the connection properties. You can enable catalog encryption or only password encryption.", "title": "ConnectionPasswordEncryption" }, "EncryptionAtRest": { "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest", "markdownDescription": "Specifies the encryption-at-rest configuration for the Data Catalog.", "title": "EncryptionAtRest" } }, "type": "object" }, "AWS::Glue::DataCatalogEncryptionSettings.EncryptionAtRest": { "additionalProperties": false, "properties": { "CatalogEncryptionMode": { "markdownDescription": "The encryption-at-rest mode for encrypting Data Catalog data.", "title": "CatalogEncryptionMode", "type": "string" }, "CatalogEncryptionServiceRole": { "markdownDescription": "The role that AWS Glue assumes to encrypt and decrypt the Data Catalog objects on the caller's behalf.", "title": "CatalogEncryptionServiceRole", "type": "string" }, "SseAwsKmsKeyId": { "markdownDescription": "The ID of the AWS KMS key to use for encryption at rest.", "title": "SseAwsKmsKeyId", "type": "string" } }, "type": "object" }, "AWS::Glue::DataQualityRuleset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientToken": { "markdownDescription": "Used for idempotency and is recommended to be set to a random ID (such as a UUID) to avoid creating or starting multiple instances of the same resource.", "title": "ClientToken", "type": "string" }, "Description": { "markdownDescription": "A description of the data quality ruleset.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the data quality ruleset.", "title": "Name", "type": "string" }, "Ruleset": { "markdownDescription": "A Data Quality Definition Language (DQDL) ruleset. For more information see the AWS Glue Developer Guide.", "title": "Ruleset", "type": "string" }, "Tags": { "markdownDescription": "A list of tags applied to the data quality ruleset.", "title": "Tags", "type": "object" }, "TargetTable": { "$ref": "#/definitions/AWS::Glue::DataQualityRuleset.DataQualityTargetTable", "markdownDescription": "An object representing an AWS Glue table.", "title": "TargetTable" } }, "type": "object" }, "Type": { "enum": [ "AWS::Glue::DataQualityRuleset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Glue::DataQualityRuleset.DataQualityTargetTable": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of the database where the AWS Glue table exists.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The name of the AWS Glue table.", "title": "TableName", "type": "string" } }, "type": "object" }, "AWS::Glue::Database": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The AWS account ID for the account in which to create the catalog object.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", "title": "CatalogId", "type": "string" }, "DatabaseInput": { "$ref": "#/definitions/AWS::Glue::Database.DatabaseInput", "markdownDescription": "The metadata for the database.", "title": "DatabaseInput" } }, "required": [ "CatalogId", "DatabaseInput" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Database" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Database.DataLakePrincipal": { "additionalProperties": false, "properties": { "DataLakePrincipalIdentifier": { "markdownDescription": "An identifier for the AWS Lake Formation principal.", "title": "DataLakePrincipalIdentifier", "type": "string" } }, "type": "object" }, "AWS::Glue::Database.DatabaseIdentifier": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the Data Catalog in which the database resides.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the catalog database.", "title": "DatabaseName", "type": "string" }, "Region": { "markdownDescription": "The Region of the database.", "title": "Region", "type": "string" } }, "type": "object" }, "AWS::Glue::Database.DatabaseInput": { "additionalProperties": false, "properties": { "CreateTableDefaultPermissions": { "items": { "$ref": "#/definitions/AWS::Glue::Database.PrincipalPrivileges" }, "markdownDescription": "Creates a set of default permissions on the table for principals. Used by AWS Lake Formation . Not used in the normal course of AWS Glue operations.", "title": "CreateTableDefaultPermissions", "type": "array" }, "Description": { "markdownDescription": "A description of the database.", "title": "Description", "type": "string" }, "FederatedDatabase": { "$ref": "#/definitions/AWS::Glue::Database.FederatedDatabase", "markdownDescription": "A `FederatedDatabase` structure that references an entity outside the AWS Glue Data Catalog .", "title": "FederatedDatabase" }, "LocationUri": { "markdownDescription": "The location of the database (for example, an HDFS path).", "title": "LocationUri", "type": "string" }, "Name": { "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "These key-value pairs define parameters and properties of the database.", "title": "Parameters", "type": "object" }, "TargetDatabase": { "$ref": "#/definitions/AWS::Glue::Database.DatabaseIdentifier", "markdownDescription": "A `DatabaseIdentifier` structure that describes a target database for resource linking.", "title": "TargetDatabase" } }, "type": "object" }, "AWS::Glue::Database.FederatedDatabase": { "additionalProperties": false, "properties": { "ConnectionName": { "markdownDescription": "The name of the connection to the external metastore.", "title": "ConnectionName", "type": "string" }, "Identifier": { "markdownDescription": "A unique identifier for the federated database.", "title": "Identifier", "type": "string" } }, "type": "object" }, "AWS::Glue::Database.PrincipalPrivileges": { "additionalProperties": false, "properties": { "Permissions": { "items": { "type": "string" }, "markdownDescription": "The permissions that are granted to the principal.", "title": "Permissions", "type": "array" }, "Principal": { "$ref": "#/definitions/AWS::Glue::Database.DataLakePrincipal", "markdownDescription": "The principal who is granted permissions.", "title": "Principal" } }, "type": "object" }, "AWS::Glue::DevEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Arguments": { "markdownDescription": "A map of arguments used to configure the `DevEndpoint` .\n\nValid arguments are:\n\n- `\"--enable-glue-datacatalog\": \"\"`\n- `\"GLUE_PYTHON_VERSION\": \"3\"`\n- `\"GLUE_PYTHON_VERSION\": \"2\"`\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", "title": "Arguments", "type": "object" }, "EndpointName": { "markdownDescription": "The name of the `DevEndpoint` .", "title": "EndpointName", "type": "string" }, "ExtraJarsS3Path": { "markdownDescription": "The path to one or more Java `.jar` files in an S3 bucket that should be loaded in your `DevEndpoint` .\n\n> You can only use pure Java/Scala libraries with a `DevEndpoint` .", "title": "ExtraJarsS3Path", "type": "string" }, "ExtraPythonLibsS3Path": { "markdownDescription": "The paths to one or more Python libraries in an Amazon S3 bucket that should be loaded in your `DevEndpoint` . Multiple values must be complete paths separated by a comma.\n\n> You can only use pure Python libraries with a `DevEndpoint` . Libraries that rely on C extensions, such as the [pandas](https://docs.aws.amazon.com/http://pandas.pydata.org/) Python data analysis library, are not currently supported.", "title": "ExtraPythonLibsS3Path", "type": "string" }, "GlueVersion": { "markdownDescription": "The AWS Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for running your ETL scripts on development endpoints.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nDevelopment endpoints that are created without specifying a Glue version default to Glue 0.9.\n\nYou can specify a version of Python support for development endpoints by using the `Arguments` parameter in the `CreateDevEndpoint` or `UpdateDevEndpoint` APIs. If no arguments are provided, the version defaults to Python 2.", "title": "GlueVersion", "type": "string" }, "NumberOfNodes": { "markdownDescription": "The number of AWS Glue Data Processing Units (DPUs) allocated to this `DevEndpoint` .", "title": "NumberOfNodes", "type": "number" }, "NumberOfWorkers": { "markdownDescription": "The number of workers of a defined `workerType` that are allocated to the development endpoint.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", "title": "NumberOfWorkers", "type": "number" }, "PublicKey": { "markdownDescription": "The public key to be used by this `DevEndpoint` for authentication. This attribute is provided for backward compatibility because the recommended attribute to use is public keys.", "title": "PublicKey", "type": "string" }, "PublicKeys": { "items": { "type": "string" }, "markdownDescription": "A list of public keys to be used by the `DevEndpoints` for authentication. Using this attribute is preferred over a single public key because the public keys allow you to have a different private key per client.\n\n> If you previously created an endpoint with a public key, you must remove that key to be able to set a list of public keys. Call the `UpdateDevEndpoint` API operation with the public key content in the `deletePublicKeys` attribute, and the list of new keys in the `addPublicKeys` attribute.", "title": "PublicKeys", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used in this `DevEndpoint` .", "title": "RoleArn", "type": "string" }, "SecurityConfiguration": { "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this `DevEndpoint` .", "title": "SecurityConfiguration", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group identifiers used in this `DevEndpoint` .", "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { "markdownDescription": "The subnet ID for this `DevEndpoint` .", "title": "SubnetId", "type": "string" }, "Tags": { "markdownDescription": "The tags to use with this DevEndpoint.", "title": "Tags", "type": "object" }, "WorkerType": { "markdownDescription": "The type of predefined worker that is allocated to the development endpoint. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk), and provides 1 executor per worker. We recommend this worker type for memory-intensive jobs.\n\nKnown issue: when a development endpoint is created with the `G.2X` `WorkerType` configuration, the Spark drivers for the development endpoint will run on 4 vCPU, 16 GB of memory, and a 64 GB disk.", "title": "WorkerType", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::DevEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Job": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocatedCapacity": { "markdownDescription": "This parameter is no longer supported. Use `MaxCapacity` instead.\n\nThe number of capacity units that are allocated to this job.", "title": "AllocatedCapacity", "type": "number" }, "Command": { "$ref": "#/definitions/AWS::Glue::Job.JobCommand", "markdownDescription": "The code that executes a job.", "title": "Command" }, "Connections": { "$ref": "#/definitions/AWS::Glue::Job.ConnectionsList", "markdownDescription": "The connections used for this job.", "title": "Connections" }, "DefaultArguments": { "markdownDescription": "The default arguments for this job, specified as name-value pairs.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) in the *AWS Glue Developer Guide* .", "title": "DefaultArguments", "type": "object" }, "Description": { "markdownDescription": "A description of the job.", "title": "Description", "type": "string" }, "ExecutionClass": { "markdownDescription": "Indicates whether the job is run with a standard or flexible execution class. The standard execution class is ideal for time-sensitive workloads that require fast job startup and dedicated resources.\n\nThe flexible execution class is appropriate for time-insensitive jobs whose start and completion times may vary.\n\nOnly jobs with AWS Glue version 3.0 and above and command type `glueetl` will be allowed to set `ExecutionClass` to `FLEX` . The flexible execution class is available for Spark jobs.", "title": "ExecutionClass", "type": "string" }, "ExecutionProperty": { "$ref": "#/definitions/AWS::Glue::Job.ExecutionProperty", "markdownDescription": "The maximum number of concurrent runs that are allowed for this job.", "title": "ExecutionProperty" }, "GlueVersion": { "markdownDescription": "Glue version determines the versions of Apache Spark and Python that AWS Glue supports. The Python version indicates the version supported for jobs of type Spark.\n\nFor more information about the available AWS Glue versions and corresponding Spark and Python versions, see [Glue version](https://docs.aws.amazon.com/glue/latest/dg/add-job.html) in the developer guide.\n\nJobs that are created without specifying a Glue version default to the latest Glue version available.", "title": "GlueVersion", "type": "string" }, "LogUri": { "markdownDescription": "This field is reserved for future use.", "title": "LogUri", "type": "string" }, "MaxCapacity": { "markdownDescription": "The number of AWS Glue data processing units (DPUs) that can be allocated when this job runs. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory.\n\nDo not set `Max Capacity` if using `WorkerType` and `NumberOfWorkers` .\n\nThe value that can be allocated for `MaxCapacity` depends on whether you are running a Python shell job or an Apache Spark ETL job:\n\n- When you specify a Python shell job ( `JobCommand.Name` =\"pythonshell\"), you can allocate either 0.0625 or 1 DPU. The default is 0.0625 DPU.\n- When you specify an Apache Spark ETL job ( `JobCommand.Name` =\"glueetl\"), you can allocate from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot have a fractional DPU allocation.", "title": "MaxCapacity", "type": "number" }, "MaxRetries": { "markdownDescription": "The maximum number of times to retry this job after a JobRun fails.", "title": "MaxRetries", "type": "number" }, "Name": { "markdownDescription": "The name you assign to this job definition.", "title": "Name", "type": "string" }, "NonOverridableArguments": { "markdownDescription": "Non-overridable arguments for this job, specified as name-value pairs.", "title": "NonOverridableArguments", "type": "object" }, "NotificationProperty": { "$ref": "#/definitions/AWS::Glue::Job.NotificationProperty", "markdownDescription": "Specifies configuration properties of a notification.", "title": "NotificationProperty" }, "NumberOfWorkers": { "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a job runs.\n\nThe maximum number of workers you can define are 299 for `G.1X` , and 149 for `G.2X` .", "title": "NumberOfWorkers", "type": "number" }, "Role": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role associated with this job.", "title": "Role", "type": "string" }, "SecurityConfiguration": { "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this job.", "title": "SecurityConfiguration", "type": "string" }, "Tags": { "markdownDescription": "The tags to use with this job.", "title": "Tags", "type": "object" }, "Timeout": { "markdownDescription": "The job timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours).", "title": "Timeout", "type": "number" }, "WorkerType": { "markdownDescription": "The type of predefined worker that is allocated when a job runs. Accepts a value of G.1X, G.2X, G.4X, G.8X or G.025X for Spark jobs. Accepts the value Z.2X for Ray jobs.\n\n- For the `G.1X` worker type, each worker maps to 1 DPU (4 vCPUs, 16 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.2X` worker type, each worker maps to 2 DPU (8 vCPUs, 32 GB of memory) with 128GB disk (approximately 77GB free), and provides 1 executor per worker. We recommend this worker type for workloads such as data transforms, joins, and queries, to offers a scalable and cost effective way to run most jobs.\n- For the `G.4X` worker type, each worker maps to 4 DPU (16 vCPUs, 64 GB of memory) with 256GB disk (approximately 235GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs in the following AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Canada (Central), Europe (Frankfurt), Europe (Ireland), and Europe (Stockholm).\n- For the `G.8X` worker type, each worker maps to 8 DPU (32 vCPUs, 128 GB of memory) with 512GB disk (approximately 487GB free), and provides 1 executor per worker. We recommend this worker type for jobs whose workloads contain your most demanding transforms, aggregations, joins, and queries. This worker type is available only for AWS Glue version 3.0 or later Spark ETL jobs, in the same AWS Regions as supported for the `G.4X` worker type.\n- For the `G.025X` worker type, each worker maps to 0.25 DPU (2 vCPUs, 4 GB of memory) with 84GB disk (approximately 34GB free), and provides 1 executor per worker. We recommend this worker type for low volume streaming jobs. This worker type is only available for AWS Glue version 3.0 streaming jobs.\n- For the `Z.2X` worker type, each worker maps to 2 M-DPU (8vCPUs, 64 GB of memory) with 128 GB disk (approximately 120GB free), and provides up to 8 Ray workers based on the autoscaler.", "title": "WorkerType", "type": "string" } }, "required": [ "Command", "Role" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Job" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Job.ConnectionsList": { "additionalProperties": false, "properties": { "Connections": { "items": { "type": "string" }, "markdownDescription": "A list of connections used by the job.", "title": "Connections", "type": "array" } }, "type": "object" }, "AWS::Glue::Job.ExecutionProperty": { "additionalProperties": false, "properties": { "MaxConcurrentRuns": { "markdownDescription": "The maximum number of concurrent runs allowed for the job. The default is 1. An error is returned when this threshold is reached. The maximum value you can specify is controlled by a service limit.", "title": "MaxConcurrentRuns", "type": "number" } }, "type": "object" }, "AWS::Glue::Job.JobCommand": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the job command. For an Apache Spark ETL job, this must be `glueetl` . For a Python shell job, it must be `pythonshell` . For an Apache Spark streaming ETL job, this must be `gluestreaming` . For a Ray job, this must be `glueray` .", "title": "Name", "type": "string" }, "PythonVersion": { "markdownDescription": "The Python version being used to execute a Python shell job. Allowed values are 3 or 3.9. Version 2 is deprecated.", "title": "PythonVersion", "type": "string" }, "Runtime": { "markdownDescription": "In Ray jobs, Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment. This field is not used in other job types. For supported runtime environment values, see [Working with Ray jobs](https://docs.aws.amazon.com/glue/latest/dg/ray-jobs-section.html) in the AWS Glue Developer Guide.", "title": "Runtime", "type": "string" }, "ScriptLocation": { "markdownDescription": "Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job (required).", "title": "ScriptLocation", "type": "string" } }, "type": "object" }, "AWS::Glue::Job.NotificationProperty": { "additionalProperties": false, "properties": { "NotifyDelayAfter": { "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification.", "title": "NotifyDelayAfter", "type": "number" } }, "type": "object" }, "AWS::Glue::MLTransform": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A user-defined, long-form description text for the machine learning transform.", "title": "Description", "type": "string" }, "GlueVersion": { "markdownDescription": "This value determines which version of AWS Glue this machine learning transform is compatible with. Glue 1.0 is recommended for most customers. If the value is not set, the Glue compatibility defaults to Glue 0.9. For more information, see [AWS Glue Versions](https://docs.aws.amazon.com/glue/latest/dg/release-notes.html#release-notes-versions) in the developer guide.", "title": "GlueVersion", "type": "string" }, "InputRecordTables": { "$ref": "#/definitions/AWS::Glue::MLTransform.InputRecordTables", "markdownDescription": "A list of AWS Glue table definitions used by the transform.", "title": "InputRecordTables" }, "MaxCapacity": { "markdownDescription": "The number of AWS Glue data processing units (DPUs) that are allocated to task runs for this transform. You can allocate from 2 to 100 DPUs; the default is 10. A DPU is a relative measure of processing power that consists of 4 vCPUs of compute capacity and 16 GB of memory. For more information, see the [AWS Glue pricing page](https://docs.aws.amazon.com/glue/pricing/) .\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.\n\nWhen the `WorkerType` field is set to a value other than `Standard` , the `MaxCapacity` field is set automatically and becomes read-only.", "title": "MaxCapacity", "type": "number" }, "MaxRetries": { "markdownDescription": "The maximum number of times to retry after an `MLTaskRun` of the machine learning transform fails.", "title": "MaxRetries", "type": "number" }, "Name": { "markdownDescription": "A user-defined name for the machine learning transform. Names are required to be unique. `Name` is optional:\n\n- If you supply `Name` , the stack cannot be repeatedly created.\n- If `Name` is not provided, a randomly generated name will be used instead.", "title": "Name", "type": "string" }, "NumberOfWorkers": { "markdownDescription": "The number of workers of a defined `workerType` that are allocated when a task of the transform runs.\n\nIf `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).", "title": "NumberOfWorkers", "type": "number" }, "Role": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the IAM role with the required permissions. The required permissions include both AWS Glue service role permissions to AWS Glue resources, and Amazon S3 permissions required by the transform.\n\n- This role needs AWS Glue service role permissions to allow access to resources in AWS Glue . See [Attach a Policy to IAM Users That Access AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/attach-policy-iam-user.html) .\n- This role needs permission to your Amazon Simple Storage Service (Amazon S3) sources, targets, temporary directory, scripts, and any libraries used by the task run for this transform.", "title": "Role", "type": "string" }, "Tags": { "markdownDescription": "The tags to use with this machine learning transform. You may use tags to limit access to the machine learning transform. For more information about tags in AWS Glue , see [AWS Tags in AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html) in the developer guide.", "title": "Tags", "type": "object" }, "Timeout": { "markdownDescription": "The timeout in minutes of the machine learning transform.", "title": "Timeout", "type": "number" }, "TransformEncryption": { "$ref": "#/definitions/AWS::Glue::MLTransform.TransformEncryption", "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data. Machine learning\ntransforms can access user data encrypted in Amazon S3 using KMS.\n\nAdditionally, imported labels and trained transforms can now be encrypted using a customer provided\nKMS key.", "title": "TransformEncryption" }, "TransformParameters": { "$ref": "#/definitions/AWS::Glue::MLTransform.TransformParameters", "markdownDescription": "The algorithm-specific parameters that are associated with the machine learning transform.", "title": "TransformParameters" }, "WorkerType": { "markdownDescription": "The type of predefined worker that is allocated when a task of this transform runs. Accepts a value of Standard, G.1X, or G.2X.\n\n- For the `Standard` worker type, each worker provides 4 vCPU, 16 GB of memory and a 50GB disk, and 2 executors per worker.\n- For the `G.1X` worker type, each worker provides 4 vCPU, 16 GB of memory and a 64GB disk, and 1 executor per worker.\n- For the `G.2X` worker type, each worker provides 8 vCPU, 32 GB of memory and a 128GB disk, and 1 executor per worker.\n\n`MaxCapacity` is a mutually exclusive option with `NumberOfWorkers` and `WorkerType` .\n\n- If either `NumberOfWorkers` or `WorkerType` is set, then `MaxCapacity` cannot be set.\n- If `MaxCapacity` is set then neither `NumberOfWorkers` or `WorkerType` can be set.\n- If `WorkerType` is set, then `NumberOfWorkers` is required (and vice versa).\n- `MaxCapacity` and `NumberOfWorkers` must both be at least 1.", "title": "WorkerType", "type": "string" } }, "required": [ "InputRecordTables", "Role", "TransformParameters" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::MLTransform" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::MLTransform.FindMatchesParameters": { "additionalProperties": false, "properties": { "AccuracyCostTradeoff": { "markdownDescription": "The value that is selected when tuning your transform for a balance between accuracy and cost. A value of 0.5 means that the system balances accuracy and cost concerns. A value of 1.0 means a bias purely for accuracy, which typically results in a higher cost, sometimes substantially higher. A value of 0.0 means a bias purely for cost, which results in a less accurate `FindMatches` transform, sometimes with unacceptable accuracy.\n\nAccuracy measures how well the transform finds true positives and true negatives. Increasing accuracy requires more machine resources and cost. But it also results in increased recall.\n\nCost measures how many compute resources, and thus money, are consumed to run the transform.", "title": "AccuracyCostTradeoff", "type": "number" }, "EnforceProvidedLabels": { "markdownDescription": "The value to switch on or off to force the output to match the provided labels from users. If the value is `True` , the `find matches` transform forces the output to match the provided labels. The results override the normal conflation results. If the value is `False` , the `find matches` transform does not ensure all the labels provided are respected, and the results rely on the trained model.\n\nNote that setting this value to true may increase the conflation execution time.", "title": "EnforceProvidedLabels", "type": "boolean" }, "PrecisionRecallTradeoff": { "markdownDescription": "The value selected when tuning your transform for a balance between precision and recall. A value of 0.5 means no preference; a value of 1.0 means a bias purely for precision, and a value of 0.0 means a bias for recall. Because this is a tradeoff, choosing values close to 1.0 means very low recall, and choosing values close to 0.0 results in very low precision.\n\nThe precision metric indicates how often your model is correct when it predicts a match.\n\nThe recall metric indicates that for an actual match, how often your model predicts the match.", "title": "PrecisionRecallTradeoff", "type": "number" }, "PrimaryKeyColumnName": { "markdownDescription": "The name of a column that uniquely identifies rows in the source table. Used to help identify matching records.", "title": "PrimaryKeyColumnName", "type": "string" } }, "required": [ "PrimaryKeyColumnName" ], "type": "object" }, "AWS::Glue::MLTransform.GlueTables": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "A unique identifier for the AWS Glue Data Catalog .", "title": "CatalogId", "type": "string" }, "ConnectionName": { "markdownDescription": "The name of the connection to the AWS Glue Data Catalog .", "title": "ConnectionName", "type": "string" }, "DatabaseName": { "markdownDescription": "A database name in the AWS Glue Data Catalog .", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "A table name in the AWS Glue Data Catalog .", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "TableName" ], "type": "object" }, "AWS::Glue::MLTransform.InputRecordTables": { "additionalProperties": false, "properties": { "GlueTables": { "items": { "$ref": "#/definitions/AWS::Glue::MLTransform.GlueTables" }, "markdownDescription": "The database and table in the AWS Glue Data Catalog that is used for input or output data.", "title": "GlueTables", "type": "array" } }, "type": "object" }, "AWS::Glue::MLTransform.MLUserDataEncryption": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The ID for the customer-provided KMS key.", "title": "KmsKeyId", "type": "string" }, "MLUserDataEncryptionMode": { "markdownDescription": "The encryption mode applied to user data. Valid values are:\n\n- DISABLED: encryption is disabled.\n- SSEKMS: use of server-side encryption with AWS Key Management Service (SSE-KMS) for user data\nstored in Amazon S3.", "title": "MLUserDataEncryptionMode", "type": "string" } }, "required": [ "MLUserDataEncryptionMode" ], "type": "object" }, "AWS::Glue::MLTransform.TransformEncryption": { "additionalProperties": false, "properties": { "MLUserDataEncryption": { "$ref": "#/definitions/AWS::Glue::MLTransform.MLUserDataEncryption", "markdownDescription": "The encryption-at-rest settings of the transform that apply to accessing user data.", "title": "MLUserDataEncryption" }, "TaskRunSecurityConfigurationName": { "markdownDescription": "The name of the security configuration.", "title": "TaskRunSecurityConfigurationName", "type": "string" } }, "type": "object" }, "AWS::Glue::MLTransform.TransformParameters": { "additionalProperties": false, "properties": { "FindMatchesParameters": { "$ref": "#/definitions/AWS::Glue::MLTransform.FindMatchesParameters", "markdownDescription": "The parameters for the find matches algorithm.", "title": "FindMatchesParameters" }, "TransformType": { "markdownDescription": "The type of machine learning transform. `FIND_MATCHES` is the only option.\n\nFor information about the types of machine learning transforms, see [Creating Machine Learning Transforms](https://docs.aws.amazon.com/glue/latest/dg/add-job-machine-learning-transform.html) .", "title": "TransformType", "type": "string" } }, "required": [ "TransformType" ], "type": "object" }, "AWS::Glue::Partition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The AWS account ID of the catalog in which the partion is to be created.\n\n> To specify the account ID, you can use the `Ref` intrinsic function with the `AWS::AccountId` pseudo parameter. For example: `!Ref AWS::AccountId`", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the catalog database in which to create the partition.", "title": "DatabaseName", "type": "string" }, "PartitionInput": { "$ref": "#/definitions/AWS::Glue::Partition.PartitionInput", "markdownDescription": "The structure used to create and update a partition.", "title": "PartitionInput" }, "TableName": { "markdownDescription": "The name of the metadata table in which the partition is to be created.", "title": "TableName", "type": "string" } }, "required": [ "CatalogId", "DatabaseName", "PartitionInput", "TableName" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Partition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Partition.Column": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A free-form text comment.", "title": "Comment", "type": "string" }, "Name": { "markdownDescription": "The name of the `Column` .", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The data type of the `Column` .", "title": "Type", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Glue::Partition.Order": { "additionalProperties": false, "properties": { "Column": { "markdownDescription": "The name of the column.", "title": "Column", "type": "string" }, "SortOrder": { "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", "title": "SortOrder", "type": "number" } }, "required": [ "Column" ], "type": "object" }, "AWS::Glue::Partition.PartitionInput": { "additionalProperties": false, "properties": { "Parameters": { "markdownDescription": "These key-value pairs define partition parameters.", "title": "Parameters", "type": "object" }, "StorageDescriptor": { "$ref": "#/definitions/AWS::Glue::Partition.StorageDescriptor", "markdownDescription": "Provides information about the physical location where the partition is stored.", "title": "StorageDescriptor" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values of the partition. Although this parameter is not required by the SDK, you must specify this parameter for a valid input.\n\nThe values for the keys for the new partition must be passed as an array of String objects that must be ordered in the same order as the partition keys appearing in the Amazon S3 prefix. Otherwise AWS Glue will add the values to the wrong keys.", "title": "Values", "type": "array" } }, "required": [ "Values" ], "type": "object" }, "AWS::Glue::Partition.SchemaId": { "additionalProperties": false, "properties": { "RegistryName": { "markdownDescription": "The name of the schema registry that contains the schema.", "title": "RegistryName", "type": "string" }, "SchemaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", "title": "SchemaArn", "type": "string" }, "SchemaName": { "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", "title": "SchemaName", "type": "string" } }, "type": "object" }, "AWS::Glue::Partition.SchemaReference": { "additionalProperties": false, "properties": { "SchemaId": { "$ref": "#/definitions/AWS::Glue::Partition.SchemaId", "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", "title": "SchemaId" }, "SchemaVersionId": { "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", "title": "SchemaVersionId", "type": "string" }, "SchemaVersionNumber": { "markdownDescription": "The version number of the schema.", "title": "SchemaVersionNumber", "type": "number" } }, "type": "object" }, "AWS::Glue::Partition.SerdeInfo": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the SerDe.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", "title": "Parameters", "type": "object" }, "SerializationLibrary": { "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", "title": "SerializationLibrary", "type": "string" } }, "type": "object" }, "AWS::Glue::Partition.SkewedInfo": { "additionalProperties": false, "properties": { "SkewedColumnNames": { "items": { "type": "string" }, "markdownDescription": "A list of names of columns that contain skewed values.", "title": "SkewedColumnNames", "type": "array" }, "SkewedColumnValueLocationMaps": { "markdownDescription": "A mapping of skewed values to the columns that contain them.", "title": "SkewedColumnValueLocationMaps", "type": "object" }, "SkewedColumnValues": { "items": { "type": "string" }, "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", "title": "SkewedColumnValues", "type": "array" } }, "type": "object" }, "AWS::Glue::Partition.StorageDescriptor": { "additionalProperties": false, "properties": { "BucketColumns": { "items": { "type": "string" }, "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", "title": "BucketColumns", "type": "array" }, "Columns": { "items": { "$ref": "#/definitions/AWS::Glue::Partition.Column" }, "markdownDescription": "A list of the `Columns` in the table.", "title": "Columns", "type": "array" }, "Compressed": { "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", "title": "Compressed", "type": "boolean" }, "InputFormat": { "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", "title": "InputFormat", "type": "string" }, "Location": { "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", "title": "Location", "type": "string" }, "NumberOfBuckets": { "markdownDescription": "The number of buckets.\n\nYou must specify this property if the partition contains any dimension columns.", "title": "NumberOfBuckets", "type": "number" }, "OutputFormat": { "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", "title": "OutputFormat", "type": "string" }, "Parameters": { "markdownDescription": "The user-supplied properties in key-value form.", "title": "Parameters", "type": "object" }, "SchemaReference": { "$ref": "#/definitions/AWS::Glue::Partition.SchemaReference", "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", "title": "SchemaReference" }, "SerdeInfo": { "$ref": "#/definitions/AWS::Glue::Partition.SerdeInfo", "markdownDescription": "The serialization/deserialization (SerDe) information.", "title": "SerdeInfo" }, "SkewedInfo": { "$ref": "#/definitions/AWS::Glue::Partition.SkewedInfo", "markdownDescription": "The information about values that appear frequently in a column (skewed values).", "title": "SkewedInfo" }, "SortColumns": { "items": { "$ref": "#/definitions/AWS::Glue::Partition.Order" }, "markdownDescription": "A list specifying the sort order of each bucket in the table.", "title": "SortColumns", "type": "array" }, "StoredAsSubDirectories": { "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", "title": "StoredAsSubDirectories", "type": "boolean" } }, "type": "object" }, "AWS::Glue::Registry": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the registry.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the registry.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Registry" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Schema": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CheckpointVersion": { "$ref": "#/definitions/AWS::Glue::Schema.SchemaVersion", "markdownDescription": "Specify the `VersionNumber` or the `IsLatest` for setting the checkpoint for the schema. This is only required for updating a checkpoint.", "title": "CheckpointVersion" }, "Compatibility": { "markdownDescription": "The compatibility mode of the schema.", "title": "Compatibility", "type": "string" }, "DataFormat": { "markdownDescription": "The data format of the schema definition. Currently only `AVRO` is supported.", "title": "DataFormat", "type": "string" }, "Description": { "markdownDescription": "A description of the schema if specified when created.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "Name of the schema to be created of max length of 255, and may only contain letters, numbers, hyphen, underscore, dollar sign, or hash mark. No whitespace.", "title": "Name", "type": "string" }, "Registry": { "$ref": "#/definitions/AWS::Glue::Schema.Registry", "markdownDescription": "The registry where a schema is stored.", "title": "Registry" }, "SchemaDefinition": { "markdownDescription": "The schema definition using the `DataFormat` setting for `SchemaName` .", "title": "SchemaDefinition", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "AWS tags that contain a key value pair and may be searched by console, command line, or API.", "title": "Tags", "type": "array" } }, "required": [ "Compatibility", "DataFormat", "Name", "SchemaDefinition" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Schema" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Schema.Registry": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the registry.", "title": "Arn", "type": "string" }, "Name": { "markdownDescription": "The name of the registry.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::Glue::Schema.SchemaVersion": { "additionalProperties": false, "properties": { "IsLatest": { "markdownDescription": "Indicates if this version is the latest version of the schema.", "title": "IsLatest", "type": "boolean" }, "VersionNumber": { "markdownDescription": "The version number of the schema.", "title": "VersionNumber", "type": "number" } }, "type": "object" }, "AWS::Glue::SchemaVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Schema": { "$ref": "#/definitions/AWS::Glue::SchemaVersion.Schema", "markdownDescription": "The schema that includes the schema version.", "title": "Schema" }, "SchemaDefinition": { "markdownDescription": "The schema definition for the schema version.", "title": "SchemaDefinition", "type": "string" } }, "required": [ "Schema", "SchemaDefinition" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::SchemaVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::SchemaVersion.Schema": { "additionalProperties": false, "properties": { "RegistryName": { "markdownDescription": "The name of the registry where the schema is stored. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", "title": "RegistryName", "type": "string" }, "SchemaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", "title": "SchemaArn", "type": "string" }, "SchemaName": { "markdownDescription": "The name of the schema. Either `SchemaArn` , or `SchemaName` and `RegistryName` has to be provided.", "title": "SchemaName", "type": "string" } }, "type": "object" }, "AWS::Glue::SchemaVersionMetadata": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A metadata key in a key-value pair for metadata.", "title": "Key", "type": "string" }, "SchemaVersionId": { "markdownDescription": "The version number of the schema.", "title": "SchemaVersionId", "type": "string" }, "Value": { "markdownDescription": "A metadata key's corresponding value.", "title": "Value", "type": "string" } }, "required": [ "Key", "SchemaVersionId", "Value" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::SchemaVersionMetadata" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::SecurityConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EncryptionConfiguration": { "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.EncryptionConfiguration", "markdownDescription": "The encryption configuration associated with this security configuration.", "title": "EncryptionConfiguration" }, "Name": { "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" } }, "required": [ "EncryptionConfiguration", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::SecurityConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::SecurityConfiguration.CloudWatchEncryption": { "additionalProperties": false, "properties": { "CloudWatchEncryptionMode": { "markdownDescription": "The encryption mode to use for CloudWatch data.", "title": "CloudWatchEncryptionMode", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::Glue::SecurityConfiguration.EncryptionConfiguration": { "additionalProperties": false, "properties": { "CloudWatchEncryption": { "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.CloudWatchEncryption", "markdownDescription": "The encryption configuration for Amazon CloudWatch.", "title": "CloudWatchEncryption" }, "JobBookmarksEncryption": { "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.JobBookmarksEncryption", "markdownDescription": "The encryption configuration for job bookmarks.", "title": "JobBookmarksEncryption" }, "S3Encryptions": { "$ref": "#/definitions/AWS::Glue::SecurityConfiguration.S3Encryptions", "markdownDescription": "The encyption configuration for Amazon Simple Storage Service (Amazon S3) data.", "title": "S3Encryptions" } }, "type": "object" }, "AWS::Glue::SecurityConfiguration.JobBookmarksEncryption": { "additionalProperties": false, "properties": { "JobBookmarksEncryptionMode": { "markdownDescription": "The encryption mode to use for job bookmarks data.", "title": "JobBookmarksEncryptionMode", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::Glue::SecurityConfiguration.S3Encryption": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the KMS key to be used to encrypt the data.", "title": "KmsKeyArn", "type": "string" }, "S3EncryptionMode": { "markdownDescription": "The encryption mode to use for Amazon S3 data.", "title": "S3EncryptionMode", "type": "string" } }, "type": "object" }, "AWS::Glue::SecurityConfiguration.S3Encryptions": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Glue::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the Data Catalog in which to create the `Table` .", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database where the table metadata resides. For Hive compatibility, this must be all lowercase.", "title": "DatabaseName", "type": "string" }, "OpenTableFormatInput": { "$ref": "#/definitions/AWS::Glue::Table.OpenTableFormatInput", "markdownDescription": "Specifies an `OpenTableFormatInput` structure when creating an open format table.", "title": "OpenTableFormatInput" }, "TableInput": { "$ref": "#/definitions/AWS::Glue::Table.TableInput", "markdownDescription": "A structure used to define a table.", "title": "TableInput" } }, "required": [ "CatalogId", "DatabaseName", "TableInput" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Table" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Table.Column": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "A free-form text comment.", "title": "Comment", "type": "string" }, "Name": { "markdownDescription": "The name of the `Column` .", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The data type of the `Column` .", "title": "Type", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Glue::Table.IcebergInput": { "additionalProperties": false, "properties": { "MetadataOperation": { "$ref": "#/definitions/AWS::Glue::Table.MetadataOperation", "markdownDescription": "A required metadata operation. Can only be set to CREATE.", "title": "MetadataOperation" }, "Version": { "markdownDescription": "The table version for the Iceberg table. Defaults to 2.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::Glue::Table.MetadataOperation": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Glue::Table.OpenTableFormatInput": { "additionalProperties": false, "properties": { "IcebergInput": { "$ref": "#/definitions/AWS::Glue::Table.IcebergInput", "markdownDescription": "Specifies an `IcebergInput` structure that defines an Apache Iceberg metadata table.", "title": "IcebergInput" } }, "type": "object" }, "AWS::Glue::Table.Order": { "additionalProperties": false, "properties": { "Column": { "markdownDescription": "The name of the column.", "title": "Column", "type": "string" }, "SortOrder": { "markdownDescription": "Indicates that the column is sorted in ascending order ( `== 1` ), or in descending order ( `==0` ).", "title": "SortOrder", "type": "number" } }, "required": [ "Column", "SortOrder" ], "type": "object" }, "AWS::Glue::Table.SchemaId": { "additionalProperties": false, "properties": { "RegistryName": { "markdownDescription": "The name of the schema registry that contains the schema.", "title": "RegistryName", "type": "string" }, "SchemaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the schema. One of `SchemaArn` or `SchemaName` has to be\nprovided.", "title": "SchemaArn", "type": "string" }, "SchemaName": { "markdownDescription": "The name of the schema. One of `SchemaArn` or `SchemaName` has to be provided.", "title": "SchemaName", "type": "string" } }, "type": "object" }, "AWS::Glue::Table.SchemaReference": { "additionalProperties": false, "properties": { "SchemaId": { "$ref": "#/definitions/AWS::Glue::Table.SchemaId", "markdownDescription": "A structure that contains schema identity fields. Either this or the `SchemaVersionId` has to be\nprovided.", "title": "SchemaId" }, "SchemaVersionId": { "markdownDescription": "The unique ID assigned to a version of the schema. Either this or the `SchemaId` has to be provided.", "title": "SchemaVersionId", "type": "string" }, "SchemaVersionNumber": { "markdownDescription": "The version number of the schema.", "title": "SchemaVersionNumber", "type": "number" } }, "type": "object" }, "AWS::Glue::Table.SerdeInfo": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the SerDe.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "These key-value pairs define initialization parameters for the SerDe.", "title": "Parameters", "type": "object" }, "SerializationLibrary": { "markdownDescription": "Usually the class that implements the SerDe. An example is `org.apache.hadoop.hive.serde2.columnar.ColumnarSerDe` .", "title": "SerializationLibrary", "type": "string" } }, "type": "object" }, "AWS::Glue::Table.SkewedInfo": { "additionalProperties": false, "properties": { "SkewedColumnNames": { "items": { "type": "string" }, "markdownDescription": "A list of names of columns that contain skewed values.", "title": "SkewedColumnNames", "type": "array" }, "SkewedColumnValueLocationMaps": { "markdownDescription": "A mapping of skewed values to the columns that contain them.", "title": "SkewedColumnValueLocationMaps", "type": "object" }, "SkewedColumnValues": { "items": { "type": "string" }, "markdownDescription": "A list of values that appear so frequently as to be considered skewed.", "title": "SkewedColumnValues", "type": "array" } }, "type": "object" }, "AWS::Glue::Table.StorageDescriptor": { "additionalProperties": false, "properties": { "BucketColumns": { "items": { "type": "string" }, "markdownDescription": "A list of reducer grouping columns, clustering columns, and bucketing columns in the table.", "title": "BucketColumns", "type": "array" }, "Columns": { "items": { "$ref": "#/definitions/AWS::Glue::Table.Column" }, "markdownDescription": "A list of the `Columns` in the table.", "title": "Columns", "type": "array" }, "Compressed": { "markdownDescription": "`True` if the data in the table is compressed, or `False` if not.", "title": "Compressed", "type": "boolean" }, "InputFormat": { "markdownDescription": "The input format: `SequenceFileInputFormat` (binary), or `TextInputFormat` , or a custom format.", "title": "InputFormat", "type": "string" }, "Location": { "markdownDescription": "The physical location of the table. By default, this takes the form of the warehouse location, followed by the database location in the warehouse, followed by the table name.", "title": "Location", "type": "string" }, "NumberOfBuckets": { "markdownDescription": "Must be specified if the table contains any dimension columns.", "title": "NumberOfBuckets", "type": "number" }, "OutputFormat": { "markdownDescription": "The output format: `SequenceFileOutputFormat` (binary), or `IgnoreKeyTextOutputFormat` , or a custom format.", "title": "OutputFormat", "type": "string" }, "Parameters": { "markdownDescription": "The user-supplied properties in key-value form.", "title": "Parameters", "type": "object" }, "SchemaReference": { "$ref": "#/definitions/AWS::Glue::Table.SchemaReference", "markdownDescription": "An object that references a schema stored in the AWS Glue Schema Registry.", "title": "SchemaReference" }, "SerdeInfo": { "$ref": "#/definitions/AWS::Glue::Table.SerdeInfo", "markdownDescription": "The serialization/deserialization (SerDe) information.", "title": "SerdeInfo" }, "SkewedInfo": { "$ref": "#/definitions/AWS::Glue::Table.SkewedInfo", "markdownDescription": "The information about values that appear frequently in a column (skewed values).", "title": "SkewedInfo" }, "SortColumns": { "items": { "$ref": "#/definitions/AWS::Glue::Table.Order" }, "markdownDescription": "A list specifying the sort order of each bucket in the table.", "title": "SortColumns", "type": "array" }, "StoredAsSubDirectories": { "markdownDescription": "`True` if the table data is stored in subdirectories, or `False` if not.", "title": "StoredAsSubDirectories", "type": "boolean" } }, "type": "object" }, "AWS::Glue::Table.TableIdentifier": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the Data Catalog in which the table resides.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the catalog database that contains the target table.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the target table.", "title": "Name", "type": "string" }, "Region": { "markdownDescription": "The Region of the table.", "title": "Region", "type": "string" } }, "type": "object" }, "AWS::Glue::Table.TableInput": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the table.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The table name. For Hive compatibility, this is folded to lowercase when it is stored.", "title": "Name", "type": "string" }, "Owner": { "markdownDescription": "The table owner. Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", "title": "Owner", "type": "string" }, "Parameters": { "markdownDescription": "These key-value pairs define properties associated with the table.", "title": "Parameters", "type": "object" }, "PartitionKeys": { "items": { "$ref": "#/definitions/AWS::Glue::Table.Column" }, "markdownDescription": "A list of columns by which the table is partitioned. Only primitive types are supported as partition keys.\n\nWhen you create a table used by Amazon Athena, and you do not specify any `partitionKeys` , you must at least set the value of `partitionKeys` to an empty list. For example:\n\n`\"PartitionKeys\": []`", "title": "PartitionKeys", "type": "array" }, "Retention": { "markdownDescription": "The retention time for this table.", "title": "Retention", "type": "number" }, "StorageDescriptor": { "$ref": "#/definitions/AWS::Glue::Table.StorageDescriptor", "markdownDescription": "A storage descriptor containing information about the physical storage of this table.", "title": "StorageDescriptor" }, "TableType": { "markdownDescription": "The type of this table. AWS Glue will create tables with the `EXTERNAL_TABLE` type. Other services, such as Athena, may create tables with additional table types.\n\nAWS Glue related table types:\n\n- **EXTERNAL_TABLE** - Hive compatible attribute - indicates a non-Hive managed table.\n- **GOVERNED** - Used by AWS Lake Formation . The AWS Glue Data Catalog understands `GOVERNED` .", "title": "TableType", "type": "string" }, "TargetTable": { "$ref": "#/definitions/AWS::Glue::Table.TableIdentifier", "markdownDescription": "A `TableIdentifier` structure that describes a target table for resource linking.", "title": "TargetTable" }, "ViewExpandedText": { "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations.", "title": "ViewExpandedText", "type": "string" }, "ViewOriginalText": { "markdownDescription": "Included for Apache Hive compatibility. Not used in the normal course of AWS Glue operations. If the table is a `VIRTUAL_VIEW` , certain Athena configuration encoded in base64.", "title": "ViewOriginalText", "type": "string" } }, "type": "object" }, "AWS::Glue::TableOptimizer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The catalog ID of the table.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database. For Hive compatibility, this is folded to lowercase when it is stored.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The table name. For Hive compatibility, this must be entirely lowercase.", "title": "TableName", "type": "string" }, "TableOptimizerConfiguration": { "$ref": "#/definitions/AWS::Glue::TableOptimizer.TableOptimizerConfiguration", "markdownDescription": "Specifies configuration details of a table optimizer.", "title": "TableOptimizerConfiguration" }, "Type": { "markdownDescription": "The type of table optimizer. Currently, the only valid value is compaction.", "title": "Type", "type": "string" } }, "required": [ "CatalogId", "DatabaseName", "TableName", "TableOptimizerConfiguration", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::TableOptimizer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::TableOptimizer.TableOptimizerConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether the table optimization is enabled.", "title": "Enabled", "type": "boolean" }, "RoleArn": { "markdownDescription": "A role passed by the caller which gives the service permission to update the resources associated with the optimizer on the caller's behalf.", "title": "RoleArn", "type": "string" } }, "required": [ "Enabled", "RoleArn" ], "type": "object" }, "AWS::Glue::Trigger": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::Glue::Trigger.Action" }, "markdownDescription": "The actions initiated by this trigger.", "title": "Actions", "type": "array" }, "Description": { "markdownDescription": "A description of this trigger.", "title": "Description", "type": "string" }, "EventBatchingCondition": { "$ref": "#/definitions/AWS::Glue::Trigger.EventBatchingCondition", "markdownDescription": "Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires.", "title": "EventBatchingCondition" }, "Name": { "markdownDescription": "The name of the trigger.", "title": "Name", "type": "string" }, "Predicate": { "$ref": "#/definitions/AWS::Glue::Trigger.Predicate", "markdownDescription": "The predicate of this trigger, which defines when it will fire.", "title": "Predicate" }, "Schedule": { "markdownDescription": "A `cron` expression used to specify the schedule. For more information, see [Time-Based Schedules for Jobs and Crawlers](https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html) in the *AWS Glue Developer Guide* . For example, to run something every day at 12:15 UTC, specify `cron(15 12 * * ? *)` .", "title": "Schedule", "type": "string" }, "StartOnCreation": { "markdownDescription": "Set to true to start `SCHEDULED` and `CONDITIONAL` triggers when created. True is not supported for `ON_DEMAND` triggers.", "title": "StartOnCreation", "type": "boolean" }, "Tags": { "markdownDescription": "The tags to use with this trigger.", "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The type of trigger that this is.", "title": "Type", "type": "string" }, "WorkflowName": { "markdownDescription": "The name of the workflow associated with the trigger.", "title": "WorkflowName", "type": "string" } }, "required": [ "Actions", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Glue::Trigger" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Glue::Trigger.Action": { "additionalProperties": false, "properties": { "Arguments": { "markdownDescription": "The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself.\n\nYou can specify arguments here that your own job-execution script consumes, in addition to arguments that AWS Glue itself consumes.\n\nFor information about how to specify and consume your own job arguments, see [Calling AWS Glue APIs in Python](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html) in the *AWS Glue Developer Guide* .\n\nFor information about the key-value pairs that AWS Glue consumes to set up your job, see the [Special Parameters Used by AWS Glue](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html) topic in the developer guide.", "title": "Arguments", "type": "object" }, "CrawlerName": { "markdownDescription": "The name of the crawler to be used with this action.", "title": "CrawlerName", "type": "string" }, "JobName": { "markdownDescription": "The name of a job to be executed.", "title": "JobName", "type": "string" }, "NotificationProperty": { "$ref": "#/definitions/AWS::Glue::Trigger.NotificationProperty", "markdownDescription": "Specifies configuration properties of a job run notification.", "title": "NotificationProperty" }, "SecurityConfiguration": { "markdownDescription": "The name of the `SecurityConfiguration` structure to be used with this action.", "title": "SecurityConfiguration", "type": "string" }, "Timeout": { "markdownDescription": "The `JobRun` timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job.", "title": "Timeout", "type": "number" } }, "type": "object" }, "AWS::Glue::Trigger.Condition": { "additionalProperties": false, "properties": { "CrawlState": { "markdownDescription": "The state of the crawler to which this condition applies.", "title": "CrawlState", "type": "string" }, "CrawlerName": { "markdownDescription": "The name of the crawler to which this condition applies.", "title": "CrawlerName", "type": "string" }, "JobName": { "markdownDescription": "The name of the job whose `JobRuns` this condition applies to, and on which this trigger waits.", "title": "JobName", "type": "string" }, "LogicalOperator": { "markdownDescription": "A logical operator.", "title": "LogicalOperator", "type": "string" }, "State": { "markdownDescription": "The condition state. Currently, the values supported are `SUCCEEDED` , `STOPPED` , `TIMEOUT` , and `FAILED` .", "title": "State", "type": "string" } }, "type": "object" }, "AWS::Glue::Trigger.EventBatchingCondition": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires.", "title": "BatchSize", "type": "number" }, "BatchWindow": { "markdownDescription": "Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received.", "title": "BatchWindow", "type": "number" } }, "required": [ "BatchSize" ], "type": "object" }, "AWS::Glue::Trigger.NotificationProperty": { "additionalProperties": false, "properties": { "NotifyDelayAfter": { "markdownDescription": "After a job run starts, the number of minutes to wait before sending a job run delay notification", "title": "NotifyDelayAfter", "type": "number" } }, "type": "object" }, "AWS::Glue::Trigger.Predicate": { "additionalProperties": false, "properties": { "Conditions": { "items": { "$ref": "#/definitions/AWS::Glue::Trigger.Condition" }, "markdownDescription": "A list of the conditions that determine when the trigger will fire.", "title": "Conditions", "type": "array" }, "Logical": { "markdownDescription": "An optional field if only one condition is listed. If multiple conditions are listed, then this field is required.", "title": "Logical", "type": "string" } }, "type": "object" }, "AWS::Glue::Workflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultRunProperties": { "markdownDescription": "A collection of properties to be used as part of each execution of the workflow", "title": "DefaultRunProperties", "type": "object" }, "Description": { "markdownDescription": "A description of the workflow", "title": "Description", "type": "string" }, "MaxConcurrentRuns": { "markdownDescription": "You can use this parameter to prevent unwanted multiple updates to data, to control costs, or in some cases, to prevent exceeding the maximum number of concurrent runs of any of the component jobs. If you leave this parameter blank, there is no limit to the number of concurrent workflow runs.", "title": "MaxConcurrentRuns", "type": "number" }, "Name": { "markdownDescription": "The name of the workflow representing the flow", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "The tags to use with this workflow.", "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::Glue::Workflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Grafana::Workspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountAccessType": { "markdownDescription": "Specifies whether the workspace can access AWS resources in this AWS account only, or whether it can also access AWS resources in other accounts in the same organization. If this is `ORGANIZATION` , the `OrganizationalUnits` parameter specifies which organizational units the workspace can access.", "title": "AccountAccessType", "type": "string" }, "AuthenticationProviders": { "items": { "type": "string" }, "markdownDescription": "Specifies whether this workspace uses SAML 2.0, AWS IAM Identity Center , or both to authenticate users for using the Grafana console within a workspace. For more information, see [User authentication in Amazon Managed Grafana](https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html) .\n\n*Allowed Values* : `AWS_SSO | SAML`", "title": "AuthenticationProviders", "type": "array" }, "ClientToken": { "markdownDescription": "A unique, case-sensitive, user-provided identifier to ensure the idempotency of the request.", "title": "ClientToken", "type": "string" }, "DataSources": { "items": { "type": "string" }, "markdownDescription": "Specifies the AWS data sources that have been configured to have IAM roles and permissions created to allow Amazon Managed Grafana to read data from these sources.\n\nThis list is only used when the workspace was created through the AWS console, and the `permissionType` is `SERVICE_MANAGED` .", "title": "DataSources", "type": "array" }, "Description": { "markdownDescription": "The user-defined description of the workspace.", "title": "Description", "type": "string" }, "GrafanaVersion": { "markdownDescription": "Specifies the version of Grafana to support in the workspace. Defaults to the latest version on create (for example, 9.4), or the current version of the workspace on update.\n\nCan only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).\n\nTo know what versions are available to upgrade to for a specific workspace, see the [ListVersions](https://docs.aws.amazon.com/grafana/latest/APIReference/API_ListVersions.html) operation.", "title": "GrafanaVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the workspace.", "title": "Name", "type": "string" }, "NetworkAccessControl": { "$ref": "#/definitions/AWS::Grafana::Workspace.NetworkAccessControl", "markdownDescription": "The configuration settings for network access to your workspace.", "title": "NetworkAccessControl" }, "NotificationDestinations": { "items": { "type": "string" }, "markdownDescription": "The AWS notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.\n\n*AllowedValues* : `SNS`", "title": "NotificationDestinations", "type": "array" }, "OrganizationRoleName": { "markdownDescription": "The name of the IAM role that is used to access resources through Organizations.", "title": "OrganizationRoleName", "type": "string" }, "OrganizationalUnits": { "items": { "type": "string" }, "markdownDescription": "Specifies the organizational units that this workspace is allowed to use data sources from, if this workspace is in an account that is part of an organization.", "title": "OrganizationalUnits", "type": "array" }, "PermissionType": { "markdownDescription": "If this is `SERVICE_MANAGED` , and the workplace was created through the Amazon Managed Grafana console, then Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use AWS data sources and notification channels.\n\nIf this is `CUSTOMER_MANAGED` , you must manage those roles and permissions yourself.\n\nIf you are working with a workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other AWS accounts in the organization, this parameter must be set to `CUSTOMER_MANAGED` .\n\nFor more information about converting between customer and service managed, see [Managing permissions for data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-datasource-and-notification.html) . For more information about the roles and permissions that must be managed for customer managed workspaces, see [Amazon Managed Grafana permissions and policies for AWS data sources and notification channels](https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html)", "title": "PermissionType", "type": "string" }, "PluginAdminEnabled": { "markdownDescription": "Whether plugin administration is enabled in the workspace. Setting to `true` allows workspace admins to install, uninstall, and update plugins from within the Grafana workspace.\n\n> This option is only valid for workspaces that support Grafana version 9 or newer.", "title": "PluginAdminEnabled", "type": "boolean" }, "RoleArn": { "markdownDescription": "The IAM role that grants permissions to the AWS resources that the workspace will view data from. This role must already exist.", "title": "RoleArn", "type": "string" }, "SamlConfiguration": { "$ref": "#/definitions/AWS::Grafana::Workspace.SamlConfiguration", "markdownDescription": "If the workspace uses SAML, use this structure to map SAML assertion attributes to workspace user information and define which groups in the assertion attribute are to have the `Admin` and `Editor` roles in the workspace.", "title": "SamlConfiguration" }, "StackSetName": { "markdownDescription": "The name of the AWS CloudFormation stack set that is used to generate IAM roles to be used for this workspace.", "title": "StackSetName", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::Grafana::Workspace.VpcConfiguration", "markdownDescription": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.\n\n> Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) Region (ap-northeast-2).", "title": "VpcConfiguration" } }, "required": [ "AccountAccessType", "AuthenticationProviders", "PermissionType" ], "type": "object" }, "Type": { "enum": [ "AWS::Grafana::Workspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Grafana::Workspace.AssertionAttributes": { "additionalProperties": false, "properties": { "Email": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the email names for SAML users.", "title": "Email", "type": "string" }, "Groups": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for user groups.", "title": "Groups", "type": "string" }, "Login": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the login names for SAML users.", "title": "Login", "type": "string" }, "Name": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for SAML users.", "title": "Name", "type": "string" }, "Org": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the user full \"friendly\" names for the users' organizations.", "title": "Org", "type": "string" }, "Role": { "markdownDescription": "The name of the attribute within the SAML assertion to use as the user roles.", "title": "Role", "type": "string" } }, "type": "object" }, "AWS::Grafana::Workspace.IdpMetadata": { "additionalProperties": false, "properties": { "Url": { "markdownDescription": "The URL of the location containing the IdP metadata.", "title": "Url", "type": "string" }, "Xml": { "markdownDescription": "The full IdP metadata, in XML format.", "title": "Xml", "type": "string" } }, "type": "object" }, "AWS::Grafana::Workspace.NetworkAccessControl": { "additionalProperties": false, "properties": { "PrefixListIds": { "items": { "type": "string" }, "markdownDescription": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration (passed an empty array) then no IP addresses are allowed to access the workspace. You create a prefix list using the Amazon VPC console.\n\nPrefix list IDs have the format `pl- *1a2b3c4d*` .\n\nFor more information about prefix lists, see [Group CIDR blocks using managed prefix lists](https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html) in the *Amazon Virtual Private Cloud User Guide* .", "title": "PrefixListIds", "type": "array" }, "VpceIds": { "items": { "type": "string" }, "markdownDescription": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a `NetworkAccessConfiguration` is specified then only VPC endpoints specified here are allowed to access the workspace. If you pass in an empty array of strings, then no VPCs are allowed to access the workspace.\n\nVPC endpoint IDs have the format `vpce- *1a2b3c4d*` .\n\nFor more information about creating an interface VPC endpoint, see [Interface VPC endpoints](https://docs.aws.amazon.com/grafana/latest/userguide/VPC-endpoints) in the *Amazon Managed Grafana User Guide* .\n\n> The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the `com.amazonaws.[region].grafana-workspace` service endpoint). Other VPC endpoints are ignored.", "title": "VpceIds", "type": "array" } }, "type": "object" }, "AWS::Grafana::Workspace.RoleValues": { "additionalProperties": false, "properties": { "Admin": { "items": { "type": "string" }, "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Admin` role to.", "title": "Admin", "type": "array" }, "Editor": { "items": { "type": "string" }, "markdownDescription": "A list of groups from the SAML assertion attribute to grant the Grafana `Editor` role to.", "title": "Editor", "type": "array" } }, "type": "object" }, "AWS::Grafana::Workspace.SamlConfiguration": { "additionalProperties": false, "properties": { "AllowedOrganizations": { "items": { "type": "string" }, "markdownDescription": "Lists which organizations defined in the SAML assertion are allowed to use the Amazon Managed Grafana workspace. If this is empty, all organizations in the assertion attribute have access.", "title": "AllowedOrganizations", "type": "array" }, "AssertionAttributes": { "$ref": "#/definitions/AWS::Grafana::Workspace.AssertionAttributes", "markdownDescription": "A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace.", "title": "AssertionAttributes" }, "IdpMetadata": { "$ref": "#/definitions/AWS::Grafana::Workspace.IdpMetadata", "markdownDescription": "A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace.", "title": "IdpMetadata" }, "LoginValidityDuration": { "markdownDescription": "How long a sign-on session by a SAML user is valid, before the user has to sign on again.", "title": "LoginValidityDuration", "type": "number" }, "RoleValues": { "$ref": "#/definitions/AWS::Grafana::Workspace.RoleValues", "markdownDescription": "A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace.", "title": "RoleValues" } }, "required": [ "IdpMetadata" ], "type": "object" }, "AWS::Grafana::Workspace.VpcConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 1 items. Maximum number of 5 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.\n\n*Array Members* : Minimum number of 2 items. Maximum number of 6 items.\n\n*Length* : Minimum length of 0. Maximum length of 255.", "title": "SubnetIds", "type": "array" } }, "required": [ "SecurityGroupIds", "SubnetIds" ], "type": "object" }, "AWS::Greengrass::ConnectorDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion", "markdownDescription": "The connector definition version to include when the connector definition is created. A connector definition version contains a list of [`connector`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-connectordefinition-connector.html) property types.\n\n> To associate a connector definition version after the connector definition is created, create an [`AWS::Greengrass::ConnectorDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-connectordefinitionversion.html) resource and specify the ID of this connector definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the connector definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the connector definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::ConnectorDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::ConnectorDefinition.Connector": { "additionalProperties": false, "properties": { "ConnectorArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", "title": "ConnectorArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Parameters": { "markdownDescription": "The parameters or configuration used by the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", "title": "Parameters", "type": "object" } }, "required": [ "ConnectorArn", "Id" ], "type": "object" }, "AWS::Greengrass::ConnectorDefinition.ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { "Connectors": { "items": { "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition.Connector" }, "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to a connector definition version at a time.", "title": "Connectors", "type": "array" } }, "required": [ "Connectors" ], "type": "object" }, "AWS::Greengrass::ConnectorDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectorDefinitionId": { "markdownDescription": "The ID of the connector definition associated with this version. This value is a GUID.", "title": "ConnectorDefinitionId", "type": "string" }, "Connectors": { "items": { "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion.Connector" }, "markdownDescription": "The connectors in this version. Only one instance of a given connector can be added to the connector definition version at a time.", "title": "Connectors", "type": "array" } }, "required": [ "ConnectorDefinitionId", "Connectors" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::ConnectorDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::ConnectorDefinitionVersion.Connector": { "additionalProperties": false, "properties": { "ConnectorArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the connector.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", "title": "ConnectorArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the connector. This value must be unique within the connector definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Parameters": { "markdownDescription": "The parameters or configuration that the connector uses.\n\nFor more information about connectors provided by AWS , see [Greengrass Connectors Provided by AWS](https://docs.aws.amazon.com/greengrass/v1/developerguide/connectors-list.html) .", "title": "Parameters", "type": "object" } }, "required": [ "ConnectorArn", "Id" ], "type": "object" }, "AWS::Greengrass::CoreDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.CoreDefinitionVersion", "markdownDescription": "The core definition version to include when the core definition is created. Currently, a core definition version can contain only one [`core`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-coredefinition-core.html) .\n\n> To associate a core definition version after the core definition is created, create an [`AWS::Greengrass::CoreDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-coredefinitionversion.html) resource and specify the ID of this core definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the core definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the core definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::CoreDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::CoreDefinition.Core": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", "title": "CertificateArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "SyncShadow": { "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", "title": "SyncShadow", "type": "boolean" }, "ThingArn": { "markdownDescription": "The ARN of the core, which is an AWS IoT device (thing).", "title": "ThingArn", "type": "string" } }, "required": [ "CertificateArn", "Id", "ThingArn" ], "type": "object" }, "AWS::Greengrass::CoreDefinition.CoreDefinitionVersion": { "additionalProperties": false, "properties": { "Cores": { "items": { "$ref": "#/definitions/AWS::Greengrass::CoreDefinition.Core" }, "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", "title": "Cores", "type": "array" } }, "required": [ "Cores" ], "type": "object" }, "AWS::Greengrass::CoreDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CoreDefinitionId": { "markdownDescription": "The ID of the core definition associated with this version. This value is a GUID.", "title": "CoreDefinitionId", "type": "string" }, "Cores": { "items": { "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion.Core" }, "markdownDescription": "The Greengrass core in this version. Currently, the `Cores` property for a core definition version can contain only one core.", "title": "Cores", "type": "array" } }, "required": [ "CoreDefinitionId", "Cores" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::CoreDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::CoreDefinitionVersion.Core": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The ARN of the device certificate for the core. This X.509 certificate is used to authenticate the core with AWS IoT and AWS IoT Greengrass services.", "title": "CertificateArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the core. This value must be unique within the core definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "SyncShadow": { "markdownDescription": "Indicates whether the core's local shadow is synced with the cloud automatically. The default is false.", "title": "SyncShadow", "type": "boolean" }, "ThingArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the core, which is an AWS IoT device (thing).", "title": "ThingArn", "type": "string" } }, "required": [ "CertificateArn", "Id", "ThingArn" ], "type": "object" }, "AWS::Greengrass::DeviceDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion", "markdownDescription": "The device definition version to include when the device definition is created. A device definition version contains a list of [`device`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-devicedefinition-device.html) property types.\n\n> To associate a device definition version after the device definition is created, create an [`AWS::Greengrass::DeviceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-devicedefinitionversion.html) resource and specify the ID of this device definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the device definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the device definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::DeviceDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::DeviceDefinition.Device": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", "title": "CertificateArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "SyncShadow": { "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", "title": "SyncShadow", "type": "boolean" }, "ThingArn": { "markdownDescription": "The ARN of the device, which is an AWS IoT device (thing).", "title": "ThingArn", "type": "string" } }, "required": [ "CertificateArn", "Id", "ThingArn" ], "type": "object" }, "AWS::Greengrass::DeviceDefinition.DeviceDefinitionVersion": { "additionalProperties": false, "properties": { "Devices": { "items": { "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition.Device" }, "markdownDescription": "The devices in this version.", "title": "Devices", "type": "array" } }, "required": [ "Devices" ], "type": "object" }, "AWS::Greengrass::DeviceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeviceDefinitionId": { "markdownDescription": "The ID of the device definition associated with this version. This value is a GUID.", "title": "DeviceDefinitionId", "type": "string" }, "Devices": { "items": { "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion.Device" }, "markdownDescription": "The devices in this version.", "title": "Devices", "type": "array" } }, "required": [ "DeviceDefinitionId", "Devices" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::DeviceDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::DeviceDefinitionVersion.Device": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The ARN of the device certificate for the device. This X.509 certificate is used to authenticate the device with AWS IoT and AWS IoT Greengrass services.", "title": "CertificateArn", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the device. This value must be unique within the device definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "SyncShadow": { "markdownDescription": "Indicates whether the device's local shadow is synced with the cloud automatically.", "title": "SyncShadow", "type": "boolean" }, "ThingArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the device, which is an AWS IoT device (thing).", "title": "ThingArn", "type": "string" } }, "required": [ "CertificateArn", "Id", "ThingArn" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion", "markdownDescription": "The function definition version to include when the function definition is created. A function definition version contains a list of [`function`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinition-function.html) property types.\n\n> To associate a function definition version after the function definition is created, create an [`AWS::Greengrass::FunctionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-functiondefinitionversion.html) resource and specify the ID of this function definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the function definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the function definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::FunctionDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition.DefaultConfig": { "additionalProperties": false, "properties": { "Execution": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", "title": "Execution" } }, "required": [ "Execution" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition.Environment": { "additionalProperties": false, "properties": { "AccessSysfs": { "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", "title": "AccessSysfs", "type": "boolean" }, "Execution": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Execution", "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", "title": "Execution" }, "ResourceAccessPolicies": { "items": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy" }, "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only for Lambda functions that run in a Greengrass container.", "title": "ResourceAccessPolicies", "type": "array" }, "Variables": { "markdownDescription": "Environment variables for the Lambda function.", "title": "Variables", "type": "object" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinition.Execution": { "additionalProperties": false, "properties": { "IsolationMode": { "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", "title": "IsolationMode", "type": "string" }, "RunAs": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.RunAs", "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", "title": "RunAs" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinition.Function": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", "title": "FunctionArn", "type": "string" }, "FunctionConfiguration": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.FunctionConfiguration", "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", "title": "FunctionConfiguration" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" } }, "required": [ "FunctionArn", "FunctionConfiguration", "Id" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition.FunctionConfiguration": { "additionalProperties": false, "properties": { "EncodingType": { "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", "title": "EncodingType", "type": "string" }, "Environment": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Environment", "markdownDescription": "The environment configuration of the function.", "title": "Environment" }, "ExecArgs": { "markdownDescription": "The execution arguments.", "title": "ExecArgs", "type": "string" }, "Executable": { "markdownDescription": "The name of the function executable.", "title": "Executable", "type": "string" }, "MemorySize": { "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", "title": "MemorySize", "type": "number" }, "Pinned": { "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", "title": "Pinned", "type": "boolean" }, "Timeout": { "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", "title": "Timeout", "type": "number" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinition.FunctionDefinitionVersion": { "additionalProperties": false, "properties": { "DefaultConfig": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.DefaultConfig", "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", "title": "DefaultConfig" }, "Functions": { "items": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition.Function" }, "markdownDescription": "The functions in this version.", "title": "Functions", "type": "array" } }, "required": [ "Functions" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition.ResourceAccessPolicy": { "additionalProperties": false, "properties": { "Permission": { "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", "title": "Permission", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", "title": "ResourceId", "type": "string" } }, "required": [ "ResourceId" ], "type": "object" }, "AWS::Greengrass::FunctionDefinition.RunAs": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", "title": "Gid", "type": "number" }, "Uid": { "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", "title": "Uid", "type": "number" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultConfig": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig", "markdownDescription": "The default configuration that applies to all Lambda functions in the group. Individual Lambda functions can override these settings.", "title": "DefaultConfig" }, "FunctionDefinitionId": { "markdownDescription": "The ID of the function definition associated with this version. This value is a GUID.", "title": "FunctionDefinitionId", "type": "string" }, "Functions": { "items": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Function" }, "markdownDescription": "The functions in this version.", "title": "Functions", "type": "array" } }, "required": [ "FunctionDefinitionId", "Functions" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::FunctionDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.DefaultConfig": { "additionalProperties": false, "properties": { "Execution": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", "markdownDescription": "Configuration settings for the Lambda execution environment on the AWS IoT Greengrass core.", "title": "Execution" } }, "required": [ "Execution" ], "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.Environment": { "additionalProperties": false, "properties": { "AccessSysfs": { "markdownDescription": "Indicates whether the function is allowed to access the `/sys` directory on the core device, which allows the read device information from `/sys` .\n\n> This property applies only to Lambda functions that run in a Greengrass container.", "title": "AccessSysfs", "type": "boolean" }, "Execution": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Execution", "markdownDescription": "Settings for the Lambda execution environment in AWS IoT Greengrass .", "title": "Execution" }, "ResourceAccessPolicies": { "items": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy" }, "markdownDescription": "A list of the [resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinitionversion-resourceinstance.html) in the group that the function can access, with the corresponding read-only or read-write permissions. The maximum is 10 resources.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", "title": "ResourceAccessPolicies", "type": "array" }, "Variables": { "markdownDescription": "Environment variables for the Lambda function.", "title": "Variables", "type": "object" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.Execution": { "additionalProperties": false, "properties": { "IsolationMode": { "markdownDescription": "The containerization that the Lambda function runs in. Valid values are `GreengrassContainer` or `NoContainer` . Typically, this is `GreengrassContainer` . For more information, see [Containerization](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-function-containerization) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default containerization for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. Omit this value to run the function with the default containerization.\n\n> We recommend that you run in a Greengrass container unless your business case requires that you run without containerization.", "title": "IsolationMode", "type": "string" }, "RunAs": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.RunAs", "markdownDescription": "The user and group permissions used to run the Lambda function. Typically, this is the ggc_user and ggc_group. For more information, see [Run as](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-access-identity.html) in the *Developer Guide* .\n\n- When set on the [`DefaultConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-defaultconfig.html) property of a function definition version, this setting is used as the default access identity for all Lambda functions in the function definition version.\n- When set on the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-functiondefinitionversion-environment.html) property of a function, this setting applies to the individual function and overrides the default. You can override the user, group, or both. Omit this value to run the function with the default permissions.\n\n> Running as the root user increases risks to your data and device. Do not run as root (UID/GID=0) unless your business case requires it. For more information and requirements, see [Running a Lambda Function as Root](https://docs.aws.amazon.com/greengrass/v1/developerguide/lambda-group-config.html#lambda-running-as-root) .", "title": "RunAs" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.Function": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the alias (recommended) or version of the referenced Lambda function.", "title": "FunctionArn", "type": "string" }, "FunctionConfiguration": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration", "markdownDescription": "The group-specific settings of the Lambda function. These settings configure the function's behavior in the Greengrass group.", "title": "FunctionConfiguration" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the function. This value must be unique within the function definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" } }, "required": [ "FunctionArn", "FunctionConfiguration", "Id" ], "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.FunctionConfiguration": { "additionalProperties": false, "properties": { "EncodingType": { "markdownDescription": "The expected encoding type of the input payload for the function. Valid values are `json` (default) and `binary` .", "title": "EncodingType", "type": "string" }, "Environment": { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion.Environment", "markdownDescription": "The environment configuration of the function.", "title": "Environment" }, "ExecArgs": { "markdownDescription": "The execution arguments.", "title": "ExecArgs", "type": "string" }, "Executable": { "markdownDescription": "The name of the function executable.", "title": "Executable", "type": "string" }, "MemorySize": { "markdownDescription": "The memory size (in KB) required by the function.\n\n> This property applies only to Lambda functions that run in a Greengrass container.", "title": "MemorySize", "type": "number" }, "Pinned": { "markdownDescription": "Indicates whether the function is pinned (or *long-lived* ). Pinned functions start when the core starts and process all requests in the same container. The default value is false.", "title": "Pinned", "type": "boolean" }, "Timeout": { "markdownDescription": "The allowed execution time (in seconds) after which the function should terminate. For pinned functions, this timeout applies for each request.", "title": "Timeout", "type": "number" } }, "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.ResourceAccessPolicy": { "additionalProperties": false, "properties": { "Permission": { "markdownDescription": "The read-only or read-write access that the Lambda function has to the resource. Valid values are `ro` or `rw` .", "title": "Permission", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the resource. This ID is assigned to the resource when you create the resource definition.", "title": "ResourceId", "type": "string" } }, "required": [ "ResourceId" ], "type": "object" }, "AWS::Greengrass::FunctionDefinitionVersion.RunAs": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The group ID whose permissions are used to run the Lambda function. You can use the `getent group` command on your core device to look up the group ID.", "title": "Gid", "type": "number" }, "Uid": { "markdownDescription": "The user ID whose permissions are used to run the Lambda function. You can use the `getent passwd` command on your core device to look up the user ID.", "title": "Uid", "type": "number" } }, "type": "object" }, "AWS::Greengrass::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::Group.GroupVersion", "markdownDescription": "The group version to include when the group is created. A group version references the Amazon Resource Name (ARN) of a core definition version, device definition version, subscription definition version, and other version types. The group version must reference a core definition version that contains one core. Other version types are optionally included, depending on your business need.\n\n> To associate a group version after the group is created, create an [`AWS::Greengrass::GroupVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-groupversion.html) resource and specify the ID of this group.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the group.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role attached to the group. This role contains the permissions that Lambda functions and connectors use to interact with other AWS services.", "title": "RoleArn", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the group. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::Group.GroupVersion": { "additionalProperties": false, "properties": { "ConnectorDefinitionVersionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", "title": "ConnectorDefinitionVersionArn", "type": "string" }, "CoreDefinitionVersionArn": { "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", "title": "CoreDefinitionVersionArn", "type": "string" }, "DeviceDefinitionVersionArn": { "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", "title": "DeviceDefinitionVersionArn", "type": "string" }, "FunctionDefinitionVersionArn": { "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", "title": "FunctionDefinitionVersionArn", "type": "string" }, "LoggerDefinitionVersionArn": { "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", "title": "LoggerDefinitionVersionArn", "type": "string" }, "ResourceDefinitionVersionArn": { "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", "title": "ResourceDefinitionVersionArn", "type": "string" }, "SubscriptionDefinitionVersionArn": { "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", "title": "SubscriptionDefinitionVersionArn", "type": "string" } }, "type": "object" }, "AWS::Greengrass::GroupVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectorDefinitionVersionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the connector definition version that contains the connectors you want to deploy with the group version.", "title": "ConnectorDefinitionVersionArn", "type": "string" }, "CoreDefinitionVersionArn": { "markdownDescription": "The ARN of the core definition version that contains the core you want to deploy with the group version. Currently, the core definition version can contain only one core.", "title": "CoreDefinitionVersionArn", "type": "string" }, "DeviceDefinitionVersionArn": { "markdownDescription": "The ARN of the device definition version that contains the devices you want to deploy with the group version.", "title": "DeviceDefinitionVersionArn", "type": "string" }, "FunctionDefinitionVersionArn": { "markdownDescription": "The ARN of the function definition version that contains the functions you want to deploy with the group version.", "title": "FunctionDefinitionVersionArn", "type": "string" }, "GroupId": { "markdownDescription": "The ID of the group associated with this version. This value is a GUID.", "title": "GroupId", "type": "string" }, "LoggerDefinitionVersionArn": { "markdownDescription": "The ARN of the logger definition version that contains the loggers you want to deploy with the group version.", "title": "LoggerDefinitionVersionArn", "type": "string" }, "ResourceDefinitionVersionArn": { "markdownDescription": "The ARN of the resource definition version that contains the resources you want to deploy with the group version.", "title": "ResourceDefinitionVersionArn", "type": "string" }, "SubscriptionDefinitionVersionArn": { "markdownDescription": "The ARN of the subscription definition version that contains the subscriptions you want to deploy with the group version.", "title": "SubscriptionDefinitionVersionArn", "type": "string" } }, "required": [ "GroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::GroupVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::LoggerDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion", "markdownDescription": "The logger definition version to include when the logger definition is created. A logger definition version contains a list of [`logger`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-loggerdefinition-logger.html) property types.\n\n> To associate a logger definition version after the logger definition is created, create an [`AWS::Greengrass::LoggerDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-loggerdefinitionversion.html) resource and specify the ID of this logger definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the logger definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the logger definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::LoggerDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::LoggerDefinition.Logger": { "additionalProperties": false, "properties": { "Component": { "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", "title": "Component", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Level": { "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", "title": "Level", "type": "string" }, "Space": { "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", "title": "Space", "type": "number" }, "Type": { "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", "title": "Type", "type": "string" } }, "required": [ "Component", "Id", "Level", "Type" ], "type": "object" }, "AWS::Greengrass::LoggerDefinition.LoggerDefinitionVersion": { "additionalProperties": false, "properties": { "Loggers": { "items": { "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition.Logger" }, "markdownDescription": "The loggers in this version.", "title": "Loggers", "type": "array" } }, "required": [ "Loggers" ], "type": "object" }, "AWS::Greengrass::LoggerDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LoggerDefinitionId": { "markdownDescription": "The ID of the logger definition associated with this version. This value is a GUID.", "title": "LoggerDefinitionId", "type": "string" }, "Loggers": { "items": { "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion.Logger" }, "markdownDescription": "The loggers in this version.", "title": "Loggers", "type": "array" } }, "required": [ "LoggerDefinitionId", "Loggers" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::LoggerDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::LoggerDefinitionVersion.Logger": { "additionalProperties": false, "properties": { "Component": { "markdownDescription": "The source of the log event. Valid values are `GreengrassSystem` or `Lambda` . When `GreengrassSystem` is used, events from Greengrass system components are logged. When `Lambda` is used, events from user-defined Lambda functions are logged.", "title": "Component", "type": "string" }, "Id": { "markdownDescription": "A descriptive or arbitrary ID for the logger. This value must be unique within the logger definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Level": { "markdownDescription": "The log-level threshold. Log events below this threshold are filtered out and aren't stored. Valid values are `DEBUG` , `INFO` (recommended), `WARN` , `ERROR` , or `FATAL` .", "title": "Level", "type": "string" }, "Space": { "markdownDescription": "The amount of file space (in KB) to use when writing logs to the local file system. This property does not apply for CloudWatch Logs .", "title": "Space", "type": "number" }, "Type": { "markdownDescription": "The storage mechanism for log events. Valid values are `FileSystem` or `AWSCloudWatch` . When `AWSCloudWatch` is used, log events are sent to CloudWatch Logs . When `FileSystem` is used, log events are stored on the local file system.", "title": "Type", "type": "string" } }, "required": [ "Component", "Id", "Level", "Type" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion", "markdownDescription": "The resource definition version to include when the resource definition is created. A resource definition version contains a list of [`resource instance`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-resourcedefinition-resourceinstance.html) property types.\n\n> To associate a resource definition version after the resource definition is created, create an [`AWS::Greengrass::ResourceDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-resourcedefinitionversion.html) resource and specify the ID of this resource definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the resource definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the resource definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::ResourceDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.GroupOwnerSetting": { "additionalProperties": false, "properties": { "AutoAddGroupOwner": { "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", "title": "AutoAddGroupOwner", "type": "boolean" }, "GroupOwner": { "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", "title": "GroupOwner", "type": "string" } }, "required": [ "AutoAddGroupOwner" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData": { "additionalProperties": false, "properties": { "GroupOwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", "title": "GroupOwnerSetting" }, "SourcePath": { "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", "title": "SourcePath", "type": "string" } }, "required": [ "SourcePath" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource in the Lambda environment.", "title": "DestinationPath", "type": "string" }, "GroupOwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.GroupOwnerSetting", "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", "title": "GroupOwnerSetting" }, "SourcePath": { "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", "title": "SourcePath", "type": "string" } }, "required": [ "DestinationPath", "SourcePath" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.ResourceDataContainer": { "additionalProperties": false, "properties": { "LocalDeviceResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalDeviceResourceData", "markdownDescription": "Settings for a local device resource.", "title": "LocalDeviceResourceData" }, "LocalVolumeResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.LocalVolumeResourceData", "markdownDescription": "Settings for a local volume resource.", "title": "LocalVolumeResourceData" }, "S3MachineLearningModelResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData", "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", "title": "S3MachineLearningModelResourceData" }, "SageMakerMachineLearningModelResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData", "markdownDescription": "Settings for a machine learning resource saved as an SageMaker training job.", "title": "SageMakerMachineLearningModelResourceData" }, "SecretsManagerSecretResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData", "markdownDescription": "Settings for a secret resource.", "title": "SecretsManagerSecretResourceData" } }, "type": "object" }, "AWS::Greengrass::ResourceDefinition.ResourceDefinitionVersion": { "additionalProperties": false, "properties": { "Resources": { "items": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceInstance" }, "markdownDescription": "The resources in this version.", "title": "Resources", "type": "array" } }, "required": [ "Resources" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { "GroupOwner": { "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", "title": "GroupOwner", "type": "string" }, "GroupPermission": { "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", "title": "GroupPermission", "type": "string" } }, "required": [ "GroupOwner", "GroupPermission" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.ResourceInstance": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", "title": "Name", "type": "string" }, "ResourceDataContainer": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDataContainer", "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", "title": "ResourceDataContainer" } }, "required": [ "Id", "Name", "ResourceDataContainer" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", "title": "DestinationPath", "type": "string" }, "OwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", "title": "OwnerSetting" }, "S3Uri": { "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", "title": "S3Uri", "type": "string" } }, "required": [ "DestinationPath", "S3Uri" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", "title": "DestinationPath", "type": "string" }, "OwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition.ResourceDownloadOwnerSetting", "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", "title": "OwnerSetting" }, "SageMakerJobArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker training job that represents the source model.", "title": "SageMakerJobArn", "type": "string" } }, "required": [ "DestinationPath", "SageMakerJobArn" ], "type": "object" }, "AWS::Greengrass::ResourceDefinition.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { "ARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", "title": "ARN", "type": "string" }, "AdditionalStagingLabelsToDownload": { "items": { "type": "string" }, "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", "title": "AdditionalStagingLabelsToDownload", "type": "array" } }, "required": [ "ARN" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceDefinitionId": { "markdownDescription": "The ID of the resource definition associated with this version. This value is a GUID.", "title": "ResourceDefinitionId", "type": "string" }, "Resources": { "items": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance" }, "markdownDescription": "The resources in this version.", "title": "Resources", "type": "array" } }, "required": [ "ResourceDefinitionId", "Resources" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::ResourceDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting": { "additionalProperties": false, "properties": { "AutoAddGroupOwner": { "markdownDescription": "Indicates whether to give the privileges of the Linux group that owns the resource to the Lambda process. This gives the Lambda process the file access permissions of the Linux group.", "title": "AutoAddGroupOwner", "type": "boolean" }, "GroupOwner": { "markdownDescription": "The name of the Linux group whose privileges you want to add to the Lambda process. This value is ignored if `AutoAddGroupOwner` is true.", "title": "GroupOwner", "type": "string" } }, "required": [ "AutoAddGroupOwner" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData": { "additionalProperties": false, "properties": { "GroupOwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", "title": "GroupOwnerSetting" }, "SourcePath": { "markdownDescription": "The local absolute path of the device resource. The source path for a device resource can refer only to a character device or block device under `/dev` .", "title": "SourcePath", "type": "string" } }, "required": [ "SourcePath" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource in the Lambda environment.", "title": "DestinationPath", "type": "string" }, "GroupOwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.GroupOwnerSetting", "markdownDescription": "Settings that define additional Linux OS group permissions to give to the Lambda function process.", "title": "GroupOwnerSetting" }, "SourcePath": { "markdownDescription": "The local absolute path of the volume resource on the host. The source path for a volume resource type cannot start with `/sys` .", "title": "SourcePath", "type": "string" } }, "required": [ "DestinationPath", "SourcePath" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer": { "additionalProperties": false, "properties": { "LocalDeviceResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalDeviceResourceData", "markdownDescription": "Settings for a local device resource.", "title": "LocalDeviceResourceData" }, "LocalVolumeResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.LocalVolumeResourceData", "markdownDescription": "Settings for a local volume resource.", "title": "LocalVolumeResourceData" }, "S3MachineLearningModelResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData", "markdownDescription": "Settings for a machine learning resource stored in Amazon S3 .", "title": "S3MachineLearningModelResourceData" }, "SageMakerMachineLearningModelResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData", "markdownDescription": "Settings for a machine learning resource saved as an SageMaker training job.", "title": "SageMakerMachineLearningModelResourceData" }, "SecretsManagerSecretResourceData": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData", "markdownDescription": "Settings for a secret resource.", "title": "SecretsManagerSecretResourceData" } }, "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting": { "additionalProperties": false, "properties": { "GroupOwner": { "markdownDescription": "The group owner of the machine learning resource. This is the group ID (GID) of an existing Linux OS group on the system. The group's permissions are added to the Lambda process.", "title": "GroupOwner", "type": "string" }, "GroupPermission": { "markdownDescription": "The permissions that the group owner has to the machine learning resource. Valid values are `rw` (read-write) or `ro` (read-only).", "title": "GroupPermission", "type": "string" } }, "required": [ "GroupOwner", "GroupPermission" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.ResourceInstance": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "A descriptive or arbitrary ID for the resource. This value must be unique within the resource definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The descriptive resource name, which is displayed on the AWS IoT Greengrass console. Maximum length 128 characters with pattern [a-zA-Z0-9:_-]+. This must be unique within a Greengrass group.", "title": "Name", "type": "string" }, "ResourceDataContainer": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDataContainer", "markdownDescription": "A container for resource data. The container takes only one of the following supported resource data types: `LocalDeviceResourceData` , `LocalVolumeResourceData` , `SageMakerMachineLearningModelResourceData` , `S3MachineLearningModelResourceData` , or `SecretsManagerSecretResourceData` .\n\n> Only one resource type can be defined for a `ResourceDataContainer` instance.", "title": "ResourceDataContainer" } }, "required": [ "Id", "Name", "ResourceDataContainer" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.S3MachineLearningModelResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", "title": "DestinationPath", "type": "string" }, "OwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", "title": "OwnerSetting" }, "S3Uri": { "markdownDescription": "The URI of the source model in an Amazon S3 bucket. The model package must be in `tar.gz` or `.zip` format.", "title": "S3Uri", "type": "string" } }, "required": [ "DestinationPath", "S3Uri" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.SageMakerMachineLearningModelResourceData": { "additionalProperties": false, "properties": { "DestinationPath": { "markdownDescription": "The absolute local path of the resource inside the Lambda environment.", "title": "DestinationPath", "type": "string" }, "OwnerSetting": { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion.ResourceDownloadOwnerSetting", "markdownDescription": "The owner setting for the downloaded machine learning resource. For more information, see [Access Machine Learning Resources from Lambda Functions](https://docs.aws.amazon.com/greengrass/v1/developerguide/access-ml-resources.html) in the *Developer Guide* .", "title": "OwnerSetting" }, "SageMakerJobArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SageMaker training job that represents the source model.", "title": "SageMakerJobArn", "type": "string" } }, "required": [ "DestinationPath", "SageMakerJobArn" ], "type": "object" }, "AWS::Greengrass::ResourceDefinitionVersion.SecretsManagerSecretResourceData": { "additionalProperties": false, "properties": { "ARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Secrets Manager secret to make available on the core. The value of the secret's latest version (represented by the `AWSCURRENT` staging label) is included by default.", "title": "ARN", "type": "string" }, "AdditionalStagingLabelsToDownload": { "items": { "type": "string" }, "markdownDescription": "The staging labels whose values you want to make available on the core, in addition to `AWSCURRENT` .", "title": "AdditionalStagingLabelsToDownload", "type": "array" } }, "required": [ "ARN" ], "type": "object" }, "AWS::Greengrass::SubscriptionDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InitialVersion": { "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion", "markdownDescription": "The subscription definition version to include when the subscription definition is created. A subscription definition version contains a list of [`subscription`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-greengrass-subscriptiondefinition-subscription.html) property types.\n\n> To associate a subscription definition version after the subscription definition is created, create an [`AWS::Greengrass::SubscriptionDefinitionVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-greengrass-subscriptiondefinitionversion.html) resource and specify the ID of this subscription definition.", "title": "InitialVersion" }, "Name": { "markdownDescription": "The name of the subscription definition.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "Application-specific metadata to attach to the subscription definition. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tagging Your AWS IoT Greengrass Resources](https://docs.aws.amazon.com/greengrass/v1/developerguide/tagging.html) in the *Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::SubscriptionDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::SubscriptionDefinition.Subscription": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Source": { "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", "title": "Source", "type": "string" }, "Subject": { "markdownDescription": "The MQTT topic used to route the message.", "title": "Subject", "type": "string" }, "Target": { "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", "title": "Target", "type": "string" } }, "required": [ "Id", "Source", "Subject", "Target" ], "type": "object" }, "AWS::Greengrass::SubscriptionDefinition.SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { "Subscriptions": { "items": { "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition.Subscription" }, "markdownDescription": "The subscriptions in this version.", "title": "Subscriptions", "type": "array" } }, "required": [ "Subscriptions" ], "type": "object" }, "AWS::Greengrass::SubscriptionDefinitionVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SubscriptionDefinitionId": { "markdownDescription": "The ID of the subscription definition associated with this version. This value is a GUID.", "title": "SubscriptionDefinitionId", "type": "string" }, "Subscriptions": { "items": { "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion.Subscription" }, "markdownDescription": "The subscriptions in this version.", "title": "Subscriptions", "type": "array" } }, "required": [ "SubscriptionDefinitionId", "Subscriptions" ], "type": "object" }, "Type": { "enum": [ "AWS::Greengrass::SubscriptionDefinitionVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Greengrass::SubscriptionDefinitionVersion.Subscription": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "A descriptive or arbitrary ID for the subscription. This value must be unique within the subscription definition version. Maximum length is 128 characters with pattern `[a-zA-Z0-9:_-]+` .", "title": "Id", "type": "string" }, "Source": { "markdownDescription": "The originator of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", "title": "Source", "type": "string" }, "Subject": { "markdownDescription": "The MQTT topic used to route the message.", "title": "Subject", "type": "string" }, "Target": { "markdownDescription": "The destination of the message. The value can be a thing ARN, the ARN of a Lambda function alias (recommended) or version, a connector ARN, `cloud` (which represents the AWS IoT cloud), or `GGShadowService` .", "title": "Target", "type": "string" } }, "required": [ "Id", "Source", "Subject", "Target" ], "type": "object" }, "AWS::GreengrassV2::ComponentVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InlineRecipe": { "markdownDescription": "The recipe to use to create the component. The recipe defines the component's metadata, parameters, dependencies, lifecycle, artifacts, and platform compatibility.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", "title": "InlineRecipe", "type": "string" }, "LambdaFunction": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource", "markdownDescription": "The parameters to create a component from a Lambda function.\n\nYou must specify either `InlineRecipe` or `LambdaFunction` .", "title": "LambdaFunction" }, "Tags": { "additionalProperties": true, "markdownDescription": "Application-specific metadata to attach to the component version. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::GreengrassV2::ComponentVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement": { "additionalProperties": false, "properties": { "DependencyType": { "markdownDescription": "The type of this dependency. Choose from the following options:\n\n- `SOFT` \u2013 The component doesn't restart if the dependency changes state.\n- `HARD` \u2013 The component restarts if the dependency changes state.\n\nDefault: `HARD`", "title": "DependencyType", "type": "string" }, "VersionRequirement": { "markdownDescription": "The component version requirement for the component dependency.\n\nAWS IoT Greengrass uses semantic version constraints. For more information, see [Semantic Versioning](https://docs.aws.amazon.com/https://semver.org/) .", "title": "VersionRequirement", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.ComponentPlatform": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "Name": { "markdownDescription": "The friendly name of the platform. This name helps you identify the platform.\n\nIf you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaContainerParams": { "additionalProperties": false, "properties": { "Devices": { "items": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount" }, "markdownDescription": "The list of system devices that the container can access.", "title": "Devices", "type": "array" }, "MemorySizeInKB": { "markdownDescription": "The memory size of the container, expressed in kilobytes.\n\nDefault: `16384` (16 MB)", "title": "MemorySizeInKB", "type": "number" }, "MountROSysfs": { "markdownDescription": "Whether or not the container can read information from the device's `/sys` folder.\n\nDefault: `false`", "title": "MountROSysfs", "type": "boolean" }, "Volumes": { "items": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount" }, "markdownDescription": "The list of volumes that the container can access.", "title": "Volumes", "type": "array" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaDeviceMount": { "additionalProperties": false, "properties": { "AddGroupOwner": { "markdownDescription": "Whether or not to add the component's system user as an owner of the device.\n\nDefault: `false`", "title": "AddGroupOwner", "type": "boolean" }, "Path": { "markdownDescription": "The mount path for the device in the file system.", "title": "Path", "type": "string" }, "Permission": { "markdownDescription": "The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", "title": "Permission", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaEventSource": { "additionalProperties": false, "properties": { "Topic": { "markdownDescription": "The topic to which to subscribe to receive event messages.", "title": "Topic", "type": "string" }, "Type": { "markdownDescription": "The type of event source. Choose from the following options:\n\n- `PUB_SUB` \u2013 Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic.\n- `IOT_CORE` \u2013 Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters": { "additionalProperties": false, "properties": { "EnvironmentVariables": { "additionalProperties": true, "markdownDescription": "The map of environment variables that are available to the Lambda function when it runs.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "EnvironmentVariables", "type": "object" }, "EventSources": { "items": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaEventSource" }, "markdownDescription": "The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages.", "title": "EventSources", "type": "array" }, "ExecArgs": { "items": { "type": "string" }, "markdownDescription": "The list of arguments to pass to the Lambda function when it runs.", "title": "ExecArgs", "type": "array" }, "InputPayloadEncodingType": { "markdownDescription": "The encoding type that the Lambda function supports.\n\nDefault: `json`", "title": "InputPayloadEncodingType", "type": "string" }, "LinuxProcessParams": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams", "markdownDescription": "The parameters for the Linux process that contains the Lambda function.", "title": "LinuxProcessParams" }, "MaxIdleTimeInSeconds": { "markdownDescription": "The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process.", "title": "MaxIdleTimeInSeconds", "type": "number" }, "MaxInstancesCount": { "markdownDescription": "The maximum number of instances that a non-pinned Lambda function can run at the same time.", "title": "MaxInstancesCount", "type": "number" }, "MaxQueueSize": { "markdownDescription": "The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message.", "title": "MaxQueueSize", "type": "number" }, "Pinned": { "markdownDescription": "Whether or not the Lambda function is pinned, or long-lived.\n\n- A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container.\n- A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function.\n\nDefault: `true`", "title": "Pinned", "type": "boolean" }, "StatusTimeoutInSeconds": { "markdownDescription": "The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component.", "title": "StatusTimeoutInSeconds", "type": "number" }, "TimeoutInSeconds": { "markdownDescription": "The maximum amount of time in seconds that the Lambda function can process a work item.", "title": "TimeoutInSeconds", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaFunctionRecipeSource": { "additionalProperties": false, "properties": { "ComponentDependencies": { "additionalProperties": false, "markdownDescription": "The component versions on which this Lambda function component depends.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentDependencyRequirement" } }, "title": "ComponentDependencies", "type": "object" }, "ComponentLambdaParameters": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaExecutionParameters", "markdownDescription": "The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device.", "title": "ComponentLambdaParameters" }, "ComponentName": { "markdownDescription": "The name of the component.\n\nDefaults to the name of the Lambda function.", "title": "ComponentName", "type": "string" }, "ComponentPlatforms": { "items": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.ComponentPlatform" }, "markdownDescription": "The platforms that the component version supports.", "title": "ComponentPlatforms", "type": "array" }, "ComponentVersion": { "markdownDescription": "The version of the component.\n\nDefaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` .", "title": "ComponentVersion", "type": "string" }, "LambdaArn": { "markdownDescription": "The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` .", "title": "LambdaArn", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaLinuxProcessParams": { "additionalProperties": false, "properties": { "ContainerParams": { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion.LambdaContainerParams", "markdownDescription": "The parameters for the container in which the Lambda function runs.", "title": "ContainerParams" }, "IsolationMode": { "markdownDescription": "The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container.\n\nDefault: `GreengrassContainer`", "title": "IsolationMode", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::ComponentVersion.LambdaVolumeMount": { "additionalProperties": false, "properties": { "AddGroupOwner": { "markdownDescription": "Whether or not to add the AWS IoT Greengrass user group as an owner of the volume.\n\nDefault: `false`", "title": "AddGroupOwner", "type": "boolean" }, "DestinationPath": { "markdownDescription": "The path to the logical volume in the file system.", "title": "DestinationPath", "type": "string" }, "Permission": { "markdownDescription": "The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ).\n\nDefault: `ro`", "title": "Permission", "type": "string" }, "SourcePath": { "markdownDescription": "The path to the physical volume in the file system.", "title": "SourcePath", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::Deployment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Components": { "additionalProperties": false, "markdownDescription": "The components to deploy. This is a dictionary, where each key is the name of a component, and each key's value is the version and configuration to deploy for that component.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification" } }, "title": "Components", "type": "object" }, "DeploymentName": { "markdownDescription": "The name of the deployment.", "title": "DeploymentName", "type": "string" }, "DeploymentPolicies": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentPolicies", "markdownDescription": "The deployment policies for the deployment. These policies define how the deployment updates components and handles failure.", "title": "DeploymentPolicies" }, "IotJobConfiguration": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration", "markdownDescription": "The job configuration for the deployment configuration. The job configuration specifies the rollout, timeout, and stop configurations for the deployment configuration.", "title": "IotJobConfiguration" }, "ParentTargetArn": { "markdownDescription": "The parent deployment's [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) for a subdeployment.", "title": "ParentTargetArn", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Application-specific metadata to attach to the deployment. You can use tags in IAM policies to control access to AWS IoT Greengrass resources. You can also use tags to categorize your resources. For more information, see [Tag your AWS IoT Greengrass Version 2 resources](https://docs.aws.amazon.com/greengrass/v2/developerguide/tag-resources.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n\nThis `Json` property type is processed as a map of key-value pairs. It uses the following format, which is different from most `Tags` implementations in AWS CloudFormation templates.\n\n```json\n\"Tags\": { \"KeyName0\": \"value\", \"KeyName1\": \"value\", \"KeyName2\": \"value\"\n}\n```", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TargetArn": { "markdownDescription": "The ARN of the target AWS IoT thing or thing group.", "title": "TargetArn", "type": "string" } }, "required": [ "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::GreengrassV2::Deployment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate": { "additionalProperties": false, "properties": { "Merge": { "markdownDescription": "A serialized JSON string that contains the configuration object to merge to target devices. The core device merges this configuration with the component's existing configuration. If this is the first time a component deploys on a device, the core device merges this configuration with the component's default configuration. This means that the core device keeps it's existing configuration for keys and values that you don't specify in this object. For more information, see [Merge configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#merge-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", "title": "Merge", "type": "string" }, "Reset": { "items": { "type": "string" }, "markdownDescription": "The list of configuration nodes to reset to default values on target devices. Use JSON pointers to specify each node to reset. JSON pointers start with a forward slash ( `/` ) and use forward slashes to separate the key for each level in the object. For more information, see the [JSON pointer specification](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) and [Reset configuration updates](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html#reset-configuration-update) in the *AWS IoT Greengrass V2 Developer Guide* .", "title": "Reset", "type": "array" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.ComponentDeploymentSpecification": { "additionalProperties": false, "properties": { "ComponentVersion": { "markdownDescription": "The version of the component.", "title": "ComponentVersion", "type": "string" }, "ConfigurationUpdate": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentConfigurationUpdate", "markdownDescription": "The configuration updates to deploy for the component. You can define reset updates and merge updates. A reset updates the keys that you specify to the default configuration for the component. A merge updates the core device's component configuration with the keys and values that you specify. The AWS IoT Greengrass Core software applies reset updates before it applies merge updates. For more information, see [Update component configuration](https://docs.aws.amazon.com/greengrass/v2/developerguide/update-component-configurations.html) .", "title": "ConfigurationUpdate" }, "RunWith": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.ComponentRunWith", "markdownDescription": "The system user and group that the software uses to run component processes on the core device. If you omit this parameter, the software uses the system user and group that you configure for the core device. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) in the *AWS IoT Greengrass V2 Developer Guide* .", "title": "RunWith" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.ComponentRunWith": { "additionalProperties": false, "properties": { "PosixUser": { "markdownDescription": "The POSIX system user and (optional) group to use to run this component. Specify the user and group separated by a colon ( `:` ) in the following format: `user:group` . The group is optional. If you don't specify a group, the AWS IoT Greengrass Core software uses the primary user for the group.", "title": "PosixUser", "type": "string" }, "SystemResourceLimits": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.SystemResourceLimits", "markdownDescription": "The system resource limits to apply to this component's process on the core device. AWS IoT Greengrass supports this feature only on Linux core devices.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default system resource limits that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", "title": "SystemResourceLimits" }, "WindowsUser": { "markdownDescription": "The Windows user to use to run this component on Windows core devices. The user must exist on each Windows core device, and its name and password must be in the LocalSystem account's Credentials Manager instance.\n\nIf you omit this parameter, the AWS IoT Greengrass Core software uses the default Windows user that you configure on the AWS IoT Greengrass nucleus component. For more information, see [Configure the user and group that run components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-user) .", "title": "WindowsUser", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Whether or not to notify components and wait for components to become safe to update. Choose from the following options:\n\n- `NOTIFY_COMPONENTS` \u2013 The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* .\n- `SKIP_NOTIFY_COMPONENTS` \u2013 The deployment doesn't notify components or wait for them to be safe to update.\n\nDefault: `NOTIFY_COMPONENTS`", "title": "Action", "type": "string" }, "TimeoutInSeconds": { "markdownDescription": "The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device.\n\nDefault: `60`", "title": "TimeoutInSeconds", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy": { "additionalProperties": false, "properties": { "TimeoutInSeconds": { "markdownDescription": "The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device.\n\nDefault: `30`", "title": "TimeoutInSeconds", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.DeploymentIoTJobConfiguration": { "additionalProperties": false, "properties": { "AbortConfig": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortConfig", "markdownDescription": "The stop configuration for the job. This configuration defines when and how to stop a job rollout.", "title": "AbortConfig" }, "JobExecutionsRolloutConfig": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig", "markdownDescription": "The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices.", "title": "JobExecutionsRolloutConfig" }, "TimeoutConfig": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig", "markdownDescription": "The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job.", "title": "TimeoutConfig" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.DeploymentPolicies": { "additionalProperties": false, "properties": { "ComponentUpdatePolicy": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentComponentUpdatePolicy", "markdownDescription": "The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices.", "title": "ComponentUpdatePolicy" }, "ConfigurationValidationPolicy": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.DeploymentConfigurationValidationPolicy", "markdownDescription": "The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates.", "title": "ConfigurationValidationPolicy" }, "FailureHandlingPolicy": { "markdownDescription": "The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails.\n\nDefault: `ROLLBACK`", "title": "FailureHandlingPolicy", "type": "string" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobAbortConfig": { "additionalProperties": false, "properties": { "CriteriaList": { "items": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobAbortCriteria" }, "markdownDescription": "The list of criteria that define when and how to cancel the configuration deployment.", "title": "CriteriaList", "type": "array" } }, "required": [ "CriteriaList" ], "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobAbortCriteria": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to perform when the criteria are met.", "title": "Action", "type": "string" }, "FailureType": { "markdownDescription": "The type of job deployment failure that can cancel a job.", "title": "FailureType", "type": "string" }, "MinNumberOfExecutedThings": { "markdownDescription": "The minimum number of things that receive the configuration before the job can cancel.", "title": "MinNumberOfExecutedThings", "type": "number" }, "ThresholdPercentage": { "markdownDescription": "The minimum percentage of `failureType` failures that occur before the job can cancel.\n\nThis parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ).", "title": "ThresholdPercentage", "type": "number" } }, "required": [ "Action", "FailureType", "MinNumberOfExecutedThings", "ThresholdPercentage" ], "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { "ExponentialRate": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate", "markdownDescription": "The exponential rate to increase the job rollout rate.", "title": "ExponentialRate" }, "MaximumPerMinute": { "markdownDescription": "The maximum number of devices that receive a pending job notification, per minute.", "title": "MaximumPerMinute", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobExponentialRolloutRate": { "additionalProperties": false, "properties": { "BaseRatePerMinute": { "markdownDescription": "The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job.", "title": "BaseRatePerMinute", "type": "number" }, "IncrementFactor": { "markdownDescription": "The exponential factor to increase the rollout rate for the job.\n\nThis parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ).", "title": "IncrementFactor", "type": "number" }, "RateIncreaseCriteria": { "$ref": "#/definitions/AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria", "markdownDescription": "The criteria to increase the rollout rate for the job.", "title": "RateIncreaseCriteria" } }, "required": [ "BaseRatePerMinute", "IncrementFactor", "RateIncreaseCriteria" ], "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobRateIncreaseCriteria": { "additionalProperties": false, "properties": { "NumberOfNotifiedThings": { "markdownDescription": "The number of devices to receive the job notification before the rollout rate increases.", "title": "NumberOfNotifiedThings", "type": "number" }, "NumberOfSucceededThings": { "markdownDescription": "The number of devices to successfully run the configuration job before the rollout rate increases.", "title": "NumberOfSucceededThings", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.IoTJobTimeoutConfig": { "additionalProperties": false, "properties": { "InProgressTimeoutInMinutes": { "markdownDescription": "The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` .\n\nThe timeout interval must be between 1 minute and 7 days (10080 minutes).", "title": "InProgressTimeoutInMinutes", "type": "number" } }, "type": "object" }, "AWS::GreengrassV2::Deployment.SystemResourceLimits": { "additionalProperties": false, "properties": { "Cpus": { "markdownDescription": "The maximum amount of CPU time that a component's processes can use on the core device. A core device's total CPU time is equivalent to the device's number of CPU cores. For example, on a core device with 4 CPU cores, you can set this value to 2 to limit the component's processes to 50 percent usage of each CPU core. On a device with 1 CPU core, you can set this value to 0.25 to limit the component's processes to 25 percent usage of the CPU. If you set this value to a number greater than the number of CPU cores, the AWS IoT Greengrass Core software doesn't limit the component's CPU usage.", "title": "Cpus", "type": "number" }, "Memory": { "markdownDescription": "The maximum amount of RAM, expressed in kilobytes, that a component's processes can use on the core device. For more information, see [Configure system resource limits for components](https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-component-system-resource-limits) .", "title": "Memory", "type": "number" } }, "type": "object" }, "AWS::GroundStation::Config": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigData": { "$ref": "#/definitions/AWS::GroundStation::Config.ConfigData", "markdownDescription": "Object containing the parameters of a config. Only one subtype may be specified per config. See the subtype definitions for a description of each config subtype.", "title": "ConfigData" }, "Name": { "markdownDescription": "The name of the config object.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ "ConfigData", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::GroundStation::Config" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GroundStation::Config.AntennaDownlinkConfig": { "additionalProperties": false, "properties": { "SpectrumConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", "markdownDescription": "Defines the spectrum configuration.", "title": "SpectrumConfig" } }, "type": "object" }, "AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig": { "additionalProperties": false, "properties": { "DecodeConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.DecodeConfig", "markdownDescription": "Defines how the RF signal will be decoded.", "title": "DecodeConfig" }, "DemodulationConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.DemodulationConfig", "markdownDescription": "Defines how the RF signal will be demodulated.", "title": "DemodulationConfig" }, "SpectrumConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.SpectrumConfig", "markdownDescription": "Defines the spectrum configuration.", "title": "SpectrumConfig" } }, "type": "object" }, "AWS::GroundStation::Config.AntennaUplinkConfig": { "additionalProperties": false, "properties": { "SpectrumConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.UplinkSpectrumConfig", "markdownDescription": "Defines the spectrum configuration.", "title": "SpectrumConfig" }, "TargetEirp": { "$ref": "#/definitions/AWS::GroundStation::Config.Eirp", "markdownDescription": "The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW.", "title": "TargetEirp" }, "TransmitDisabled": { "markdownDescription": "Whether or not uplink transmit is disabled.", "title": "TransmitDisabled", "type": "boolean" } }, "type": "object" }, "AWS::GroundStation::Config.ConfigData": { "additionalProperties": false, "properties": { "AntennaDownlinkConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkConfig", "markdownDescription": "Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks).", "title": "AntennaDownlinkConfig" }, "AntennaDownlinkDemodDecodeConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.AntennaDownlinkDemodDecodeConfig", "markdownDescription": "Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data.", "title": "AntennaDownlinkDemodDecodeConfig" }, "AntennaUplinkConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.AntennaUplinkConfig", "markdownDescription": "Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts.", "title": "AntennaUplinkConfig" }, "DataflowEndpointConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.DataflowEndpointConfig", "markdownDescription": "Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact.", "title": "DataflowEndpointConfig" }, "S3RecordingConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.S3RecordingConfig", "markdownDescription": "Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts.", "title": "S3RecordingConfig" }, "TrackingConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.TrackingConfig", "markdownDescription": "Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact.", "title": "TrackingConfig" }, "UplinkEchoConfig": { "$ref": "#/definitions/AWS::GroundStation::Config.UplinkEchoConfig", "markdownDescription": "Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts.", "title": "UplinkEchoConfig" } }, "type": "object" }, "AWS::GroundStation::Config.DataflowEndpointConfig": { "additionalProperties": false, "properties": { "DataflowEndpointName": { "markdownDescription": "The name of the dataflow endpoint to use during contacts.", "title": "DataflowEndpointName", "type": "string" }, "DataflowEndpointRegion": { "markdownDescription": "The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact.", "title": "DataflowEndpointRegion", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.DecodeConfig": { "additionalProperties": false, "properties": { "UnvalidatedJSON": { "markdownDescription": "The decoding settings are in JSON format and define a set of steps to perform to decode the data.", "title": "UnvalidatedJSON", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.DemodulationConfig": { "additionalProperties": false, "properties": { "UnvalidatedJSON": { "markdownDescription": "The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use.", "title": "UnvalidatedJSON", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.Eirp": { "additionalProperties": false, "properties": { "Units": { "markdownDescription": "The units of the EIRP.", "title": "Units", "type": "string" }, "Value": { "markdownDescription": "The value of the EIRP. Valid values are between 20.0 to 50.0 dBW.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::GroundStation::Config.Frequency": { "additionalProperties": false, "properties": { "Units": { "markdownDescription": "The units of the frequency.", "title": "Units", "type": "string" }, "Value": { "markdownDescription": "The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::GroundStation::Config.FrequencyBandwidth": { "additionalProperties": false, "properties": { "Units": { "markdownDescription": "The units of the bandwidth.", "title": "Units", "type": "string" }, "Value": { "markdownDescription": "The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::GroundStation::Config.S3RecordingConfig": { "additionalProperties": false, "properties": { "BucketArn": { "markdownDescription": "S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` .", "title": "BucketArn", "type": "string" }, "Prefix": { "markdownDescription": "The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/`\n\n*Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}`", "title": "Prefix", "type": "string" }, "RoleArn": { "markdownDescription": "Defines the ARN of the role assumed for putting archives to S3.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.SpectrumConfig": { "additionalProperties": false, "properties": { "Bandwidth": { "$ref": "#/definitions/AWS::GroundStation::Config.FrequencyBandwidth", "markdownDescription": "The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: \n\n- For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz.\n- For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz.\n- For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz.", "title": "Bandwidth" }, "CenterFrequency": { "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", "title": "CenterFrequency" }, "Polarization": { "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` . Capturing both `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` polarization requires two separate configs.", "title": "Polarization", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.TrackingConfig": { "additionalProperties": false, "properties": { "Autotrack": { "markdownDescription": "Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost.", "title": "Autotrack", "type": "string" } }, "type": "object" }, "AWS::GroundStation::Config.UplinkEchoConfig": { "additionalProperties": false, "properties": { "AntennaUplinkConfigArn": { "markdownDescription": "Defines the ARN of the uplink config to echo back to a dataflow endpoint.", "title": "AntennaUplinkConfigArn", "type": "string" }, "Enabled": { "markdownDescription": "Whether or not uplink echo is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::GroundStation::Config.UplinkSpectrumConfig": { "additionalProperties": false, "properties": { "CenterFrequency": { "$ref": "#/definitions/AWS::GroundStation::Config.Frequency", "markdownDescription": "The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink.", "title": "CenterFrequency" }, "Polarization": { "markdownDescription": "The polarization of the spectrum. Valid values are `\"RIGHT_HAND\"` and `\"LEFT_HAND\"` .", "title": "Polarization", "type": "string" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactPostPassDurationSeconds": { "markdownDescription": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a `POSTPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `POSTPASS` state.", "title": "ContactPostPassDurationSeconds", "type": "number" }, "ContactPrePassDurationSeconds": { "markdownDescription": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a `PREPASS` state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the `PREPASS` state.", "title": "ContactPrePassDurationSeconds", "type": "number" }, "EndpointDetails": { "items": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.EndpointDetails" }, "markdownDescription": "List of Endpoint Details, containing address and port for each endpoint.", "title": "EndpointDetails", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags assigned to a resource.", "title": "Tags", "type": "array" } }, "required": [ "EndpointDetails" ], "type": "object" }, "Type": { "enum": [ "AWS::GroundStation::DataflowEndpointGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint": { "additionalProperties": false, "properties": { "AgentStatus": { "markdownDescription": "", "title": "AgentStatus", "type": "string" }, "AuditResults": { "markdownDescription": "", "title": "AuditResults", "type": "string" }, "EgressAddress": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails", "markdownDescription": "", "title": "EgressAddress" }, "IngressAddress": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails", "markdownDescription": "", "title": "IngressAddress" }, "Name": { "markdownDescription": "", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.ConnectionDetails": { "additionalProperties": false, "properties": { "Mtu": { "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", "title": "Mtu", "type": "number" }, "SocketAddress": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", "markdownDescription": "A socket address.", "title": "SocketAddress" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint": { "additionalProperties": false, "properties": { "Address": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SocketAddress", "markdownDescription": "The address and port of an endpoint.", "title": "Address" }, "Mtu": { "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set.", "title": "Mtu", "type": "number" }, "Name": { "markdownDescription": "The endpoint name.\n\nWhen listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.EndpointDetails": { "additionalProperties": false, "properties": { "AwsGroundStationAgentEndpoint": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.AwsGroundStationAgentEndpoint", "markdownDescription": "An agent endpoint.", "title": "AwsGroundStationAgentEndpoint" }, "Endpoint": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.DataflowEndpoint", "markdownDescription": "Information about the endpoint such as name and the endpoint address.", "title": "Endpoint" }, "SecurityDetails": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.SecurityDetails", "markdownDescription": "The role ARN, and IDs for security groups and subnets.", "title": "SecurityDetails" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.IntegerRange": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "A maximum value.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "A minimum value.", "title": "Minimum", "type": "number" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.RangedConnectionDetails": { "additionalProperties": false, "properties": { "Mtu": { "markdownDescription": "Maximum transmission unit (MTU) size in bytes of a dataflow endpoint.", "title": "Mtu", "type": "number" }, "SocketAddress": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress", "markdownDescription": "A ranged socket address.", "title": "SocketAddress" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.RangedSocketAddress": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "IPv4 socket address.", "title": "Name", "type": "string" }, "PortRange": { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup.IntegerRange", "markdownDescription": "Port range of a socket address.", "title": "PortRange" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.SecurityDetails": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` .\n\nGround Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.", "title": "RoleArn", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The security group Ids of the security role, such as `sg-1234567890abcdef0` .", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The subnet Ids of the security details, such as `subnet-12345678` .", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::GroundStation::DataflowEndpointGroup.SocketAddress": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the endpoint, such as `Endpoint 1` .", "title": "Name", "type": "string" }, "Port": { "markdownDescription": "The port of the endpoint, such as `55888` .", "title": "Port", "type": "number" } }, "type": "object" }, "AWS::GroundStation::MissionProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactPostPassDurationSeconds": { "markdownDescription": "Amount of time in seconds after a contact ends that you\u2019d like to receive a Ground Station Contact State Change indicating the pass has finished.", "title": "ContactPostPassDurationSeconds", "type": "number" }, "ContactPrePassDurationSeconds": { "markdownDescription": "Amount of time in seconds prior to contact start that you'd like to receive a Ground Station Contact State Change Event indicating an upcoming pass.", "title": "ContactPrePassDurationSeconds", "type": "number" }, "DataflowEdges": { "items": { "$ref": "#/definitions/AWS::GroundStation::MissionProfile.DataflowEdge" }, "markdownDescription": "A list containing lists of config ARNs. Each list of config ARNs is an edge, with a \"from\" config and a \"to\" config.", "title": "DataflowEdges", "type": "array" }, "MinimumViableContactDurationSeconds": { "markdownDescription": "Minimum length of a contact in seconds that Ground Station will return when listing contacts. Ground Station will not return contacts shorter than this duration.", "title": "MinimumViableContactDurationSeconds", "type": "number" }, "Name": { "markdownDescription": "The name of the mission profile.", "title": "Name", "type": "string" }, "StreamsKmsKey": { "$ref": "#/definitions/AWS::GroundStation::MissionProfile.StreamsKmsKey", "markdownDescription": "KMS key to use for encrypting streams.", "title": "StreamsKmsKey" }, "StreamsKmsRole": { "markdownDescription": "Role to use for encrypting streams with KMS key.", "title": "StreamsKmsRole", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags assigned to the mission profile.", "title": "Tags", "type": "array" }, "TrackingConfigArn": { "markdownDescription": "The ARN of a tracking config objects that defines how to track the satellite through the sky during a contact.", "title": "TrackingConfigArn", "type": "string" } }, "required": [ "DataflowEdges", "MinimumViableContactDurationSeconds", "Name", "TrackingConfigArn" ], "type": "object" }, "Type": { "enum": [ "AWS::GroundStation::MissionProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GroundStation::MissionProfile.DataflowEdge": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge.", "title": "Destination", "type": "string" }, "Source": { "markdownDescription": "The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge.", "title": "Source", "type": "string" } }, "type": "object" }, "AWS::GroundStation::MissionProfile.StreamsKmsKey": { "additionalProperties": false, "properties": { "KmsAliasArn": { "markdownDescription": "", "title": "KmsAliasArn", "type": "string" }, "KmsKeyArn": { "markdownDescription": "", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::GuardDuty::Detector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataSources": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNDataSourceConfigurations", "markdownDescription": "Describes which data sources will be enabled for the detector.", "title": "DataSources" }, "Enable": { "markdownDescription": "Specifies whether the detector is to be enabled on creation.", "title": "Enable", "type": "boolean" }, "Features": { "items": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureConfiguration" }, "markdownDescription": "A list of features that will be configured for the detector.", "title": "Features", "type": "array" }, "FindingPublishingFrequency": { "markdownDescription": "Specifies how frequently updated findings are exported.", "title": "FindingPublishingFrequency", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::GuardDuty::Detector.TagItem" }, "markdownDescription": "Specifies tags added to a new detector resource. Each tag consists of a key and an optional value, both of which you define.\n\nCurrently, support is available only for creating and deleting a tag. No support exists for updating the tags.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Enable" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::Detector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::Detector.CFNDataSourceConfigurations": { "additionalProperties": false, "properties": { "Kubernetes": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesConfiguration", "markdownDescription": "Describes which Kubernetes data sources are enabled for a detector.", "title": "Kubernetes" }, "MalwareProtection": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration", "markdownDescription": "Describes whether Malware Protection will be enabled as a data source.", "title": "MalwareProtection" }, "S3Logs": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNS3LogsConfiguration", "markdownDescription": "Describes whether S3 data event logs are enabled as a data source.", "title": "S3Logs" } }, "type": "object" }, "AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the additional configuration.", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "Status of the additional configuration.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::GuardDuty::Detector.CFNFeatureConfiguration": { "additionalProperties": false, "properties": { "AdditionalConfiguration": { "items": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNFeatureAdditionalConfiguration" }, "markdownDescription": "Information about the additional configuration of a feature in your account.", "title": "AdditionalConfiguration", "type": "array" }, "Name": { "markdownDescription": "Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* .", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "Status of the feature configuration.", "title": "Status", "type": "string" } }, "required": [ "Name", "Status" ], "type": "object" }, "AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration": { "additionalProperties": false, "properties": { "Enable": { "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", "title": "Enable", "type": "boolean" } }, "required": [ "Enable" ], "type": "object" }, "AWS::GuardDuty::Detector.CFNKubernetesConfiguration": { "additionalProperties": false, "properties": { "AuditLogs": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNKubernetesAuditLogsConfiguration", "markdownDescription": "Describes whether Kubernetes audit logs are enabled as a data source for the detector.", "title": "AuditLogs" } }, "required": [ "AuditLogs" ], "type": "object" }, "AWS::GuardDuty::Detector.CFNMalwareProtectionConfiguration": { "additionalProperties": false, "properties": { "ScanEc2InstanceWithFindings": { "$ref": "#/definitions/AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration", "markdownDescription": "Describes the configuration of Malware Protection for EC2 instances with findings.", "title": "ScanEc2InstanceWithFindings" } }, "type": "object" }, "AWS::GuardDuty::Detector.CFNS3LogsConfiguration": { "additionalProperties": false, "properties": { "Enable": { "markdownDescription": "The status of S3 data event logs as a data source.", "title": "Enable", "type": "boolean" } }, "required": [ "Enable" ], "type": "object" }, "AWS::GuardDuty::Detector.CFNScanEc2InstanceWithFindingsConfiguration": { "additionalProperties": false, "properties": { "EbsVolumes": { "markdownDescription": "Describes the configuration for scanning EBS volumes as data source.", "title": "EbsVolumes", "type": "boolean" } }, "type": "object" }, "AWS::GuardDuty::Detector.TagItem": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::GuardDuty::Filter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Specifies the action that is to be applied to the findings that match the filter.", "title": "Action", "type": "string" }, "Description": { "markdownDescription": "The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ( `{ }` , `[ ]` , and `( )` ), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.", "title": "Description", "type": "string" }, "DetectorId": { "markdownDescription": "The ID of the detector belonging to the GuardDuty account that you want to create a filter for.", "title": "DetectorId", "type": "string" }, "FindingCriteria": { "$ref": "#/definitions/AWS::GuardDuty::Filter.FindingCriteria", "markdownDescription": "Represents the criteria to be used in the filter for querying findings.", "title": "FindingCriteria" }, "Name": { "markdownDescription": "The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.", "title": "Name", "type": "string" }, "Rank": { "markdownDescription": "Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings. The minimum value for this property is 1 and the maximum is 100.\n\nBy default, filters may not be created in the same order as they are ranked. To ensure that the filters are created in the expected order, you can use an optional attribute, [DependsOn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) , with the following syntax: `\"DependsOn\":[ \"ObjectName\" ]` .", "title": "Rank", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/AWS::GuardDuty::Filter.TagItem" }, "markdownDescription": "The tags to be added to a new filter resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "FindingCriteria" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::Filter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::Filter.Condition": { "additionalProperties": false, "properties": { "Eq": { "items": { "type": "string" }, "markdownDescription": "Represents the equal condition to apply to a single field when querying for findings.", "title": "Eq", "type": "array" }, "Equals": { "items": { "type": "string" }, "markdownDescription": "Represents an *equal* ** condition to be applied to a single field when querying for findings.", "title": "Equals", "type": "array" }, "GreaterThan": { "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", "title": "GreaterThan", "type": "number" }, "GreaterThanOrEqual": { "markdownDescription": "Represents a *greater than or equal* condition to be applied to a single field when querying for findings.", "title": "GreaterThanOrEqual", "type": "number" }, "Gt": { "markdownDescription": "Represents a *greater than* condition to be applied to a single field when querying for findings.", "title": "Gt", "type": "number" }, "Gte": { "markdownDescription": "Represents the greater than or equal condition to apply to a single field when querying for findings.", "title": "Gte", "type": "number" }, "LessThan": { "markdownDescription": "Represents a *less than* condition to be applied to a single field when querying for findings.", "title": "LessThan", "type": "number" }, "LessThanOrEqual": { "markdownDescription": "Represents a *less than or equal* condition to be applied to a single field when querying for findings.", "title": "LessThanOrEqual", "type": "number" }, "Lt": { "markdownDescription": "Represents the less than condition to apply to a single field when querying for findings.", "title": "Lt", "type": "number" }, "Lte": { "markdownDescription": "Represents the less than or equal condition to apply to a single field when querying for findings.", "title": "Lte", "type": "number" }, "Neq": { "items": { "type": "string" }, "markdownDescription": "Represents the not equal condition to apply to a single field when querying for findings.", "title": "Neq", "type": "array" }, "NotEquals": { "items": { "type": "string" }, "markdownDescription": "Represents a *not equal* ** condition to be applied to a single field when querying for findings.", "title": "NotEquals", "type": "array" } }, "type": "object" }, "AWS::GuardDuty::Filter.FindingCriteria": { "additionalProperties": false, "properties": { "Criterion": { "additionalProperties": false, "markdownDescription": "Represents a map of finding properties that match specified conditions and values when querying findings.\n\nFor information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion:\n\n- accountId\n- id\n- region\n- severity\n\nTo filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition:\n\n- *Low* : `[\"1\", \"2\", \"3\"]`\n- *Medium* : `[\"4\", \"5\", \"6\"]`\n- *High* : `[\"7\", \"8\", \"9\"]`\n\nFor more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* .\n- type\n- updatedAt\n\nType: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds.\n- resource.accessKeyDetails.accessKeyId\n- resource.accessKeyDetails.principalId\n- resource.accessKeyDetails.userName\n- resource.accessKeyDetails.userType\n- resource.instanceDetails.iamInstanceProfile.id\n- resource.instanceDetails.imageId\n- resource.instanceDetails.instanceId\n- resource.instanceDetails.tags.key\n- resource.instanceDetails.tags.value\n- resource.instanceDetails.networkInterfaces.ipv6Addresses\n- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress\n- resource.instanceDetails.networkInterfaces.publicDnsName\n- resource.instanceDetails.networkInterfaces.publicIp\n- resource.instanceDetails.networkInterfaces.securityGroups.groupId\n- resource.instanceDetails.networkInterfaces.securityGroups.groupName\n- resource.instanceDetails.networkInterfaces.subnetId\n- resource.instanceDetails.networkInterfaces.vpcId\n- resource.instanceDetails.outpostArn\n- resource.resourceType\n- resource.s3BucketDetails.publicAccess.effectivePermissions\n- resource.s3BucketDetails.name\n- resource.s3BucketDetails.tags.key\n- resource.s3BucketDetails.tags.value\n- resource.s3BucketDetails.type\n- service.action.actionType\n- service.action.awsApiCallAction.api\n- service.action.awsApiCallAction.callerType\n- service.action.awsApiCallAction.errorCode\n- service.action.awsApiCallAction.remoteIpDetails.city.cityName\n- service.action.awsApiCallAction.remoteIpDetails.country.countryName\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.awsApiCallAction.remoteIpDetails.organization.asn\n- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg\n- service.action.awsApiCallAction.serviceName\n- service.action.dnsRequestAction.domain\n- service.action.dnsRequestAction.domainWithSuffix\n- service.action.networkConnectionAction.blocked\n- service.action.networkConnectionAction.connectionDirection\n- service.action.networkConnectionAction.localPortDetails.port\n- service.action.networkConnectionAction.protocol\n- service.action.networkConnectionAction.remoteIpDetails.city.cityName\n- service.action.networkConnectionAction.remoteIpDetails.country.countryName\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4\n- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6\n- service.action.networkConnectionAction.remoteIpDetails.organization.asn\n- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg\n- service.action.networkConnectionAction.remotePortDetails.port\n- service.action.awsApiCallAction.remoteAccountDetails.affiliated\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4\n- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6\n- service.action.kubernetesApiCallAction.namespace\n- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn\n- service.action.kubernetesApiCallAction.requestUri\n- service.action.kubernetesApiCallAction.statusCode\n- service.action.networkConnectionAction.localIpDetails.ipAddressV4\n- service.action.networkConnectionAction.localIpDetails.ipAddressV6\n- service.action.networkConnectionAction.protocol\n- service.action.awsApiCallAction.serviceName\n- service.action.awsApiCallAction.remoteAccountDetails.accountId\n- service.additionalInfo.threatListName\n- service.resourceRole\n- resource.eksClusterDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.name\n- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace\n- resource.kubernetesDetails.kubernetesUserDetails.username\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image\n- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix\n- service.ebsVolumeScanDetails.scanId\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity\n- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash\n- service.malwareScanDetails.threats.name\n- resource.ecsClusterDetails.name\n- resource.ecsClusterDetails.taskDetails.containers.image\n- resource.ecsClusterDetails.taskDetails.definitionArn\n- resource.containerDetails.image\n- resource.rdsDbInstanceDetails.dbInstanceIdentifier\n- resource.rdsDbInstanceDetails.dbClusterIdentifier\n- resource.rdsDbInstanceDetails.engine\n- resource.rdsDbUserDetails.user\n- resource.rdsDbInstanceDetails.tags.key\n- resource.rdsDbInstanceDetails.tags.value\n- service.runtimeDetails.process.executableSha256\n- service.runtimeDetails.process.name\n- service.runtimeDetails.process.name\n- resource.lambdaDetails.functionName\n- resource.lambdaDetails.functionArn\n- resource.lambdaDetails.tags.key\n- resource.lambdaDetails.tags.value", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::GuardDuty::Filter.Condition" } }, "title": "Criterion", "type": "object" } }, "type": "object" }, "AWS::GuardDuty::Filter.TagItem": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::GuardDuty::IPSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Activate": { "markdownDescription": "Indicates whether or not GuardDuty uses the `IPSet` .", "title": "Activate", "type": "boolean" }, "DetectorId": { "markdownDescription": "The unique ID of the detector of the GuardDuty account that you want to create an IPSet for.", "title": "DetectorId", "type": "string" }, "Format": { "markdownDescription": "The format of the file that contains the IPSet.", "title": "Format", "type": "string" }, "Location": { "markdownDescription": "The URI of the file that contains the IPSet.", "title": "Location", "type": "string" }, "Name": { "markdownDescription": "The user-friendly name to identify the IPSet.\n\nAllowed characters are alphanumeric, whitespace, dash (-), and underscores (_).", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::GuardDuty::IPSet.TagItem" }, "markdownDescription": "The tags to be added to a new IP set resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Format", "Location" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::IPSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::IPSet.TagItem": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::GuardDuty::Master": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DetectorId": { "markdownDescription": "The unique ID of the detector of the GuardDuty member account.", "title": "DetectorId", "type": "string" }, "InvitationId": { "markdownDescription": "The ID of the invitation that is sent to the account designated as a member account. You can find the invitation ID by running the [ListInvitations](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListInvitations.html) in the *GuardDuty API Reference* .", "title": "InvitationId", "type": "string" }, "MasterId": { "markdownDescription": "The AWS account ID of the account designated as the GuardDuty administrator account.", "title": "MasterId", "type": "string" } }, "required": [ "DetectorId", "MasterId" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::Master" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::Member": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DetectorId": { "markdownDescription": "The ID of the detector associated with the GuardDuty service to add the member to.", "title": "DetectorId", "type": "string" }, "DisableEmailNotification": { "markdownDescription": "Specifies whether or not to disable email notification for the member account that you invite.", "title": "DisableEmailNotification", "type": "boolean" }, "Email": { "markdownDescription": "The email address associated with the member account.", "title": "Email", "type": "string" }, "MemberId": { "markdownDescription": "The AWS account ID of the account to designate as a member.", "title": "MemberId", "type": "string" }, "Message": { "markdownDescription": "The invitation message that you want to send to the accounts that you're inviting to GuardDuty as members.", "title": "Message", "type": "string" }, "Status": { "markdownDescription": "You can use the `Status` property to update the status of the relationship between the member account and its administrator account. Valid values are `Created` and `Invited` when using an `AWS::GuardDuty::Member` resource. If the value for this property is not provided or set to `Created` , a member account is created but not invited. If the value of this property is set to `Invited` , a member account is created and invited.", "title": "Status", "type": "string" } }, "required": [ "Email" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::Member" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::ThreatIntelSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Activate": { "markdownDescription": "A Boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.", "title": "Activate", "type": "boolean" }, "DetectorId": { "markdownDescription": "The unique ID of the detector of the GuardDuty account that you want to create a threatIntelSet for.", "title": "DetectorId", "type": "string" }, "Format": { "markdownDescription": "The format of the file that contains the ThreatIntelSet.", "title": "Format", "type": "string" }, "Location": { "markdownDescription": "The URI of the file that contains the ThreatIntelSet.", "title": "Location", "type": "string" }, "Name": { "markdownDescription": "A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet.TagItem" }, "markdownDescription": "The tags to be added to a new threat list resource. Each tag consists of a key and an optional value, both of which you define.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Format", "Location" ], "type": "object" }, "Type": { "enum": [ "AWS::GuardDuty::ThreatIntelSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::GuardDuty::ThreatIntelSet.TagItem": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::HealthImaging::Datastore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatastoreName": { "markdownDescription": "The data store name.", "title": "DatastoreName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) assigned to the Key Management Service (KMS) key for accessing encrypted data.", "title": "KmsKeyArn", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags provided when creating a data store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::HealthImaging::Datastore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatastoreName": { "markdownDescription": "The user generated name for the data store.", "title": "DatastoreName", "type": "string" }, "DatastoreTypeVersion": { "markdownDescription": "The FHIR version of the data store. The only supported version is R4.", "title": "DatastoreTypeVersion", "type": "string" }, "IdentityProviderConfiguration": { "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration", "markdownDescription": "The identity provider configuration that you gave when the data store was created.", "title": "IdentityProviderConfiguration" }, "PreloadDataConfig": { "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.PreloadDataConfig", "markdownDescription": "The preloaded data configuration for the data store. Only data preloaded from Synthea is supported.", "title": "PreloadDataConfig" }, "SseConfiguration": { "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.SseConfiguration", "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key specified for creating a data store.", "title": "SseConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DatastoreTypeVersion" ], "type": "object" }, "Type": { "enum": [ "AWS::HealthLake::FHIRDatastore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore.CreatedAt": { "additionalProperties": false, "properties": { "Nanos": { "markdownDescription": "", "title": "Nanos", "type": "number" }, "Seconds": { "markdownDescription": "", "title": "Seconds", "type": "string" } }, "required": [ "Nanos", "Seconds" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore.IdentityProviderConfiguration": { "additionalProperties": false, "properties": { "AuthorizationStrategy": { "markdownDescription": "The authorization strategy that you selected when you created the data store.", "title": "AuthorizationStrategy", "type": "string" }, "FineGrainedAuthorizationEnabled": { "markdownDescription": "If you enabled fine-grained authorization when you created the data store.", "title": "FineGrainedAuthorizationEnabled", "type": "boolean" }, "IdpLambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function that you want to use to decode the access token created by the authorization server.", "title": "IdpLambdaArn", "type": "string" }, "Metadata": { "markdownDescription": "The JSON metadata elements that you want to use in your identity provider configuration. Required elements are listed based on the launch specification of the SMART application. For more information on all possible elements, see [Metadata](https://docs.aws.amazon.com/https://build.fhir.org/ig/HL7/smart-app-launch/conformance.html#metadata) in SMART's App Launch specification.\n\n`authorization_endpoint` : The URL to the OAuth2 authorization endpoint.\n\n`grant_types_supported` : An array of grant types that are supported at the token endpoint. You must provide at least one grant type option. Valid options are `authorization_code` and `client_credentials` .\n\n`token_endpoint` : The URL to the OAuth2 token endpoint.\n\n`capabilities` : An array of strings of the SMART capabilities that the authorization server supports.\n\n`code_challenge_methods_supported` : An array of strings of supported PKCE code challenge methods. You must include the `S256` method in the array of PKCE code challenge methods.", "title": "Metadata", "type": "string" } }, "required": [ "AuthorizationStrategy" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig": { "additionalProperties": false, "properties": { "CmkType": { "markdownDescription": "The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see [KmsEncryptionConfig](https://docs.aws.amazon.com/healthlake/latest/APIReference/API_KmsEncryptionConfig.html#HealthLake-Type-KmsEncryptionConfig-CmkType) .", "title": "CmkType", "type": "string" }, "KmsKeyId": { "markdownDescription": "The KMS encryption key id/alias used to encrypt the data store contents at rest.", "title": "KmsKeyId", "type": "string" } }, "required": [ "CmkType" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore.PreloadDataConfig": { "additionalProperties": false, "properties": { "PreloadDataType": { "markdownDescription": "The type of preloaded data. Only Synthea preloaded data is supported.", "title": "PreloadDataType", "type": "string" } }, "required": [ "PreloadDataType" ], "type": "object" }, "AWS::HealthLake::FHIRDatastore.SseConfiguration": { "additionalProperties": false, "properties": { "KmsEncryptionConfig": { "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore.KmsEncryptionConfig", "markdownDescription": "The server-side encryption key configuration for a customer provided encryption key (CMK).", "title": "KmsEncryptionConfig" } }, "required": [ "KmsEncryptionConfig" ], "type": "object" }, "AWS::IAM::AccessKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Serial": { "markdownDescription": "This value is specific to CloudFormation and can only be *incremented* . Incrementing this value notifies CloudFormation that you want to rotate your access key. When you update your stack, CloudFormation will replace the existing access key with a new key.", "title": "Serial", "type": "number" }, "Status": { "markdownDescription": "The status of the access key. `Active` means that the key is valid for API calls, while `Inactive` means it is not.", "title": "Status", "type": "string" }, "UserName": { "markdownDescription": "The name of the IAM user that the new key will belong to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "UserName", "type": "string" } }, "required": [ "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::AccessKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the group to create. Do not include the path in this value.\n\nThe group name must be unique within the account. Group names are not distinguished by case. For example, you cannot create groups named both \"ADMINS\" and \"admins\". If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", "title": "GroupName", "type": "string" }, "ManagedPolicyArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the IAM policy you want to attach.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "ManagedPolicyArns", "type": "array" }, "Path": { "markdownDescription": "The path to the group. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", "title": "Path", "type": "string" }, "Policies": { "items": { "$ref": "#/definitions/AWS::IAM::Group.Policy" }, "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM group. To view AWS::IAM::Group snippets, see [Declaring an IAM Group Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-group) .\n\n> The name of each inline policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a group, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", "title": "Policies", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IAM::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IAM::Group.Policy": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The policy document.", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The friendly name (not ARN) identifying the policy.", "title": "PolicyName", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "AWS::IAM::GroupPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", "title": "GroupName", "type": "string" }, "PolicyDocument": { "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "PolicyName", "type": "string" } }, "required": [ "GroupName", "PolicyName" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::GroupPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::InstanceProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceProfileName": { "markdownDescription": "The name of the instance profile to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "InstanceProfileName", "type": "string" }, "Path": { "markdownDescription": "The path to the instance profile. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", "title": "Path", "type": "string" }, "Roles": { "items": { "type": "string" }, "markdownDescription": "The name of the role to associate with the instance profile. Only one role can be assigned to an EC2 instance at a time, and all applications on the instance share the same role and permissions.", "title": "Roles", "type": "array" } }, "required": [ "Roles" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::InstanceProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::ManagedPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A friendly description of the policy.\n\nTypically used to store information about the permissions defined in the policy. For example, \"Grants access to production DynamoDB tables.\"\n\nThe policy description is immutable. After a value is assigned, it cannot be changed.", "title": "Description", "type": "string" }, "Groups": { "items": { "type": "string" }, "markdownDescription": "The name (friendly name, not ARN) of the group to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "Groups", "type": "array" }, "ManagedPolicyName": { "markdownDescription": "The friendly name of the policy.\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name. \n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", "title": "ManagedPolicyName", "type": "string" }, "Path": { "markdownDescription": "The path for the policy.\n\nFor more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> You cannot use an asterisk (*) in the path name.", "title": "Path", "type": "string" }, "PolicyDocument": { "markdownDescription": "The JSON policy document that you want to use as the content for the new policy.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe maximum length of the policy document that you can pass in this operation, including whitespace, is listed below. To view the maximum character counts of a managed policy with no whitespaces, see [IAM and AWS STS character quotas](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length) .\n\nTo learn more about JSON policy grammar, see [Grammar of the IAM JSON policy language](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html) in the *IAM User Guide* .\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PolicyDocument", "type": "object" }, "Roles": { "items": { "type": "string" }, "markdownDescription": "The name (friendly name, not ARN) of the role to attach the policy to.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", "title": "Roles", "type": "array" }, "Users": { "items": { "type": "string" }, "markdownDescription": "The name (friendly name, not ARN) of the IAM user to attach the policy to.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "Users", "type": "array" } }, "required": [ "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::ManagedPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::OIDCProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientIdList": { "items": { "type": "string" }, "markdownDescription": "A list of client IDs (also known as audiences) that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", "title": "ClientIdList", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that are attached to the specified IAM OIDC provider. The returned list of tags is sorted by tag key. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" }, "ThumbprintList": { "items": { "type": "string" }, "markdownDescription": "A list of certificate thumbprints that are associated with the specified IAM OIDC provider resource object. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", "title": "ThumbprintList", "type": "array" }, "Url": { "markdownDescription": "The URL that the IAM OIDC provider resource object is associated with. For more information, see [CreateOpenIDConnectProvider](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html) .", "title": "Url", "type": "string" } }, "required": [ "ThumbprintList" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::OIDCProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::Policy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Groups": { "items": { "type": "string" }, "markdownDescription": "The name of the group to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-.", "title": "Groups", "type": "array" }, "PolicyDocument": { "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "PolicyName", "type": "string" }, "Roles": { "items": { "type": "string" }, "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", "title": "Roles", "type": "array" }, "Users": { "items": { "type": "string" }, "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "Users", "type": "array" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::Policy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::Role": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssumeRolePolicyDocument": { "markdownDescription": "The trust policy that is associated with this role. Trust policies define which entities can assume the role. You can associate only one trust policy with a role. For an example of a policy that can be used to assume a role, see [Template Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#aws-resource-iam-role--examples) . For more information about the elements that you can use in an IAM policy, see [IAM Policy Elements Reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html) in the *IAM User Guide* .", "title": "AssumeRolePolicyDocument", "type": "object" }, "Description": { "markdownDescription": "A description of the role that you provide.", "title": "Description", "type": "string" }, "ManagedPolicyArns": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the role.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "ManagedPolicyArns", "type": "array" }, "MaxSessionDuration": { "markdownDescription": "The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default value of one hour is applied. This setting can have a value from 1 hour to 12 hours.\n\nAnyone who assumes the role from the AWS CLI or API can use the `DurationSeconds` API parameter or the `duration-seconds` AWS CLI parameter to request a longer session. The `MaxSessionDuration` setting determines the maximum duration that can be requested using the `DurationSeconds` parameter. If users don't specify a value for the `DurationSeconds` parameter, their security credentials are valid for one hour by default. This applies when you use the `AssumeRole*` API operations or the `assume-role*` AWS CLI operations but does not apply when you use those operations to create a console URL. For more information, see [Using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the *IAM User Guide* .", "title": "MaxSessionDuration", "type": "number" }, "Path": { "markdownDescription": "The path to the role. For more information about paths, see [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", "title": "Path", "type": "string" }, "PermissionsBoundary": { "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role.\n\nFor more information about permissions boundaries, see [Permissions boundaries for IAM identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .", "title": "PermissionsBoundary", "type": "string" }, "Policies": { "items": { "$ref": "#/definitions/AWS::IAM::Role.Policy" }, "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM role.\n\nWhen you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role. You can update a role's trust policy later. For more information about IAM roles, go to [Using Roles to Delegate Permissions and Federate Identities](https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) .\n\nA role can also have an attached managed policy. For information about policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *IAM User Guide* .\n\nFor information about limits on the number of inline policies that you can embed with a role, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .\n\n> If an external policy (such as `AWS::IAM::Policy` or `AWS::IAM::ManagedPolicy` ) has a `Ref` to a role and if a resource (such as `AWS::ECS::Service` ) also has a `Ref` to the same role, add a `DependsOn` attribute to the resource to make the resource depend on the external policy. This dependency ensures that the role's policy is available throughout the resource's lifecycle. For example, when you delete a stack with an `AWS::ECS::Service` resource, the `DependsOn` attribute ensures that AWS CloudFormation deletes the `AWS::ECS::Service` resource before deleting its role's policy.", "title": "Policies", "type": "array" }, "RoleName": { "markdownDescription": "A name for the IAM role, up to 64 characters in length. For valid values, see the `RoleName` parameter for the [`CreateRole`](https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html) action in the *IAM User Guide* .\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The role name must be unique within the account. Role names are not distinguished by case. For example, you cannot create roles named both \"Role1\" and \"role1\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the role name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", "title": "RoleName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that are attached to the role. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "AssumeRolePolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::Role" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::Role.Policy": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The friendly name (not ARN) identifying the policy.", "title": "PolicyName", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "AWS::IAM::RolePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "PolicyName", "type": "string" }, "RoleName": { "markdownDescription": "The name of the role to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "RoleName", "type": "string" } }, "required": [ "PolicyName", "RoleName" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::RolePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::SAMLProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the provider to create.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "Name", "type": "string" }, "SamlMetadataDocument": { "markdownDescription": "An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.\n\nFor more information, see [About SAML 2.0-based federation](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the *IAM User Guide*", "title": "SamlMetadataDocument", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the new IAM SAML provider. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", "type": "array" } }, "required": [ "SamlMetadataDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::SAMLProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::ServerCertificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateBody": { "markdownDescription": "The contents of the public key certificate.", "title": "CertificateBody", "type": "string" }, "CertificateChain": { "markdownDescription": "The contents of the public key certificate chain.", "title": "CertificateChain", "type": "string" }, "Path": { "markdownDescription": "The path for the server certificate. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/). This parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.\n\n> If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the `path` parameter. The path must begin with `/cloudfront` and must include a trailing slash (for example, `/cloudfront/test/` ).", "title": "Path", "type": "string" }, "PrivateKey": { "markdownDescription": "The contents of the private key in PEM-encoded format.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PrivateKey", "type": "string" }, "ServerCertificateName": { "markdownDescription": "The name for the server certificate. Do not include the path in this value. The name of the certificate cannot contain any spaces.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "ServerCertificateName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that are attached to the server certificate. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IAM::ServerCertificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IAM::ServiceLinkedRole": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AWSServiceName": { "markdownDescription": "The service principal for the AWS service to which this role is attached. You use a string similar to a URL but without the http:// in front. For example: `elasticbeanstalk.amazonaws.com` .\n\nService principals are unique and case-sensitive. To find the exact service principal for your service-linked role, see [AWS services that work with IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html) in the *IAM User Guide* . Look for the services that have *Yes* in the *Service-Linked Role* column. Choose the *Yes* link to view the service-linked role documentation for that service.", "title": "AWSServiceName", "type": "string" }, "CustomSuffix": { "markdownDescription": "A string that you provide, which is combined with the service-provided prefix to form the complete role name. If you make multiple requests for the same service, then you must supply a different `CustomSuffix` for each request. Otherwise the request fails with a duplicate role name error. For example, you could add `-1` or `-debug` to the suffix.\n\nSome services do not support the `CustomSuffix` parameter. If you provide an optional suffix and the operation fails, try the operation again without the suffix.", "title": "CustomSuffix", "type": "string" }, "Description": { "markdownDescription": "The description of the role.", "title": "Description", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::IAM::ServiceLinkedRole" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IAM::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Groups": { "items": { "type": "string" }, "markdownDescription": "A list of group names to which you want to add the user.", "title": "Groups", "type": "array" }, "LoginProfile": { "$ref": "#/definitions/AWS::IAM::User.LoginProfile", "markdownDescription": "Creates a password for the specified IAM user. A password allows an IAM user to access AWS services through the AWS Management Console .\n\nYou can use the AWS CLI , the AWS API, or the *Users* page in the IAM console to create a password for any IAM user. Use [ChangePassword](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ChangePassword.html) to update your own existing password in the *My Security Credentials* page in the AWS Management Console .\n\nFor more information about managing passwords, see [Managing passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *IAM User Guide* .", "title": "LoginProfile" }, "ManagedPolicyArns": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Resource Names (ARNs) of the IAM managed policies that you want to attach to the user.\n\nFor more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "ManagedPolicyArns", "type": "array" }, "Path": { "markdownDescription": "The path for the user name. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", "title": "Path", "type": "string" }, "PermissionsBoundary": { "markdownDescription": "The ARN of the managed policy that is used to set the permissions boundary for the user.\n\nA permissions boundary policy defines the maximum permissions that identity-based policies can grant to an entity, but does not grant permissions. Permissions boundaries do not define the maximum permissions that a resource-based policy can grant to an entity. To learn more, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\nFor more information about policy types, see [Policy types](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types) in the *IAM User Guide* .", "title": "PermissionsBoundary", "type": "string" }, "Policies": { "items": { "$ref": "#/definitions/AWS::IAM::User.Policy" }, "markdownDescription": "Adds or updates an inline policy document that is embedded in the specified IAM user. To view AWS::IAM::User snippets, see [Declaring an IAM User Resource](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-iam.html#scenario-iam-user) .\n\n> The name of each policy for a role, user, or group must be unique. If you don't choose unique names, updates to the IAM identity will fail. \n\nFor information about limits on the number of inline policies that you can embed in a user, see [Limitations on IAM Entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the *IAM User Guide* .", "title": "Policies", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the new user. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", "type": "array" }, "UserName": { "markdownDescription": "The name of the user to create. Do not include the path in this value.\n\nThis parameter allows (per its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-. The user name must be unique within the account. User names are not distinguished by case. For example, you cannot create users named both \"John\" and \"john\".\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the user name.\n\nIf you specify a name, you must specify the `CAPABILITY_NAMED_IAM` value to acknowledge your template's capabilities. For more information, see [Acknowledging IAM Resources in AWS CloudFormation Templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-template.html#using-iam-capabilities) .\n\n> Naming an IAM resource can cause an unrecoverable error if you reuse the same template in multiple Regions. To prevent this, we recommend using `Fn::Join` and `AWS::Region` to create a Region-specific name, as in the following example: `{\"Fn::Join\": [\"\", [{\"Ref\": \"AWS::Region\"}, {\"Ref\": \"MyResourceName\"}]]}` .", "title": "UserName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::IAM::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IAM::User.LoginProfile": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "The user's password.", "title": "Password", "type": "string" }, "PasswordResetRequired": { "markdownDescription": "Specifies whether the user is required to set a new password on next sign-in.", "title": "PasswordResetRequired", "type": "boolean" } }, "required": [ "Password" ], "type": "object" }, "AWS::IAM::User.Policy": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json) .", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The friendly name (not ARN) identifying the policy.", "title": "PolicyName", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "AWS::IAM::UserPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The policy document.\n\nYou must provide policies in JSON format in IAM. However, for AWS CloudFormation templates formatted in YAML, you can provide the policy in JSON or YAML format. AWS CloudFormation always converts a YAML policy to JSON format before submitting it to IAM.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) used to validate this parameter is a string of characters consisting of the following:\n\n- Any printable ASCII character ranging from the space character ( `\\u0020` ) through the end of the ASCII character range\n- The printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` )\n- The special characters tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` )", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The name of the policy document.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "PolicyName", "type": "string" }, "UserName": { "markdownDescription": "The name of the user to associate the policy with.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "UserName", "type": "string" } }, "required": [ "PolicyName", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::UserPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::UserToGroupAddition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupName": { "markdownDescription": "The name of the group to update.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "GroupName", "type": "string" }, "Users": { "items": { "type": "string" }, "markdownDescription": "A list of the names of the users that you want to add to the group.", "title": "Users", "type": "array" } }, "required": [ "GroupName", "Users" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::UserToGroupAddition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IAM::VirtualMFADevice": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The path for the virtual MFA device. For more information about paths, see [IAM identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the *IAM User Guide* .\n\nThis parameter is optional. If it is not included, it defaults to a slash (/).\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of either a forward slash (/) by itself or a string that must begin and end with forward slashes. In addition, it can contain any ASCII character from the ! ( `\\u0021` ) through the DEL character ( `\\u007F` ), including most punctuation characters, digits, and upper and lowercased letters.", "title": "Path", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the new IAM virtual MFA device. Each tag consists of a key name and an associated value. For more information about tagging, see [Tagging IAM resources](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the *IAM User Guide* .\n\n> If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created.", "title": "Tags", "type": "array" }, "Users": { "items": { "type": "string" }, "markdownDescription": "The IAM user associated with this virtual MFA device.", "title": "Users", "type": "array" }, "VirtualMfaDeviceName": { "markdownDescription": "The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device.\n\nThis parameter allows (through its [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-", "title": "VirtualMfaDeviceName", "type": "string" } }, "required": [ "Users" ], "type": "object" }, "Type": { "enum": [ "AWS::IAM::VirtualMFADevice" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVS::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Authorized": { "markdownDescription": "Whether the channel is authorized.\n\n*Default* : `false`", "title": "Authorized", "type": "boolean" }, "InsecureIngest": { "markdownDescription": "Whether the channel allows insecure RTMP ingest.\n\n*Default* : `false`", "title": "InsecureIngest", "type": "boolean" }, "LatencyMode": { "markdownDescription": "Channel latency mode. Valid values:\n\n- `NORMAL` : Use NORMAL to broadcast and deliver live video up to Full HD.\n- `LOW` : Use LOW for near real-time interactions with viewers.\n\n> In the console, `LOW` and `NORMAL` correspond to `Ultra-low` and `Standard` , respectively. \n\n*Default* : `LOW`", "title": "LatencyMode", "type": "string" }, "Name": { "markdownDescription": "Channel name.", "title": "Name", "type": "string" }, "Preset": { "markdownDescription": "An optional transcode preset for the channel. This is selectable only for `ADVANCED_HD` and `ADVANCED_SD` channel types. For those channel types, the default preset is `HIGHER_BANDWIDTH_DELIVERY` . For other channel types ( `BASIC` and `STANDARD` ), `preset` is the empty string (\"\").", "title": "Preset", "type": "string" }, "RecordingConfigurationArn": { "markdownDescription": "The ARN of a RecordingConfiguration resource. An empty string indicates that recording is disabled for the channel. A RecordingConfiguration ARN indicates that recording is enabled using the specified recording configuration. See the [RecordingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ivs-recordingconfiguration.html) resource for more information and an example.\n\n*Default* : \"\" (empty string, recording is disabled)", "title": "RecordingConfigurationArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-channel-tag.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The channel type, which determines the allowable resolution and bitrate. *If you exceed the allowable resolution or bitrate, the stream probably will disconnect immediately.* Valid values:\n\n- `STANDARD` : Video is transcoded: multiple qualities are generated from the original input to automatically give viewers the best experience for their devices and network conditions. Transcoding allows higher playback quality across a range of download speeds. Resolution can be up to 1080p and bitrate can be up to 8.5 Mbps. Audio is transcoded only for renditions 360p and below; above that, audio is passed through.\n- `BASIC` : Video is transmuxed: Amazon IVS delivers the original input to viewers. The viewer\u2019s video-quality choice is limited to the original input. Resolution can be up to 1080p and bitrate can be up to 1.5 Mbps for 480p and up to 3.5 Mbps for resolutions between 480p and 1080p.\n- `ADVANCED_SD` : Video is transcoded; multiple qualities are generated from the original input, to automatically give viewers the best experience for their devices and network conditions. Input resolution can be up to 1080p and bitrate can be up to 8.5 Mbps; output is capped at SD quality (480p). You can select an optional transcode preset (see below). Audio for all renditions is transcoded, and an audio-only rendition is available.\n- `ADVANCED_HD` : Video is transcoded; multiple qualities are generated from the original input, to automatically give viewers the best experience for their devices and network conditions. Input resolution can be up to 1080p and bitrate can be up to 8.5 Mbps; output is capped at HD quality (720p). You can select an optional transcode preset (see below). Audio for all renditions is transcoded, and an audio-only rendition is available.\n\nOptional *transcode presets* (available for the `ADVANCED` types) allow you to trade off available download bandwidth and video quality, to optimize the viewing experience. There are two presets:\n\n- *Constrained bandwidth delivery* uses a lower bitrate for each quality level. Use it if you have low download bandwidth and/or simple video content (e.g., talking heads)\n- *Higher bandwidth delivery* uses a higher bitrate for each quality level. Use it if you have high download bandwidth and/or complex video content (e.g., flashes and quick scene changes).\n\n*Default* : `STANDARD`", "title": "Type", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::IVS::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IVS::EncoderConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Encoder cnfiguration name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-tag.html) .", "title": "Tags", "type": "array" }, "Video": { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration.Video", "markdownDescription": "Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps. See the [Video](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-encoderconfiguration-video.html) property type for more information.", "title": "Video" } }, "type": "object" }, "Type": { "enum": [ "AWS::IVS::EncoderConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IVS::EncoderConfiguration.Video": { "additionalProperties": false, "properties": { "Bitrate": { "markdownDescription": "Bitrate for generated output, in bps. Default: 2500000.", "title": "Bitrate", "type": "number" }, "Framerate": { "markdownDescription": "Video frame rate, in fps. Default: 30.", "title": "Framerate", "type": "number" }, "Height": { "markdownDescription": "Video-resolution height. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720.", "title": "Height", "type": "number" }, "Width": { "markdownDescription": "Video-resolution width. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280.", "title": "Width", "type": "number" } }, "type": "object" }, "AWS::IVS::PlaybackKeyPair": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Playback-key-pair name. The value does not need to be unique.", "title": "Name", "type": "string" }, "PublicKeyMaterial": { "markdownDescription": "The public portion of a customer-generated key pair.", "title": "PublicKeyMaterial", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackkeypair-tag.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IVS::PlaybackKeyPair" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IVS::PlaybackRestrictionPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedCountries": { "items": { "type": "string" }, "markdownDescription": "A list of country codes that control geoblocking restrictions. Allowed values are the officially assigned ISO 3166-1 alpha-2 codes. Default: All countries (an empty array).", "title": "AllowedCountries", "type": "array" }, "AllowedOrigins": { "items": { "type": "string" }, "markdownDescription": "A list of origin sites that control CORS restriction. Allowed values are the same as valid values of the Origin header defined at [https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin\"](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)", "title": "AllowedOrigins", "type": "array" }, "EnableStrictOriginEnforcement": { "markdownDescription": "Whether channel playback is constrained by the origin site.", "title": "EnableStrictOriginEnforcement", "type": "boolean" }, "Name": { "markdownDescription": "Playback-restriction-policy name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-playbackrestrictionpolicy-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ "AllowedCountries", "AllowedOrigins" ], "type": "object" }, "Type": { "enum": [ "AWS::IVS::PlaybackRestrictionPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVS::RecordingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationConfiguration": { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.DestinationConfiguration", "markdownDescription": "A destination configuration describes an S3 bucket where recorded video will be stored. See the DestinationConfiguration property type for more information.", "title": "DestinationConfiguration" }, "Name": { "markdownDescription": "Recording-configuration name. The value does not need to be unique.", "title": "Name", "type": "string" }, "RecordingReconnectWindowSeconds": { "markdownDescription": "If a broadcast disconnects and then reconnects within the specified interval, the multiple streams will be considered a single broadcast and merged together.\n\n*Default* : `0`", "title": "RecordingReconnectWindowSeconds", "type": "number" }, "RenditionConfiguration": { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.RenditionConfiguration", "markdownDescription": "A rendition configuration describes which renditions should be recorded for a stream. See the RenditionConfiguration property type for more information.", "title": "RenditionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-tag.html) .", "title": "Tags", "type": "array" }, "ThumbnailConfiguration": { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.ThumbnailConfiguration", "markdownDescription": "A thumbnail configuration enables/disables the recording of thumbnails for a live session and controls the interval at which thumbnails are generated for the live session. See the ThumbnailConfiguration property type for more information.", "title": "ThumbnailConfiguration" } }, "required": [ "DestinationConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::IVS::RecordingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVS::RecordingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { "S3": { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration.S3DestinationConfiguration", "markdownDescription": "An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information.", "title": "S3" } }, "type": "object" }, "AWS::IVS::RecordingConfiguration.RenditionConfiguration": { "additionalProperties": false, "properties": { "RenditionSelection": { "markdownDescription": "The set of renditions are recorded for a stream. For `BASIC` channels, the `CUSTOM` value has no effect. If `CUSTOM` is specified, a set of renditions can be specified in the `renditions` field. Default: `ALL` .", "title": "RenditionSelection", "type": "string" }, "Renditions": { "items": { "type": "string" }, "markdownDescription": "A list of which renditions are recorded for a stream, if `renditionSelection` is `CUSTOM` ; otherwise, this field is irrelevant. The selected renditions are recorded if they are available during the stream. If a selected rendition is unavailable, the best available rendition is recorded. For details on the resolution dimensions of each rendition, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", "title": "Renditions", "type": "array" } }, "type": "object" }, "AWS::IVS::RecordingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Location (S3 bucket name) where recorded videos will be stored.", "title": "BucketName", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::IVS::RecordingConfiguration.ThumbnailConfiguration": { "additionalProperties": false, "properties": { "RecordingMode": { "markdownDescription": "Thumbnail recording mode. Valid values:\n\n- `DISABLED` : Use DISABLED to disable the generation of thumbnails for recorded video.\n- `INTERVAL` : Use INTERVAL to enable the generation of thumbnails for recorded video at a time interval controlled by the [TargetIntervalSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-targetintervalseconds) property.\n\n*Default* : `INTERVAL`", "title": "RecordingMode", "type": "string" }, "Resolution": { "markdownDescription": "The desired resolution of recorded thumbnails for a stream. Thumbnails are recorded at the selected resolution if the corresponding rendition is available during the stream; otherwise, they are recorded at source resolution. For more information about resolution values and their corresponding height and width dimensions, see [Auto-Record to Amazon S3](https://docs.aws.amazon.com//ivs/latest/LowLatencyUserGuide/record-to-s3.html) .", "title": "Resolution", "type": "string" }, "Storage": { "items": { "type": "string" }, "markdownDescription": "The format in which thumbnails are recorded for a stream. `SEQUENTIAL` records all generated thumbnails in a serial manner, to the media/thumbnails directory. `LATEST` saves the latest thumbnail in media/thumbnails/latest/thumb.jpg and overwrites it at the interval specified by `targetIntervalSeconds` . You can enable both `SEQUENTIAL` and `LATEST` . Default: `SEQUENTIAL` .", "title": "Storage", "type": "array" }, "TargetIntervalSeconds": { "markdownDescription": "The targeted thumbnail-generation interval in seconds. This is configurable (and required) only if [RecordingMode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-thumbnailconfiguration.html#cfn-ivs-recordingconfiguration-thumbnailconfiguration-recordingmode) is `INTERVAL` .\n\n> Setting a value for `TargetIntervalSeconds` does not guarantee that thumbnails are generated at the specified interval. For thumbnails to be generated at the `TargetIntervalSeconds` interval, the `IDR/Keyframe` value for the input video must be less than the `TargetIntervalSeconds` value. See [Amazon IVS Streaming Configuration](https://docs.aws.amazon.com/ivs/latest/LowLatencyUserGuide/streaming-config.html) for information on setting `IDR/Keyframe` to the recommended value in video-encoder settings. \n\n*Default* : 60", "title": "TargetIntervalSeconds", "type": "number" } }, "type": "object" }, "AWS::IVS::Stage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Stage name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-stage-tag.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IVS::Stage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IVS::StorageConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Storage cnfiguration name.", "title": "Name", "type": "string" }, "S3": { "$ref": "#/definitions/AWS::IVS::StorageConfiguration.S3StorageConfiguration", "markdownDescription": "An S3 storage configuration contains information about where recorded video will be stored. See the [S3StorageConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-s3storageconfiguration.html) property type for more information.", "title": "S3" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-storageconfiguration-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ "S3" ], "type": "object" }, "Type": { "enum": [ "AWS::IVS::StorageConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVS::StorageConfiguration.S3StorageConfiguration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Name of the S3 bucket where recorded video will be stored.", "title": "BucketName", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::IVS::StreamKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelArn": { "markdownDescription": "Channel ARN for the stream.", "title": "ChannelArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-streamkey-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ "ChannelArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IVS::StreamKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVSChat::LoggingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationConfiguration": { "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.DestinationConfiguration", "markdownDescription": "The DestinationConfiguration is a complex type that contains information about where chat content will be logged.", "title": "DestinationConfiguration" }, "Name": { "markdownDescription": "Logging-configuration name. The value does not need to be unique.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-loggingconfiguration-tag.html) .", "title": "Tags", "type": "array" } }, "required": [ "DestinationConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::IVSChat::LoggingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "Name of the Amazon Cloudwatch Logs destination where chat activity will be logged.", "title": "LogGroupName", "type": "string" } }, "required": [ "LogGroupName" ], "type": "object" }, "AWS::IVSChat::LoggingConfiguration.DestinationConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLogs": { "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.CloudWatchLogsDestinationConfiguration", "markdownDescription": "An Amazon CloudWatch Logs destination configuration where chat activity will be logged.", "title": "CloudWatchLogs" }, "Firehose": { "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration", "markdownDescription": "An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged.", "title": "Firehose" }, "S3": { "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration", "markdownDescription": "An Amazon S3 destination configuration where chat activity will be logged.", "title": "S3" } }, "type": "object" }, "AWS::IVSChat::LoggingConfiguration.FirehoseDestinationConfiguration": { "additionalProperties": false, "properties": { "DeliveryStreamName": { "markdownDescription": "Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged.", "title": "DeliveryStreamName", "type": "string" } }, "required": [ "DeliveryStreamName" ], "type": "object" }, "AWS::IVSChat::LoggingConfiguration.S3DestinationConfiguration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Name of the Amazon S3 bucket where chat activity will be logged.", "title": "BucketName", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::IVSChat::Room": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LoggingConfigurationIdentifiers": { "items": { "type": "string" }, "markdownDescription": "List of logging-configuration identifiers attached to the room.", "title": "LoggingConfigurationIdentifiers", "type": "array" }, "MaximumMessageLength": { "markdownDescription": "Maximum number of characters in a single message. Messages are expected to be UTF-8 encoded and this limit applies specifically to rune/code-point count, not number of bytes.", "title": "MaximumMessageLength", "type": "number" }, "MaximumMessageRatePerSecond": { "markdownDescription": "Maximum number of messages per second that can be sent to the room (by all clients).", "title": "MaximumMessageRatePerSecond", "type": "number" }, "MessageReviewHandler": { "$ref": "#/definitions/AWS::IVSChat::Room.MessageReviewHandler", "markdownDescription": "Configuration information for optional review of messages.", "title": "MessageReviewHandler" }, "Name": { "markdownDescription": "Room name. The value does not need to be unique.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivschat-room-tag.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IVSChat::Room" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IVSChat::Room.MessageReviewHandler": { "additionalProperties": false, "properties": { "FallbackResult": { "markdownDescription": "Specifies the fallback behavior (whether the message is allowed or denied) if the handler does not return a valid response, encounters an error, or times out. (For the timeout period, see [Service Quotas](https://docs.aws.amazon.com/ivs/latest/userguide/service-quotas.html) .) If allowed, the message is delivered with returned content to all users connected to the room. If denied, the message is not delivered to any user.\n\n*Default* : `ALLOW`", "title": "FallbackResult", "type": "string" }, "Uri": { "markdownDescription": "Identifier of the message review handler. Currently this must be an ARN of a lambda function.", "title": "Uri", "type": "string" } }, "type": "object" }, "AWS::IdentityStore::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A string containing the description of the group.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name value for the group. The length limit is 1,024 characters. This value can consist of letters, accented characters, symbols, numbers, punctuation, tab, new line, carriage return, space, and nonbreaking space in this attribute. This value is specified at the time the group is created and stored as an attribute of the group object in the identity store.", "title": "DisplayName", "type": "string" }, "IdentityStoreId": { "markdownDescription": "The globally unique identifier for the identity store.", "title": "IdentityStoreId", "type": "string" } }, "required": [ "DisplayName", "IdentityStoreId" ], "type": "object" }, "Type": { "enum": [ "AWS::IdentityStore::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IdentityStore::GroupMembership": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GroupId": { "markdownDescription": "The identifier for a group in the identity store.", "title": "GroupId", "type": "string" }, "IdentityStoreId": { "markdownDescription": "The globally unique identifier for the identity store.", "title": "IdentityStoreId", "type": "string" }, "MemberId": { "$ref": "#/definitions/AWS::IdentityStore::GroupMembership.MemberId", "markdownDescription": "An object containing the identifier of a group member. Setting `MemberId` 's `UserId` field to a specific User's ID indicates we should consider that User as a group member.", "title": "MemberId" } }, "required": [ "GroupId", "IdentityStoreId", "MemberId" ], "type": "object" }, "Type": { "enum": [ "AWS::IdentityStore::GroupMembership" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IdentityStore::GroupMembership.MemberId": { "additionalProperties": false, "properties": { "UserId": { "markdownDescription": "An object containing the identifiers of resources that can be members.", "title": "UserId", "type": "string" } }, "required": [ "UserId" ], "type": "object" }, "AWS::ImageBuilder::Component": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChangeDescription": { "markdownDescription": "The change description of the component. Describes what change has been made in this version, or what makes this version different from other versions of the component.", "title": "ChangeDescription", "type": "string" }, "Data": { "markdownDescription": "Component `data` contains inline YAML document content for the component. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", "title": "Data", "type": "string" }, "Description": { "markdownDescription": "Describes the contents of the component.", "title": "Description", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the KMS key that is used to encrypt this component.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the component.", "title": "Name", "type": "string" }, "Platform": { "markdownDescription": "The operating system platform of the component.", "title": "Platform", "type": "string" }, "SupportedOsVersions": { "items": { "type": "string" }, "markdownDescription": "The operating system (OS) version supported by the component. If the OS information is available, a prefix match is performed against the base image OS version during image recipe creation.", "title": "SupportedOsVersions", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags that apply to the component.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Uri": { "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", "title": "Uri", "type": "string" }, "Version": { "markdownDescription": "The component version. For example, `1.0.0` .", "title": "Version", "type": "string" } }, "required": [ "Name", "Platform", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::Component" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::ContainerRecipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Components": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration" }, "markdownDescription": "Build and test components that are included in the container recipe. Recipes require a minimum of one build component, and can have a maximum of 20 build and test components in any combination.", "title": "Components", "type": "array" }, "ContainerType": { "markdownDescription": "Specifies the type of container, such as Docker.", "title": "ContainerType", "type": "string" }, "Description": { "markdownDescription": "The description of the container recipe.", "title": "Description", "type": "string" }, "DockerfileTemplateData": { "markdownDescription": "Dockerfiles are text documents that are used to build Docker containers, and ensure that they contain all of the elements required by the application running inside. The template data consists of contextual variables where Image Builder places build information or scripts, based on your container image recipe.", "title": "DockerfileTemplateData", "type": "string" }, "DockerfileTemplateUri": { "markdownDescription": "The S3 URI for the Dockerfile that will be used to build your container image.", "title": "DockerfileTemplateUri", "type": "string" }, "ImageOsVersionOverride": { "markdownDescription": "Specifies the operating system version for the base image.", "title": "ImageOsVersionOverride", "type": "string" }, "InstanceConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration", "markdownDescription": "A group of options that can be used to configure an instance for building and testing container images.", "title": "InstanceConfiguration" }, "KmsKeyId": { "markdownDescription": "Identifies which KMS key is used to encrypt the container image for distribution to the target Region.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the container recipe.", "title": "Name", "type": "string" }, "ParentImage": { "markdownDescription": "The base image for the container recipe.", "title": "ParentImage", "type": "string" }, "PlatformOverride": { "markdownDescription": "Specifies the operating system platform when you use a custom base image.", "title": "PlatformOverride", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags that are attached to the container recipe.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TargetRepository": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository", "markdownDescription": "The destination repository for the container image.", "title": "TargetRepository" }, "Version": { "markdownDescription": "The semantic version of the container recipe.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.\n> \n> *Filtering:* With semantic versioning, you have the flexibility to use wildcards (x) to specify the most recent versions or nodes when selecting the base image or components for your recipe. When you use a wildcard in any node, all nodes to the right of the first wildcard must also be wildcards.", "title": "Version", "type": "string" }, "WorkingDirectory": { "markdownDescription": "The working directory for use during build and test workflows.", "title": "WorkingDirectory", "type": "string" } }, "required": [ "Components", "ContainerType", "Name", "ParentImage", "TargetRepository", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::ContainerRecipe" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { "ComponentArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the component.", "title": "ComponentArn", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.ComponentParameter" }, "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", "title": "Parameters", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.ComponentParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the component parameter to set.", "title": "Name", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "Sets the value for the named component parameter.", "title": "Value", "type": "array" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Use to configure delete on termination of the associated device.", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Use to configure device encryption.", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "Use to configure device IOPS.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", "title": "KmsKeyId", "type": "string" }, "SnapshotId": { "markdownDescription": "The snapshot that defines the device contents.", "title": "SnapshotId", "type": "string" }, "Throughput": { "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", "title": "Throughput", "type": "number" }, "VolumeSize": { "markdownDescription": "Use to override the device's volume size.", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "Use to override the device's volume type.", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device to which these mappings apply.", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.EbsInstanceBlockDeviceSpecification", "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "Use to remove a mapping from the base image.", "title": "NoDevice", "type": "string" }, "VirtualName": { "markdownDescription": "Use to manage instance ephemeral devices.", "title": "VirtualName", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.InstanceConfiguration": { "additionalProperties": false, "properties": { "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe.InstanceBlockDeviceMapping" }, "markdownDescription": "Defines the block devices to attach for building an instance from this Image Builder AMI.", "title": "BlockDeviceMappings", "type": "array" }, "Image": { "markdownDescription": "The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image.", "title": "Image", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ContainerRecipe.TargetContainerRepository": { "additionalProperties": false, "properties": { "RepositoryName": { "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location.", "title": "RepositoryName", "type": "string" }, "Service": { "markdownDescription": "Specifies the service in which this image was registered.", "title": "Service", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of this distribution configuration.", "title": "Description", "type": "string" }, "Distributions": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.Distribution" }, "markdownDescription": "The distributions of this distribution configuration formatted as an array of Distribution objects.", "title": "Distributions", "type": "array" }, "Name": { "markdownDescription": "The name of this distribution configuration.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags of this distribution configuration.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Distributions", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::DistributionConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration": { "additionalProperties": false, "properties": { "AmiTags": { "additionalProperties": true, "markdownDescription": "The tags to apply to AMIs distributed to this Region.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AmiTags", "type": "object" }, "Description": { "markdownDescription": "The description of the AMI distribution configuration. Minimum and maximum length are in characters.", "title": "Description", "type": "string" }, "KmsKeyId": { "markdownDescription": "The KMS key identifier used to encrypt the distributed image.", "title": "KmsKeyId", "type": "string" }, "LaunchPermissionConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration", "markdownDescription": "Launch permissions can be used to configure which AWS account s can use the AMI to launch instances.", "title": "LaunchPermissionConfiguration" }, "Name": { "markdownDescription": "The name of the output AMI.", "title": "Name", "type": "string" }, "TargetAccountIds": { "items": { "type": "string" }, "markdownDescription": "The ID of an account to which you want to distribute an image.", "title": "TargetAccountIds", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration": { "additionalProperties": false, "properties": { "ContainerTags": { "items": { "type": "string" }, "markdownDescription": "Tags that are attached to the container distribution configuration.", "title": "ContainerTags", "type": "array" }, "Description": { "markdownDescription": "The description of the container distribution configuration.", "title": "Description", "type": "string" }, "TargetRepository": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository", "markdownDescription": "The destination repository for the container distribution configuration.", "title": "TargetRepository" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.Distribution": { "additionalProperties": false, "properties": { "AmiDistributionConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.AmiDistributionConfiguration", "markdownDescription": "The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below.", "title": "AmiDistributionConfiguration" }, "ContainerDistributionConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.ContainerDistributionConfiguration", "markdownDescription": "Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below.", "title": "ContainerDistributionConfiguration" }, "FastLaunchConfigurations": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration" }, "markdownDescription": "The Windows faster-launching configurations to use for AMI distribution.", "title": "FastLaunchConfigurations", "type": "array" }, "LaunchTemplateConfigurations": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration" }, "markdownDescription": "A group of launchTemplateConfiguration settings that apply to image distribution for specified accounts.", "title": "LaunchTemplateConfigurations", "type": "array" }, "LicenseConfigurationArns": { "items": { "type": "string" }, "markdownDescription": "The License Manager Configuration to associate with the AMI in the specified Region. For more information, see the [LicenseConfiguration API](https://docs.aws.amazon.com/license-manager/latest/APIReference/API_LicenseConfiguration.html) .", "title": "LicenseConfigurationArns", "type": "array" }, "Region": { "markdownDescription": "The target Region for the Distribution Configuration. For example, `eu-west-1` .", "title": "Region", "type": "string" } }, "required": [ "Region" ], "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.FastLaunchConfiguration": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The owner account ID for the fast-launch enabled Windows AMI.", "title": "AccountId", "type": "string" }, "Enabled": { "markdownDescription": "A Boolean that represents the current state of faster launching for the Windows AMI. Set to `true` to start using Windows faster launching, or `false` to stop using it.", "title": "Enabled", "type": "boolean" }, "LaunchTemplate": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification", "markdownDescription": "The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots.", "title": "LaunchTemplate" }, "MaxParallelLaunches": { "markdownDescription": "The maximum number of parallel instances that are launched for creating resources.", "title": "MaxParallelLaunches", "type": "number" }, "SnapshotConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration", "markdownDescription": "Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled.", "title": "SnapshotConfiguration" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.FastLaunchLaunchTemplateSpecification": { "additionalProperties": false, "properties": { "LaunchTemplateId": { "markdownDescription": "The ID of the launch template to use for faster launching for a Windows AMI.", "title": "LaunchTemplateId", "type": "string" }, "LaunchTemplateName": { "markdownDescription": "The name of the launch template to use for faster launching for a Windows AMI.", "title": "LaunchTemplateName", "type": "string" }, "LaunchTemplateVersion": { "markdownDescription": "The version of the launch template to use for faster launching for a Windows AMI.", "title": "LaunchTemplateVersion", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.FastLaunchSnapshotConfiguration": { "additionalProperties": false, "properties": { "TargetResourceCount": { "markdownDescription": "The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI.", "title": "TargetResourceCount", "type": "number" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.LaunchPermissionConfiguration": { "additionalProperties": false, "properties": { "OrganizationArns": { "items": { "type": "string" }, "markdownDescription": "The ARN for an AWS Organization that you want to share your AMI with. For more information, see [What is AWS Organizations ?](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_introduction.html) .", "title": "OrganizationArns", "type": "array" }, "OrganizationalUnitArns": { "items": { "type": "string" }, "markdownDescription": "The ARN for an AWS Organizations organizational unit (OU) that you want to share your AMI with. For more information about key concepts for AWS Organizations , see [AWS Organizations terminology and concepts](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html) .", "title": "OrganizationalUnitArns", "type": "array" }, "UserGroups": { "items": { "type": "string" }, "markdownDescription": "The name of the group.", "title": "UserGroups", "type": "array" }, "UserIds": { "items": { "type": "string" }, "markdownDescription": "The AWS account ID.", "title": "UserIds", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.LaunchTemplateConfiguration": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The account ID that this configuration applies to.", "title": "AccountId", "type": "string" }, "LaunchTemplateId": { "markdownDescription": "Identifies the Amazon EC2 launch template to use.", "title": "LaunchTemplateId", "type": "string" }, "SetDefaultVersion": { "markdownDescription": "Set the specified Amazon EC2 launch template as the default launch template for the specified account.", "title": "SetDefaultVersion", "type": "boolean" } }, "type": "object" }, "AWS::ImageBuilder::DistributionConfiguration.TargetContainerRepository": { "additionalProperties": false, "properties": { "RepositoryName": { "markdownDescription": "The name of the container repository where the output container image is stored. This name is prefixed by the repository location.", "title": "RepositoryName", "type": "string" }, "Service": { "markdownDescription": "Specifies the service in which this image was registered.", "title": "Service", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::Image": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerRecipeArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that defines how images are configured and tested.", "title": "ContainerRecipeArn", "type": "string" }, "DistributionConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration that defines and configures the outputs of your pipeline.", "title": "DistributionConfigurationArn", "type": "string" }, "EnhancedImageMetadataEnabled": { "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", "title": "EnhancedImageMetadataEnabled", "type": "boolean" }, "ExecutionRole": { "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", "title": "ExecutionRole", "type": "string" }, "ImageRecipeArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe that defines how images are configured, tested, and assessed.", "title": "ImageRecipeArn", "type": "string" }, "ImageScanningConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageScanningConfiguration", "markdownDescription": "Contains settings for vulnerability scans.", "title": "ImageScanningConfiguration" }, "ImageTestsConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::Image.ImageTestsConfiguration", "markdownDescription": "The image tests configuration of the image.", "title": "ImageTestsConfiguration" }, "InfrastructureConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration that defines the environment in which your image will be built and tested.", "title": "InfrastructureConfigurationArn", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags of the image.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Workflows": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowConfiguration" }, "markdownDescription": "Contains an array of workflow configuration objects.", "title": "Workflows", "type": "array" } }, "required": [ "InfrastructureConfigurationArn" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::Image" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::Image.EcrConfiguration": { "additionalProperties": false, "properties": { "ContainerTags": { "items": { "type": "string" }, "markdownDescription": "Tags for Image Builder to apply to the output container image that &INS; scans. Tags can help you identify and manage your scanned images.", "title": "ContainerTags", "type": "array" }, "RepositoryName": { "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", "title": "RepositoryName", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::Image.ImageScanningConfiguration": { "additionalProperties": false, "properties": { "EcrConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::Image.EcrConfiguration", "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", "title": "EcrConfiguration" }, "ImageScanningEnabled": { "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", "title": "ImageScanningEnabled", "type": "boolean" } }, "type": "object" }, "AWS::ImageBuilder::Image.ImageTestsConfiguration": { "additionalProperties": false, "properties": { "ImageTestsEnabled": { "markdownDescription": "Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution.", "title": "ImageTestsEnabled", "type": "boolean" }, "TimeoutMinutes": { "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeoutMinutes attribute is not currently active. This value is ignored.", "title": "TimeoutMinutes", "type": "number" } }, "type": "object" }, "AWS::ImageBuilder::Image.WorkflowConfiguration": { "additionalProperties": false, "properties": { "OnFailure": { "markdownDescription": "The action to take if the workflow fails.", "title": "OnFailure", "type": "string" }, "ParallelGroup": { "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", "title": "ParallelGroup", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::Image.WorkflowParameter" }, "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", "title": "Parameters", "type": "array" }, "WorkflowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", "title": "WorkflowArn", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::Image.WorkflowParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the workflow parameter to set.", "title": "Name", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "Sets the value for the named workflow parameter.", "title": "Value", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerRecipeArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the container recipe that is used for this pipeline.", "title": "ContainerRecipeArn", "type": "string" }, "Description": { "markdownDescription": "The description of this image pipeline.", "title": "Description", "type": "string" }, "DistributionConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the distribution configuration associated with this image pipeline.", "title": "DistributionConfigurationArn", "type": "string" }, "EnhancedImageMetadataEnabled": { "markdownDescription": "Collects additional information about the image being created, including the operating system (OS) version and package list. This information is used to enhance the overall experience of using EC2 Image Builder. Enabled by default.", "title": "EnhancedImageMetadataEnabled", "type": "boolean" }, "ExecutionRole": { "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to perform workflow actions.", "title": "ExecutionRole", "type": "string" }, "ImageRecipeArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the image recipe associated with this image pipeline.", "title": "ImageRecipeArn", "type": "string" }, "ImageScanningConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration", "markdownDescription": "Contains settings for vulnerability scans.", "title": "ImageScanningConfiguration" }, "ImageTestsConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration", "markdownDescription": "The configuration of the image tests that run after image creation to ensure the quality of the image that was created.", "title": "ImageTestsConfiguration" }, "InfrastructureConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the infrastructure configuration associated with this image pipeline.", "title": "InfrastructureConfigurationArn", "type": "string" }, "Name": { "markdownDescription": "The name of the image pipeline.", "title": "Name", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.Schedule", "markdownDescription": "The schedule of the image pipeline. A schedule configures how often and when a pipeline automatically creates a new image.", "title": "Schedule" }, "Status": { "markdownDescription": "The status of the image pipeline.", "title": "Status", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags of this image pipeline.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Workflows": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration" }, "markdownDescription": "Contains the workflows that run for the image pipeline.", "title": "Workflows", "type": "array" } }, "required": [ "InfrastructureConfigurationArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::ImagePipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::ImagePipeline.EcrConfiguration": { "additionalProperties": false, "properties": { "ContainerTags": { "items": { "type": "string" }, "markdownDescription": "Tags for Image Builder to apply to the output container image that &INS; scans. Tags can help you identify and manage your scanned images.", "title": "ContainerTags", "type": "array" }, "RepositoryName": { "markdownDescription": "The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don\u2019t provide this information, Image Builder creates a repository in your account named `image-builder-image-scanning-repository` for vulnerability scans of your output container images.", "title": "RepositoryName", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline.ImageScanningConfiguration": { "additionalProperties": false, "properties": { "EcrConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.EcrConfiguration", "markdownDescription": "Contains Amazon ECR settings for vulnerability scans.", "title": "EcrConfiguration" }, "ImageScanningEnabled": { "markdownDescription": "A setting that indicates whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image.", "title": "ImageScanningEnabled", "type": "boolean" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline.ImageTestsConfiguration": { "additionalProperties": false, "properties": { "ImageTestsEnabled": { "markdownDescription": "Defines if tests should be executed when building this image. For example, `true` or `false` .", "title": "ImageTestsEnabled", "type": "boolean" }, "TimeoutMinutes": { "markdownDescription": "The maximum time in minutes that tests are permitted to run.\n\n> The timeoutMinutes attribute is not currently active. This value is ignored.", "title": "TimeoutMinutes", "type": "number" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline.Schedule": { "additionalProperties": false, "properties": { "PipelineExecutionStartCondition": { "markdownDescription": "The condition configures when the pipeline should trigger a new image build. When the `pipelineExecutionStartCondition` is set to `EXPRESSION_MATCH_AND_DEPENDENCY_UPDATES_AVAILABLE` , and you use semantic version filters on the base image or components in your image recipe, Image Builder will build a new image only when there are new versions of the image or components in your recipe that match the semantic version filter. When it is set to `EXPRESSION_MATCH_ONLY` , it will build a new image every time the CRON expression matches the current time. For semantic version syntax, see [CreateComponent](https://docs.aws.amazon.com/imagebuilder/latest/APIReference/API_CreateComponent.html) in the *Image Builder API Reference* .", "title": "PipelineExecutionStartCondition", "type": "string" }, "ScheduleExpression": { "markdownDescription": "The cron expression determines how often EC2 Image Builder evaluates your `pipelineExecutionStartCondition` .\n\nFor information on how to format a cron expression in Image Builder, see [Use cron expressions in EC2 Image Builder](https://docs.aws.amazon.com/imagebuilder/latest/userguide/image-builder-cron.html) .", "title": "ScheduleExpression", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline.WorkflowConfiguration": { "additionalProperties": false, "properties": { "OnFailure": { "markdownDescription": "The action to take if the workflow fails.", "title": "OnFailure", "type": "string" }, "ParallelGroup": { "markdownDescription": "Test workflows are defined within named runtime groups called parallel groups. The parallel group is the named group that contains this test workflow. Test workflows within a parallel group can run at the same time. Image Builder starts up to five test workflows in the group at the same time, and starts additional workflows as others complete, until all workflows in the group have completed. This field only applies for test workflows.", "title": "ParallelGroup", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline.WorkflowParameter" }, "markdownDescription": "Contains parameter values for each of the parameters that the workflow document defined for the workflow resource.", "title": "Parameters", "type": "array" }, "WorkflowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the workflow resource.", "title": "WorkflowArn", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImagePipeline.WorkflowParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the workflow parameter to set.", "title": "Name", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "Sets the value for the named workflow parameter.", "title": "Value", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::ImageRecipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalInstanceConfiguration": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration", "markdownDescription": "Before you create a new AMI, Image Builder launches temporary Amazon EC2 instances to build and test your image configuration. Instance configuration adds a layer of control over those instances. You can define settings and add scripts to run when an instance is launched from your AMI.", "title": "AdditionalInstanceConfiguration" }, "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping" }, "markdownDescription": "The block device mappings to apply when creating images from this recipe.", "title": "BlockDeviceMappings", "type": "array" }, "Components": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentConfiguration" }, "markdownDescription": "The components of the image recipe. Components are orchestration documents that define a sequence of steps for downloading, installing, configuring, and testing software packages. They also define validation and security hardening steps. A component is defined using a YAML document format.", "title": "Components", "type": "array" }, "Description": { "markdownDescription": "The description of the image recipe.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the image recipe.", "title": "Name", "type": "string" }, "ParentImage": { "markdownDescription": "The parent image of the image recipe. The string must be either an Image ARN or an AMI ID.", "title": "ParentImage", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags of the image recipe.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Version": { "markdownDescription": "The semantic version of the image recipe.", "title": "Version", "type": "string" }, "WorkingDirectory": { "markdownDescription": "The working directory to be used during build and test workflows.", "title": "WorkingDirectory", "type": "string" } }, "required": [ "Components", "Name", "ParentImage", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::ImageRecipe" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::ImageRecipe.AdditionalInstanceConfiguration": { "additionalProperties": false, "properties": { "SystemsManagerAgent": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent", "markdownDescription": "Contains settings for the Systems Manager agent on your build instance.", "title": "SystemsManagerAgent" }, "UserDataOverride": { "markdownDescription": "Use this property to provide commands or a command script to run when you launch your build instance.\n\nThe userDataOverride property replaces any commands that Image Builder might have added to ensure that Systems Manager is installed on your Linux build instance. If you override the user data, make sure that you add commands to install Systems Manager, if it is not pre-installed on your base image.\n\n> The user data is always base 64 encoded. For example, the following commands are encoded as `IyEvYmluL2Jhc2gKbWtkaXIgLXAgL3Zhci9iYi8KdG91Y2ggL3Zhci$` :\n> \n> *#!/bin/bash*\n> \n> mkdir -p /var/bb/\n> \n> touch /var", "title": "UserDataOverride", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImageRecipe.ComponentConfiguration": { "additionalProperties": false, "properties": { "ComponentArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the component.", "title": "ComponentArn", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.ComponentParameter" }, "markdownDescription": "A group of parameter settings that Image Builder uses to configure the component for a specific recipe.", "title": "Parameters", "type": "array" } }, "type": "object" }, "AWS::ImageBuilder::ImageRecipe.ComponentParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the component parameter to set.", "title": "Name", "type": "string" }, "Value": { "items": { "type": "string" }, "markdownDescription": "Sets the value for the named component parameter.", "title": "Value", "type": "array" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Configures delete on termination of the associated device.", "title": "DeleteOnTermination", "type": "boolean" }, "Encrypted": { "markdownDescription": "Use to configure device encryption.", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "Use to configure device IOPS.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "Use to configure the KMS key to use when encrypting the device.", "title": "KmsKeyId", "type": "string" }, "SnapshotId": { "markdownDescription": "The snapshot that defines the device contents.", "title": "SnapshotId", "type": "string" }, "Throughput": { "markdownDescription": "*For GP3 volumes only* \u2013 The throughput in MiB/s that the volume supports.", "title": "Throughput", "type": "number" }, "VolumeSize": { "markdownDescription": "Overrides the volume size of the device.", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "Overrides the volume type of the device.", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImageRecipe.InstanceBlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device to which these mappings apply.", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe.EbsInstanceBlockDeviceSpecification", "markdownDescription": "Use to manage Amazon EBS-specific configuration for this mapping.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "Enter an empty string to remove a mapping from the parent image.\n\nThe following is an example of an empty string value in the `NoDevice` field.\n\n`NoDevice:\"\"`", "title": "NoDevice", "type": "string" }, "VirtualName": { "markdownDescription": "Manages the instance ephemeral devices.", "title": "VirtualName", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::ImageRecipe.SystemsManagerAgent": { "additionalProperties": false, "properties": { "UninstallAfterBuild": { "markdownDescription": "Controls whether the Systems Manager agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false.", "title": "UninstallAfterBuild", "type": "boolean" } }, "type": "object" }, "AWS::ImageBuilder::InfrastructureConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the infrastructure configuration.", "title": "Description", "type": "string" }, "InstanceMetadataOptions": { "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions", "markdownDescription": "The instance metadata option settings for the infrastructure configuration.", "title": "InstanceMetadataOptions" }, "InstanceProfileName": { "markdownDescription": "The instance profile of the infrastructure configuration.", "title": "InstanceProfileName", "type": "string" }, "InstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The instance types of the infrastructure configuration.", "title": "InstanceTypes", "type": "array" }, "KeyPair": { "markdownDescription": "The Amazon EC2 key pair of the infrastructure configuration.", "title": "KeyPair", "type": "string" }, "Logging": { "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.Logging", "markdownDescription": "The logging configuration defines where Image Builder uploads your logs.", "title": "Logging" }, "Name": { "markdownDescription": "The name of the infrastructure configuration.", "title": "Name", "type": "string" }, "ResourceTags": { "additionalProperties": true, "markdownDescription": "The tags attached to the resource created by Image Builder.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ResourceTags", "type": "object" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The security group IDs of the infrastructure configuration.", "title": "SecurityGroupIds", "type": "array" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic for the infrastructure configuration.", "title": "SnsTopicArn", "type": "string" }, "SubnetId": { "markdownDescription": "The subnet ID of the infrastructure configuration.", "title": "SubnetId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The tags of the infrastructure configuration.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TerminateInstanceOnFailure": { "markdownDescription": "The terminate instance on failure configuration of the infrastructure configuration.", "title": "TerminateInstanceOnFailure", "type": "boolean" } }, "required": [ "InstanceProfileName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::InfrastructureConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::InfrastructureConfiguration.InstanceMetadataOptions": { "additionalProperties": false, "properties": { "HttpPutResponseHopLimit": { "markdownDescription": "Limit the number of hops that an instance metadata request can traverse to reach its destination. The default is one hop. However, if HTTP tokens are required, container image builds need a minimum of two hops.", "title": "HttpPutResponseHopLimit", "type": "number" }, "HttpTokens": { "markdownDescription": "Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows:\n\n- *required* \u2013 When you retrieve the IAM role credentials, version 2.0 credentials are returned in all cases.\n- *optional* \u2013 You can include a signed token header in your request to retrieve instance metadata, or you can leave it out. If you include it, version 2.0 credentials are returned for the IAM role. Otherwise, version 1.0 credentials are returned.\n\nThe default setting is *optional* .", "title": "HttpTokens", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::InfrastructureConfiguration.Logging": { "additionalProperties": false, "properties": { "S3Logs": { "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration.S3Logs", "markdownDescription": "The Amazon S3 logging configuration.", "title": "S3Logs" } }, "type": "object" }, "AWS::ImageBuilder::InfrastructureConfiguration.S3Logs": { "additionalProperties": false, "properties": { "S3BucketName": { "markdownDescription": "The S3 bucket in which to store the logs.", "title": "S3BucketName", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "The Amazon S3 path to the bucket where the logs are stored.", "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Optional description for the lifecycle policy.", "title": "Description", "type": "string" }, "ExecutionRole": { "markdownDescription": "The name or Amazon Resource Name (ARN) for the IAM role you create that grants Image Builder access to run lifecycle actions.", "title": "ExecutionRole", "type": "string" }, "Name": { "markdownDescription": "The name of the lifecycle policy to create.", "title": "Name", "type": "string" }, "PolicyDetails": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.PolicyDetail" }, "markdownDescription": "Configuration details for the lifecycle policy rules.", "title": "PolicyDetails", "type": "array" }, "ResourceSelection": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ResourceSelection", "markdownDescription": "Selection criteria for the resources that the lifecycle policy applies to.", "title": "ResourceSelection" }, "ResourceType": { "markdownDescription": "The type of Image Builder resource that the lifecycle policy applies to.", "title": "ResourceType", "type": "string" }, "Status": { "markdownDescription": "Indicates whether the lifecycle policy resource is enabled.", "title": "Status", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags to apply to the lifecycle policy resource.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "ExecutionRole", "Name", "PolicyDetails", "ResourceSelection", "ResourceType" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::LifecyclePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.Action": { "additionalProperties": false, "properties": { "IncludeResources": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.IncludeResources", "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", "title": "IncludeResources" }, "Type": { "markdownDescription": "Specifies the lifecycle action to take.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules": { "additionalProperties": false, "properties": { "IsPublic": { "markdownDescription": "Configures whether public AMIs are excluded from the lifecycle action.", "title": "IsPublic", "type": "boolean" }, "LastLaunched": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.LastLaunched", "markdownDescription": "Specifies configuration details for Image Builder to exclude the most recent resources from lifecycle actions.", "title": "LastLaunched" }, "Regions": { "items": { "type": "string" }, "markdownDescription": "Configures AWS Region s that are excluded from the lifecycle action.", "title": "Regions", "type": "array" }, "SharedAccounts": { "items": { "type": "string" }, "markdownDescription": "Specifies AWS account s whose resources are excluded from the lifecycle action.", "title": "SharedAccounts", "type": "array" }, "TagMap": { "additionalProperties": true, "markdownDescription": "Lists tags that should be excluded from lifecycle actions for the AMIs that have them.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TagMap", "type": "object" } }, "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.ExclusionRules": { "additionalProperties": false, "properties": { "Amis": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.AmiExclusionRules", "markdownDescription": "Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action.", "title": "Amis" }, "TagMap": { "additionalProperties": true, "markdownDescription": "Contains a list of tags that Image Builder uses to skip lifecycle actions for Image Builder image resources that have them.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TagMap", "type": "object" } }, "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.Filter": { "additionalProperties": false, "properties": { "RetainAtLeast": { "markdownDescription": "For age-based filters, this is the number of resources to keep on hand after the lifecycle `DELETE` action is applied. Impacted resources are only deleted if you have more than this number of resources. If you have fewer resources than this number, the impacted resource is not deleted.", "title": "RetainAtLeast", "type": "number" }, "Type": { "markdownDescription": "Filter resources based on either `age` or `count` .", "title": "Type", "type": "string" }, "Unit": { "markdownDescription": "Defines the unit of time that the lifecycle policy uses to determine impacted resources. This is required for age-based rules.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "The number of units for the time period or for the count. For example, a value of `6` might refer to six months or six AMIs.\n\n> For count-based filters, this value represents the minimum number of resources to keep on hand. If you have fewer resources than this number, the resource is excluded from lifecycle actions.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.IncludeResources": { "additionalProperties": false, "properties": { "Amis": { "markdownDescription": "Specifies whether the lifecycle action should apply to distributed AMIs.", "title": "Amis", "type": "boolean" }, "Containers": { "markdownDescription": "Specifies whether the lifecycle action should apply to distributed containers.", "title": "Containers", "type": "boolean" }, "Snapshots": { "markdownDescription": "Specifies whether the lifecycle action should apply to snapshots associated with distributed AMIs.", "title": "Snapshots", "type": "boolean" } }, "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.LastLaunched": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "Defines the unit of time that the lifecycle policy uses to calculate elapsed time since the last instance launched from the AMI. For example: days, weeks, months, or years.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "The integer number of units for the time period. For example `6` (months).", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.PolicyDetail": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Action", "markdownDescription": "Configuration details for the policy action.", "title": "Action" }, "ExclusionRules": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.ExclusionRules", "markdownDescription": "Additional rules to specify resources that should be exempt from policy actions.", "title": "ExclusionRules" }, "Filter": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.Filter", "markdownDescription": "Specifies the resources that the lifecycle policy applies to.", "title": "Filter" } }, "required": [ "Action", "Filter" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.RecipeSelection": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of an Image Builder recipe that the lifecycle policy uses for resource selection.", "title": "Name", "type": "string" }, "SemanticVersion": { "markdownDescription": "The version of the Image Builder recipe specified by the `name` field.", "title": "SemanticVersion", "type": "string" } }, "required": [ "Name", "SemanticVersion" ], "type": "object" }, "AWS::ImageBuilder::LifecyclePolicy.ResourceSelection": { "additionalProperties": false, "properties": { "Recipes": { "items": { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy.RecipeSelection" }, "markdownDescription": "A list of recipes that are used as selection criteria for the output images that the lifecycle policy applies to.", "title": "Recipes", "type": "array" }, "TagMap": { "additionalProperties": true, "markdownDescription": "A list of tags that are used as selection criteria for the Image Builder image resources that the lifecycle policy applies to.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TagMap", "type": "object" } }, "type": "object" }, "AWS::ImageBuilder::Workflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChangeDescription": { "markdownDescription": "Describes what change has been made in this version of the workflow, or what makes this version different from other versions of the workflow.", "title": "ChangeDescription", "type": "string" }, "Data": { "markdownDescription": "Contains the UTF-8 encoded YAML document content for the workflow. Alternatively, you can specify the `uri` of a YAML document file stored in Amazon S3. However, you cannot specify both properties.", "title": "Data", "type": "string" }, "Description": { "markdownDescription": "Describes the workflow.", "title": "Description", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the KMS key that is used to encrypt this workflow resource.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the workflow to create.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags that apply to the workflow resource.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The phase in the image build process for which the workflow resource is responsible.", "title": "Type", "type": "string" }, "Uri": { "markdownDescription": "The `uri` of a YAML component document file. This must be an S3 URL ( `s3://bucket/key` ), and the requester must have permission to access the S3 bucket it points to. If you use Amazon S3, you can specify component content up to your service quota.\n\nAlternatively, you can specify the YAML document inline, using the component `data` property. You cannot specify both properties.", "title": "Uri", "type": "string" }, "Version": { "markdownDescription": "The semantic version of this workflow resource. The semantic version syntax adheres to the following rules.\n\n> The semantic version has four nodes: ../. You can assign values for the first three, and can filter on all of them.\n> \n> *Assignment:* For the first three nodes you can assign any positive integer value, including zero, with an upper limit of 2^30-1, or 1073741823 for each node. Image Builder automatically assigns the build number to the fourth node.\n> \n> *Patterns:* You can use any numeric pattern that adheres to the assignment requirements for the nodes that you can assign. For example, you might choose a software version pattern, such as 1.0.0, or a date, such as 2021.01.01.", "title": "Version", "type": "string" } }, "required": [ "Name", "Type", "Version" ], "type": "object" }, "Type": { "enum": [ "AWS::ImageBuilder::Workflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Inspector::AssessmentTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssessmentTargetName": { "markdownDescription": "The name of the Amazon Inspector assessment target. The name must be unique within the AWS account .", "title": "AssessmentTargetName", "type": "string" }, "ResourceGroupArn": { "markdownDescription": "The ARN that specifies the resource group that is used to create the assessment target. If `resourceGroupArn` is not specified, all EC2 instances in the current AWS account and Region are included in the assessment target.", "title": "ResourceGroupArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Inspector::AssessmentTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Inspector::AssessmentTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssessmentTargetArn": { "markdownDescription": "The ARN of the assessment target to be included in the assessment template.", "title": "AssessmentTargetArn", "type": "string" }, "AssessmentTemplateName": { "markdownDescription": "The user-defined name that identifies the assessment template that you want to create. You can create several assessment templates for the same assessment target. The names of the assessment templates that correspond to a particular assessment target must be unique.", "title": "AssessmentTemplateName", "type": "string" }, "DurationInSeconds": { "markdownDescription": "The duration of the assessment run in seconds.", "title": "DurationInSeconds", "type": "number" }, "RulesPackageArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the rules packages that you want to use in the assessment template.", "title": "RulesPackageArns", "type": "array" }, "UserAttributesForFindings": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The user-defined attributes that are assigned to every finding that is generated by the assessment run that uses this assessment template. Within an assessment template, each key must be unique.", "title": "UserAttributesForFindings", "type": "array" } }, "required": [ "AssessmentTargetArn", "DurationInSeconds", "RulesPackageArns" ], "type": "object" }, "Type": { "enum": [ "AWS::Inspector::AssessmentTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Inspector::ResourceGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceGroupTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags (key and value pairs) that will be associated with the resource group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "ResourceGroupTags", "type": "array" } }, "required": [ "ResourceGroupTags" ], "type": "object" }, "Type": { "enum": [ "AWS::Inspector::ResourceGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ScanName": { "markdownDescription": "The name of the CIS scan configuration.", "title": "ScanName", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Schedule", "markdownDescription": "The CIS scan configuration's schedule.", "title": "Schedule" }, "SecurityLevel": { "markdownDescription": "The CIS scan configuration's CIS Benchmark level.", "title": "SecurityLevel", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The CIS scan configuration's tags.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Targets": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.CisTargets", "markdownDescription": "The CIS scan configuration's targets.", "title": "Targets" } }, "type": "object" }, "Type": { "enum": [ "AWS::InspectorV2::CisScanConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.CisTargets": { "additionalProperties": false, "properties": { "AccountIds": { "items": { "type": "string" }, "markdownDescription": "The CIS target account ids.", "title": "AccountIds", "type": "array" }, "TargetResourceTags": { "markdownDescription": "The CIS target resource tags.", "title": "TargetResourceTags", "type": "object" } }, "required": [ "AccountIds" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.DailySchedule": { "additionalProperties": false, "properties": { "StartTime": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", "markdownDescription": "The schedule start time.", "title": "StartTime" } }, "required": [ "StartTime" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.MonthlySchedule": { "additionalProperties": false, "properties": { "Day": { "markdownDescription": "The monthly schedule's day.", "title": "Day", "type": "string" }, "StartTime": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", "markdownDescription": "The monthly schedule's start time.", "title": "StartTime" } }, "required": [ "Day", "StartTime" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.Schedule": { "additionalProperties": false, "properties": { "Daily": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.DailySchedule", "markdownDescription": "A daily schedule.", "title": "Daily" }, "Monthly": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.MonthlySchedule", "markdownDescription": "A monthly schedule.", "title": "Monthly" }, "OneTime": { "markdownDescription": "A one time schedule.", "title": "OneTime", "type": "object" }, "Weekly": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.WeeklySchedule", "markdownDescription": "A weekly schedule.", "title": "Weekly" } }, "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.Time": { "additionalProperties": false, "properties": { "TimeOfDay": { "markdownDescription": "The time of day in 24-hour format (00:00).", "title": "TimeOfDay", "type": "string" }, "TimeZone": { "markdownDescription": "The timezone.", "title": "TimeZone", "type": "string" } }, "required": [ "TimeOfDay", "TimeZone" ], "type": "object" }, "AWS::InspectorV2::CisScanConfiguration.WeeklySchedule": { "additionalProperties": false, "properties": { "Days": { "items": { "type": "string" }, "markdownDescription": "The weekly schedule's days.", "title": "Days", "type": "array" }, "StartTime": { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration.Time", "markdownDescription": "The weekly schedule's start time.", "title": "StartTime" } }, "required": [ "Days", "StartTime" ], "type": "object" }, "AWS::InspectorV2::Filter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the filter.", "title": "Description", "type": "string" }, "FilterAction": { "markdownDescription": "The action that is to be applied to the findings that match the filter.", "title": "FilterAction", "type": "string" }, "FilterCriteria": { "$ref": "#/definitions/AWS::InspectorV2::Filter.FilterCriteria", "markdownDescription": "Details on the filter criteria associated with this filter.", "title": "FilterCriteria" }, "Name": { "markdownDescription": "The name of the filter.", "title": "Name", "type": "string" } }, "required": [ "FilterAction", "FilterCriteria", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::InspectorV2::Filter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::InspectorV2::Filter.DateFilter": { "additionalProperties": false, "properties": { "EndInclusive": { "markdownDescription": "A timestamp representing the end of the time period filtered on.", "title": "EndInclusive", "type": "number" }, "StartInclusive": { "markdownDescription": "A timestamp representing the start of the time period filtered on.", "title": "StartInclusive", "type": "number" } }, "type": "object" }, "AWS::InspectorV2::Filter.FilterCriteria": { "additionalProperties": false, "properties": { "AwsAccountId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the AWS account IDs used to filter findings.", "title": "AwsAccountId", "type": "array" }, "ComponentId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the component IDs used to filter findings.", "title": "ComponentId", "type": "array" }, "ComponentType": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the component types used to filter findings.", "title": "ComponentType", "type": "array" }, "Ec2InstanceImageId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the Amazon EC2 instance image IDs used to filter findings.", "title": "Ec2InstanceImageId", "type": "array" }, "Ec2InstanceSubnetId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the Amazon EC2 instance subnet IDs used to filter findings.", "title": "Ec2InstanceSubnetId", "type": "array" }, "Ec2InstanceVpcId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the Amazon EC2 instance VPC IDs used to filter findings.", "title": "Ec2InstanceVpcId", "type": "array" }, "EcrImageArchitecture": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the Amazon ECR image architecture types used to filter findings.", "title": "EcrImageArchitecture", "type": "array" }, "EcrImageHash": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details of the Amazon ECR image hashes used to filter findings.", "title": "EcrImageHash", "type": "array" }, "EcrImagePushedAt": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, "markdownDescription": "Details on the Amazon ECR image push date and time used to filter findings.", "title": "EcrImagePushedAt", "type": "array" }, "EcrImageRegistry": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the Amazon ECR registry used to filter findings.", "title": "EcrImageRegistry", "type": "array" }, "EcrImageRepositoryName": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the name of the Amazon ECR repository used to filter findings.", "title": "EcrImageRepositoryName", "type": "array" }, "EcrImageTags": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "The tags attached to the Amazon ECR container image.", "title": "EcrImageTags", "type": "array" }, "FindingArn": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the finding ARNs used to filter findings.", "title": "FindingArn", "type": "array" }, "FindingStatus": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the finding status types used to filter findings.", "title": "FindingStatus", "type": "array" }, "FindingType": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the finding types used to filter findings.", "title": "FindingType", "type": "array" }, "FirstObservedAt": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, "markdownDescription": "Details on the date and time a finding was first seen used to filter findings.", "title": "FirstObservedAt", "type": "array" }, "InspectorScore": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter" }, "markdownDescription": "The Amazon Inspector score to filter on.", "title": "InspectorScore", "type": "array" }, "LastObservedAt": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, "markdownDescription": "Details on the date and time a finding was last seen used to filter findings.", "title": "LastObservedAt", "type": "array" }, "NetworkProtocol": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on network protocol used to filter findings.", "title": "NetworkProtocol", "type": "array" }, "PortRange": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.PortRangeFilter" }, "markdownDescription": "Details on the port ranges used to filter findings.", "title": "PortRange", "type": "array" }, "RelatedVulnerabilities": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the related vulnerabilities used to filter findings.", "title": "RelatedVulnerabilities", "type": "array" }, "ResourceId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the resource IDs used to filter findings.", "title": "ResourceId", "type": "array" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.MapFilter" }, "markdownDescription": "Details on the resource tags used to filter findings.", "title": "ResourceTags", "type": "array" }, "ResourceType": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the resource types used to filter findings.", "title": "ResourceType", "type": "array" }, "Severity": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the severity used to filter findings.", "title": "Severity", "type": "array" }, "Title": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the finding title used to filter findings.", "title": "Title", "type": "array" }, "UpdatedAt": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.DateFilter" }, "markdownDescription": "Details on the date and time a finding was last updated at used to filter findings.", "title": "UpdatedAt", "type": "array" }, "VendorSeverity": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the vendor severity used to filter findings.", "title": "VendorSeverity", "type": "array" }, "VulnerabilityId": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the vulnerability ID used to filter findings.", "title": "VulnerabilityId", "type": "array" }, "VulnerabilitySource": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter" }, "markdownDescription": "Details on the vulnerability score to filter findings by.", "title": "VulnerabilitySource", "type": "array" }, "VulnerablePackages": { "items": { "$ref": "#/definitions/AWS::InspectorV2::Filter.PackageFilter" }, "markdownDescription": "Details on the vulnerable packages used to filter findings.", "title": "VulnerablePackages", "type": "array" } }, "type": "object" }, "AWS::InspectorV2::Filter.MapFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The operator to use when comparing values in the filter.", "title": "Comparison", "type": "string" }, "Key": { "markdownDescription": "The tag key used in the filter.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value used in the filter.", "title": "Value", "type": "string" } }, "required": [ "Comparison" ], "type": "object" }, "AWS::InspectorV2::Filter.NumberFilter": { "additionalProperties": false, "properties": { "LowerInclusive": { "markdownDescription": "The lowest number to be included in the filter.", "title": "LowerInclusive", "type": "number" }, "UpperInclusive": { "markdownDescription": "The highest number to be included in the filter.", "title": "UpperInclusive", "type": "number" } }, "type": "object" }, "AWS::InspectorV2::Filter.PackageFilter": { "additionalProperties": false, "properties": { "Architecture": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", "markdownDescription": "An object that contains details on the package architecture type to filter on.", "title": "Architecture" }, "Epoch": { "$ref": "#/definitions/AWS::InspectorV2::Filter.NumberFilter", "markdownDescription": "An object that contains details on the package epoch to filter on.", "title": "Epoch" }, "Name": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", "markdownDescription": "An object that contains details on the name of the package to filter on.", "title": "Name" }, "Release": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", "markdownDescription": "An object that contains details on the package release to filter on.", "title": "Release" }, "SourceLayerHash": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", "markdownDescription": "An object that contains details on the source layer hash to filter on.", "title": "SourceLayerHash" }, "Version": { "$ref": "#/definitions/AWS::InspectorV2::Filter.StringFilter", "markdownDescription": "The package version to filter on.", "title": "Version" } }, "type": "object" }, "AWS::InspectorV2::Filter.PortRangeFilter": { "additionalProperties": false, "properties": { "BeginInclusive": { "markdownDescription": "The port number the port range begins at.", "title": "BeginInclusive", "type": "number" }, "EndInclusive": { "markdownDescription": "The port number the port range ends at.", "title": "EndInclusive", "type": "number" } }, "type": "object" }, "AWS::InspectorV2::Filter.StringFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The operator to use when comparing values in the filter.", "title": "Comparison", "type": "string" }, "Value": { "markdownDescription": "The value to filter on.", "title": "Value", "type": "string" } }, "required": [ "Comparison", "Value" ], "type": "object" }, "AWS::InternetMonitor::Monitor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HealthEventsConfig": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.HealthEventsConfig", "markdownDescription": "A complex type with the configuration information that determines the threshold and other conditions for when Internet Monitor creates a health event for an overall performance or availability issue, across an application's geographies.\n\nDefines the percentages, for overall performance scores and availability scores for an application, that are the thresholds for when Amazon CloudWatch Internet Monitor creates a health event. You can override the defaults to set a custom threshold for overall performance or availability scores, or both.\n\nYou can also set thresholds for local health scores,, where Internet Monitor creates a health event when scores cross a threshold for one or more city-networks, in addition to creating an event when an overall score crosses a threshold.\n\nIf you don't set a health event threshold, the default value is 95%.\n\nFor local thresholds, you also set a minimum percentage of overall traffic that is impacted by an issue before Internet Monitor creates an event. In addition, you can disable local thresholds, for performance scores, availability scores, or both.\n\nFor more information, see [Change health event thresholds](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-IM-overview.html#IMUpdateThresholdFromOverview) in the Internet Monitor section of the *CloudWatch User Guide* .", "title": "HealthEventsConfig" }, "IncludeLinkedAccounts": { "markdownDescription": "A boolean option that you can set to `TRUE` to include monitors for linked accounts in a list of monitors, when you've set up cross-account sharing in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", "title": "IncludeLinkedAccounts", "type": "boolean" }, "InternetMeasurementsLogDelivery": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery", "markdownDescription": "Publish internet measurements for a monitor for all city-networks (up to the 500,000 service limit) to another location, such as an Amazon S3 bucket. Measurements are also published to Amazon CloudWatch Logs for the first 500 (by traffic volume) city-networks (client locations and ASNs, typically internet service providers or ISPs).", "title": "InternetMeasurementsLogDelivery" }, "LinkedAccountId": { "markdownDescription": "The account ID for an account that you've set up cross-account sharing for in Internet Monitor. You configure cross-account sharing by using Amazon CloudWatch Observability Access Manager. For more information, see [Internet Monitor cross-account observability](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cwim-cross-account.html) in the Amazon CloudWatch User Guide.", "title": "LinkedAccountId", "type": "string" }, "MaxCityNetworksToMonitor": { "markdownDescription": "The maximum number of city-networks to monitor for your resources. A city-network is the location (city) where clients access your application resources from and the network, such as an internet service provider, that clients access the resources through.\n\nFor more information, see [Choosing a city-network maximum value](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/IMCityNetworksMaximum.html) in *Using Amazon CloudWatch Internet Monitor* .", "title": "MaxCityNetworksToMonitor", "type": "number" }, "MonitorName": { "markdownDescription": "The name of the monitor. A monitor name can contain only alphanumeric characters, dashes (-), periods (.), and underscores (_).", "title": "MonitorName", "type": "string" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "The resources that have been added for the monitor, listed by their Amazon Resource Names (ARNs). Use this option to add or remove resources when making an update.\n\n> Be aware that if you include content in the `Resources` field when you update a monitor, the `ResourcesToAdd` and `ResourcesToRemove` fields must be empty.", "title": "Resources", "type": "array" }, "ResourcesToAdd": { "items": { "type": "string" }, "markdownDescription": "The resources to include in a monitor, which you provide as a set of Amazon Resource Names (ARNs). Resources can be Amazon Virtual Private Cloud VPCs, Network Load Balancers (NLBs), Amazon CloudFront distributions, or Amazon WorkSpaces directories.\n\nYou can add a combination of VPCs and CloudFront distributions, or you can add WorkSpaces directories, or you can add NLBs. You can't add NLBs or WorkSpaces directories together with any other resources.\n\nIf you add only VPC resources, at least one VPC must have an Internet Gateway attached to it, to make sure that it has internet connectivity.\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", "title": "ResourcesToAdd", "type": "array" }, "ResourcesToRemove": { "items": { "type": "string" }, "markdownDescription": "The resources to remove from a monitor, which you provide as a set of Amazon Resource Names (ARNs)\n\n> You can specify this field for a monitor update only if the `Resources` field is empty.", "title": "ResourcesToRemove", "type": "array" }, "Status": { "markdownDescription": "The status of a monitor. The accepted values that you can specify for `Status` are `ACTIVE` and `INACTIVE` .", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for a monitor, listed as a set of *key:value* pairs.", "title": "Tags", "type": "array" }, "TrafficPercentageToMonitor": { "markdownDescription": "The percentage of the internet-facing traffic for your application that you want to monitor. You can also, optionally, set a limit for the number of city-networks (client locations and ASNs, typically internet service providers) that Internet Monitor will monitor traffic for. The city-networks maximum limit caps the number of city-networks that Internet Monitor monitors for your application, regardless of the percentage of traffic that you choose to monitor.", "title": "TrafficPercentageToMonitor", "type": "number" } }, "required": [ "MonitorName" ], "type": "object" }, "Type": { "enum": [ "AWS::InternetMonitor::Monitor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::InternetMonitor::Monitor.HealthEventsConfig": { "additionalProperties": false, "properties": { "AvailabilityLocalHealthEventsConfig": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue.", "title": "AvailabilityLocalHealthEventsConfig" }, "AvailabilityScoreThreshold": { "markdownDescription": "The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event.", "title": "AvailabilityScoreThreshold", "type": "number" }, "PerformanceLocalHealthEventsConfig": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.LocalHealthEventsConfig", "markdownDescription": "The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue.", "title": "PerformanceLocalHealthEventsConfig" }, "PerformanceScoreThreshold": { "markdownDescription": "The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event.", "title": "PerformanceScoreThreshold", "type": "number" } }, "type": "object" }, "AWS::InternetMonitor::Monitor.InternetMeasurementsLogDelivery": { "additionalProperties": false, "properties": { "S3Config": { "$ref": "#/definitions/AWS::InternetMonitor::Monitor.S3Config", "markdownDescription": "The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3.", "title": "S3Config" } }, "type": "object" }, "AWS::InternetMonitor::Monitor.LocalHealthEventsConfig": { "additionalProperties": false, "properties": { "HealthScoreThreshold": { "markdownDescription": "The health event threshold percentage set for a local health score.", "title": "HealthScoreThreshold", "type": "number" }, "MinTrafficImpact": { "markdownDescription": "The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score.\n\nIf you don't set a minimum traffic impact threshold, the default value is 0.01%.", "title": "MinTrafficImpact", "type": "number" }, "Status": { "markdownDescription": "The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` .", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::InternetMonitor::Monitor.S3Config": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Amazon S3 bucket name for internet measurements publishing.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "An optional Amazon S3 bucket prefix for internet measurements publishing.", "title": "BucketPrefix", "type": "string" }, "LogDeliveryStatus": { "markdownDescription": "The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise.", "title": "LogDeliveryStatus", "type": "string" } }, "type": "object" }, "AWS::IoT1Click::Device": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeviceId": { "markdownDescription": "The ID of the device, such as `G030PX0312744DWM` .", "title": "DeviceId", "type": "string" }, "Enabled": { "markdownDescription": "A Boolean value indicating whether the device is enabled ( `true` ) or not ( `false` ).", "title": "Enabled", "type": "boolean" } }, "required": [ "DeviceId", "Enabled" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT1Click::Device" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT1Click::Placement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociatedDevices": { "markdownDescription": "The devices to associate with the placement, as defined by a mapping of zero or more key-value pairs wherein the key is a template name and the value is a device ID.", "title": "AssociatedDevices", "type": "object" }, "Attributes": { "markdownDescription": "The user-defined attributes associated with the placement.", "title": "Attributes", "type": "object" }, "PlacementName": { "markdownDescription": "The name of the placement.", "title": "PlacementName", "type": "string" }, "ProjectName": { "markdownDescription": "The name of the project containing the placement.", "title": "ProjectName", "type": "string" } }, "required": [ "ProjectName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT1Click::Placement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT1Click::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the project.", "title": "Description", "type": "string" }, "PlacementTemplate": { "$ref": "#/definitions/AWS::IoT1Click::Project.PlacementTemplate", "markdownDescription": "An object describing the project's placement specifications.", "title": "PlacementTemplate" }, "ProjectName": { "markdownDescription": "The name of the project from which to obtain information.", "title": "ProjectName", "type": "string" } }, "required": [ "PlacementTemplate" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT1Click::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT1Click::Project.DeviceTemplate": { "additionalProperties": false, "properties": { "CallbackOverrides": { "type": "object" }, "DeviceType": { "type": "string" } }, "type": "object" }, "AWS::IoT1Click::Project.PlacementTemplate": { "additionalProperties": false, "properties": { "DefaultAttributes": { "markdownDescription": "The default attributes (key-value pairs) to be applied to all placements using this template.", "title": "DefaultAttributes", "type": "object" }, "DeviceTemplates": { "markdownDescription": "An object specifying the [DeviceTemplate](https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_DeviceTemplate.html) for all placements using this ( [PlacementTemplate](https://docs.aws.amazon.com/iot-1-click/latest/projects-apireference/API_PlacementTemplate.html) ) template.", "title": "DeviceTemplates", "type": "object" } }, "type": "object" }, "AWS::IoT::AccountAuditConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The ID of the account. You can use the expression `!Sub \"${AWS::AccountId}\"` to use your account ID.", "title": "AccountId", "type": "string" }, "AuditCheckConfigurations": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations", "markdownDescription": "Specifies which audit checks are enabled and disabled for this account.\n\nSome data collection might start immediately when certain checks are enabled. When a check is disabled, any data collected so far in relation to the check is deleted. To disable a check, set the value of the `Enabled:` key to `false` .\n\nIf an enabled check is removed from the template, it will also be disabled.\n\nYou can't disable a check if it's used by any scheduled audit. You must delete the check from the scheduled audit or delete the scheduled audit itself to disable the check.\n\nFor more information on avialbe auidt checks see [AWS::IoT::AccountAuditConfiguration AuditCheckConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-accountauditconfiguration-auditcheckconfigurations.html)", "title": "AuditCheckConfigurations" }, "AuditNotificationTargetConfigurations": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations", "markdownDescription": "Information about the targets to which audit notifications are sent.", "title": "AuditNotificationTargetConfigurations" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants permission to AWS IoT to access information about your devices, policies, certificates, and other items as required when performing an audit.", "title": "RoleArn", "type": "string" } }, "required": [ "AccountId", "AuditCheckConfigurations", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::AccountAuditConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "True if this audit check is enabled for this account.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::IoT::AccountAuditConfiguration.AuditCheckConfigurations": { "additionalProperties": false, "properties": { "AuthenticatedCognitoRoleOverlyPermissiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed.", "title": "AuthenticatedCognitoRoleOverlyPermissiveCheck" }, "CaCertificateExpiringCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired.", "title": "CaCertificateExpiringCheck" }, "CaCertificateKeyQualityCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` .", "title": "CaCertificateKeyQualityCheck" }, "ConflictingClientIdsCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if multiple devices connect using the same client ID.", "title": "ConflictingClientIdsCheck" }, "DeviceCertificateExpiringCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if a device certificate is expiring. This check applies to device certificates expiring within 30 days or that have expired.", "title": "DeviceCertificateExpiringCheck" }, "DeviceCertificateKeyQualityCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size.", "title": "DeviceCertificateKeyQualityCheck" }, "DeviceCertificateSharedCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT .", "title": "DeviceCertificateSharedCheck" }, "IntermediateCaRevokedForActiveDeviceCertificatesCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if device certificates are still active despite being revoked by an intermediate CA.", "title": "IntermediateCaRevokedForActiveDeviceCertificatesCheck" }, "IoTPolicyPotentialMisConfigurationCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy.", "title": "IoTPolicyPotentialMisConfigurationCheck" }, "IotPolicyOverlyPermissiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role.", "title": "IotPolicyOverlyPermissiveCheck" }, "IotRoleAliasAllowsAccessToUnusedServicesCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year.", "title": "IotRoleAliasAllowsAccessToUnusedServicesCheck" }, "IotRoleAliasOverlyPermissiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive.", "title": "IotRoleAliasOverlyPermissiveCheck" }, "LoggingDisabledCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if AWS IoT logs are disabled.", "title": "LoggingDisabledCheck" }, "RevokedCaCertificateStillActiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if a revoked CA certificate is still active.", "title": "RevokedCaCertificateStillActiveCheck" }, "RevokedDeviceCertificateStillActiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if a revoked device certificate is still active.", "title": "RevokedDeviceCertificateStillActiveCheck" }, "UnauthenticatedCognitoRoleOverlyPermissiveCheck": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditCheckConfiguration", "markdownDescription": "Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive.", "title": "UnauthenticatedCognitoRoleOverlyPermissiveCheck" } }, "type": "object" }, "AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "True if notifications to the target are enabled.", "title": "Enabled", "type": "boolean" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants permission to send notifications to the target.", "title": "RoleArn", "type": "string" }, "TargetArn": { "markdownDescription": "The ARN of the target (SNS topic) to which audit notifications are sent.", "title": "TargetArn", "type": "string" } }, "type": "object" }, "AWS::IoT::AccountAuditConfiguration.AuditNotificationTargetConfigurations": { "additionalProperties": false, "properties": { "Sns": { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration.AuditNotificationTarget", "markdownDescription": "The `Sns` notification target.", "title": "Sns" } }, "type": "object" }, "AWS::IoT::Authorizer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthorizerFunctionArn": { "markdownDescription": "The authorizer's Lambda function ARN.", "title": "AuthorizerFunctionArn", "type": "string" }, "AuthorizerName": { "markdownDescription": "The authorizer name.", "title": "AuthorizerName", "type": "string" }, "EnableCachingForHttp": { "markdownDescription": "When `true` , the result from the authorizer's Lambda function is cached for clients that use persistent HTTP connections. The results are cached for the time specified by the Lambda function in `refreshAfterInSeconds` . This value doesn't affect authorization of clients that use MQTT connections.", "title": "EnableCachingForHttp", "type": "boolean" }, "SigningDisabled": { "markdownDescription": "Specifies whether AWS IoT validates the token signature in an authorization request.", "title": "SigningDisabled", "type": "boolean" }, "Status": { "markdownDescription": "The status of the authorizer.\n\nValid values: `ACTIVE` | `INACTIVE`", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the custom authorizer.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" }, "TokenKeyName": { "markdownDescription": "The key used to extract the token from the HTTP headers.", "title": "TokenKeyName", "type": "string" }, "TokenSigningPublicKeys": { "additionalProperties": true, "markdownDescription": "The public keys used to validate the token signature returned by your custom authentication service.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TokenSigningPublicKeys", "type": "object" } }, "required": [ "AuthorizerFunctionArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::Authorizer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::BillingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BillingGroupName": { "markdownDescription": "The name of the billing group.", "title": "BillingGroupName", "type": "string" }, "BillingGroupProperties": { "$ref": "#/definitions/AWS::IoT::BillingGroup.BillingGroupProperties", "markdownDescription": "The properties of the billing group.", "title": "BillingGroupProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the billing group.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::BillingGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::BillingGroup.BillingGroupProperties": { "additionalProperties": false, "properties": { "BillingGroupDescription": { "markdownDescription": "The description of the billing group.", "title": "BillingGroupDescription", "type": "string" } }, "type": "object" }, "AWS::IoT::CACertificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoRegistrationStatus": { "markdownDescription": "Whether the CA certificate is configured for auto registration of device certificates. Valid values are \"ENABLE\" and \"DISABLE\".", "title": "AutoRegistrationStatus", "type": "string" }, "CACertificatePem": { "markdownDescription": "The certificate data in PEM format.", "title": "CACertificatePem", "type": "string" }, "CertificateMode": { "markdownDescription": "The mode of the CA.\n\nAll the device certificates that are registered using this CA will be registered in the same mode as the CA. For more information about certificate mode for device certificates, see [certificate mode](https://docs.aws.amazon.com//iot/latest/apireference/API_CertificateDescription.html#iot-Type-CertificateDescription-certificateMode) .\n\nValid values are \"DEFAULT\" and \"SNI_ONLY\".", "title": "CertificateMode", "type": "string" }, "RegistrationConfig": { "$ref": "#/definitions/AWS::IoT::CACertificate.RegistrationConfig", "markdownDescription": "Information about the registration configuration.", "title": "RegistrationConfig" }, "RemoveAutoRegistration": { "markdownDescription": "If true, removes auto registration.", "title": "RemoveAutoRegistration", "type": "boolean" }, "Status": { "markdownDescription": "The status of the CA certificate.\n\nValid values are \"ACTIVE\" and \"INACTIVE\".", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VerificationCertificatePem": { "markdownDescription": "The private key verification certificate.", "title": "VerificationCertificatePem", "type": "string" } }, "required": [ "CACertificatePem", "Status" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::CACertificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::CACertificate.RegistrationConfig": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The ARN of the role.", "title": "RoleArn", "type": "string" }, "TemplateBody": { "markdownDescription": "The template body.", "title": "TemplateBody", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the provisioning template.", "title": "TemplateName", "type": "string" } }, "type": "object" }, "AWS::IoT::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CACertificatePem": { "markdownDescription": "The CA certificate used to sign the device certificate being registered, not available when CertificateMode is SNI_ONLY.", "title": "CACertificatePem", "type": "string" }, "CertificateMode": { "markdownDescription": "Specifies which mode of certificate registration to use with this resource. Valid options are DEFAULT with CaCertificatePem and CertificatePem, SNI_ONLY with CertificatePem, and Default with CertificateSigningRequest.\n\n`DEFAULT` : A certificate in `DEFAULT` mode is either generated by AWS IoT Core or registered with an issuer certificate authority (CA). Devices with certificates in `DEFAULT` mode aren't required to send the Server Name Indication (SNI) extension when connecting to AWS IoT Core . However, to use features such as custom domains and VPC endpoints, we recommend that you use the SNI extension when connecting to AWS IoT Core .\n\n`SNI_ONLY` : A certificate in `SNI_ONLY` mode is registered without an issuer CA. Devices with certificates in `SNI_ONLY` mode must send the SNI extension when connecting to AWS IoT Core .", "title": "CertificateMode", "type": "string" }, "CertificatePem": { "markdownDescription": "The certificate data in PEM format. Requires SNI_ONLY for the certificate mode or the accompanying CACertificatePem for registration.", "title": "CertificatePem", "type": "string" }, "CertificateSigningRequest": { "markdownDescription": "The certificate signing request (CSR).", "title": "CertificateSigningRequest", "type": "string" }, "Status": { "markdownDescription": "The status of the certificate.\n\nValid values are ACTIVE, INACTIVE, REVOKED, PENDING_TRANSFER, and PENDING_ACTIVATION.\n\nThe status value REGISTER_INACTIVE is deprecated and should not be used.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::CertificateProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountDefaultForOperations": { "items": { "type": "string" }, "markdownDescription": "A list of the operations that the certificate provider will use to generate certificates. Valid value: `CreateCertificateFromCsr` .", "title": "AccountDefaultForOperations", "type": "array" }, "CertificateProviderName": { "markdownDescription": "The name of the certificate provider.", "title": "CertificateProviderName", "type": "string" }, "LambdaFunctionArn": { "markdownDescription": "The ARN of the Lambda function.", "title": "LambdaFunctionArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the certificate provider.", "title": "Tags", "type": "array" } }, "required": [ "AccountDefaultForOperations", "LambdaFunctionArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::CertificateProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::CustomMetric": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DisplayName": { "markdownDescription": "The friendly name in the console for the custom metric. This name doesn't have to be unique. Don't use this name as the metric identifier in the device metric report. You can update the friendly name after you define it.", "title": "DisplayName", "type": "string" }, "MetricName": { "markdownDescription": "The name of the custom metric. This will be used in the metric report submitted from the device/thing. The name can't begin with `aws:` . You can\u2019t change the name after you define it.", "title": "MetricName", "type": "string" }, "MetricType": { "markdownDescription": "The type of the custom metric. Types include `string-list` , `ip-address-list` , `number-list` , and `number` .\n\n> The type `number` only takes a single metric value as an input, but when you submit the metrics value in the DeviceMetrics report, you must pass it as an array with a single value.", "title": "MetricType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the custom metric.", "title": "Tags", "type": "array" } }, "required": [ "MetricType" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::CustomMetric" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::Dimension": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A unique identifier for the dimension.", "title": "Name", "type": "string" }, "StringValues": { "items": { "type": "string" }, "markdownDescription": "Specifies the value or list of values for the dimension. For `TOPIC_FILTER` dimensions, this is a pattern used to match the MQTT topic (for example, \"admin/#\").", "title": "StringValues", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the dimension.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "Specifies the type of dimension. Supported types: `TOPIC_FILTER.`", "title": "Type", "type": "string" } }, "required": [ "StringValues", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::Dimension" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::DomainConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthorizerConfig": { "$ref": "#/definitions/AWS::IoT::DomainConfiguration.AuthorizerConfig", "markdownDescription": "An object that specifies the authorization service for a domain.", "title": "AuthorizerConfig" }, "DomainConfigurationName": { "markdownDescription": "The name of the domain configuration. This value must be unique to a region.", "title": "DomainConfigurationName", "type": "string" }, "DomainConfigurationStatus": { "markdownDescription": "The status to which the domain configuration should be updated.\n\nValid values: `ENABLED` | `DISABLED`", "title": "DomainConfigurationStatus", "type": "string" }, "DomainName": { "markdownDescription": "The name of the domain.", "title": "DomainName", "type": "string" }, "ServerCertificateArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the certificates that AWS IoT passes to the device during the TLS handshake. Currently you can specify only one certificate ARN. This value is not required for AWS -managed domains.", "title": "ServerCertificateArns", "type": "array" }, "ServerCertificateConfig": { "$ref": "#/definitions/AWS::IoT::DomainConfiguration.ServerCertificateConfig", "markdownDescription": "The server certificate configuration.\n\nFor more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", "title": "ServerCertificateConfig" }, "ServiceType": { "markdownDescription": "The type of service delivered by the endpoint.\n\n> AWS IoT Core currently supports only the `DATA` service type.", "title": "ServiceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the domain configuration.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" }, "TlsConfig": { "$ref": "#/definitions/AWS::IoT::DomainConfiguration.TlsConfig", "markdownDescription": "An object that specifies the TLS configuration for a domain.", "title": "TlsConfig" }, "ValidationCertificateArn": { "markdownDescription": "The certificate used to validate the server certificate and prove domain name ownership. This certificate must be signed by a public certificate authority. This value is not required for AWS -managed domains.", "title": "ValidationCertificateArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::DomainConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::DomainConfiguration.AuthorizerConfig": { "additionalProperties": false, "properties": { "AllowAuthorizerOverride": { "markdownDescription": "A Boolean that specifies whether the domain configuration's authorization service can be overridden.", "title": "AllowAuthorizerOverride", "type": "boolean" }, "DefaultAuthorizerName": { "markdownDescription": "The name of the authorization service for a domain configuration.", "title": "DefaultAuthorizerName", "type": "string" } }, "type": "object" }, "AWS::IoT::DomainConfiguration.ServerCertificateConfig": { "additionalProperties": false, "properties": { "EnableOCSPCheck": { "markdownDescription": "A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide.", "title": "EnableOCSPCheck", "type": "boolean" } }, "type": "object" }, "AWS::IoT::DomainConfiguration.ServerCertificateSummary": { "additionalProperties": false, "properties": { "ServerCertificateArn": { "markdownDescription": "The ARN of the server certificate.", "title": "ServerCertificateArn", "type": "string" }, "ServerCertificateStatus": { "markdownDescription": "The status of the server certificate.", "title": "ServerCertificateStatus", "type": "string" }, "ServerCertificateStatusDetail": { "markdownDescription": "Details that explain the status of the server certificate.", "title": "ServerCertificateStatusDetail", "type": "string" } }, "type": "object" }, "AWS::IoT::DomainConfiguration.TlsConfig": { "additionalProperties": false, "properties": { "SecurityPolicy": { "markdownDescription": "The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* .", "title": "SecurityPolicy", "type": "string" } }, "type": "object" }, "AWS::IoT::FleetMetric": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AggregationField": { "markdownDescription": "The field to aggregate.", "title": "AggregationField", "type": "string" }, "AggregationType": { "$ref": "#/definitions/AWS::IoT::FleetMetric.AggregationType", "markdownDescription": "The type of the aggregation query.", "title": "AggregationType" }, "Description": { "markdownDescription": "The fleet metric description.", "title": "Description", "type": "string" }, "IndexName": { "markdownDescription": "The name of the index to search.", "title": "IndexName", "type": "string" }, "MetricName": { "markdownDescription": "The name of the fleet metric to create.", "title": "MetricName", "type": "string" }, "Period": { "markdownDescription": "The time in seconds between fleet metric emissions. Range [60(1 min), 86400(1 day)] and must be multiple of 60.", "title": "Period", "type": "number" }, "QueryString": { "markdownDescription": "The search query string.", "title": "QueryString", "type": "string" }, "QueryVersion": { "markdownDescription": "The query version.", "title": "QueryVersion", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the fleet metric.", "title": "Tags", "type": "array" }, "Unit": { "markdownDescription": "Used to support unit transformation such as milliseconds to seconds. Must be a unit supported by CW metric. Default to null.", "title": "Unit", "type": "string" } }, "required": [ "MetricName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::FleetMetric" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::FleetMetric.AggregationType": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the aggregation type.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "A list of the values of aggregation types.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::IoT::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AbortConfig": { "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortConfig", "markdownDescription": "The criteria that determine when and how a job abort takes place.", "title": "AbortConfig" }, "Description": { "markdownDescription": "A description of the job template.", "title": "Description", "type": "string" }, "DestinationPackageVersions": { "items": { "type": "string" }, "markdownDescription": "The package version Amazon Resource Names (ARNs) that are installed on the device\u2019s reserved named shadow ( `$package` ) when the job successfully completes.\n\n*Note:* Up to 25 package version ARNS are allowed.", "title": "DestinationPackageVersions", "type": "array" }, "Document": { "markdownDescription": "The job document.\n\nRequired if you don't specify a value for `documentSource` .", "title": "Document", "type": "string" }, "DocumentSource": { "markdownDescription": "An S3 link, or S3 object URL, to the job document. The link is an Amazon S3 object URL and is required if you don't specify a value for `document` .\n\nFor example, `--document-source https://s3. *region-code* .amazonaws.com/example-firmware/device-firmware.1.0`\n\nFor more information, see [Methods for accessing a bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html) .", "title": "DocumentSource", "type": "string" }, "JobArn": { "markdownDescription": "The ARN of the job to use as the basis for the job template.", "title": "JobArn", "type": "string" }, "JobExecutionsRetryConfig": { "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRetryConfig", "markdownDescription": "Allows you to create the criteria to retry a job.", "title": "JobExecutionsRetryConfig" }, "JobExecutionsRolloutConfig": { "$ref": "#/definitions/AWS::IoT::JobTemplate.JobExecutionsRolloutConfig", "markdownDescription": "Allows you to create a staged rollout of a job.", "title": "JobExecutionsRolloutConfig" }, "JobTemplateId": { "markdownDescription": "A unique identifier for the job template. We recommend using a UUID. Alpha-numeric characters, \"-\", and \"_\" are valid for use here.", "title": "JobTemplateId", "type": "string" }, "MaintenanceWindows": { "items": { "$ref": "#/definitions/AWS::IoT::JobTemplate.MaintenanceWindow" }, "markdownDescription": "An optional configuration within the SchedulingConfig to setup a recurring maintenance window with a predetermined start time and duration for the rollout of a job document to all devices in a target group for a job.", "title": "MaintenanceWindows", "type": "array" }, "PresignedUrlConfig": { "$ref": "#/definitions/AWS::IoT::JobTemplate.PresignedUrlConfig", "markdownDescription": "Configuration for pre-signed S3 URLs.", "title": "PresignedUrlConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the job template.", "title": "Tags", "type": "array" }, "TimeoutConfig": { "$ref": "#/definitions/AWS::IoT::JobTemplate.TimeoutConfig", "markdownDescription": "Specifies the amount of time each device has to finish its execution of the job. A timer is started when the job execution status is set to `IN_PROGRESS` . If the job execution status is not set to another terminal state before the timer expires, it will be automatically set to `TIMED_OUT` .", "title": "TimeoutConfig" } }, "required": [ "Description", "JobTemplateId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::JobTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::JobTemplate.AbortConfig": { "additionalProperties": false, "properties": { "CriteriaList": { "items": { "$ref": "#/definitions/AWS::IoT::JobTemplate.AbortCriteria" }, "markdownDescription": "The list of criteria that determine when and how to abort the job.", "title": "CriteriaList", "type": "array" } }, "required": [ "CriteriaList" ], "type": "object" }, "AWS::IoT::JobTemplate.AbortCriteria": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The type of job action to take to initiate the job abort.", "title": "Action", "type": "string" }, "FailureType": { "markdownDescription": "The type of job execution failures that can initiate a job abort.", "title": "FailureType", "type": "string" }, "MinNumberOfExecutedThings": { "markdownDescription": "The minimum number of things which must receive job execution notifications before the job can be aborted.", "title": "MinNumberOfExecutedThings", "type": "number" }, "ThresholdPercentage": { "markdownDescription": "The minimum percentage of job execution failures that must occur to initiate the job abort.\n\nAWS IoT Core supports up to two digits after the decimal (for example, 10.9 and 10.99, but not 10.999).", "title": "ThresholdPercentage", "type": "number" } }, "required": [ "Action", "FailureType", "MinNumberOfExecutedThings", "ThresholdPercentage" ], "type": "object" }, "AWS::IoT::JobTemplate.ExponentialRolloutRate": { "additionalProperties": false, "properties": { "BaseRatePerMinute": { "markdownDescription": "The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout.", "title": "BaseRatePerMinute", "type": "number" }, "IncrementFactor": { "markdownDescription": "The exponential factor to increase the rate of rollout for a job.\n\nAWS IoT Core supports up to one digit after the decimal (for example, 1.5, but not 1.55).", "title": "IncrementFactor", "type": "number" }, "RateIncreaseCriteria": { "$ref": "#/definitions/AWS::IoT::JobTemplate.RateIncreaseCriteria", "markdownDescription": "The criteria to initiate the increase in rate of rollout for a job.", "title": "RateIncreaseCriteria" } }, "required": [ "BaseRatePerMinute", "IncrementFactor", "RateIncreaseCriteria" ], "type": "object" }, "AWS::IoT::JobTemplate.JobExecutionsRetryConfig": { "additionalProperties": false, "properties": { "RetryCriteriaList": { "items": { "$ref": "#/definitions/AWS::IoT::JobTemplate.RetryCriteria" }, "markdownDescription": "The list of criteria that determines how many retries are allowed for each failure type for a job.", "title": "RetryCriteriaList", "type": "array" } }, "type": "object" }, "AWS::IoT::JobTemplate.JobExecutionsRolloutConfig": { "additionalProperties": false, "properties": { "ExponentialRolloutRate": { "$ref": "#/definitions/AWS::IoT::JobTemplate.ExponentialRolloutRate", "markdownDescription": "The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout.", "title": "ExponentialRolloutRate" }, "MaximumPerMinute": { "markdownDescription": "The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout.", "title": "MaximumPerMinute", "type": "number" } }, "type": "object" }, "AWS::IoT::JobTemplate.MaintenanceWindow": { "additionalProperties": false, "properties": { "DurationInMinutes": { "markdownDescription": "Displays the duration of the next maintenance window.", "title": "DurationInMinutes", "type": "number" }, "StartTime": { "markdownDescription": "Displays the start time of the next maintenance window.", "title": "StartTime", "type": "string" } }, "type": "object" }, "AWS::IoT::JobTemplate.PresignedUrlConfig": { "additionalProperties": false, "properties": { "ExpiresInSec": { "markdownDescription": "How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document.", "title": "ExpiresInSec", "type": "number" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files.\n\n> For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* .", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::IoT::JobTemplate.RateIncreaseCriteria": { "additionalProperties": false, "properties": { "NumberOfNotifiedThings": { "markdownDescription": "The threshold for number of notified things that will initiate the increase in rate of rollout.", "title": "NumberOfNotifiedThings", "type": "number" }, "NumberOfSucceededThings": { "markdownDescription": "The threshold for number of succeeded things that will initiate the increase in rate of rollout.", "title": "NumberOfSucceededThings", "type": "number" } }, "type": "object" }, "AWS::IoT::JobTemplate.RetryCriteria": { "additionalProperties": false, "properties": { "FailureType": { "markdownDescription": "The type of job execution failures that can initiate a job retry.", "title": "FailureType", "type": "string" }, "NumberOfRetries": { "markdownDescription": "The number of retries allowed for a failure type for the job.", "title": "NumberOfRetries", "type": "number" } }, "type": "object" }, "AWS::IoT::JobTemplate.TimeoutConfig": { "additionalProperties": false, "properties": { "InProgressTimeoutInMinutes": { "markdownDescription": "Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status.", "title": "InProgressTimeoutInMinutes", "type": "number" } }, "required": [ "InProgressTimeoutInMinutes" ], "type": "object" }, "AWS::IoT::Logging": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The account ID.", "title": "AccountId", "type": "string" }, "DefaultLogLevel": { "markdownDescription": "The default log level. Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", "title": "DefaultLogLevel", "type": "string" }, "RoleArn": { "markdownDescription": "The role ARN used for the log.", "title": "RoleArn", "type": "string" } }, "required": [ "AccountId", "DefaultLogLevel", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::Logging" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::MitigationAction": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActionName": { "markdownDescription": "The friendly name of the mitigation action.", "title": "ActionName", "type": "string" }, "ActionParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.ActionParams", "markdownDescription": "The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.", "title": "ActionParams" }, "RoleArn": { "markdownDescription": "The IAM role ARN used to apply this mitigation action.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the mitigation action.", "title": "Tags", "type": "array" } }, "required": [ "ActionParams", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::MitigationAction" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::MitigationAction.ActionParams": { "additionalProperties": false, "properties": { "AddThingsToThingGroupParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.AddThingsToThingGroupParams", "markdownDescription": "Specifies the group to which you want to add the devices.", "title": "AddThingsToThingGroupParams" }, "EnableIoTLoggingParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.EnableIoTLoggingParams", "markdownDescription": "Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` .", "title": "EnableIoTLoggingParams" }, "PublishFindingToSnsParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.PublishFindingToSnsParams", "markdownDescription": "Specifies the topic to which the finding should be published.", "title": "PublishFindingToSnsParams" }, "ReplaceDefaultPolicyVersionParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams", "markdownDescription": "Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported.", "title": "ReplaceDefaultPolicyVersionParams" }, "UpdateCACertificateParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateCACertificateParams", "markdownDescription": "Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported.", "title": "UpdateCACertificateParams" }, "UpdateDeviceCertificateParams": { "$ref": "#/definitions/AWS::IoT::MitigationAction.UpdateDeviceCertificateParams", "markdownDescription": "Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported.", "title": "UpdateDeviceCertificateParams" } }, "type": "object" }, "AWS::IoT::MitigationAction.AddThingsToThingGroupParams": { "additionalProperties": false, "properties": { "OverrideDynamicGroups": { "markdownDescription": "Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.", "title": "OverrideDynamicGroups", "type": "boolean" }, "ThingGroupNames": { "items": { "type": "string" }, "markdownDescription": "The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.", "title": "ThingGroupNames", "type": "array" } }, "required": [ "ThingGroupNames" ], "type": "object" }, "AWS::IoT::MitigationAction.EnableIoTLoggingParams": { "additionalProperties": false, "properties": { "LogLevel": { "markdownDescription": "Specifies the type of information to be logged.", "title": "LogLevel", "type": "string" }, "RoleArnForLogging": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used for logging.", "title": "RoleArnForLogging", "type": "string" } }, "required": [ "LogLevel", "RoleArnForLogging" ], "type": "object" }, "AWS::IoT::MitigationAction.PublishFindingToSnsParams": { "additionalProperties": false, "properties": { "TopicArn": { "markdownDescription": "The ARN of the topic to which you want to publish the findings.", "title": "TopicArn", "type": "string" } }, "required": [ "TopicArn" ], "type": "object" }, "AWS::IoT::MitigationAction.ReplaceDefaultPolicyVersionParams": { "additionalProperties": false, "properties": { "TemplateName": { "markdownDescription": "The name of the template to be applied. The only supported value is `BLANK_POLICY` .", "title": "TemplateName", "type": "string" } }, "required": [ "TemplateName" ], "type": "object" }, "AWS::IoT::MitigationAction.UpdateCACertificateParams": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` .", "title": "Action", "type": "string" } }, "required": [ "Action" ], "type": "object" }, "AWS::IoT::MitigationAction.UpdateDeviceCertificateParams": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` .", "title": "Action", "type": "string" } }, "required": [ "Action" ], "type": "object" }, "AWS::IoT::Policy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The JSON document that describes the policy.", "title": "PolicyDocument", "type": "object" }, "PolicyName": { "markdownDescription": "The policy name.", "title": "PolicyName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::Policy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::PolicyPrincipalAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyName": { "markdownDescription": "The name of the AWS IoT policy.", "title": "PolicyName", "type": "string" }, "Principal": { "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", "title": "Principal", "type": "string" } }, "required": [ "PolicyName", "Principal" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::PolicyPrincipalAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::ProvisioningTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the fleet provisioning template.", "title": "Description", "type": "string" }, "Enabled": { "markdownDescription": "True to enable the fleet provisioning template, otherwise false.", "title": "Enabled", "type": "boolean" }, "PreProvisioningHook": { "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate.ProvisioningHook", "markdownDescription": "Creates a pre-provisioning hook template.", "title": "PreProvisioningHook" }, "ProvisioningRoleArn": { "markdownDescription": "The role ARN for the role associated with the fleet provisioning template. This IoT role grants permission to provision a device.", "title": "ProvisioningRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the fleet provisioning template.", "title": "Tags", "type": "array" }, "TemplateBody": { "markdownDescription": "The JSON formatted contents of the fleet provisioning template version.", "title": "TemplateBody", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the fleet provisioning template.", "title": "TemplateName", "type": "string" }, "TemplateType": { "markdownDescription": "The type of the provisioning template.", "title": "TemplateType", "type": "string" } }, "required": [ "ProvisioningRoleArn", "TemplateBody" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::ProvisioningTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::ProvisioningTemplate.ProvisioningHook": { "additionalProperties": false, "properties": { "PayloadVersion": { "markdownDescription": "The payload that was sent to the target function. The valid payload is `\"2020-04-01\"` .", "title": "PayloadVersion", "type": "string" }, "TargetArn": { "markdownDescription": "The ARN of the target function.", "title": "TargetArn", "type": "string" } }, "type": "object" }, "AWS::IoT::ResourceSpecificLogging": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogLevel": { "markdownDescription": "The default log level.Valid Values: `DEBUG | INFO | ERROR | WARN | DISABLED`", "title": "LogLevel", "type": "string" }, "TargetName": { "markdownDescription": "The target name.", "title": "TargetName", "type": "string" }, "TargetType": { "markdownDescription": "The target type. Valid Values: `DEFAULT | THING_GROUP`", "title": "TargetType", "type": "string" } }, "required": [ "LogLevel", "TargetName", "TargetType" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::ResourceSpecificLogging" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::RoleAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CredentialDurationSeconds": { "markdownDescription": "The number of seconds for which the credential is valid.", "title": "CredentialDurationSeconds", "type": "number" }, "RoleAlias": { "markdownDescription": "The role alias.", "title": "RoleAlias", "type": "string" }, "RoleArn": { "markdownDescription": "The role ARN.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::RoleAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::ScheduledAudit": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DayOfMonth": { "markdownDescription": "The day of the month on which the scheduled audit is run (if the `frequency` is \"MONTHLY\"). If days 29-31 are specified, and the month does not have that many days, the audit takes place on the \"LAST\" day of the month.", "title": "DayOfMonth", "type": "string" }, "DayOfWeek": { "markdownDescription": "The day of the week on which the scheduled audit is run (if the `frequency` is \"WEEKLY\" or \"BIWEEKLY\").", "title": "DayOfWeek", "type": "string" }, "Frequency": { "markdownDescription": "How often the scheduled audit occurs.", "title": "Frequency", "type": "string" }, "ScheduledAuditName": { "markdownDescription": "The name of the scheduled audit.", "title": "ScheduledAuditName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the scheduled audit.", "title": "Tags", "type": "array" }, "TargetCheckNames": { "items": { "type": "string" }, "markdownDescription": "Which checks are performed during the scheduled audit. Checks must be enabled for your account. (Use `DescribeAccountAuditConfiguration` to see the list of all checks, including those that are enabled or use `UpdateAccountAuditConfiguration` to select which checks are enabled.)\n\nThe following checks are currently aviable:\n\n- `AUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`\n- `CA_CERTIFICATE_EXPIRING_CHECK`\n- `CA_CERTIFICATE_KEY_QUALITY_CHECK`\n- `CONFLICTING_CLIENT_IDS_CHECK`\n- `DEVICE_CERTIFICATE_EXPIRING_CHECK`\n- `DEVICE_CERTIFICATE_KEY_QUALITY_CHECK`\n- `DEVICE_CERTIFICATE_SHARED_CHECK`\n- `IOT_POLICY_OVERLY_PERMISSIVE_CHECK`\n- `IOT_ROLE_ALIAS_ALLOWS_ACCESS_TO_UNUSED_SERVICES_CHECK`\n- `IOT_ROLE_ALIAS_OVERLY_PERMISSIVE_CHECK`\n- `LOGGING_DISABLED_CHECK`\n- `REVOKED_CA_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `REVOKED_DEVICE_CERTIFICATE_STILL_ACTIVE_CHECK`\n- `UNAUTHENTICATED_COGNITO_ROLE_OVERLY_PERMISSIVE_CHECK`", "title": "TargetCheckNames", "type": "array" } }, "required": [ "Frequency", "TargetCheckNames" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::ScheduledAudit" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::SecurityProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalMetricsToRetainV2": { "items": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricToRetain" }, "markdownDescription": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's `behaviors` , but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.", "title": "AdditionalMetricsToRetainV2", "type": "array" }, "AlertTargets": { "additionalProperties": false, "markdownDescription": "Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.AlertTarget" } }, "title": "AlertTargets", "type": "object" }, "Behaviors": { "items": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.Behavior" }, "markdownDescription": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", "title": "Behaviors", "type": "array" }, "MetricsExportConfig": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricsExportConfig", "markdownDescription": "Specifies the MQTT topic and role ARN required for metric export.", "title": "MetricsExportConfig" }, "SecurityProfileDescription": { "markdownDescription": "A description of the security profile.", "title": "SecurityProfileDescription", "type": "string" }, "SecurityProfileName": { "markdownDescription": "The name you gave to the security profile.", "title": "SecurityProfileName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the security profile.", "title": "Tags", "type": "array" }, "TargetArns": { "items": { "type": "string" }, "markdownDescription": "The ARN of the target (thing group) to which the security profile is attached.", "title": "TargetArns", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::SecurityProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::SecurityProfile.AlertTarget": { "additionalProperties": false, "properties": { "AlertTargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the notification target to which alerts are sent.", "title": "AlertTargetArn", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants permission to send alerts to the notification target.", "title": "RoleArn", "type": "string" } }, "required": [ "AlertTargetArn", "RoleArn" ], "type": "object" }, "AWS::IoT::SecurityProfile.Behavior": { "additionalProperties": false, "properties": { "Criteria": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.BehaviorCriteria", "markdownDescription": "The criteria that determine if a device is behaving normally in regard to the `metric` .\n\n> In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.", "title": "Criteria" }, "ExportMetric": { "markdownDescription": "Value indicates exporting metrics related to the behavior when it is true.", "title": "ExportMetric", "type": "boolean" }, "Metric": { "markdownDescription": "What is measured by the behavior.", "title": "Metric", "type": "string" }, "MetricDimension": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", "markdownDescription": "The dimension of the metric.", "title": "MetricDimension" }, "Name": { "markdownDescription": "The name you've given to the behavior.", "title": "Name", "type": "string" }, "SuppressAlerts": { "markdownDescription": "The alert status. If you set the value to `true` , alerts will be suppressed.", "title": "SuppressAlerts", "type": "boolean" } }, "required": [ "Name" ], "type": "object" }, "AWS::IoT::SecurityProfile.BehaviorCriteria": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The operator that relates the thing measured ( `metric` ) to the criteria (containing a `value` or `statisticalThreshold` ). Valid operators include:\n\n- `string-list` : `in-set` and `not-in-set`\n- `number-list` : `in-set` and `not-in-set`\n- `ip-address-list` : `in-cidr-set` and `not-in-cidr-set`\n- `number` : `less-than` , `less-than-equals` , `greater-than` , and `greater-than-equals`", "title": "ComparisonOperator", "type": "string" }, "ConsecutiveDatapointsToAlarm": { "markdownDescription": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", "title": "ConsecutiveDatapointsToAlarm", "type": "number" }, "ConsecutiveDatapointsToClear": { "markdownDescription": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", "title": "ConsecutiveDatapointsToClear", "type": "number" }, "DurationSeconds": { "markdownDescription": "Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, `NUM_MESSAGES_SENT` ). For a `statisticalThreshhold` metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.", "title": "DurationSeconds", "type": "number" }, "MlDetectionConfig": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MachineLearningDetectionConfig", "markdownDescription": "The confidence level of the detection model.", "title": "MlDetectionConfig" }, "StatisticalThreshold": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.StatisticalThreshold", "markdownDescription": "A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", "title": "StatisticalThreshold" }, "Value": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricValue", "markdownDescription": "The value to be compared with the `metric` .", "title": "Value" } }, "type": "object" }, "AWS::IoT::SecurityProfile.MachineLearningDetectionConfig": { "additionalProperties": false, "properties": { "ConfidenceLevel": { "markdownDescription": "The model confidence level.\n\nThere are three levels of confidence, `\"high\"` , `\"medium\"` , and `\"low\"` .\n\nThe higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.", "title": "ConfidenceLevel", "type": "string" } }, "type": "object" }, "AWS::IoT::SecurityProfile.MetricDimension": { "additionalProperties": false, "properties": { "DimensionName": { "markdownDescription": "The name of the dimension.", "title": "DimensionName", "type": "string" }, "Operator": { "markdownDescription": "Operators are constructs that perform logical operations. Valid values are `IN` and `NOT_IN` .", "title": "Operator", "type": "string" } }, "required": [ "DimensionName" ], "type": "object" }, "AWS::IoT::SecurityProfile.MetricToRetain": { "additionalProperties": false, "properties": { "ExportMetric": { "markdownDescription": "The value indicates exporting metrics related to the `MetricToRetain` when it's true.", "title": "ExportMetric", "type": "boolean" }, "Metric": { "markdownDescription": "A standard of measurement.", "title": "Metric", "type": "string" }, "MetricDimension": { "$ref": "#/definitions/AWS::IoT::SecurityProfile.MetricDimension", "markdownDescription": "The dimension of the metric.", "title": "MetricDimension" } }, "required": [ "Metric" ], "type": "object" }, "AWS::IoT::SecurityProfile.MetricValue": { "additionalProperties": false, "properties": { "Cidrs": { "items": { "type": "string" }, "markdownDescription": "If the `comparisonOperator` calls for a set of CIDRs, use this to specify that set to be compared with the `metric` .", "title": "Cidrs", "type": "array" }, "Count": { "markdownDescription": "If the `comparisonOperator` calls for a numeric value, use this to specify that numeric value to be compared with the `metric` .", "title": "Count", "type": "string" }, "Number": { "markdownDescription": "The numeric values of a metric.", "title": "Number", "type": "number" }, "Numbers": { "items": { "type": "number" }, "markdownDescription": "The numeric value of a metric.", "title": "Numbers", "type": "array" }, "Ports": { "items": { "type": "number" }, "markdownDescription": "If the `comparisonOperator` calls for a set of ports, use this to specify that set to be compared with the `metric` .", "title": "Ports", "type": "array" }, "Strings": { "items": { "type": "string" }, "markdownDescription": "The string values of a metric.", "title": "Strings", "type": "array" } }, "type": "object" }, "AWS::IoT::SecurityProfile.MetricsExportConfig": { "additionalProperties": false, "properties": { "MqttTopic": { "markdownDescription": "The MQTT topic that Device Defender Detect should publish messages to for metrics export.", "title": "MqttTopic", "type": "string" }, "RoleArn": { "markdownDescription": "This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.", "title": "RoleArn", "type": "string" } }, "required": [ "MqttTopic", "RoleArn" ], "type": "object" }, "AWS::IoT::SecurityProfile.StatisticalThreshold": { "additionalProperties": false, "properties": { "Statistic": { "markdownDescription": "The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period ( `durationSeconds` ) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below ( `comparisonOperator` ) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.", "title": "Statistic", "type": "string" } }, "type": "object" }, "AWS::IoT::SoftwarePackage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "", "title": "Description", "type": "string" }, "PackageName": { "markdownDescription": "", "title": "PackageName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::SoftwarePackage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::SoftwarePackageVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "Description": { "markdownDescription": "", "title": "Description", "type": "string" }, "PackageName": { "markdownDescription": "", "title": "PackageName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "VersionName": { "markdownDescription": "", "title": "VersionName", "type": "string" } }, "required": [ "PackageName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::SoftwarePackageVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::Thing": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttributePayload": { "$ref": "#/definitions/AWS::IoT::Thing.AttributePayload", "markdownDescription": "A string that contains up to three key value pairs. Maximum length of 800. Duplicates not allowed.", "title": "AttributePayload" }, "ThingName": { "markdownDescription": "The name of the thing to update.\n\nYou can't change a thing's name. To change a thing's name, you must create a new thing, give it the new name, and then delete the old thing.", "title": "ThingName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::Thing" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::Thing.AttributePayload": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" } }, "type": "object" }, "AWS::IoT::ThingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ParentGroupName": { "markdownDescription": "The parent thing group name.\n\nA Dynamic Thing Group does not have `parentGroupName` defined.", "title": "ParentGroupName", "type": "string" }, "QueryString": { "markdownDescription": "The dynamic thing group search query string.\n\nThe `queryString` attribute *is* required for `CreateDynamicThingGroup` . The `queryString` attribute *is not* required for `CreateThingGroup` .", "title": "QueryString", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the thing group or dynamic thing group.", "title": "Tags", "type": "array" }, "ThingGroupName": { "markdownDescription": "The thing group name.", "title": "ThingGroupName", "type": "string" }, "ThingGroupProperties": { "$ref": "#/definitions/AWS::IoT::ThingGroup.ThingGroupProperties", "markdownDescription": "Thing group properties.", "title": "ThingGroupProperties" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::ThingGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::ThingGroup.AttributePayload": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "A JSON string containing up to three key-value pair in JSON format. For example:\n\n`{\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" } }, "type": "object" }, "AWS::IoT::ThingGroup.ThingGroupProperties": { "additionalProperties": false, "properties": { "AttributePayload": { "$ref": "#/definitions/AWS::IoT::ThingGroup.AttributePayload", "markdownDescription": "The thing group attributes in JSON format.", "title": "AttributePayload" }, "ThingGroupDescription": { "markdownDescription": "The thing group description.", "title": "ThingGroupDescription", "type": "string" } }, "type": "object" }, "AWS::IoT::ThingPrincipalAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Principal": { "markdownDescription": "The principal, which can be a certificate ARN (as returned from the `CreateCertificate` operation) or an Amazon Cognito ID.", "title": "Principal", "type": "string" }, "ThingName": { "markdownDescription": "The name of the AWS IoT thing.", "title": "ThingName", "type": "string" } }, "required": [ "Principal", "ThingName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::ThingPrincipalAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::ThingType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeprecateThingType": { "markdownDescription": "Deprecates a thing type. You can not associate new things with deprecated thing type.\n\nRequires permission to access the [DeprecateThingType](https://docs.aws.amazon.com//service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions) action.", "title": "DeprecateThingType", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the thing type.", "title": "Tags", "type": "array" }, "ThingTypeName": { "markdownDescription": "The name of the thing type.", "title": "ThingTypeName", "type": "string" }, "ThingTypeProperties": { "$ref": "#/definitions/AWS::IoT::ThingType.ThingTypeProperties", "markdownDescription": "The thing type properties for the thing type to create. It contains information about the new thing type including a description, and a list of searchable thing attribute names. `ThingTypeProperties` can't be updated after the initial creation of the `ThingType` .", "title": "ThingTypeProperties" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::ThingType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::ThingType.ThingTypeProperties": { "additionalProperties": false, "properties": { "SearchableAttributes": { "items": { "type": "string" }, "markdownDescription": "A list of searchable thing attribute names.", "title": "SearchableAttributes", "type": "array" }, "ThingTypeDescription": { "markdownDescription": "The description of the thing type.", "title": "ThingTypeDescription", "type": "string" } }, "type": "object" }, "AWS::IoT::TopicRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RuleName": { "markdownDescription": "The name of the rule.\n\n*Pattern* : `^[a-zA-Z0-9_]+$`", "title": "RuleName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the topic rule.\n\n> For URI Request parameters use format: ...key1=value1&key2=value2...\n> \n> For the CLI command-line parameter use format: --tags \"key1=value1&key2=value2...\"\n> \n> For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\"", "title": "Tags", "type": "array" }, "TopicRulePayload": { "$ref": "#/definitions/AWS::IoT::TopicRule.TopicRulePayload", "markdownDescription": "The rule payload.", "title": "TopicRulePayload" } }, "required": [ "TopicRulePayload" ], "type": "object" }, "Type": { "enum": [ "AWS::IoT::TopicRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoT::TopicRule.Action": { "additionalProperties": false, "properties": { "CloudwatchAlarm": { "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchAlarmAction", "markdownDescription": "Change the state of a CloudWatch alarm.", "title": "CloudwatchAlarm" }, "CloudwatchLogs": { "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchLogsAction", "markdownDescription": "Sends data to CloudWatch.", "title": "CloudwatchLogs" }, "CloudwatchMetric": { "$ref": "#/definitions/AWS::IoT::TopicRule.CloudwatchMetricAction", "markdownDescription": "Capture a CloudWatch metric.", "title": "CloudwatchMetric" }, "DynamoDB": { "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBAction", "markdownDescription": "Write to a DynamoDB table.", "title": "DynamoDB" }, "DynamoDBv2": { "$ref": "#/definitions/AWS::IoT::TopicRule.DynamoDBv2Action", "markdownDescription": "Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column.", "title": "DynamoDBv2" }, "Elasticsearch": { "$ref": "#/definitions/AWS::IoT::TopicRule.ElasticsearchAction", "markdownDescription": "Write data to an Amazon OpenSearch Service domain.\n\n> The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) .", "title": "Elasticsearch" }, "Firehose": { "$ref": "#/definitions/AWS::IoT::TopicRule.FirehoseAction", "markdownDescription": "Write to an Amazon Kinesis Firehose stream.", "title": "Firehose" }, "Http": { "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAction", "markdownDescription": "Send data to an HTTPS endpoint.", "title": "Http" }, "IotAnalytics": { "$ref": "#/definitions/AWS::IoT::TopicRule.IotAnalyticsAction", "markdownDescription": "Sends message data to an AWS IoT Analytics channel.", "title": "IotAnalytics" }, "IotEvents": { "$ref": "#/definitions/AWS::IoT::TopicRule.IotEventsAction", "markdownDescription": "Sends an input to an AWS IoT Events detector.", "title": "IotEvents" }, "IotSiteWise": { "$ref": "#/definitions/AWS::IoT::TopicRule.IotSiteWiseAction", "markdownDescription": "Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties.", "title": "IotSiteWise" }, "Kafka": { "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaAction", "markdownDescription": "Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster.", "title": "Kafka" }, "Kinesis": { "$ref": "#/definitions/AWS::IoT::TopicRule.KinesisAction", "markdownDescription": "Write data to an Amazon Kinesis stream.", "title": "Kinesis" }, "Lambda": { "$ref": "#/definitions/AWS::IoT::TopicRule.LambdaAction", "markdownDescription": "Invoke a Lambda function.", "title": "Lambda" }, "Location": { "$ref": "#/definitions/AWS::IoT::TopicRule.LocationAction", "markdownDescription": "Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) .", "title": "Location" }, "OpenSearch": { "$ref": "#/definitions/AWS::IoT::TopicRule.OpenSearchAction", "markdownDescription": "Write data to an Amazon OpenSearch Service domain.", "title": "OpenSearch" }, "Republish": { "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishAction", "markdownDescription": "Publish to another MQTT topic.", "title": "Republish" }, "S3": { "$ref": "#/definitions/AWS::IoT::TopicRule.S3Action", "markdownDescription": "Write to an Amazon S3 bucket.", "title": "S3" }, "Sns": { "$ref": "#/definitions/AWS::IoT::TopicRule.SnsAction", "markdownDescription": "Publish to an Amazon SNS topic.", "title": "Sns" }, "Sqs": { "$ref": "#/definitions/AWS::IoT::TopicRule.SqsAction", "markdownDescription": "Publish to an Amazon SQS queue.", "title": "Sqs" }, "StepFunctions": { "$ref": "#/definitions/AWS::IoT::TopicRule.StepFunctionsAction", "markdownDescription": "Starts execution of a Step Functions state machine.", "title": "StepFunctions" }, "Timestream": { "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamAction", "markdownDescription": "Writes attributes from an MQTT message.", "title": "Timestream" } }, "type": "object" }, "AWS::IoT::TopicRule.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { "OffsetInNanos": { "markdownDescription": "Optional. A string that contains the nanosecond time offset. Accepts substitution templates.", "title": "OffsetInNanos", "type": "string" }, "TimeInSeconds": { "markdownDescription": "A string that contains the time in seconds since epoch. Accepts substitution templates.", "title": "TimeInSeconds", "type": "string" } }, "required": [ "TimeInSeconds" ], "type": "object" }, "AWS::IoT::TopicRule.AssetPropertyValue": { "additionalProperties": false, "properties": { "Quality": { "markdownDescription": "Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` .", "title": "Quality", "type": "string" }, "Timestamp": { "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyTimestamp", "markdownDescription": "The asset property value timestamp.", "title": "Timestamp" }, "Value": { "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyVariant", "markdownDescription": "The value of the asset property.", "title": "Value" } }, "required": [ "Timestamp", "Value" ], "type": "object" }, "AWS::IoT::TopicRule.AssetPropertyVariant": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates.", "title": "BooleanValue", "type": "string" }, "DoubleValue": { "markdownDescription": "Optional. A string that contains the double value of the value entry. Accepts substitution templates.", "title": "DoubleValue", "type": "string" }, "IntegerValue": { "markdownDescription": "Optional. A string that contains the integer value of the value entry. Accepts substitution templates.", "title": "IntegerValue", "type": "string" }, "StringValue": { "markdownDescription": "Optional. The string value of the value entry. Accepts substitution templates.", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::IoT::TopicRule.CloudwatchAlarmAction": { "additionalProperties": false, "properties": { "AlarmName": { "markdownDescription": "The CloudWatch alarm name.", "title": "AlarmName", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that allows access to the CloudWatch alarm.", "title": "RoleArn", "type": "string" }, "StateReason": { "markdownDescription": "The reason for the alarm change.", "title": "StateReason", "type": "string" }, "StateValue": { "markdownDescription": "The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA.", "title": "StateValue", "type": "string" } }, "required": [ "AlarmName", "RoleArn", "StateReason", "StateValue" ], "type": "object" }, "AWS::IoT::TopicRule.CloudwatchLogsAction": { "additionalProperties": false, "properties": { "BatchMode": { "markdownDescription": "Indicates whether batches of log records will be extracted and uploaded into CloudWatch.", "title": "BatchMode", "type": "boolean" }, "LogGroupName": { "markdownDescription": "The CloudWatch log name.", "title": "LogGroupName", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that allows access to the CloudWatch log.", "title": "RoleArn", "type": "string" } }, "required": [ "LogGroupName", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.CloudwatchMetricAction": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "The CloudWatch metric name.", "title": "MetricName", "type": "string" }, "MetricNamespace": { "markdownDescription": "The CloudWatch metric namespace name.", "title": "MetricNamespace", "type": "string" }, "MetricTimestamp": { "markdownDescription": "An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) .", "title": "MetricTimestamp", "type": "string" }, "MetricUnit": { "markdownDescription": "The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch.", "title": "MetricUnit", "type": "string" }, "MetricValue": { "markdownDescription": "The CloudWatch metric value.", "title": "MetricValue", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that allows access to the CloudWatch metric.", "title": "RoleArn", "type": "string" } }, "required": [ "MetricName", "MetricNamespace", "MetricUnit", "MetricValue", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.DynamoDBAction": { "additionalProperties": false, "properties": { "HashKeyField": { "markdownDescription": "The hash key name.", "title": "HashKeyField", "type": "string" }, "HashKeyType": { "markdownDescription": "The hash key type. Valid values are \"STRING\" or \"NUMBER\"", "title": "HashKeyType", "type": "string" }, "HashKeyValue": { "markdownDescription": "The hash key value.", "title": "HashKeyValue", "type": "string" }, "PayloadField": { "markdownDescription": "The action payload. This name can be customized.", "title": "PayloadField", "type": "string" }, "RangeKeyField": { "markdownDescription": "The range key name.", "title": "RangeKeyField", "type": "string" }, "RangeKeyType": { "markdownDescription": "The range key type. Valid values are \"STRING\" or \"NUMBER\"", "title": "RangeKeyType", "type": "string" }, "RangeKeyValue": { "markdownDescription": "The range key value.", "title": "RangeKeyValue", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", "title": "RoleArn", "type": "string" }, "TableName": { "markdownDescription": "The name of the DynamoDB table.", "title": "TableName", "type": "string" } }, "required": [ "HashKeyField", "HashKeyValue", "RoleArn", "TableName" ], "type": "object" }, "AWS::IoT::TopicRule.DynamoDBv2Action": { "additionalProperties": false, "properties": { "PutItem": { "$ref": "#/definitions/AWS::IoT::TopicRule.PutItemInput", "markdownDescription": "Specifies the DynamoDB table to which the message data will be written. For example:\n\n`{ \"dynamoDBv2\": { \"roleArn\": \"aws:iam:12341251:my-role\" \"putItem\": { \"tableName\": \"my-table\" } } }`\n\nEach attribute in the message payload will be written to a separate column in the DynamoDB database.", "title": "PutItem" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access to the DynamoDB table.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::IoT::TopicRule.ElasticsearchAction": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "The endpoint of your OpenSearch domain.", "title": "Endpoint", "type": "string" }, "Id": { "markdownDescription": "The unique identifier for the document you are storing.", "title": "Id", "type": "string" }, "Index": { "markdownDescription": "The index where you want to store your data.", "title": "Index", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role ARN that has access to OpenSearch.", "title": "RoleArn", "type": "string" }, "Type": { "markdownDescription": "The type of document you are storing.", "title": "Type", "type": "string" } }, "required": [ "Endpoint", "Id", "Index", "RoleArn", "Type" ], "type": "object" }, "AWS::IoT::TopicRule.FirehoseAction": { "additionalProperties": false, "properties": { "BatchMode": { "markdownDescription": "Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` .\n\nWhen `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records.", "title": "BatchMode", "type": "boolean" }, "DeliveryStreamName": { "markdownDescription": "The delivery stream name.", "title": "DeliveryStreamName", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that grants access to the Amazon Kinesis Firehose stream.", "title": "RoleArn", "type": "string" }, "Separator": { "markdownDescription": "A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", "title": "Separator", "type": "string" } }, "required": [ "DeliveryStreamName", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.HttpAction": { "additionalProperties": false, "properties": { "Auth": { "$ref": "#/definitions/AWS::IoT::TopicRule.HttpAuthorization", "markdownDescription": "The authentication method to use when sending data to an HTTPS endpoint.", "title": "Auth" }, "ConfirmationUrl": { "markdownDescription": "The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL.", "title": "ConfirmationUrl", "type": "string" }, "Headers": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.HttpActionHeader" }, "markdownDescription": "The HTTP headers to send with the message data.", "title": "Headers", "type": "array" }, "Url": { "markdownDescription": "The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible.", "title": "Url", "type": "string" } }, "required": [ "Url" ], "type": "object" }, "AWS::IoT::TopicRule.HttpActionHeader": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The HTTP header key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The HTTP header value. Substitution templates are supported.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::IoT::TopicRule.HttpAuthorization": { "additionalProperties": false, "properties": { "Sigv4": { "$ref": "#/definitions/AWS::IoT::TopicRule.SigV4Authorization", "markdownDescription": "Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) .", "title": "Sigv4" } }, "type": "object" }, "AWS::IoT::TopicRule.IotAnalyticsAction": { "additionalProperties": false, "properties": { "BatchMode": { "markdownDescription": "Whether to process the action as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages.", "title": "BatchMode", "type": "boolean" }, "ChannelName": { "markdownDescription": "The name of the IoT Analytics channel to which message data will be sent.", "title": "ChannelName", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage).", "title": "RoleArn", "type": "string" } }, "required": [ "ChannelName", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.IotEventsAction": { "additionalProperties": false, "properties": { "BatchMode": { "markdownDescription": "Whether to process the event actions as a batch. The default value is `false` .\n\nWhen `batchMode` is `true` , you can't specify a `messageId` .\n\nWhen `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages.", "title": "BatchMode", "type": "boolean" }, "InputName": { "markdownDescription": "The name of the AWS IoT Events input.", "title": "InputName", "type": "string" }, "MessageId": { "markdownDescription": "The ID of the message. The default `messageId` is a new UUID value.\n\nWhen `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned.\n\nAssign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector.", "title": "MessageId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. (\"Action\":\"iotevents:BatchPutMessage\").", "title": "RoleArn", "type": "string" } }, "required": [ "InputName", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.IotSiteWiseAction": { "additionalProperties": false, "properties": { "PutAssetPropertyValueEntries": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.PutAssetPropertyValueEntry" }, "markdownDescription": "A list of asset property value entries.", "title": "PutAssetPropertyValueEntries", "type": "array" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `\"Action\": \"iotsitewise:BatchPutAssetPropertyValue\"` ). The trust policy can restrict access to specific asset hierarchy paths.", "title": "RoleArn", "type": "string" } }, "required": [ "PutAssetPropertyValueEntries", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.KafkaAction": { "additionalProperties": false, "properties": { "ClientProperties": { "additionalProperties": true, "markdownDescription": "Properties of the Apache Kafka producer client.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ClientProperties", "type": "object" }, "DestinationArn": { "markdownDescription": "The ARN of Kafka action's VPC `TopicRuleDestination` .", "title": "DestinationArn", "type": "string" }, "Headers": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.KafkaActionHeader" }, "markdownDescription": "The list of Kafka headers that you specify.", "title": "Headers", "type": "array" }, "Key": { "markdownDescription": "The Kafka message key.", "title": "Key", "type": "string" }, "Partition": { "markdownDescription": "The Kafka message partition.", "title": "Partition", "type": "string" }, "Topic": { "markdownDescription": "The Kafka topic for messages to be sent to the Kafka broker.", "title": "Topic", "type": "string" } }, "required": [ "ClientProperties", "DestinationArn", "Topic" ], "type": "object" }, "AWS::IoT::TopicRule.KafkaActionHeader": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of the Kafka header.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the Kafka header.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::IoT::TopicRule.KinesisAction": { "additionalProperties": false, "properties": { "PartitionKey": { "markdownDescription": "The partition key.", "title": "PartitionKey", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access to the Amazon Kinesis stream.", "title": "RoleArn", "type": "string" }, "StreamName": { "markdownDescription": "The name of the Amazon Kinesis stream.", "title": "StreamName", "type": "string" } }, "required": [ "RoleArn", "StreamName" ], "type": "object" }, "AWS::IoT::TopicRule.LambdaAction": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The ARN of the Lambda function.", "title": "FunctionArn", "type": "string" } }, "type": "object" }, "AWS::IoT::TopicRule.LocationAction": { "additionalProperties": false, "properties": { "DeviceId": { "markdownDescription": "The unique ID of the device providing the location data.", "title": "DeviceId", "type": "string" }, "Latitude": { "markdownDescription": "A string that evaluates to a double value that represents the latitude of the device's location.", "title": "Latitude", "type": "string" }, "Longitude": { "markdownDescription": "A string that evaluates to a double value that represents the longitude of the device's location.", "title": "Longitude", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that grants permission to write to the Amazon Location resource.", "title": "RoleArn", "type": "string" }, "Timestamp": { "$ref": "#/definitions/AWS::IoT::TopicRule.Timestamp", "markdownDescription": "The time that the location data was sampled. The default value is the time the MQTT message was processed.", "title": "Timestamp" }, "TrackerName": { "markdownDescription": "The name of the tracker resource in Amazon Location in which the location is updated.", "title": "TrackerName", "type": "string" } }, "required": [ "DeviceId", "Latitude", "Longitude", "RoleArn", "TrackerName" ], "type": "object" }, "AWS::IoT::TopicRule.OpenSearchAction": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "The endpoint of your OpenSearch domain.", "title": "Endpoint", "type": "string" }, "Id": { "markdownDescription": "The unique identifier for the document you are storing.", "title": "Id", "type": "string" }, "Index": { "markdownDescription": "The OpenSearch index where you want to store your data.", "title": "Index", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role ARN that has access to OpenSearch.", "title": "RoleArn", "type": "string" }, "Type": { "markdownDescription": "The type of document you are storing.", "title": "Type", "type": "string" } }, "required": [ "Endpoint", "Id", "Index", "RoleArn", "Type" ], "type": "object" }, "AWS::IoT::TopicRule.PutAssetPropertyValueEntry": { "additionalProperties": false, "properties": { "AssetId": { "markdownDescription": "The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", "title": "AssetId", "type": "string" }, "EntryId": { "markdownDescription": "Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID.", "title": "EntryId", "type": "string" }, "PropertyAlias": { "markdownDescription": "The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", "title": "PropertyAlias", "type": "string" }, "PropertyId": { "markdownDescription": "The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates.", "title": "PropertyId", "type": "string" }, "PropertyValues": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.AssetPropertyValue" }, "markdownDescription": "A list of property values to insert that each contain timestamp, quality, and value (TQV) information.", "title": "PropertyValues", "type": "array" } }, "required": [ "PropertyValues" ], "type": "object" }, "AWS::IoT::TopicRule.PutItemInput": { "additionalProperties": false, "properties": { "TableName": { "markdownDescription": "The table where the message data will be written.", "title": "TableName", "type": "string" } }, "required": [ "TableName" ], "type": "object" }, "AWS::IoT::TopicRule.RepublishAction": { "additionalProperties": false, "properties": { "Headers": { "$ref": "#/definitions/AWS::IoT::TopicRule.RepublishActionHeaders", "markdownDescription": "MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide.", "title": "Headers" }, "Qos": { "markdownDescription": "The Quality of Service (QoS) level to use when republishing messages. The default value is 0.", "title": "Qos", "type": "number" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access.", "title": "RoleArn", "type": "string" }, "Topic": { "markdownDescription": "The name of the MQTT topic.", "title": "Topic", "type": "string" } }, "required": [ "RoleArn", "Topic" ], "type": "object" }, "AWS::IoT::TopicRule.RepublishActionHeaders": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "A UTF-8 encoded string that describes the content of the publishing message.\n\nFor more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", "title": "ContentType", "type": "string" }, "CorrelationData": { "markdownDescription": "The base64-encoded binary data used by the sender of the request message to identify which request the response message is for.\n\nFor more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .\n\n> This binary data must be base64-encoded.", "title": "CorrelationData", "type": "string" }, "MessageExpiry": { "markdownDescription": "A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", "title": "MessageExpiry", "type": "string" }, "PayloadFormatIndicator": { "markdownDescription": "An `Enum` string value that indicates whether the payload is formatted as UTF-8.\n\nValid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` .\n\nFor more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", "title": "PayloadFormatIndicator", "type": "string" }, "ResponseTopic": { "markdownDescription": "A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters.\n\nFor more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification.\n\nSupports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) .", "title": "ResponseTopic", "type": "string" }, "UserProperties": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.UserProperty" }, "markdownDescription": "An array of key-value pairs that you define in the MQTT5 header.", "title": "UserProperties", "type": "array" } }, "type": "object" }, "AWS::IoT::TopicRule.S3Action": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The Amazon S3 bucket.", "title": "BucketName", "type": "string" }, "CannedAcl": { "markdownDescription": "The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) .", "title": "CannedAcl", "type": "string" }, "Key": { "markdownDescription": "The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) .", "title": "Key", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access.", "title": "RoleArn", "type": "string" } }, "required": [ "BucketName", "Key", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.SigV4Authorization": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The ARN of the signing role.", "title": "RoleArn", "type": "string" }, "ServiceName": { "markdownDescription": "The service name to use while signing with Sig V4.", "title": "ServiceName", "type": "string" }, "SigningRegion": { "markdownDescription": "The signing region.", "title": "SigningRegion", "type": "string" } }, "required": [ "RoleArn", "ServiceName", "SigningRegion" ], "type": "object" }, "AWS::IoT::TopicRule.SnsAction": { "additionalProperties": false, "properties": { "MessageFormat": { "markdownDescription": "(Optional) The message format of the message to publish. Accepted values are \"JSON\" and \"RAW\". The default value of the attribute is \"RAW\". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* .", "title": "MessageFormat", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access.", "title": "RoleArn", "type": "string" }, "TargetArn": { "markdownDescription": "The ARN of the SNS topic.", "title": "TargetArn", "type": "string" } }, "required": [ "RoleArn", "TargetArn" ], "type": "object" }, "AWS::IoT::TopicRule.SqsAction": { "additionalProperties": false, "properties": { "QueueUrl": { "markdownDescription": "The URL of the Amazon SQS queue.", "title": "QueueUrl", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that grants access.", "title": "RoleArn", "type": "string" }, "UseBase64": { "markdownDescription": "Specifies whether to use Base64 encoding.", "title": "UseBase64", "type": "boolean" } }, "required": [ "QueueUrl", "RoleArn" ], "type": "object" }, "AWS::IoT::TopicRule.StepFunctionsAction": { "additionalProperties": false, "properties": { "ExecutionNamePrefix": { "markdownDescription": "(Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided.", "title": "ExecutionNamePrefix", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants IoT permission to start execution of a state machine (\"Action\":\"states:StartExecution\").", "title": "RoleArn", "type": "string" }, "StateMachineName": { "markdownDescription": "The name of the Step Functions state machine whose execution will be started.", "title": "StateMachineName", "type": "string" } }, "required": [ "RoleArn", "StateMachineName" ], "type": "object" }, "AWS::IoT::TopicRule.Timestamp": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "An expression that returns a long epoch time value.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::IoT::TopicRule.TimestreamAction": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of an Amazon Timestream database that has the table to write records into.", "title": "DatabaseName", "type": "string" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamDimension" }, "markdownDescription": "Metadata attributes of the time series that are written in each measure record.", "title": "Dimensions", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table.", "title": "RoleArn", "type": "string" }, "TableName": { "markdownDescription": "The table where the message data will be written.", "title": "TableName", "type": "string" }, "Timestamp": { "$ref": "#/definitions/AWS::IoT::TopicRule.TimestreamTimestamp", "markdownDescription": "The value to use for the entry's timestamp. If blank, the time that the entry was processed is used.", "title": "Timestamp" } }, "required": [ "DatabaseName", "Dimensions", "RoleArn", "TableName" ], "type": "object" }, "AWS::IoT::TopicRule.TimestreamDimension": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The metadata dimension name. This is the name of the column in the Amazon Timestream database table record.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value to write in this column of the database record.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::IoT::TopicRule.TimestreamTimestamp": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "The precision of the timestamp value that results from the expression described in `value` .", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "An expression that returns a long epoch time value.", "title": "Value", "type": "string" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::IoT::TopicRule.TopicRulePayload": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::IoT::TopicRule.Action" }, "markdownDescription": "The actions associated with the rule.", "title": "Actions", "type": "array" }, "AwsIotSqlVersion": { "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule.\n\nThe default value is 2015-10-08.", "title": "AwsIotSqlVersion", "type": "string" }, "Description": { "markdownDescription": "The description of the rule.", "title": "Description", "type": "string" }, "ErrorAction": { "$ref": "#/definitions/AWS::IoT::TopicRule.Action", "markdownDescription": "The action to take when an error occurs.", "title": "ErrorAction" }, "RuleDisabled": { "markdownDescription": "Specifies whether the rule is disabled.", "title": "RuleDisabled", "type": "boolean" }, "Sql": { "markdownDescription": "The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* .", "title": "Sql", "type": "string" } }, "required": [ "Actions", "Sql" ], "type": "object" }, "AWS::IoT::TopicRule.UserProperty": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A key to be specified in `UserProperty` .", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "A value to be specified in `UserProperty` .", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::IoT::TopicRuleDestination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HttpUrlProperties": { "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary", "markdownDescription": "Properties of the HTTP URL.", "title": "HttpUrlProperties" }, "Status": { "markdownDescription": "- **IN_PROGRESS** - A topic rule destination was created but has not been confirmed. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.\n- **ENABLED** - Confirmation was completed, and traffic to this destination is allowed. You can set status to `DISABLED` by calling `UpdateTopicRuleDestination` .\n- **DISABLED** - Confirmation was completed, and traffic to this destination is not allowed. You can set status to `ENABLED` by calling `UpdateTopicRuleDestination` .\n- **ERROR** - Confirmation could not be completed; for example, if the confirmation timed out. You can call `GetTopicRuleDestination` for details about the error. You can set status to `IN_PROGRESS` by calling `UpdateTopicRuleDestination` . Calling `UpdateTopicRuleDestination` causes a new confirmation challenge to be sent to your confirmation endpoint.", "title": "Status", "type": "string" }, "VpcProperties": { "$ref": "#/definitions/AWS::IoT::TopicRuleDestination.VpcDestinationProperties", "markdownDescription": "Properties of the virtual private cloud (VPC) connection.", "title": "VpcProperties" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoT::TopicRuleDestination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoT::TopicRuleDestination.HttpUrlDestinationSummary": { "additionalProperties": false, "properties": { "ConfirmationUrl": { "markdownDescription": "The URL used to confirm the HTTP topic rule destination URL.", "title": "ConfirmationUrl", "type": "string" } }, "type": "object" }, "AWS::IoT::TopicRuleDestination.VpcDestinationProperties": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs).", "title": "RoleArn", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups of the VPC destination.", "title": "SecurityGroups", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The subnet IDs of the VPC destination.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC.", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::IoTAnalytics::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelName": { "markdownDescription": "The name of the channel.", "title": "ChannelName", "type": "string" }, "ChannelStorage": { "$ref": "#/definitions/AWS::IoTAnalytics::Channel.ChannelStorage", "markdownDescription": "Where channel data is stored.", "title": "ChannelStorage" }, "RetentionPeriod": { "$ref": "#/definitions/AWS::IoTAnalytics::Channel.RetentionPeriod", "markdownDescription": "How long, in days, message data is kept for the channel.", "title": "RetentionPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the channel.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTAnalytics::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTAnalytics::Channel.ChannelStorage": { "additionalProperties": false, "properties": { "CustomerManagedS3": { "$ref": "#/definitions/AWS::IoTAnalytics::Channel.CustomerManagedS3", "markdownDescription": "Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created.", "title": "CustomerManagedS3" }, "ServiceManagedS3": { "markdownDescription": "Used to store channel data in an S3 bucket managed by AWS IoT Analytics . You can't change the choice of S3 storage after the data store is created.", "title": "ServiceManagedS3", "type": "object" } }, "type": "object" }, "AWS::IoTAnalytics::Channel.CustomerManagedS3": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket in which channel data is stored.", "title": "Bucket", "type": "string" }, "KeyPrefix": { "markdownDescription": "(Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/).", "title": "KeyPrefix", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", "title": "RoleArn", "type": "string" } }, "required": [ "Bucket", "RoleArn" ], "type": "object" }, "AWS::IoTAnalytics::Channel.RetentionPeriod": { "additionalProperties": false, "properties": { "NumberOfDays": { "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", "title": "NumberOfDays", "type": "number" }, "Unlimited": { "markdownDescription": "If true, message data is kept indefinitely.", "title": "Unlimited", "type": "boolean" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Action" }, "markdownDescription": "The `DatasetAction` objects that automatically create the dataset contents.", "title": "Actions", "type": "array" }, "ContentDeliveryRules": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule" }, "markdownDescription": "When dataset contents are created they are delivered to destinations specified here.", "title": "ContentDeliveryRules", "type": "array" }, "DatasetName": { "markdownDescription": "The name of the dataset.", "title": "DatasetName", "type": "string" }, "LateDataRules": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRule" }, "markdownDescription": "A list of data rules that send notifications to CloudWatch, when data arrives late. To specify `lateDataRules` , the dataset must use a [DeltaTimer](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_DeltaTime.html) filter.", "title": "LateDataRules", "type": "array" }, "RetentionPeriod": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.RetentionPeriod", "markdownDescription": "Optional. How long, in days, message data is kept for the dataset.", "title": "RetentionPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the data set.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Triggers": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Trigger" }, "markdownDescription": "The `DatasetTrigger` objects that specify when the dataset is automatically updated.", "title": "Triggers", "type": "array" }, "VersioningConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.VersioningConfiguration", "markdownDescription": "Optional. How many versions of dataset contents are kept. If not specified or set to null, only the latest version plus the latest succeeded version (if they are different) are kept for the time period specified by the `retentionPeriod` parameter. For more information, see [Keeping Multiple Versions of AWS IoT Analytics datasets](https://docs.aws.amazon.com/iotanalytics/latest/userguide/getting-started.html#aws-iot-analytics-dataset-versions) in the *AWS IoT Analytics User Guide* .", "title": "VersioningConfiguration" } }, "required": [ "Actions" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTAnalytics::Dataset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.Action": { "additionalProperties": false, "properties": { "ActionName": { "markdownDescription": "The name of the data set action by which data set contents are automatically created.", "title": "ActionName", "type": "string" }, "ContainerAction": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ContainerAction", "markdownDescription": "Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries.", "title": "ContainerAction" }, "QueryAction": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.QueryAction", "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", "title": "QueryAction" } }, "required": [ "ActionName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.ContainerAction": { "additionalProperties": false, "properties": { "ExecutionRoleArn": { "markdownDescription": "The ARN of the role which gives permission to the system to access needed resources in order to run the \"containerAction\". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application.", "title": "ExecutionRoleArn", "type": "string" }, "Image": { "markdownDescription": "The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents.", "title": "Image", "type": "string" }, "ResourceConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.ResourceConfiguration", "markdownDescription": "Configuration of the resource which executes the \"containerAction\".", "title": "ResourceConfiguration" }, "Variables": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Variable" }, "markdownDescription": "The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of \"stringValue\", \"datasetContentVersionValue\", or \"outputFileUriValue\".", "title": "Variables", "type": "array" } }, "required": [ "ExecutionRoleArn", "Image", "ResourceConfiguration" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRule": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination", "markdownDescription": "The destination to which dataset contents are delivered.", "title": "Destination" }, "EntryName": { "markdownDescription": "The name of the dataset content delivery rules entry.", "title": "EntryName", "type": "string" } }, "required": [ "Destination" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.DatasetContentDeliveryRuleDestination": { "additionalProperties": false, "properties": { "IotEventsDestinationConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration", "markdownDescription": "Configuration information for delivery of dataset contents to AWS IoT Events .", "title": "IotEventsDestinationConfiguration" }, "S3DestinationConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.S3DestinationConfiguration", "markdownDescription": "Configuration information for delivery of dataset contents to Amazon S3.", "title": "S3DestinationConfiguration" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset.DatasetContentVersionValue": { "additionalProperties": false, "properties": { "DatasetName": { "markdownDescription": "The name of the dataset whose latest contents are used as input to the notebook or application.", "title": "DatasetName", "type": "string" } }, "required": [ "DatasetName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.DeltaTime": { "additionalProperties": false, "properties": { "OffsetSeconds": { "markdownDescription": "The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe.", "title": "OffsetSeconds", "type": "number" }, "TimeExpression": { "markdownDescription": "An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated.", "title": "TimeExpression", "type": "string" } }, "required": [ "OffsetSeconds", "TimeExpression" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration": { "additionalProperties": false, "properties": { "TimeoutInMinutes": { "markdownDescription": "A time interval. You can use `timeoutInMinutes` so that AWS IoT Analytics can batch up late data notifications that have been generated since the last execution. AWS IoT Analytics sends one batch of notifications to Amazon CloudWatch Events at one time.\n\nFor more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* .", "title": "TimeoutInMinutes", "type": "number" } }, "required": [ "TimeoutInMinutes" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.Filter": { "additionalProperties": false, "properties": { "DeltaTime": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTime", "markdownDescription": "Used to limit data to that which has arrived since the last execution of the action.", "title": "DeltaTime" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset.GlueConfiguration": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables.", "title": "DatabaseName", "type": "string" }, "TableName": { "markdownDescription": "The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "TableName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.IotEventsDestinationConfiguration": { "additionalProperties": false, "properties": { "InputName": { "markdownDescription": "The name of the AWS IoT Events input to which dataset contents are delivered.", "title": "InputName", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to deliver dataset contents to an AWS IoT Events input.", "title": "RoleArn", "type": "string" } }, "required": [ "InputName", "RoleArn" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.LateDataRule": { "additionalProperties": false, "properties": { "RuleConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration", "markdownDescription": "The information needed to configure the late data rule.", "title": "RuleConfiguration" }, "RuleName": { "markdownDescription": "The name of the late data rule.", "title": "RuleName", "type": "string" } }, "required": [ "RuleConfiguration" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.LateDataRuleConfiguration": { "additionalProperties": false, "properties": { "DeltaTimeSessionWindowConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DeltaTimeSessionWindowConfiguration", "markdownDescription": "The information needed to configure a delta time session window.", "title": "DeltaTimeSessionWindowConfiguration" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset.OutputFileUriValue": { "additionalProperties": false, "properties": { "FileName": { "markdownDescription": "The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket.", "title": "FileName", "type": "string" } }, "required": [ "FileName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.QueryAction": { "additionalProperties": false, "properties": { "Filters": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Filter" }, "markdownDescription": "Pre-filters applied to message data.", "title": "Filters", "type": "array" }, "SqlQuery": { "markdownDescription": "An \"SqlQueryDatasetAction\" object that uses an SQL query to automatically create data set contents.", "title": "SqlQuery", "type": "string" } }, "required": [ "SqlQuery" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.ResourceConfiguration": { "additionalProperties": false, "properties": { "ComputeType": { "markdownDescription": "The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB).", "title": "ComputeType", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50).", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "ComputeType", "VolumeSizeInGB" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.RetentionPeriod": { "additionalProperties": false, "properties": { "NumberOfDays": { "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", "title": "NumberOfDays", "type": "number" }, "Unlimited": { "markdownDescription": "If true, message data is kept indefinitely.", "title": "Unlimited", "type": "boolean" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset.S3DestinationConfiguration": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket to which dataset contents are delivered.", "title": "Bucket", "type": "string" }, "GlueConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.GlueConfiguration", "markdownDescription": "Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service.", "title": "GlueConfiguration" }, "Key": { "markdownDescription": "The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key.\n\nYou can create a unique key with the following options:\n\n- Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run.\n- Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content.\n- Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content.\n\nThe following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv`\n\n> If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other.", "title": "Key", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 and AWS Glue resources.", "title": "RoleArn", "type": "string" } }, "required": [ "Bucket", "Key", "RoleArn" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.Schedule": { "additionalProperties": false, "properties": { "ScheduleExpression": { "markdownDescription": "The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation.", "title": "ScheduleExpression", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.Trigger": { "additionalProperties": false, "properties": { "Schedule": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.Schedule", "markdownDescription": "The \"Schedule\" when the trigger is initiated.", "title": "Schedule" }, "TriggeringDataset": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.TriggeringDataset", "markdownDescription": "Information about the data set whose content generation triggers the new data set content generation.", "title": "TriggeringDataset" } }, "type": "object" }, "AWS::IoTAnalytics::Dataset.TriggeringDataset": { "additionalProperties": false, "properties": { "DatasetName": { "markdownDescription": "The name of the data set whose content generation triggers the new data set content generation.", "title": "DatasetName", "type": "string" } }, "required": [ "DatasetName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.Variable": { "additionalProperties": false, "properties": { "DatasetContentVersionValue": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.DatasetContentVersionValue", "markdownDescription": "The value of the variable as a structure that specifies a dataset content version.", "title": "DatasetContentVersionValue" }, "DoubleValue": { "markdownDescription": "The value of the variable as a double (numeric).", "title": "DoubleValue", "type": "number" }, "OutputFileUriValue": { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset.OutputFileUriValue", "markdownDescription": "The value of the variable as a structure that specifies an output file URI.", "title": "OutputFileUriValue" }, "StringValue": { "markdownDescription": "The value of the variable as a string.", "title": "StringValue", "type": "string" }, "VariableName": { "markdownDescription": "The name of the variable.", "title": "VariableName", "type": "string" } }, "required": [ "VariableName" ], "type": "object" }, "AWS::IoTAnalytics::Dataset.VersioningConfiguration": { "additionalProperties": false, "properties": { "MaxVersions": { "markdownDescription": "How many versions of dataset contents are kept. The `unlimited` parameter must be `false` .", "title": "MaxVersions", "type": "number" }, "Unlimited": { "markdownDescription": "If true, unlimited versions of dataset contents are kept.", "title": "Unlimited", "type": "boolean" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatastoreName": { "markdownDescription": "The name of the data store.", "title": "DatastoreName", "type": "string" }, "DatastorePartitions": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartitions", "markdownDescription": "Information about the partition dimensions in a data store.", "title": "DatastorePartitions" }, "DatastoreStorage": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastoreStorage", "markdownDescription": "Where data store data is stored.", "title": "DatastoreStorage" }, "FileFormatConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.FileFormatConfiguration", "markdownDescription": "Contains the configuration information of file formats. AWS IoT Analytics data stores support JSON and [Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/) .\n\nThe default file format is JSON. You can specify only one format.\n\nYou can't change the file format after you create the data store.", "title": "FileFormatConfiguration" }, "RetentionPeriod": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.RetentionPeriod", "markdownDescription": "How long, in days, message data is kept for the data store. When `customerManagedS3` storage is selected, this parameter is ignored.", "title": "RetentionPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the data store.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTAnalytics::Datastore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTAnalytics::Datastore.Column": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the column.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* .", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::IoTAnalytics::Datastore.CustomerManagedS3": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", "title": "Bucket", "type": "string" }, "KeyPrefix": { "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", "title": "KeyPrefix", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants AWS IoT Analytics permission to interact with your Amazon S3 resources.", "title": "RoleArn", "type": "string" } }, "required": [ "Bucket", "RoleArn" ], "type": "object" }, "AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where your data is stored.", "title": "Bucket", "type": "string" }, "KeyPrefix": { "markdownDescription": "(Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/).", "title": "KeyPrefix", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::IoTAnalytics::Datastore.DatastorePartition": { "additionalProperties": false, "properties": { "Partition": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Partition", "markdownDescription": "A partition dimension defined by an attribute.", "title": "Partition" }, "TimestampPartition": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.TimestampPartition", "markdownDescription": "A partition dimension defined by a timestamp attribute.", "title": "TimestampPartition" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.DatastorePartitions": { "additionalProperties": false, "properties": { "Partitions": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.DatastorePartition" }, "markdownDescription": "A list of partition dimensions in a data store.", "title": "Partitions", "type": "array" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.DatastoreStorage": { "additionalProperties": false, "properties": { "CustomerManagedS3": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3", "markdownDescription": "Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", "title": "CustomerManagedS3" }, "IotSiteWiseMultiLayerStorage": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage", "markdownDescription": "Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created.", "title": "IotSiteWiseMultiLayerStorage" }, "ServiceManagedS3": { "markdownDescription": "Use this to store data store data in an S3 bucket managed by the AWS IoT Analytics service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store.", "title": "ServiceManagedS3", "type": "object" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.FileFormatConfiguration": { "additionalProperties": false, "properties": { "JsonConfiguration": { "markdownDescription": "Contains the configuration information of the JSON format.", "title": "JsonConfiguration", "type": "object" }, "ParquetConfiguration": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.ParquetConfiguration", "markdownDescription": "Contains the configuration information of the Parquet format.", "title": "ParquetConfiguration" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.IotSiteWiseMultiLayerStorage": { "additionalProperties": false, "properties": { "CustomerManagedS3Storage": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.CustomerManagedS3Storage", "markdownDescription": "Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage.", "title": "CustomerManagedS3Storage" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.ParquetConfiguration": { "additionalProperties": false, "properties": { "SchemaDefinition": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.SchemaDefinition", "markdownDescription": "Information needed to define a schema.", "title": "SchemaDefinition" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.Partition": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of the attribute that defines a partition dimension.", "title": "AttributeName", "type": "string" } }, "required": [ "AttributeName" ], "type": "object" }, "AWS::IoTAnalytics::Datastore.RetentionPeriod": { "additionalProperties": false, "properties": { "NumberOfDays": { "markdownDescription": "The number of days that message data is kept. The `unlimited` parameter must be false.", "title": "NumberOfDays", "type": "number" }, "Unlimited": { "markdownDescription": "If true, message data is kept indefinitely.", "title": "Unlimited", "type": "boolean" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.SchemaDefinition": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore.Column" }, "markdownDescription": "Specifies one or more columns that store your data.\n\nEach schema can have up to 100 columns. Each column can have up to 100 nested types.", "title": "Columns", "type": "array" } }, "type": "object" }, "AWS::IoTAnalytics::Datastore.TimestampPartition": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The attribute name of the partition defined by a timestamp.", "title": "AttributeName", "type": "string" }, "TimestampFormat": { "markdownDescription": "The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time).", "title": "TimestampFormat", "type": "string" } }, "required": [ "AttributeName" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PipelineActivities": { "items": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Activity" }, "markdownDescription": "A list of \"PipelineActivity\" objects. Activities perform transformations on your messages, such as removing, renaming or adding message attributes; filtering messages based on attribute values; invoking your Lambda functions on messages for advanced processing; or performing mathematical transformations to normalize device data.\n\nThe list can be 2-25 *PipelineActivity* objects and must contain both a `channel` and a `datastore` activity. Each entry in the list must contain only one activity, for example:\n\n`pipelineActivities = [ { \"channel\": { ... } }, { \"lambda\": { ... } }, ... ]`", "title": "PipelineActivities", "type": "array" }, "PipelineName": { "markdownDescription": "The name of the pipeline.", "title": "PipelineName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata which can be used to manage the pipeline.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "PipelineActivities" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTAnalytics::Pipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Activity": { "additionalProperties": false, "properties": { "AddAttributes": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.AddAttributes", "markdownDescription": "Adds other attributes based on existing attributes in the message.", "title": "AddAttributes" }, "Channel": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Channel", "markdownDescription": "Determines the source of the messages to be processed.", "title": "Channel" }, "Datastore": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Datastore", "markdownDescription": "Specifies where to store the processed message data.", "title": "Datastore" }, "DeviceRegistryEnrich": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich", "markdownDescription": "Adds data from the AWS IoT device registry to your message.", "title": "DeviceRegistryEnrich" }, "DeviceShadowEnrich": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich", "markdownDescription": "Adds information from the AWS IoT Device Shadows service to a message.", "title": "DeviceShadowEnrich" }, "Filter": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Filter", "markdownDescription": "Filters a message based on its attributes.", "title": "Filter" }, "Lambda": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Lambda", "markdownDescription": "Runs a Lambda function to modify the message.", "title": "Lambda" }, "Math": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.Math", "markdownDescription": "Computes an arithmetic expression using the message's attributes and adds it to the message.", "title": "Math" }, "RemoveAttributes": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.RemoveAttributes", "markdownDescription": "Removes attributes from a message.", "title": "RemoveAttributes" }, "SelectAttributes": { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline.SelectAttributes", "markdownDescription": "Creates a new message using only the specified attributes from the original message.", "title": "SelectAttributes" } }, "type": "object" }, "AWS::IoTAnalytics::Pipeline.AddAttributes": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "A list of 1-50 \"AttributeNameMapping\" objects that map an existing attribute to a new attribute.\n\n> The existing attributes remain in the message, so if you want to remove the originals, use \"RemoveAttributeActivity\".", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "Name": { "markdownDescription": "The name of the 'addAttributes' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "Attributes", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Channel": { "additionalProperties": false, "properties": { "ChannelName": { "markdownDescription": "The name of the channel from which the messages are processed.", "title": "ChannelName", "type": "string" }, "Name": { "markdownDescription": "The name of the 'channel' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "ChannelName", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Datastore": { "additionalProperties": false, "properties": { "DatastoreName": { "markdownDescription": "The name of the data store where processed messages are stored.", "title": "DatastoreName", "type": "string" }, "Name": { "markdownDescription": "The name of the datastore activity.", "title": "Name", "type": "string" } }, "required": [ "DatastoreName", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.DeviceRegistryEnrich": { "additionalProperties": false, "properties": { "Attribute": { "markdownDescription": "The name of the attribute that is added to the message.", "title": "Attribute", "type": "string" }, "Name": { "markdownDescription": "The name of the 'deviceRegistryEnrich' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that allows access to the device's registry information.", "title": "RoleArn", "type": "string" }, "ThingName": { "markdownDescription": "The name of the IoT device whose registry information is added to the message.", "title": "ThingName", "type": "string" } }, "required": [ "Attribute", "Name", "RoleArn", "ThingName" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.DeviceShadowEnrich": { "additionalProperties": false, "properties": { "Attribute": { "markdownDescription": "The name of the attribute that is added to the message.", "title": "Attribute", "type": "string" }, "Name": { "markdownDescription": "The name of the 'deviceShadowEnrich' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that allows access to the device's shadow.", "title": "RoleArn", "type": "string" }, "ThingName": { "markdownDescription": "The name of the IoT device whose shadow information is added to the message.", "title": "ThingName", "type": "string" } }, "required": [ "Attribute", "Name", "RoleArn", "ThingName" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Filter": { "additionalProperties": false, "properties": { "Filter": { "markdownDescription": "An expression that looks like an SQL WHERE clause that must return a Boolean value.", "title": "Filter", "type": "string" }, "Name": { "markdownDescription": "The name of the 'filter' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "Filter", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Lambda": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The number of messages passed to the Lambda function for processing.\n\nThe AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions.", "title": "BatchSize", "type": "number" }, "LambdaName": { "markdownDescription": "The name of the Lambda function that is run on the message.", "title": "LambdaName", "type": "string" }, "Name": { "markdownDescription": "The name of the 'lambda' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "BatchSize", "LambdaName", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.Math": { "additionalProperties": false, "properties": { "Attribute": { "markdownDescription": "The name of the attribute that contains the result of the math operation.", "title": "Attribute", "type": "string" }, "Math": { "markdownDescription": "An expression that uses one or more existing attributes and must return an integer value.", "title": "Math", "type": "string" }, "Name": { "markdownDescription": "The name of the 'math' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "Attribute", "Math", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.RemoveAttributes": { "additionalProperties": false, "properties": { "Attributes": { "items": { "type": "string" }, "markdownDescription": "A list of 1-50 attributes to remove from the message.", "title": "Attributes", "type": "array" }, "Name": { "markdownDescription": "The name of the 'removeAttributes' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "Attributes", "Name" ], "type": "object" }, "AWS::IoTAnalytics::Pipeline.SelectAttributes": { "additionalProperties": false, "properties": { "Attributes": { "items": { "type": "string" }, "markdownDescription": "A list of the attributes to select from the message.", "title": "Attributes", "type": "array" }, "Name": { "markdownDescription": "The name of the 'selectAttributes' activity.", "title": "Name", "type": "string" }, "Next": { "markdownDescription": "The next activity in the pipeline.", "title": "Next", "type": "string" } }, "required": [ "Attributes", "Name" ], "type": "object" }, "AWS::IoTCoreDeviceAdvisor::SuiteDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SuiteDefinitionConfiguration": { "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration", "markdownDescription": "The configuration of the Suite Definition. Listed below are the required elements of the `SuiteDefinitionConfiguration` .\n\n- ***devicePermissionRoleArn*** - The device permission arn.\n\nThis is a required element.\n\n*Type:* String\n- ***devices*** - The list of configured devices under test. For more information on devices under test, see [DeviceUnderTest](https://docs.aws.amazon.com/iot/latest/apireference/API_iotdeviceadvisor_DeviceUnderTest.html)\n\nNot a required element.\n\n*Type:* List of devices under test\n- ***intendedForQualification*** - The tests intended for qualification in a suite.\n\nNot a required element.\n\n*Type:* Boolean\n- ***rootGroup*** - The test suite root group. For more information on creating and using root groups see the [Device Advisor workflow](https://docs.aws.amazon.com/iot/latest/developerguide/device-advisor-workflow.html) .\n\nThis is a required element.\n\n*Type:* String\n- ***suiteDefinitionName*** - The Suite Definition Configuration name.\n\nThis is a required element.\n\n*Type:* String", "title": "SuiteDefinitionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Metadata that can be used to manage the the Suite Definition.", "title": "Tags", "type": "array" } }, "required": [ "SuiteDefinitionConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTCoreDeviceAdvisor::SuiteDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "Lists device's certificate ARN.", "title": "CertificateArn", "type": "string" }, "ThingArn": { "markdownDescription": "Lists device's thing ARN.", "title": "ThingArn", "type": "string" } }, "type": "object" }, "AWS::IoTCoreDeviceAdvisor::SuiteDefinition.SuiteDefinitionConfiguration": { "additionalProperties": false, "properties": { "DevicePermissionRoleArn": { "markdownDescription": "Gets the device permission ARN. This is a required parameter.", "title": "DevicePermissionRoleArn", "type": "string" }, "Devices": { "items": { "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition.DeviceUnderTest" }, "markdownDescription": "Gets the devices configured.", "title": "Devices", "type": "array" }, "IntendedForQualification": { "markdownDescription": "Gets the tests intended for qualification in a suite.", "title": "IntendedForQualification", "type": "boolean" }, "RootGroup": { "markdownDescription": "Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default.\n\nFor a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048.", "title": "RootGroup", "type": "string" }, "SuiteDefinitionName": { "markdownDescription": "Gets the suite definition name. This is a required parameter.", "title": "SuiteDefinitionName", "type": "string" } }, "required": [ "DevicePermissionRoleArn", "RootGroup" ], "type": "object" }, "AWS::IoTEvents::AlarmModel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlarmCapabilities": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmCapabilities", "markdownDescription": "Contains the configuration information of alarm state changes.", "title": "AlarmCapabilities" }, "AlarmEventActions": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmEventActions", "markdownDescription": "Contains information about one or more alarm actions.", "title": "AlarmEventActions" }, "AlarmModelDescription": { "markdownDescription": "The description of the alarm model.", "title": "AlarmModelDescription", "type": "string" }, "AlarmModelName": { "markdownDescription": "The name of the alarm model.", "title": "AlarmModelName", "type": "string" }, "AlarmRule": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmRule", "markdownDescription": "Defines when your alarm is invoked.", "title": "AlarmRule" }, "Key": { "markdownDescription": "An input attribute used as a key to create an alarm. AWS IoT Events routes [inputs](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Input.html) associated with this key to the alarm.", "title": "Key", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that allows the alarm to perform actions and access AWS resources. For more information, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "RoleArn", "type": "string" }, "Severity": { "markdownDescription": "A non-negative integer that reflects the severity level of the alarm.", "title": "Severity", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the alarm model. The tags help you manage the alarm model. For more information, see [Tagging your AWS IoT Events resources](https://docs.aws.amazon.com/iotevents/latest/developerguide/tagging-iotevents.html) in the *AWS IoT Events Developer Guide* .\n\nYou can create up to 50 tags for one alarm model.", "title": "Tags", "type": "array" } }, "required": [ "AlarmRule", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTEvents::AlarmModel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.AcknowledgeFlow": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "The value must be `TRUE` or `FALSE` . If `TRUE` , you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to `NORMAL` . If `FALSE` , you won't receive notifications. The alarm automatically changes to the `NORMAL` state when the input property value returns to the specified range.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.AlarmAction": { "additionalProperties": false, "properties": { "DynamoDB": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDB", "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBAction` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `hashKeyType` parameter can be `'STRING'` .\n- For references, you must specify either variables or input values. For example, the value for the `hashKeyField` parameter can be `$input.GreenhouseInput.name` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `hashKeyValue` parameter uses a substitution template.\n\n`'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nIf the defined payload type is a string, `DynamoDBAction` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the `payloadField` parameter is `_raw` .", "title": "DynamoDB" }, "DynamoDBv2": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.DynamoDBv2", "markdownDescription": "Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify.\n\nYou must use expressions for all parameters in `DynamoDBv2Action` . The expressions accept literals, operators, functions, references, and substitution templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `tableName` parameter can be `'GreenhouseTemperatureTable'` .\n- For references, you must specify either variables or input values. For example, the value for the `tableName` parameter can be `$variable.ddbtableName` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `contentExpression` parameter in `Payload` uses a substitution template.\n\n`'{\\\"sensorID\\\": \\\"${$input.GreenhouseInput.sensor_id}\\\", \\\"temperature\\\": \\\"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\\\"}'`\n- For a string concatenation, you must use `+` . A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `tableName` parameter uses a string concatenation.\n\n`'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .\n\nThe value for the `type` parameter in `Payload` must be `JSON` .", "title": "DynamoDBv2" }, "Firehose": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Firehose", "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", "title": "Firehose" }, "IotEvents": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotEvents", "markdownDescription": "Sends an AWS IoT Events input, passing in information about the detector model instance and the event that triggered the action.", "title": "IotEvents" }, "IotSiteWise": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotSiteWise", "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to a specified asset property in AWS IoT SiteWise .\n\nYou must use expressions for all parameters in `IotSiteWiseAction` . The expressions accept literals, operators, functions, references, and substitutions templates.\n\n**Examples** - For literal values, the expressions must contain single quotes. For example, the value for the `propertyAlias` parameter can be `'/company/windfarm/3/turbine/7/temperature'` .\n- For references, you must specify either variables or input values. For example, the value for the `assetId` parameter can be `$input.TurbineInput.assetId1` .\n- For a substitution template, you must use `${}` , and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates.\n\nIn the following example, the value for the `propertyAlias` parameter uses a substitution template.\n\n`'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`\n\nYou must specify either `propertyAlias` or both `assetId` and `propertyId` to identify the target asset property in AWS IoT SiteWise .\n\nFor more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *AWS IoT Events Developer Guide* .", "title": "IotSiteWise" }, "IotTopicPublish": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.IotTopicPublish", "markdownDescription": "Information required to publish the MQTT message through the AWS IoT message broker.", "title": "IotTopicPublish" }, "Lambda": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Lambda", "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", "title": "Lambda" }, "Sns": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sns", "markdownDescription": "Information required to publish the Amazon SNS message.", "title": "Sns" }, "Sqs": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Sqs", "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue.", "title": "Sqs" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.AlarmCapabilities": { "additionalProperties": false, "properties": { "AcknowledgeFlow": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AcknowledgeFlow", "markdownDescription": "Specifies whether to get notified for alarm state changes.", "title": "AcknowledgeFlow" }, "InitializationConfiguration": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.InitializationConfiguration", "markdownDescription": "Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model.", "title": "InitializationConfiguration" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.AlarmEventActions": { "additionalProperties": false, "properties": { "AlarmActions": { "items": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AlarmAction" }, "markdownDescription": "Specifies one or more supported actions to receive notifications when the alarm state changes.", "title": "AlarmActions", "type": "array" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.AlarmRule": { "additionalProperties": false, "properties": { "SimpleRule": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.SimpleRule", "markdownDescription": "A rule that compares an input property value to a threshold value with a comparison operator.", "title": "SimpleRule" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { "OffsetInNanos": { "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", "title": "OffsetInNanos", "type": "string" }, "TimeInSeconds": { "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", "title": "TimeInSeconds", "type": "string" } }, "required": [ "TimeInSeconds" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.AssetPropertyValue": { "additionalProperties": false, "properties": { "Quality": { "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", "title": "Quality", "type": "string" }, "Timestamp": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyTimestamp", "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", "title": "Timestamp" }, "Value": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyVariant", "markdownDescription": "The value to send to an asset property.", "title": "Value" } }, "required": [ "Value" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", "title": "BooleanValue", "type": "string" }, "DoubleValue": { "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", "title": "DoubleValue", "type": "string" }, "IntegerValue": { "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", "title": "IntegerValue", "type": "string" }, "StringValue": { "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.DynamoDB": { "additionalProperties": false, "properties": { "HashKeyField": { "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", "title": "HashKeyField", "type": "string" }, "HashKeyType": { "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", "title": "HashKeyType", "type": "string" }, "HashKeyValue": { "markdownDescription": "The value of the hash key (also called the partition key).", "title": "HashKeyValue", "type": "string" }, "Operation": { "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", "title": "Operation", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", "title": "Payload" }, "PayloadField": { "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", "title": "PayloadField", "type": "string" }, "RangeKeyField": { "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", "title": "RangeKeyField", "type": "string" }, "RangeKeyType": { "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", "title": "RangeKeyType", "type": "string" }, "RangeKeyValue": { "markdownDescription": "The value of the range key (also called the sort key).", "title": "RangeKeyValue", "type": "string" }, "TableName": { "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", "title": "TableName", "type": "string" } }, "required": [ "HashKeyField", "HashKeyValue", "TableName" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.DynamoDBv2": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", "title": "Payload" }, "TableName": { "markdownDescription": "The name of the DynamoDB table.", "title": "TableName", "type": "string" } }, "required": [ "TableName" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.Firehose": { "additionalProperties": false, "properties": { "DeliveryStreamName": { "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", "title": "DeliveryStreamName", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", "title": "Payload" }, "Separator": { "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", "title": "Separator", "type": "string" } }, "required": [ "DeliveryStreamName" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.InitializationConfiguration": { "additionalProperties": false, "properties": { "DisabledOnInitialization": { "markdownDescription": "The value must be `TRUE` or `FALSE` . If `FALSE` , all alarm instances created based on the alarm model are activated. The default value is `TRUE` .", "title": "DisabledOnInitialization", "type": "boolean" } }, "required": [ "DisabledOnInitialization" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.IotEvents": { "additionalProperties": false, "properties": { "InputName": { "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", "title": "InputName", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", "title": "Payload" } }, "required": [ "InputName" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.IotSiteWise": { "additionalProperties": false, "properties": { "AssetId": { "markdownDescription": "The ID of the asset that has the specified property.", "title": "AssetId", "type": "string" }, "EntryId": { "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", "title": "EntryId", "type": "string" }, "PropertyAlias": { "markdownDescription": "The alias of the asset property.", "title": "PropertyAlias", "type": "string" }, "PropertyId": { "markdownDescription": "The ID of the asset property.", "title": "PropertyId", "type": "string" }, "PropertyValue": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.AssetPropertyValue", "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", "title": "PropertyValue" } }, "type": "object" }, "AWS::IoTEvents::AlarmModel.IotTopicPublish": { "additionalProperties": false, "properties": { "MqttTopic": { "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", "title": "MqttTopic", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", "title": "Payload" } }, "required": [ "MqttTopic" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.Lambda": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The ARN of the Lambda function that is executed.", "title": "FunctionArn", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", "title": "Payload" } }, "required": [ "FunctionArn" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.Payload": { "additionalProperties": false, "properties": { "ContentExpression": { "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", "title": "ContentExpression", "type": "string" }, "Type": { "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", "title": "Type", "type": "string" } }, "required": [ "ContentExpression", "Type" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.SimpleRule": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The comparison operator.", "title": "ComparisonOperator", "type": "string" }, "InputProperty": { "markdownDescription": "The value on the left side of the comparison operator. You can specify an AWS IoT Events input attribute as an input property.", "title": "InputProperty", "type": "string" }, "Threshold": { "markdownDescription": "The value on the right side of the comparison operator. You can enter a number or specify an AWS IoT Events input attribute.", "title": "Threshold", "type": "string" } }, "required": [ "ComparisonOperator", "InputProperty", "Threshold" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.Sns": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", "title": "Payload" }, "TargetArn": { "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", "title": "TargetArn", "type": "string" } }, "required": [ "TargetArn" ], "type": "object" }, "AWS::IoTEvents::AlarmModel.Sqs": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", "title": "Payload" }, "QueueUrl": { "markdownDescription": "The URL of the SQS queue where the data is written.", "title": "QueueUrl", "type": "string" }, "UseBase64": { "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", "title": "UseBase64", "type": "boolean" } }, "required": [ "QueueUrl" ], "type": "object" }, "AWS::IoTEvents::DetectorModel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DetectorModelDefinition": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DetectorModelDefinition", "markdownDescription": "Information that defines how a detector operates.", "title": "DetectorModelDefinition" }, "DetectorModelDescription": { "markdownDescription": "A brief description of the detector model.", "title": "DetectorModelDescription", "type": "string" }, "DetectorModelName": { "markdownDescription": "The name of the detector model.", "title": "DetectorModelName", "type": "string" }, "EvaluationMethod": { "markdownDescription": "Information about the order in which events are evaluated and how actions are executed.", "title": "EvaluationMethod", "type": "string" }, "Key": { "markdownDescription": "The value used to identify a detector instance. When a device or system sends input, a new detector instance with a unique key value is created. AWS IoT Events can continue to route input to its corresponding detector instance based on this identifying information.\n\nThis parameter uses a JSON-path expression to select the attribute-value pair in the message payload that is used for identification. To route the message to the correct detector instance, the device must send a message payload that contains the same attribute-value.", "title": "Key", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that grants permission to AWS IoT Events to perform its operations.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DetectorModelDefinition", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTEvents::DetectorModel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Action": { "additionalProperties": false, "properties": { "ClearTimer": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ClearTimer", "markdownDescription": "Information needed to clear the timer.", "title": "ClearTimer" }, "DynamoDB": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDB", "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", "title": "DynamoDB" }, "DynamoDBv2": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.DynamoDBv2", "markdownDescription": "Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html) . A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *AWS IoT Events Developer Guide* .", "title": "DynamoDBv2" }, "Firehose": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Firehose", "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream.", "title": "Firehose" }, "IotEvents": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotEvents", "markdownDescription": "Sends AWS IoT Events input, which passes information about the detector model instance and the event that triggered the action.", "title": "IotEvents" }, "IotSiteWise": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotSiteWise", "markdownDescription": "Sends information about the detector model instance and the event that triggered the action to an asset property in AWS IoT SiteWise .", "title": "IotSiteWise" }, "IotTopicPublish": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.IotTopicPublish", "markdownDescription": "Publishes an MQTT message with the given topic to the AWS IoT message broker.", "title": "IotTopicPublish" }, "Lambda": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Lambda", "markdownDescription": "Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action.", "title": "Lambda" }, "ResetTimer": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.ResetTimer", "markdownDescription": "Information needed to reset the timer.", "title": "ResetTimer" }, "SetTimer": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetTimer", "markdownDescription": "Information needed to set the timer.", "title": "SetTimer" }, "SetVariable": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.SetVariable", "markdownDescription": "Sets a variable to a specified value.", "title": "SetVariable" }, "Sns": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sns", "markdownDescription": "Sends an Amazon SNS message.", "title": "Sns" }, "Sqs": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Sqs", "markdownDescription": "Sends an Amazon SNS message.", "title": "Sqs" } }, "type": "object" }, "AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp": { "additionalProperties": false, "properties": { "OffsetInNanos": { "markdownDescription": "The nanosecond offset converted from `timeInSeconds` . The valid range is between 0-999999999.", "title": "OffsetInNanos", "type": "string" }, "TimeInSeconds": { "markdownDescription": "The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199.", "title": "TimeInSeconds", "type": "string" } }, "required": [ "TimeInSeconds" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.AssetPropertyValue": { "additionalProperties": false, "properties": { "Quality": { "markdownDescription": "The quality of the asset property value. The value must be `'GOOD'` , `'BAD'` , or `'UNCERTAIN'` .", "title": "Quality", "type": "string" }, "Timestamp": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyTimestamp", "markdownDescription": "The timestamp associated with the asset property value. The default is the current event time.", "title": "Timestamp" }, "Value": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyVariant", "markdownDescription": "The value to send to an asset property.", "title": "Value" } }, "required": [ "Value" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.AssetPropertyVariant": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "The asset property value is a Boolean value that must be `'TRUE'` or `'FALSE'` . You must use an expression, and the evaluated result should be a Boolean value.", "title": "BooleanValue", "type": "string" }, "DoubleValue": { "markdownDescription": "The asset property value is a double. You must use an expression, and the evaluated result should be a double.", "title": "DoubleValue", "type": "string" }, "IntegerValue": { "markdownDescription": "The asset property value is an integer. You must use an expression, and the evaluated result should be an integer.", "title": "IntegerValue", "type": "string" }, "StringValue": { "markdownDescription": "The asset property value is a string. You must use an expression, and the evaluated result should be a string.", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::IoTEvents::DetectorModel.ClearTimer": { "additionalProperties": false, "properties": { "TimerName": { "markdownDescription": "The name of the timer to clear.", "title": "TimerName", "type": "string" } }, "required": [ "TimerName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.DetectorModelDefinition": { "additionalProperties": false, "properties": { "InitialStateName": { "markdownDescription": "The state that is entered at the creation of each detector (instance).", "title": "InitialStateName", "type": "string" }, "States": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.State" }, "markdownDescription": "Information about the states of the detector.", "title": "States", "type": "array" } }, "required": [ "InitialStateName", "States" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.DynamoDB": { "additionalProperties": false, "properties": { "HashKeyField": { "markdownDescription": "The name of the hash key (also called the partition key). The `hashKeyField` value must match the partition key of the target DynamoDB table.", "title": "HashKeyField", "type": "string" }, "HashKeyType": { "markdownDescription": "The data type for the hash key (also called the partition key). You can specify the following values:\n\n- `'STRING'` - The hash key is a string.\n- `'NUMBER'` - The hash key is a number.\n\nIf you don't specify `hashKeyType` , the default value is `'STRING'` .", "title": "HashKeyType", "type": "string" }, "HashKeyValue": { "markdownDescription": "The value of the hash key (also called the partition key).", "title": "HashKeyValue", "type": "string" }, "Operation": { "markdownDescription": "The type of operation to perform. You can specify the following values:\n\n- `'INSERT'` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key.\n- `'UPDATE'` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n- `'DELETE'` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key.\n\nIf you don't specify this parameter, AWS IoT Events triggers the `'INSERT'` operation.", "title": "Operation", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", "title": "Payload" }, "PayloadField": { "markdownDescription": "The name of the DynamoDB column that receives the action payload.\n\nIf you don't specify this parameter, the name of the DynamoDB column is `payload` .", "title": "PayloadField", "type": "string" }, "RangeKeyField": { "markdownDescription": "The name of the range key (also called the sort key). The `rangeKeyField` value must match the sort key of the target DynamoDB table.", "title": "RangeKeyField", "type": "string" }, "RangeKeyType": { "markdownDescription": "The data type for the range key (also called the sort key), You can specify the following values:\n\n- `'STRING'` - The range key is a string.\n- `'NUMBER'` - The range key is number.\n\nIf you don't specify `rangeKeyField` , the default value is `'STRING'` .", "title": "RangeKeyType", "type": "string" }, "RangeKeyValue": { "markdownDescription": "The value of the range key (also called the sort key).", "title": "RangeKeyValue", "type": "string" }, "TableName": { "markdownDescription": "The name of the DynamoDB table. The `tableName` value must match the table name of the target DynamoDB table.", "title": "TableName", "type": "string" } }, "required": [ "HashKeyField", "HashKeyValue", "TableName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.DynamoDBv2": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "Information needed to configure the payload.\n\nBy default, AWS IoT Events generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use `contentExpression` .", "title": "Payload" }, "TableName": { "markdownDescription": "The name of the DynamoDB table.", "title": "TableName", "type": "string" } }, "required": [ "TableName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Event": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, "markdownDescription": "The actions to be performed.", "title": "Actions", "type": "array" }, "Condition": { "markdownDescription": "Optional. The Boolean expression that, when TRUE, causes the `actions` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE).", "title": "Condition", "type": "string" }, "EventName": { "markdownDescription": "The name of the event.", "title": "EventName", "type": "string" } }, "required": [ "EventName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Firehose": { "additionalProperties": false, "properties": { "DeliveryStreamName": { "markdownDescription": "The name of the Kinesis Data Firehose delivery stream where the data is written.", "title": "DeliveryStreamName", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream.", "title": "Payload" }, "Separator": { "markdownDescription": "A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\\n' (newline), '\\t' (tab), '\\r\\n' (Windows newline), ',' (comma).", "title": "Separator", "type": "string" } }, "required": [ "DeliveryStreamName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.IotEvents": { "additionalProperties": false, "properties": { "InputName": { "markdownDescription": "The name of the AWS IoT Events input where the data is sent.", "title": "InputName", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an AWS IoT Events input.", "title": "Payload" } }, "required": [ "InputName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.IotSiteWise": { "additionalProperties": false, "properties": { "AssetId": { "markdownDescription": "The ID of the asset that has the specified property.", "title": "AssetId", "type": "string" }, "EntryId": { "markdownDescription": "A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier.", "title": "EntryId", "type": "string" }, "PropertyAlias": { "markdownDescription": "The alias of the asset property.", "title": "PropertyAlias", "type": "string" }, "PropertyId": { "markdownDescription": "The ID of the asset property.", "title": "PropertyId", "type": "string" }, "PropertyValue": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.AssetPropertyValue", "markdownDescription": "The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information.", "title": "PropertyValue" } }, "required": [ "PropertyValue" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.IotTopicPublish": { "additionalProperties": false, "properties": { "MqttTopic": { "markdownDescription": "The MQTT topic of the message. You can use a string expression that includes variables ( `$variable.` ) and input values ( `$input..` ) as the topic string.", "title": "MqttTopic", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you publish a message to an AWS IoT Core topic.", "title": "Payload" } }, "required": [ "MqttTopic" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Lambda": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The ARN of the Lambda function that is executed.", "title": "FunctionArn", "type": "string" }, "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to a Lambda function.", "title": "Payload" } }, "required": [ "FunctionArn" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.OnEnter": { "additionalProperties": false, "properties": { "Events": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, "markdownDescription": "Specifies the actions that are performed when the state is entered and the `condition` is `TRUE` .", "title": "Events", "type": "array" } }, "type": "object" }, "AWS::IoTEvents::DetectorModel.OnExit": { "additionalProperties": false, "properties": { "Events": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, "markdownDescription": "Specifies the `actions` that are performed when the state is exited and the `condition` is `TRUE` .", "title": "Events", "type": "array" } }, "type": "object" }, "AWS::IoTEvents::DetectorModel.OnInput": { "additionalProperties": false, "properties": { "Events": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Event" }, "markdownDescription": "Specifies the actions performed when the `condition` evaluates to TRUE.", "title": "Events", "type": "array" }, "TransitionEvents": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.TransitionEvent" }, "markdownDescription": "Specifies the actions performed, and the next state entered, when a `condition` evaluates to TRUE.", "title": "TransitionEvents", "type": "array" } }, "type": "object" }, "AWS::IoTEvents::DetectorModel.Payload": { "additionalProperties": false, "properties": { "ContentExpression": { "markdownDescription": "The content of the payload. You can use a string expression that includes quoted strings ( `''` ), variables ( `$variable.` ), input values ( `$input..` ), string concatenations, and quoted strings that contain `${}` as the content. The recommended maximum size of a content expression is 1 KB.", "title": "ContentExpression", "type": "string" }, "Type": { "markdownDescription": "The value of the payload type can be either `STRING` or `JSON` .", "title": "Type", "type": "string" } }, "required": [ "ContentExpression", "Type" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.ResetTimer": { "additionalProperties": false, "properties": { "TimerName": { "markdownDescription": "The name of the timer to reset.", "title": "TimerName", "type": "string" } }, "required": [ "TimerName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.SetTimer": { "additionalProperties": false, "properties": { "DurationExpression": { "markdownDescription": "The duration of the timer, in seconds. You can use a string expression that includes numbers, variables ( `$variable.` ), and input values ( `$input..` ) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number.", "title": "DurationExpression", "type": "string" }, "Seconds": { "markdownDescription": "The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds.", "title": "Seconds", "type": "number" }, "TimerName": { "markdownDescription": "The name of the timer.", "title": "TimerName", "type": "string" } }, "required": [ "TimerName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.SetVariable": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The new value of the variable.", "title": "Value", "type": "string" }, "VariableName": { "markdownDescription": "The name of the variable.", "title": "VariableName", "type": "string" } }, "required": [ "Value", "VariableName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Sns": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you send a message as an Amazon SNS push notification.", "title": "Payload" }, "TargetArn": { "markdownDescription": "The ARN of the Amazon SNS target where the message is sent.", "title": "TargetArn", "type": "string" } }, "required": [ "TargetArn" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.Sqs": { "additionalProperties": false, "properties": { "Payload": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Payload", "markdownDescription": "You can configure the action payload when you send a message to an Amazon SQS queue.", "title": "Payload" }, "QueueUrl": { "markdownDescription": "The URL of the SQS queue where the data is written.", "title": "QueueUrl", "type": "string" }, "UseBase64": { "markdownDescription": "Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE.", "title": "UseBase64", "type": "boolean" } }, "required": [ "QueueUrl" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.State": { "additionalProperties": false, "properties": { "OnEnter": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnEnter", "markdownDescription": "When entering this state, perform these `actions` if the `condition` is TRUE.", "title": "OnEnter" }, "OnExit": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnExit", "markdownDescription": "When exiting this state, perform these `actions` if the specified `condition` is `TRUE` .", "title": "OnExit" }, "OnInput": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.OnInput", "markdownDescription": "When an input is received and the `condition` is TRUE, perform the specified `actions` .", "title": "OnInput" }, "StateName": { "markdownDescription": "The name of the state.", "title": "StateName", "type": "string" } }, "required": [ "StateName" ], "type": "object" }, "AWS::IoTEvents::DetectorModel.TransitionEvent": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel.Action" }, "markdownDescription": "The actions to be performed.", "title": "Actions", "type": "array" }, "Condition": { "markdownDescription": "Required. A Boolean expression that when TRUE causes the actions to be performed and the `nextState` to be entered.", "title": "Condition", "type": "string" }, "EventName": { "markdownDescription": "The name of the transition event.", "title": "EventName", "type": "string" }, "NextState": { "markdownDescription": "The next state to enter.", "title": "NextState", "type": "string" } }, "required": [ "Condition", "EventName", "NextState" ], "type": "object" }, "AWS::IoTEvents::Input": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InputDefinition": { "$ref": "#/definitions/AWS::IoTEvents::Input.InputDefinition", "markdownDescription": "The definition of the input.", "title": "InputDefinition" }, "InputDescription": { "markdownDescription": "A brief description of the input.", "title": "InputDescription", "type": "string" }, "InputName": { "markdownDescription": "The name of the input.", "title": "InputName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "InputDefinition" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTEvents::Input" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTEvents::Input.Attribute": { "additionalProperties": false, "properties": { "JsonPath": { "markdownDescription": "An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to AWS IoT Events ( `BatchPutMessage` ). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the `condition` expressions used by detectors.\n\nSyntax: `....`", "title": "JsonPath", "type": "string" } }, "required": [ "JsonPath" ], "type": "object" }, "AWS::IoTEvents::Input.InputDefinition": { "additionalProperties": false, "properties": { "Attributes": { "items": { "$ref": "#/definitions/AWS::IoTEvents::Input.Attribute" }, "markdownDescription": "The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the AWS IoT Events system using `BatchPutMessage` . Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the `condition` expressions used by detectors that monitor this input.", "title": "Attributes", "type": "array" } }, "required": [ "Attributes" ], "type": "object" }, "AWS::IoTFleetHub::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationDescription": { "markdownDescription": "An optional description of the web application.", "title": "ApplicationDescription", "type": "string" }, "ApplicationName": { "markdownDescription": "The name of the web application.", "title": "ApplicationName", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that the web application assumes when it interacts with AWS IoT Core .\n\n> The name of the role must be in the form `FleetHub_random_string` . \n\nPattern: `^arn:[!-~]+$`", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A set of key/value pairs that you can use to manage the web application resource.", "title": "Tags", "type": "array" } }, "required": [ "ApplicationName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetHub::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTFleetWise::Campaign": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Specifies how to update a campaign. The action can be one of the following:\n\n- `APPROVE` - To approve delivering a data collection scheme to vehicles.\n- `SUSPEND` - To suspend collecting signal data. The campaign is deleted from vehicles and all vehicles in the suspended campaign will stop sending data.\n- `RESUME` - To reactivate the `SUSPEND` campaign. The campaign is redeployed to all vehicles and the vehicles will resume sending data.\n- `UPDATE` - To update a campaign.", "title": "Action", "type": "string" }, "CollectionScheme": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.CollectionScheme", "markdownDescription": "The data collection scheme associated with the campaign. You can specify a scheme that collects data based on time or an event.", "title": "CollectionScheme" }, "Compression": { "markdownDescription": "(Optional) Whether to compress signals before transmitting data to AWS IoT FleetWise . If you don't want to compress the signals, use `OFF` . If it's not specified, `SNAPPY` is used.\n\nDefault: `SNAPPY`", "title": "Compression", "type": "string" }, "DataDestinationConfigs": { "items": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.DataDestinationConfig" }, "markdownDescription": "(Optional) The destination where the campaign sends data. You can choose to send data to be stored in Amazon S3 or Amazon Timestream .\n\nAmazon S3 optimizes the cost of data storage and provides additional mechanisms to use vehicle data, such as data lakes, centralized data storage, data processing pipelines, and analytics. AWS IoT FleetWise supports at-least-once file delivery to S3. Your vehicle data is stored on multiple AWS IoT FleetWise servers for redundancy and high availability.\n\nYou can use Amazon Timestream to access and analyze time series data, and Timestream to query vehicle data so that you can identify trends and patterns.", "title": "DataDestinationConfigs", "type": "array" }, "DataExtraDimensions": { "items": { "type": "string" }, "markdownDescription": "(Optional) A list of vehicle attributes to associate with a campaign.\n\nEnrich the data with specified vehicle attributes. For example, add `make` and `model` to the campaign, and AWS IoT FleetWise will associate the data with those attributes as dimensions in Amazon Timestream . You can then query the data against `make` and `model` .\n\nDefault: An empty array", "title": "DataExtraDimensions", "type": "array" }, "Description": { "markdownDescription": "(Optional) The description of the campaign.", "title": "Description", "type": "string" }, "DiagnosticsMode": { "markdownDescription": "(Optional) Option for a vehicle to send diagnostic trouble codes to AWS IoT FleetWise . If you want to send diagnostic trouble codes, use `SEND_ACTIVE_DTCS` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", "title": "DiagnosticsMode", "type": "string" }, "ExpiryTime": { "markdownDescription": "(Optional) The time the campaign expires, in seconds since epoch (January 1, 1970 at midnight UTC time). Vehicle data isn't collected after the campaign expires.\n\nDefault: 253402214400 (December 31, 9999, 00:00:00 UTC)", "title": "ExpiryTime", "type": "string" }, "Name": { "markdownDescription": "The name of a campaign.", "title": "Name", "type": "string" }, "PostTriggerCollectionDuration": { "markdownDescription": "(Optional) How long (in milliseconds) to collect raw data after a triggering event initiates the collection. If it's not specified, `0` is used.\n\nDefault: `0`", "title": "PostTriggerCollectionDuration", "type": "number" }, "Priority": { "markdownDescription": "(Optional) A number indicating the priority of one campaign over another campaign for a certain vehicle or fleet. A campaign with the lowest value is deployed to vehicles before any other campaigns. If it's not specified, `0` is used.\n\nDefault: `0`", "title": "Priority", "type": "number" }, "SignalCatalogArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the campaign.", "title": "SignalCatalogArn", "type": "string" }, "SignalsToCollect": { "items": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.SignalInformation" }, "markdownDescription": "(Optional) A list of information about signals to collect.", "title": "SignalsToCollect", "type": "array" }, "SpoolingMode": { "markdownDescription": "(Optional) Whether to store collected data after a vehicle lost a connection with the cloud. After a connection is re-established, the data is automatically forwarded to AWS IoT FleetWise . If you want to store collected data when a vehicle loses connection with the cloud, use `TO_DISK` . If it's not specified, `OFF` is used.\n\nDefault: `OFF`", "title": "SpoolingMode", "type": "string" }, "StartTime": { "markdownDescription": "(Optional) The time, in milliseconds, to deliver a campaign after it was approved. If it's not specified, `0` is used.\n\nDefault: `0`", "title": "StartTime", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata that can be used to manage the campaign.", "title": "Tags", "type": "array" }, "TargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle or fleet to which the campaign is deployed.", "title": "TargetArn", "type": "string" } }, "required": [ "Action", "CollectionScheme", "Name", "SignalCatalogArn", "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::Campaign" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTFleetWise::Campaign.CollectionScheme": { "additionalProperties": false, "properties": { "ConditionBasedCollectionScheme": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme", "markdownDescription": "(Optional) Information about a collection scheme that uses a simple logical expression to recognize what data to collect.", "title": "ConditionBasedCollectionScheme" }, "TimeBasedCollectionScheme": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme", "markdownDescription": "(Optional) Information about a collection scheme that uses a time period to decide how often to collect data.", "title": "TimeBasedCollectionScheme" } }, "type": "object" }, "AWS::IoTFleetWise::Campaign.ConditionBasedCollectionScheme": { "additionalProperties": false, "properties": { "ConditionLanguageVersion": { "markdownDescription": "(Optional) Specifies the version of the conditional expression language.", "title": "ConditionLanguageVersion", "type": "number" }, "Expression": { "markdownDescription": "The logical expression used to recognize what data to collect. For example, `$variable.Vehicle.OutsideAirTemperature >= 105.0` .", "title": "Expression", "type": "string" }, "MinimumTriggerIntervalMs": { "markdownDescription": "(Optional) The minimum duration of time between two triggering events to collect data, in milliseconds.\n\n> If a signal changes often, you might want to collect data at a slower rate.", "title": "MinimumTriggerIntervalMs", "type": "number" }, "TriggerMode": { "markdownDescription": "(Optional) Whether to collect data for all triggering events ( `ALWAYS` ). Specify ( `RISING_EDGE` ), or specify only when the condition first evaluates to false. For example, triggering on \"AirbagDeployed\"; Users aren't interested on triggering when the airbag is already exploded; they only care about the change from not deployed => deployed.", "title": "TriggerMode", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::IoTFleetWise::Campaign.DataDestinationConfig": { "additionalProperties": false, "properties": { "S3Config": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.S3Config", "markdownDescription": "(Optional) The Amazon S3 bucket where the AWS IoT FleetWise campaign sends data.", "title": "S3Config" }, "TimestreamConfig": { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign.TimestreamConfig", "markdownDescription": "(Optional) The Amazon Timestream table where the campaign sends data.", "title": "TimestreamConfig" } }, "type": "object" }, "AWS::IoTFleetWise::Campaign.S3Config": { "additionalProperties": false, "properties": { "BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket.", "title": "BucketArn", "type": "string" }, "DataFormat": { "markdownDescription": "(Optional) Specify the format that files are saved in the Amazon S3 bucket. You can save files in an Apache Parquet or JSON format.\n\n- Parquet - Store data in a columnar storage file format. Parquet is optimal for fast data retrieval and can reduce costs. This option is selected by default.\n- JSON - Store data in a standard text-based JSON file format.", "title": "DataFormat", "type": "string" }, "Prefix": { "markdownDescription": "(Optional) Enter an S3 bucket prefix. The prefix is the string of characters after the bucket name and before the object name. You can use the prefix to organize data stored in Amazon S3 buckets. For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .\n\nBy default, AWS IoT FleetWise sets the prefix `processed-data/year=YY/month=MM/date=DD/hour=HH/` (in UTC) to data it delivers to Amazon S3 . You can enter a prefix to append it to this default prefix. For example, if you enter the prefix `vehicles` , the prefix will be `vehicles/processed-data/year=YY/month=MM/date=DD/hour=HH/` .", "title": "Prefix", "type": "string" }, "StorageCompressionFormat": { "markdownDescription": "(Optional) By default, stored data is compressed as a .gzip file. Compressed files have a reduced file size, which can optimize the cost of data storage.", "title": "StorageCompressionFormat", "type": "string" } }, "required": [ "BucketArn" ], "type": "object" }, "AWS::IoTFleetWise::Campaign.SignalInformation": { "additionalProperties": false, "properties": { "MaxSampleCount": { "markdownDescription": "(Optional) The maximum number of samples to collect.", "title": "MaxSampleCount", "type": "number" }, "MinimumSamplingIntervalMs": { "markdownDescription": "(Optional) The minimum duration of time (in milliseconds) between two triggering events to collect data.\n\n> If a signal changes often, you might want to collect data at a slower rate.", "title": "MinimumSamplingIntervalMs", "type": "number" }, "Name": { "markdownDescription": "The name of the signal.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::IoTFleetWise::Campaign.TimeBasedCollectionScheme": { "additionalProperties": false, "properties": { "PeriodMs": { "markdownDescription": "The time period (in milliseconds) to decide how often to collect data. For example, if the time period is `60000` , the Edge Agent software collects data once every minute.", "title": "PeriodMs", "type": "number" } }, "required": [ "PeriodMs" ], "type": "object" }, "AWS::IoTFleetWise::Campaign.TimestreamConfig": { "additionalProperties": false, "properties": { "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the task execution role that grants AWS IoT FleetWise permission to deliver data to the Amazon Timestream table.", "title": "ExecutionRoleArn", "type": "string" }, "TimestreamTableArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Timestream table.", "title": "TimestreamTableArn", "type": "string" } }, "required": [ "ExecutionRoleArn", "TimestreamTableArn" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "(Optional) A brief description of the decoder manifest.", "title": "Description", "type": "string" }, "ModelManifestArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a vehicle model (model manifest) associated with the decoder manifest.", "title": "ModelManifestArn", "type": "string" }, "Name": { "markdownDescription": "The name of the decoder manifest.", "title": "Name", "type": "string" }, "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems" }, "markdownDescription": "(Optional) A list of information about available network interfaces.", "title": "NetworkInterfaces", "type": "array" }, "SignalDecoders": { "items": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems" }, "markdownDescription": "(Optional) A list of information about signal decoders.", "title": "SignalDecoders", "type": "array" }, "Status": { "markdownDescription": "(Optional) The state of the decoder manifest. If the status is `ACTIVE` , the decoder manifest can't be edited. If the status is marked `DRAFT` , you can edit the decoder manifest.", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata that can be used to manage the decoder manifest.", "title": "Tags", "type": "array" } }, "required": [ "ModelManifestArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::DecoderManifest" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.CanInterface": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The unique name of the interface.", "title": "Name", "type": "string" }, "ProtocolName": { "markdownDescription": "(Optional) The name of the communication protocol for the interface.", "title": "ProtocolName", "type": "string" }, "ProtocolVersion": { "markdownDescription": "(Optional) The version of the communication protocol for the interface.", "title": "ProtocolVersion", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.CanSignal": { "additionalProperties": false, "properties": { "Factor": { "markdownDescription": "A multiplier used to decode the CAN message.", "title": "Factor", "type": "string" }, "IsBigEndian": { "markdownDescription": "Whether the byte ordering of a CAN message is big-endian.", "title": "IsBigEndian", "type": "string" }, "IsSigned": { "markdownDescription": "Whether the message data is specified as a signed value.", "title": "IsSigned", "type": "string" }, "Length": { "markdownDescription": "How many bytes of data are in the message.", "title": "Length", "type": "string" }, "MessageId": { "markdownDescription": "The ID of the message.", "title": "MessageId", "type": "string" }, "Name": { "markdownDescription": "(Optional) The name of the signal.", "title": "Name", "type": "string" }, "Offset": { "markdownDescription": "The offset used to calculate the signal value. Combined with factor, the calculation is `value = raw_value * factor + offset` .", "title": "Offset", "type": "string" }, "StartBit": { "markdownDescription": "Indicates the beginning of the CAN message.", "title": "StartBit", "type": "string" } }, "required": [ "Factor", "IsBigEndian", "IsSigned", "Length", "MessageId", "Offset", "StartBit" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.NetworkInterfacesItems": { "additionalProperties": false, "properties": { "CanInterface": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanInterface" }, "InterfaceId": { "type": "string" }, "ObdInterface": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdInterface" }, "Type": { "type": "string" } }, "required": [ "InterfaceId", "Type" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.ObdInterface": { "additionalProperties": false, "properties": { "DtcRequestIntervalSeconds": { "markdownDescription": "(Optional) The maximum number message requests per diagnostic trouble code per second.", "title": "DtcRequestIntervalSeconds", "type": "string" }, "HasTransmissionEcu": { "markdownDescription": "(Optional) Whether the vehicle has a transmission control module (TCM).", "title": "HasTransmissionEcu", "type": "string" }, "Name": { "markdownDescription": "The name of the interface.", "title": "Name", "type": "string" }, "ObdStandard": { "markdownDescription": "(Optional) The standard OBD II PID.", "title": "ObdStandard", "type": "string" }, "PidRequestIntervalSeconds": { "markdownDescription": "(Optional) The maximum number message requests per second.", "title": "PidRequestIntervalSeconds", "type": "string" }, "RequestMessageId": { "markdownDescription": "The ID of the message requesting vehicle data.", "title": "RequestMessageId", "type": "string" }, "UseExtendedIds": { "markdownDescription": "(Optional) Whether to use extended IDs in the message.", "title": "UseExtendedIds", "type": "string" } }, "required": [ "Name", "RequestMessageId" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.ObdSignal": { "additionalProperties": false, "properties": { "BitMaskLength": { "markdownDescription": "(Optional) The number of bits to mask in a message.", "title": "BitMaskLength", "type": "string" }, "BitRightShift": { "markdownDescription": "(Optional) The number of positions to shift bits in the message.", "title": "BitRightShift", "type": "string" }, "ByteLength": { "markdownDescription": "The length of a message.", "title": "ByteLength", "type": "string" }, "Offset": { "markdownDescription": "The offset used to calculate the signal value. Combined with scaling, the calculation is `value = raw_value * scaling + offset` .", "title": "Offset", "type": "string" }, "Pid": { "markdownDescription": "The diagnostic code used to request data from a vehicle for this signal.", "title": "Pid", "type": "string" }, "PidResponseLength": { "markdownDescription": "The length of the requested data.", "title": "PidResponseLength", "type": "string" }, "Scaling": { "markdownDescription": "A multiplier used to decode the message.", "title": "Scaling", "type": "string" }, "ServiceMode": { "markdownDescription": "The mode of operation (diagnostic service) in a message.", "title": "ServiceMode", "type": "string" }, "StartByte": { "markdownDescription": "Indicates the beginning of the message.", "title": "StartByte", "type": "string" } }, "required": [ "ByteLength", "Offset", "Pid", "PidResponseLength", "Scaling", "ServiceMode", "StartByte" ], "type": "object" }, "AWS::IoTFleetWise::DecoderManifest.SignalDecodersItems": { "additionalProperties": false, "properties": { "CanSignal": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.CanSignal" }, "FullyQualifiedName": { "type": "string" }, "InterfaceId": { "type": "string" }, "ObdSignal": { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest.ObdSignal" }, "Type": { "type": "string" } }, "required": [ "FullyQualifiedName", "InterfaceId", "Type" ], "type": "object" }, "AWS::IoTFleetWise::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "(Optional) A brief description of the fleet.", "title": "Description", "type": "string" }, "Id": { "markdownDescription": "The unique ID of the fleet.", "title": "Id", "type": "string" }, "SignalCatalogArn": { "markdownDescription": "The ARN of the signal catalog associated with the fleet.", "title": "SignalCatalogArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata that can be used to manage the fleet.", "title": "Tags", "type": "array" } }, "required": [ "Id", "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTFleetWise::ModelManifest": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "(Optional) A brief description of the vehicle model.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the vehicle model.", "title": "Name", "type": "string" }, "Nodes": { "items": { "type": "string" }, "markdownDescription": "(Optional) A list of nodes, which are a general abstraction of signals.", "title": "Nodes", "type": "array" }, "SignalCatalogArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the signal catalog associated with the vehicle model.", "title": "SignalCatalogArn", "type": "string" }, "Status": { "markdownDescription": "(Optional) The state of the vehicle model. If the status is `ACTIVE` , the vehicle model can't be edited. If the status is `DRAFT` , you can edit the vehicle model.", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata that can be used to manage the vehicle model.", "title": "Tags", "type": "array" } }, "required": [ "Name", "SignalCatalogArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::ModelManifest" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTFleetWise::SignalCatalog": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "(Optional) A brief description of the signal catalog.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "(Optional) The name of the signal catalog.", "title": "Name", "type": "string" }, "NodeCounts": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.NodeCounts", "markdownDescription": "(Optional) Information about the number of nodes and node types in a vehicle network.", "title": "NodeCounts" }, "Nodes": { "items": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Node" }, "markdownDescription": "(Optional) A list of information about nodes, which are a general abstraction of signals.", "title": "Nodes", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata that can be used to manage the signal catalog.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::SignalCatalog" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.Actuator": { "additionalProperties": false, "properties": { "AllowedValues": { "items": { "type": "string" }, "markdownDescription": "(Optional) A list of possible values an actuator can take.", "title": "AllowedValues", "type": "array" }, "AssignedValue": { "markdownDescription": "(Optional) A specified value for the actuator.", "title": "AssignedValue", "type": "string" }, "DataType": { "markdownDescription": "The specified data type of the actuator.", "title": "DataType", "type": "string" }, "Description": { "markdownDescription": "(Optional) A brief description of the actuator.", "title": "Description", "type": "string" }, "FullyQualifiedName": { "markdownDescription": "The fully qualified name of the actuator. For example, the fully qualified name of an actuator might be `Vehicle.Front.Left.Door.Lock` .", "title": "FullyQualifiedName", "type": "string" }, "Max": { "markdownDescription": "(Optional) The specified possible maximum value of an actuator.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "(Optional) The specified possible minimum value of an actuator.", "title": "Min", "type": "number" }, "Unit": { "markdownDescription": "(Optional) The scientific unit for the actuator.", "title": "Unit", "type": "string" } }, "required": [ "DataType", "FullyQualifiedName" ], "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.Attribute": { "additionalProperties": false, "properties": { "AllowedValues": { "items": { "type": "string" }, "markdownDescription": "(Optional) A list of possible values an attribute can be assigned.", "title": "AllowedValues", "type": "array" }, "AssignedValue": { "markdownDescription": "(Optional) A specified value for the attribute.", "title": "AssignedValue", "type": "string" }, "DataType": { "markdownDescription": "The specified data type of the attribute.", "title": "DataType", "type": "string" }, "DefaultValue": { "markdownDescription": "(Optional) The default value of the attribute.", "title": "DefaultValue", "type": "string" }, "Description": { "markdownDescription": "(Optional) A brief description of the attribute.", "title": "Description", "type": "string" }, "FullyQualifiedName": { "markdownDescription": "The fully qualified name of the attribute. For example, the fully qualified name of an attribute might be `Vehicle.Body.Engine.Type` .", "title": "FullyQualifiedName", "type": "string" }, "Max": { "markdownDescription": "(Optional) The specified possible maximum value of the attribute.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "(Optional) The specified possible minimum value of the attribute.", "title": "Min", "type": "number" }, "Unit": { "markdownDescription": "(Optional) The scientific unit for the attribute.", "title": "Unit", "type": "string" } }, "required": [ "DataType", "FullyQualifiedName" ], "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.Branch": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "(Optional) A brief description of the branch.", "title": "Description", "type": "string" }, "FullyQualifiedName": { "markdownDescription": "The fully qualified name of the branch. For example, the fully qualified name of a branch might be `Vehicle.Body.Engine` .", "title": "FullyQualifiedName", "type": "string" } }, "required": [ "FullyQualifiedName" ], "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.Node": { "additionalProperties": false, "properties": { "Actuator": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Actuator", "markdownDescription": "(Optional) Information about a node specified as an actuator.\n\n> An actuator is a digital representation of a vehicle device.", "title": "Actuator" }, "Attribute": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Attribute", "markdownDescription": "(Optional) Information about a node specified as an attribute.\n\n> An attribute represents static information about a vehicle.", "title": "Attribute" }, "Branch": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Branch", "markdownDescription": "(Optional) Information about a node specified as a branch.\n\n> A group of signals that are defined in a hierarchical structure.", "title": "Branch" }, "Sensor": { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog.Sensor", "markdownDescription": "(Optional) An input component that reports the environmental condition of a vehicle.\n\n> You can collect data about fluid levels, temperatures, vibrations, or battery voltage from sensors.", "title": "Sensor" } }, "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.NodeCounts": { "additionalProperties": false, "properties": { "TotalActuators": { "markdownDescription": "(Optional) The total number of nodes in a vehicle network that represent actuators.", "title": "TotalActuators", "type": "number" }, "TotalAttributes": { "markdownDescription": "(Optional) The total number of nodes in a vehicle network that represent attributes.", "title": "TotalAttributes", "type": "number" }, "TotalBranches": { "markdownDescription": "(Optional) The total number of nodes in a vehicle network that represent branches.", "title": "TotalBranches", "type": "number" }, "TotalNodes": { "markdownDescription": "(Optional) The total number of nodes in a vehicle network.", "title": "TotalNodes", "type": "number" }, "TotalSensors": { "markdownDescription": "(Optional) The total number of nodes in a vehicle network that represent sensors.", "title": "TotalSensors", "type": "number" } }, "type": "object" }, "AWS::IoTFleetWise::SignalCatalog.Sensor": { "additionalProperties": false, "properties": { "AllowedValues": { "items": { "type": "string" }, "markdownDescription": "(Optional) A list of possible values a sensor can take.", "title": "AllowedValues", "type": "array" }, "DataType": { "markdownDescription": "The specified data type of the sensor.", "title": "DataType", "type": "string" }, "Description": { "markdownDescription": "(Optional) A brief description of a sensor.", "title": "Description", "type": "string" }, "FullyQualifiedName": { "markdownDescription": "The fully qualified name of the sensor. For example, the fully qualified name of a sensor might be `Vehicle.Body.Engine.Battery` .", "title": "FullyQualifiedName", "type": "string" }, "Max": { "markdownDescription": "(Optional) The specified possible maximum value of the sensor.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "(Optional) The specified possible minimum value of the sensor.", "title": "Min", "type": "number" }, "Unit": { "markdownDescription": "(Optional) The scientific unit of measurement for data collected by the sensor.", "title": "Unit", "type": "string" } }, "required": [ "DataType", "FullyQualifiedName" ], "type": "object" }, "AWS::IoTFleetWise::Vehicle": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociationBehavior": { "markdownDescription": "(Optional) An option to create a new AWS IoT thing when creating a vehicle, or to validate an existing thing as a vehicle.", "title": "AssociationBehavior", "type": "string" }, "Attributes": { "additionalProperties": true, "markdownDescription": "(Optional) Static information about a vehicle in a key-value pair. For example: `\"engine Type\"` : `\"v6\"`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "DecoderManifestArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a decoder manifest associated with the vehicle to create.", "title": "DecoderManifestArn", "type": "string" }, "ModelManifestArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the vehicle model (model manifest) to create the vehicle from.", "title": "ModelManifestArn", "type": "string" }, "Name": { "markdownDescription": "The unique ID of the vehicle.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "(Optional) Metadata which can be used to manage the vehicle.", "title": "Tags", "type": "array" } }, "required": [ "DecoderManifestArn", "ModelManifestArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTFleetWise::Vehicle" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::AccessPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPolicyIdentity": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity", "markdownDescription": "The identity for this access policy. Choose an IAM Identity Center user, an IAM Identity Center group, or an IAM user.", "title": "AccessPolicyIdentity" }, "AccessPolicyPermission": { "markdownDescription": "The permission level for this access policy. Note that a project `ADMINISTRATOR` is also known as a project owner.", "title": "AccessPolicyPermission", "type": "string" }, "AccessPolicyResource": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource", "markdownDescription": "The AWS IoT SiteWise Monitor resource for this access policy. Choose either a portal or a project.", "title": "AccessPolicyResource" } }, "required": [ "AccessPolicyIdentity", "AccessPolicyPermission", "AccessPolicyResource" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::AccessPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.AccessPolicyIdentity": { "additionalProperties": false, "properties": { "IamRole": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamRole", "markdownDescription": "An IAM role identity.", "title": "IamRole" }, "IamUser": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.IamUser", "markdownDescription": "An IAM user identity.", "title": "IamUser" }, "User": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.User", "markdownDescription": "An IAM Identity Center user identity.", "title": "User" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.AccessPolicyResource": { "additionalProperties": false, "properties": { "Portal": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Portal", "markdownDescription": "Identifies an AWS IoT SiteWise Monitor portal.", "title": "Portal" }, "Project": { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy.Project", "markdownDescription": "Identifies a specific AWS IoT SiteWise Monitor project.", "title": "Project" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.IamRole": { "additionalProperties": false, "properties": { "arn": { "markdownDescription": "The ARN of the IAM role. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .", "title": "arn", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.IamUser": { "additionalProperties": false, "properties": { "arn": { "markdownDescription": "The ARN of the IAM user. For more information, see [IAM ARNs](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in the *IAM User Guide* .\n\n> If you delete the IAM user, access policies that contain this identity include an empty `arn` . You can delete the access policy for the IAM user that no longer exists.", "title": "arn", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.Portal": { "additionalProperties": false, "properties": { "id": { "markdownDescription": "The ID of the portal.", "title": "id", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.Project": { "additionalProperties": false, "properties": { "id": { "markdownDescription": "The ID of the project.", "title": "id", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AccessPolicy.User": { "additionalProperties": false, "properties": { "id": { "markdownDescription": "The IAM Identity Center ID of the user.", "title": "id", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::Asset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssetDescription": { "markdownDescription": "The ID of the asset, in UUID format.", "title": "AssetDescription", "type": "string" }, "AssetExternalId": { "markdownDescription": "The external ID of the asset model composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "AssetExternalId", "type": "string" }, "AssetHierarchies": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetHierarchy" }, "markdownDescription": "A list of asset hierarchies that each contain a `hierarchyId` . A hierarchy specifies allowed parent/child asset relationships.", "title": "AssetHierarchies", "type": "array" }, "AssetModelId": { "markdownDescription": "The ID of the asset model from which to create the asset. This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", "title": "AssetModelId", "type": "string" }, "AssetName": { "markdownDescription": "A friendly name for the asset.", "title": "AssetName", "type": "string" }, "AssetProperties": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::Asset.AssetProperty" }, "markdownDescription": "The list of asset properties for the asset.\n\nThis object doesn't include properties that you define in composite models. You can find composite model properties in the `assetCompositeModels` object.", "title": "AssetProperties", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "AssetModelId", "AssetName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::Asset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::Asset.AssetHierarchy": { "additionalProperties": false, "properties": { "ChildAssetId": { "markdownDescription": "The Id of the child asset.", "title": "ChildAssetId", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID of the hierarchy, if it has one. When you update an asset hierarchy, you may assign an external ID if it doesn't already have one. You can't change the external ID of an asset hierarchy that already has one. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "ExternalId", "type": "string" }, "Id": { "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set.", "title": "Id", "type": "string" }, "LogicalId": { "markdownDescription": "The ID of the hierarchy. This ID is a `hierarchyId` .", "title": "LogicalId", "type": "string" } }, "required": [ "ChildAssetId" ], "type": "object" }, "AWS::IoTSiteWise::Asset.AssetProperty": { "additionalProperties": false, "properties": { "Alias": { "markdownDescription": "The alias that identifies the property, such as an OPC-UA server data stream path (for example, `/company/windfarm/3/turbine/7/temperature` ). For more information, see [Mapping industrial data streams to asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/connect-data-streams.html) in the *AWS IoT SiteWise User Guide* .", "title": "Alias", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID of the property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "ExternalId", "type": "string" }, "Id": { "markdownDescription": "The ID of the asset property.\n\n> This is a return value and can't be set.", "title": "Id", "type": "string" }, "LogicalId": { "markdownDescription": "The `LogicalID` of the asset property.", "title": "LogicalId", "type": "string" }, "NotificationState": { "markdownDescription": "The MQTT notification state (enabled or disabled) for this asset property. When the notification state is enabled, AWS IoT SiteWise publishes property value updates to a unique MQTT topic. For more information, see [Interacting with other services](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/interact-with-other-services.html) in the *AWS IoT SiteWise User Guide* .\n\nIf you omit this parameter, the notification state is set to `DISABLED` .", "title": "NotificationState", "type": "string" }, "Unit": { "markdownDescription": "The unit (such as `Newtons` or `RPM` ) of the asset property.", "title": "Unit", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AssetModel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssetModelCompositeModels": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel" }, "markdownDescription": "The composite models that are part of this asset model. It groups properties (such as attributes, measurements, transforms, and metrics) and child composite models that model parts of your industrial equipment. Each composite model has a type that defines the properties that the composite model supports. Use composite models to define alarms on this asset model.\n\n> When creating custom composite models, you need to use [CreateAssetModelCompositeModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModelCompositeModel.html) . For more information, see [Creating custom composite models (Components)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-custom-composite-models.html) in the *AWS IoT SiteWise User Guide* .", "title": "AssetModelCompositeModels", "type": "array" }, "AssetModelDescription": { "markdownDescription": "A description for the asset model.", "title": "AssetModelDescription", "type": "string" }, "AssetModelExternalId": { "markdownDescription": "The external ID of the asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "AssetModelExternalId", "type": "string" }, "AssetModelHierarchies": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelHierarchy" }, "markdownDescription": "The hierarchy definitions of the asset model. Each hierarchy specifies an asset model whose assets can be children of any other assets created from this asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 10 hierarchies per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", "title": "AssetModelHierarchies", "type": "array" }, "AssetModelName": { "markdownDescription": "A unique, friendly name for the asset model.", "title": "AssetModelName", "type": "string" }, "AssetModelProperties": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" }, "markdownDescription": "The property definitions of the asset model. For more information, see [Asset properties](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-properties.html) in the *AWS IoT SiteWise User Guide* .\n\nYou can specify up to 200 properties per asset model. For more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", "title": "AssetModelProperties", "type": "array" }, "AssetModelType": { "markdownDescription": "The type of asset model.\n\n- *ASSET_MODEL* \u2013 (default) An asset model that you can use to create assets. Can't be included as a component in another asset model.\n- *COMPONENT_MODEL* \u2013 A reusable component that you can include in the composite models of other asset models. You can't create assets directly from this type of asset model.", "title": "AssetModelType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the asset. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "AssetModelName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::AssetModel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.AssetModelCompositeModel": { "additionalProperties": false, "properties": { "ComposedAssetModelId": { "markdownDescription": "The ID of a component model which is reused to create this composite model.", "title": "ComposedAssetModelId", "type": "string" }, "CompositeModelProperties": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.AssetModelProperty" }, "markdownDescription": "The asset property definitions for this composite model.", "title": "CompositeModelProperties", "type": "array" }, "Description": { "markdownDescription": "The description of the composite model.\n\n> If the composite model is a `component-model-based` composite model, the description is inherited from the `COMPONENT_MODEL` asset model and cannot be changed.", "title": "Description", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID of a composite model on this asset model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `Path` must be specified.", "title": "ExternalId", "type": "string" }, "Id": { "markdownDescription": "The ID of the asset model composite model.\n\n> This is a return value and can't be set.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the composite model.", "title": "Name", "type": "string" }, "ParentAssetModelCompositeModelExternalId": { "markdownDescription": "The external ID of the parent composite model. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "ParentAssetModelCompositeModelExternalId", "type": "string" }, "Path": { "items": { "type": "string" }, "markdownDescription": "The structured path to the property from the root of the asset using property names. Path is used as the ID if the asset model is a derived composite model.\n\n> One of `ExternalId` or `Path` must be specified.", "title": "Path", "type": "array" }, "Type": { "markdownDescription": "The type of the composite model. For alarm composite models, this type is `AWS/ALARM` .", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.AssetModelHierarchy": { "additionalProperties": false, "properties": { "ChildAssetModelId": { "markdownDescription": "The ID of the asset model, in UUID format. All assets in this hierarchy must be instances of the `childAssetModelId` asset model. AWS IoT SiteWise will always return the actual asset model ID for this value. However, when you are specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) , you may provide either the asset model ID or else `externalId:` followed by the asset model's external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "ChildAssetModelId", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID (if any) provided in the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) operation. You can assign an external ID by specifying this value as part of a call to [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) . However, you can't change the external ID if one is already assigned. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", "title": "ExternalId", "type": "string" }, "Id": { "markdownDescription": "The ID of the asset model hierarchy. This ID is a `hierarchyId` .\n\n> This is a return value and can't be set. \n\n- If you are callling [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) to create a *new* hierarchy: You can specify its ID here, if desired. AWS IoT SiteWise automatically generates a unique ID for you, so this parameter is never required. However, if you prefer to supply your own ID instead, you can specify it here in UUID format. If you specify your own ID, it must be globally unique.\n- If you are calling UpdateAssetModel to modify an *existing* hierarchy: This can be either the actual ID in UUID format, or else `externalId:` followed by the external ID, if it has one. For more information, see [Referencing objects with external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-id-references) in the *AWS IoT SiteWise User Guide* .", "title": "Id", "type": "string" }, "LogicalId": { "markdownDescription": "The `LogicalID` of the asset model hierarchy. This ID is a `hierarchyLogicalId` .\n\n> One of `ExternalId` or `LogicalId` must be specified.", "title": "LogicalId", "type": "string" }, "Name": { "markdownDescription": "The name of the asset model hierarchy that you specify by using the [CreateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_CreateAssetModel.html) or [UpdateAssetModel](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_UpdateAssetModel.html) API operation.", "title": "Name", "type": "string" } }, "required": [ "ChildAssetModelId", "Name" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.AssetModelProperty": { "additionalProperties": false, "properties": { "DataType": { "markdownDescription": "The data type of the asset model property.", "title": "DataType", "type": "string" }, "DataTypeSpec": { "markdownDescription": "The data type of the structure for this property. This parameter exists on properties that have the `STRUCT` data type.", "title": "DataTypeSpec", "type": "string" }, "ExternalId": { "markdownDescription": "The external ID of the asset property. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> One of `ExternalId` or `LogicalId` must be specified.", "title": "ExternalId", "type": "string" }, "Id": { "markdownDescription": "The ID of the property.\n\n> This is a return value and can't be set.", "title": "Id", "type": "string" }, "LogicalId": { "markdownDescription": "The `LogicalID` of the asset model property.\n\n> One of `ExternalId` or `LogicalId` must be specified.", "title": "LogicalId", "type": "string" }, "Name": { "markdownDescription": "The name of the asset model property.", "title": "Name", "type": "string" }, "Type": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyType", "markdownDescription": "Contains a property type, which can be one of `attribute` , `measurement` , `metric` , or `transform` .", "title": "Type" }, "Unit": { "markdownDescription": "The unit of the asset model property, such as `Newtons` or `RPM` .", "title": "Unit", "type": "string" } }, "required": [ "DataType", "Name", "Type" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.Attribute": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* .", "title": "DefaultValue", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::AssetModel.ExpressionVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The friendly name of the variable to be used in the expression.", "title": "Name", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.VariableValue", "markdownDescription": "The variable that identifies an asset property from which to use values.", "title": "Value" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.Metric": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The mathematical expression that defines the metric aggregation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", "title": "Expression", "type": "string" }, "Variables": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, "markdownDescription": "The list of variables used in the expression.", "title": "Variables", "type": "array" }, "Window": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.MetricWindow", "markdownDescription": "The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression. AWS IoT SiteWise computes one data point per `window` .", "title": "Window" } }, "required": [ "Expression", "Variables", "Window" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.MetricWindow": { "additionalProperties": false, "properties": { "Tumbling": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.TumblingWindow", "markdownDescription": "The tumbling time interval window.", "title": "Tumbling" } }, "type": "object" }, "AWS::IoTSiteWise::AssetModel.PropertyPathDefinition": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the path segment.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.PropertyType": { "additionalProperties": false, "properties": { "Attribute": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Attribute", "markdownDescription": "Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine.", "title": "Attribute" }, "Metric": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Metric", "markdownDescription": "Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature.", "title": "Metric" }, "Transform": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.Transform", "markdownDescription": "Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit.", "title": "Transform" }, "TypeName": { "markdownDescription": "The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` .", "title": "TypeName", "type": "string" } }, "required": [ "TypeName" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.Transform": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The mathematical expression that defines the transformation function. You can specify up to 10 variables per expression. You can specify up to 10 functions per expression.\n\nFor more information, see [Quotas](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/quotas.html) in the *AWS IoT SiteWise User Guide* .", "title": "Expression", "type": "string" }, "Variables": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.ExpressionVariable" }, "markdownDescription": "The list of variables used in the expression.", "title": "Variables", "type": "array" } }, "required": [ "Expression", "Variables" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.TumblingWindow": { "additionalProperties": false, "properties": { "Interval": { "markdownDescription": "The time interval for the tumbling window. The interval time must be between 1 minute and 1 week.\n\nAWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on.\n\nWhen AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval.", "title": "Interval", "type": "string" }, "Offset": { "markdownDescription": "The offset for the tumbling window. The `offset` parameter accepts the following:\n\n- The offset time.\n\nFor example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The ISO 8601 format.\n\nFor example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric.\n- If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day.\n- The 24-hour clock.\n\nFor example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC).\n- The offset time zone.\n\nFor example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways:\n\n- If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric.\n- If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day.", "title": "Offset", "type": "string" } }, "required": [ "Interval" ], "type": "object" }, "AWS::IoTSiteWise::AssetModel.VariableValue": { "additionalProperties": false, "properties": { "HierarchyExternalId": { "markdownDescription": "The external ID of the hierarchy being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "HierarchyExternalId", "type": "string" }, "HierarchyId": { "markdownDescription": "The ID of the hierarchy to query for the property ID. You can use the hierarchy's name instead of the hierarchy's ID. If the hierarchy has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\nYou use a hierarchy ID instead of a model ID because you can have several hierarchies using the same model and therefore the same `propertyId` . For example, you might have separately grouped assets that come from the same asset model. For more information, see [Asset hierarchies](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", "title": "HierarchyId", "type": "string" }, "HierarchyLogicalId": { "markdownDescription": "The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` .\n\nYou use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* .", "title": "HierarchyLogicalId", "type": "string" }, "PropertyExternalId": { "markdownDescription": "The external ID of the property being referenced. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .", "title": "PropertyExternalId", "type": "string" }, "PropertyId": { "markdownDescription": "The ID of the property to use as the variable. You can use the property `name` if it's from the same asset model. If the property has an external ID, you can specify `externalId:` followed by the external ID. For more information, see [Using external IDs](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/object-ids.html#external-ids) in the *AWS IoT SiteWise User Guide* .\n\n> This is a return value and can't be set.", "title": "PropertyId", "type": "string" }, "PropertyLogicalId": { "markdownDescription": "The `LogicalID` of the property that is being referenced.", "title": "PropertyLogicalId", "type": "string" }, "PropertyPath": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel.PropertyPathDefinition" }, "markdownDescription": "The path of the property. Each step of the path is the name of the step. See the following example:\n\n`PropertyPath: Name: AssetModelName Name: Composite1 Name: NestedComposite`", "title": "PropertyPath", "type": "array" } }, "type": "object" }, "AWS::IoTSiteWise::Dashboard": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DashboardDefinition": { "markdownDescription": "The dashboard definition specified in a JSON literal. For detailed information, see [Creating dashboards (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/create-dashboards-using-aws-cli.html) in the *AWS IoT SiteWise User Guide* .", "title": "DashboardDefinition", "type": "string" }, "DashboardDescription": { "markdownDescription": "A description for the dashboard.", "title": "DashboardDescription", "type": "string" }, "DashboardName": { "markdownDescription": "A friendly name for the dashboard.", "title": "DashboardName", "type": "string" }, "ProjectId": { "markdownDescription": "The ID of the project in which to create the dashboard.", "title": "ProjectId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the dashboard. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "DashboardDefinition", "DashboardDescription", "DashboardName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::Dashboard" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::Gateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GatewayCapabilitySummaries": { "items": { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary" }, "markdownDescription": "A list of gateway capability summaries that each contain a namespace and status. Each gateway capability defines data sources for the gateway. To retrieve a capability configuration's definition, use [DescribeGatewayCapabilityConfiguration](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_DescribeGatewayCapabilityConfiguration.html) .", "title": "GatewayCapabilitySummaries", "type": "array" }, "GatewayName": { "markdownDescription": "A unique, friendly name for the gateway.", "title": "GatewayName", "type": "string" }, "GatewayPlatform": { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GatewayPlatform", "markdownDescription": "The gateway's platform. You can only specify one platform in a gateway.", "title": "GatewayPlatform" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the gateway. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "GatewayName", "GatewayPlatform" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::Gateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::Gateway.GatewayCapabilitySummary": { "additionalProperties": false, "properties": { "CapabilityConfiguration": { "markdownDescription": "The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* .", "title": "CapabilityConfiguration", "type": "string" }, "CapabilityNamespace": { "markdownDescription": "The namespace of the capability configuration. For example, if you configure OPC-UA sources from the AWS IoT SiteWise console, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:version` , where `version` is a number such as `1` .", "title": "CapabilityNamespace", "type": "string" } }, "required": [ "CapabilityNamespace" ], "type": "object" }, "AWS::IoTSiteWise::Gateway.GatewayPlatform": { "additionalProperties": false, "properties": { "Greengrass": { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.Greengrass", "markdownDescription": "A gateway that runs on AWS IoT Greengrass .", "title": "Greengrass" }, "GreengrassV2": { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.GreengrassV2", "markdownDescription": "A gateway that runs on AWS IoT Greengrass V2 .", "title": "GreengrassV2" }, "SiemensIE": { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway.SiemensIE", "markdownDescription": "", "title": "SiemensIE" } }, "type": "object" }, "AWS::IoTSiteWise::Gateway.Greengrass": { "additionalProperties": false, "properties": { "GroupArn": { "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Greengrass group. For more information about how to find a group's ARN, see [ListGroups](https://docs.aws.amazon.com/greengrass/v1/apireference/listgroups-get.html) and [GetGroup](https://docs.aws.amazon.com/greengrass/v1/apireference/getgroup-get.html) in the *AWS IoT Greengrass V1 API Reference* .", "title": "GroupArn", "type": "string" } }, "required": [ "GroupArn" ], "type": "object" }, "AWS::IoTSiteWise::Gateway.GreengrassV2": { "additionalProperties": false, "properties": { "CoreDeviceThingName": { "markdownDescription": "The name of the AWS IoT thing for your AWS IoT Greengrass V2 core device.", "title": "CoreDeviceThingName", "type": "string" } }, "required": [ "CoreDeviceThingName" ], "type": "object" }, "AWS::IoTSiteWise::Gateway.SiemensIE": { "additionalProperties": false, "properties": { "IotCoreThingName": { "markdownDescription": "", "title": "IotCoreThingName", "type": "string" } }, "required": [ "IotCoreThingName" ], "type": "object" }, "AWS::IoTSiteWise::Portal": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Alarms": { "$ref": "#/definitions/AWS::IoTSiteWise::Portal.Alarms", "markdownDescription": "Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. For more information, see [Monitoring with alarms](https://docs.aws.amazon.com/iot-sitewise/latest/appguide/monitor-alarms.html) in the *AWS IoT SiteWise Application Guide* .", "title": "Alarms" }, "NotificationSenderEmail": { "markdownDescription": "The email address that sends alarm notifications.\n\n> If you use the [AWS IoT Events managed Lambda function](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) to manage your emails, you must [verify the sender email address in Amazon SES](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/verify-email-addresses.html) .", "title": "NotificationSenderEmail", "type": "string" }, "PortalAuthMode": { "markdownDescription": "The service to use to authenticate users to the portal. Choose from the following options:\n\n- `SSO` \u2013 The portal uses AWS IAM Identity Center to authenticate users and manage user permissions. Before you can create a portal that uses IAM Identity Center, you must enable IAM Identity Center. For more information, see [Enabling IAM Identity Center](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-get-started.html#mon-gs-sso) in the *AWS IoT SiteWise User Guide* . This option is only available in AWS Regions other than the China Regions.\n- `IAM` \u2013 The portal uses AWS Identity and Access Management to authenticate users and manage user permissions.\n\nYou can't change this value after you create a portal.\n\nDefault: `SSO`", "title": "PortalAuthMode", "type": "string" }, "PortalContactEmail": { "markdownDescription": "The AWS administrator's contact email address.", "title": "PortalContactEmail", "type": "string" }, "PortalDescription": { "markdownDescription": "A description for the portal.", "title": "PortalDescription", "type": "string" }, "PortalName": { "markdownDescription": "A friendly name for the portal.", "title": "PortalName", "type": "string" }, "RoleArn": { "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of a service role that allows the portal's users to access your AWS IoT SiteWise resources on your behalf. For more information, see [Using service roles for AWS IoT SiteWise Monitor](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/monitor-service-role.html) in the *AWS IoT SiteWise User Guide* .", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the portal. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "PortalContactEmail", "PortalName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::Portal" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTSiteWise::Portal.Alarms": { "additionalProperties": false, "properties": { "AlarmRoleArn": { "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events .", "title": "AlarmRoleArn", "type": "string" }, "NotificationLambdaArn": { "markdownDescription": "The [ARN](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the Lambda function that manages alarm notifications. For more information, see [Managing alarm notifications](https://docs.aws.amazon.com/iotevents/latest/developerguide/lambda-support.html) in the *AWS IoT Events Developer Guide* .", "title": "NotificationLambdaArn", "type": "string" } }, "type": "object" }, "AWS::IoTSiteWise::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssetIds": { "items": { "type": "string" }, "markdownDescription": "A list that contains the IDs of each asset associated with the project.", "title": "AssetIds", "type": "array" }, "PortalId": { "markdownDescription": "The ID of the portal in which to create the project.", "title": "PortalId", "type": "string" }, "ProjectDescription": { "markdownDescription": "A description for the project.", "title": "ProjectDescription", "type": "string" }, "ProjectName": { "markdownDescription": "A friendly name for the project.", "title": "ProjectName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that contain metadata for the project. For more information, see [Tagging your AWS IoT SiteWise resources](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/tag-resources.html) in the *AWS IoT SiteWise User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "PortalId", "ProjectName" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTSiteWise::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTThingsGraph::FlowTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CompatibleNamespaceVersion": { "type": "number" }, "Definition": { "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument" } }, "required": [ "Definition" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTThingsGraph::FlowTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTThingsGraph::FlowTemplate.DefinitionDocument": { "additionalProperties": false, "properties": { "Language": { "type": "string" }, "Text": { "type": "string" } }, "required": [ "Language", "Text" ], "type": "object" }, "AWS::IoTTwinMaker::ComponentType": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ComponentTypeId": { "markdownDescription": "The ID of the component type.", "title": "ComponentTypeId", "type": "string" }, "CompositeComponentTypes": { "additionalProperties": false, "markdownDescription": "Maps strings to `compositeComponentTypes` of the `componentType` . `CompositeComponentType` is referenced by `componentTypeId` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.CompositeComponentType" } }, "title": "CompositeComponentTypes", "type": "object" }, "Description": { "markdownDescription": "The description of the component type.", "title": "Description", "type": "string" }, "ExtendsFrom": { "items": { "type": "string" }, "markdownDescription": "The name of the parent component type that this component type extends.", "title": "ExtendsFrom", "type": "array" }, "Functions": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the functions in the component type. Each string in the mapping must be unique to this object.\n\nFor information on the FunctionResponse object see the [FunctionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_FunctionResponse.html) API reference.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Function" } }, "title": "Functions", "type": "object" }, "IsSingleton": { "markdownDescription": "A boolean value that specifies whether an entity can have more than one component of this type.", "title": "IsSingleton", "type": "boolean" }, "PropertyDefinitions": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the property definitions in the component type. Each string in the mapping must be unique to this object.\n\nFor information about the PropertyDefinitionResponse object, see the [PropertyDefinitionResponse](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_PropertyDefinitionResponse.html) API reference.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyDefinition" } }, "title": "PropertyDefinitions", "type": "object" }, "PropertyGroups": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.PropertyGroup" } }, "title": "PropertyGroups", "type": "object" }, "Tags": { "additionalProperties": true, "markdownDescription": "The ComponentType tags.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "WorkspaceId": { "markdownDescription": "The ID of the workspace that contains the component type.", "title": "WorkspaceId", "type": "string" } }, "required": [ "ComponentTypeId", "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTTwinMaker::ComponentType" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTTwinMaker::ComponentType.CompositeComponentType": { "additionalProperties": false, "properties": { "ComponentTypeId": { "markdownDescription": "The ID of the component type.", "title": "ComponentTypeId", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.DataConnector": { "additionalProperties": false, "properties": { "IsNative": { "markdownDescription": "A boolean value that specifies whether the data connector is native to IoT TwinMaker.", "title": "IsNative", "type": "boolean" }, "Lambda": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.LambdaFunction", "markdownDescription": "The Lambda function associated with the data connector.", "title": "Lambda" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.DataType": { "additionalProperties": false, "properties": { "AllowedValues": { "items": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" }, "markdownDescription": "The allowed values for this data type.", "title": "AllowedValues", "type": "array" }, "NestedType": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", "markdownDescription": "The nested type in the data type.", "title": "NestedType" }, "Relationship": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Relationship", "markdownDescription": "A relationship that associates a component with another component.", "title": "Relationship" }, "Type": { "markdownDescription": "The underlying type of the data type.\n\nValid Values: `RELATIONSHIP | STRING | LONG | BOOLEAN | INTEGER | DOUBLE | LIST | MAP`", "title": "Type", "type": "string" }, "UnitOfMeasure": { "markdownDescription": "The unit of measure used in this data type.", "title": "UnitOfMeasure", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTTwinMaker::ComponentType.DataValue": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "A boolean value.", "title": "BooleanValue", "type": "boolean" }, "DoubleValue": { "markdownDescription": "A double value.", "title": "DoubleValue", "type": "number" }, "Expression": { "markdownDescription": "An expression that produces the value.", "title": "Expression", "type": "string" }, "IntegerValue": { "markdownDescription": "An integer value.", "title": "IntegerValue", "type": "number" }, "ListValue": { "items": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" }, "markdownDescription": "A list of multiple values.", "title": "ListValue", "type": "array" }, "LongValue": { "markdownDescription": "A long value.", "title": "LongValue", "type": "number" }, "MapValue": { "additionalProperties": false, "markdownDescription": "An object that maps strings to multiple `DataValue` objects.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue" } }, "title": "MapValue", "type": "object" }, "RelationshipValue": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.RelationshipValue", "markdownDescription": "A value that relates a component to another component.", "title": "RelationshipValue" }, "StringValue": { "markdownDescription": "A string value.", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.Error": { "additionalProperties": false, "properties": { "Code": { "markdownDescription": "The component type error code.", "title": "Code", "type": "string" }, "Message": { "markdownDescription": "The component type error message.", "title": "Message", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.Function": { "additionalProperties": false, "properties": { "ImplementedBy": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataConnector", "markdownDescription": "The data connector.", "title": "ImplementedBy" }, "RequiredProperties": { "items": { "type": "string" }, "markdownDescription": "The required properties of the function.", "title": "RequiredProperties", "type": "array" }, "Scope": { "markdownDescription": "The scope of the function.", "title": "Scope", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.LambdaFunction": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Lambda function ARN.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::IoTTwinMaker::ComponentType.PropertyDefinition": { "additionalProperties": false, "properties": { "Configurations": { "additionalProperties": true, "markdownDescription": "A mapping that specifies configuration information about the property.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Configurations", "type": "object" }, "DataType": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataType", "markdownDescription": "", "title": "DataType" }, "DefaultValue": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.DataValue", "markdownDescription": "A boolean value that specifies whether the property ID comes from an external data store.", "title": "DefaultValue" }, "IsExternalId": { "markdownDescription": "A Boolean value that specifies whether the property ID comes from an external data source.", "title": "IsExternalId", "type": "boolean" }, "IsRequiredInEntity": { "markdownDescription": "A boolean value that specifies whether the property is required in an entity.", "title": "IsRequiredInEntity", "type": "boolean" }, "IsStoredExternally": { "markdownDescription": "A boolean value that specifies whether the property is stored externally.", "title": "IsStoredExternally", "type": "boolean" }, "IsTimeSeries": { "markdownDescription": "A boolean value that specifies whether the property consists of time series data.", "title": "IsTimeSeries", "type": "boolean" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.PropertyGroup": { "additionalProperties": false, "properties": { "GroupType": { "markdownDescription": "The group type.", "title": "GroupType", "type": "string" }, "PropertyNames": { "items": { "type": "string" }, "markdownDescription": "The property names.", "title": "PropertyNames", "type": "array" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.Relationship": { "additionalProperties": false, "properties": { "RelationshipType": { "markdownDescription": "The type of the relationship.", "title": "RelationshipType", "type": "string" }, "TargetComponentTypeId": { "markdownDescription": "The ID of the target component type associated with this relationship.", "title": "TargetComponentTypeId", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.RelationshipValue": { "additionalProperties": false, "properties": { "TargetComponentName": { "markdownDescription": "The target component name.", "title": "TargetComponentName", "type": "string" }, "TargetEntityId": { "markdownDescription": "The target entity Id.", "title": "TargetEntityId", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::ComponentType.Status": { "additionalProperties": false, "properties": { "Error": { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType.Error", "markdownDescription": "The component type error.", "title": "Error" }, "State": { "markdownDescription": "The component type status state.", "title": "State", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Components": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the components in the entity. Each string in the mapping must be unique to this object.\n\nFor information on the component object see the [component](https://docs.aws.amazon.com//iot-twinmaker/latest/apireference/API_ComponentResponse.html) API reference.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Component" } }, "title": "Components", "type": "object" }, "CompositeComponents": { "additionalProperties": false, "markdownDescription": "Maps string to `compositeComponent` updates in the request. Each key of the map represents the `componentPath` of the `compositeComponent` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.CompositeComponent" } }, "title": "CompositeComponents", "type": "object" }, "Description": { "markdownDescription": "The description of the entity.", "title": "Description", "type": "string" }, "EntityId": { "markdownDescription": "The ID of the entity.", "title": "EntityId", "type": "string" }, "EntityName": { "markdownDescription": "The entity name.", "title": "EntityName", "type": "string" }, "ParentEntityId": { "markdownDescription": "The ID of the parent entity.", "title": "ParentEntityId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that you can use to manage the entity.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "WorkspaceId": { "markdownDescription": "The ID of the workspace that contains the entity.", "title": "WorkspaceId", "type": "string" } }, "required": [ "EntityName", "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTTwinMaker::Entity" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTTwinMaker::Entity.Component": { "additionalProperties": false, "properties": { "ComponentName": { "markdownDescription": "The name of the component.", "title": "ComponentName", "type": "string" }, "ComponentTypeId": { "markdownDescription": "The ID of the component type.", "title": "ComponentTypeId", "type": "string" }, "DefinedIn": { "markdownDescription": "The name of the property definition set in the request.", "title": "DefinedIn", "type": "string" }, "Description": { "markdownDescription": "The description of the component.", "title": "Description", "type": "string" }, "Properties": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" } }, "title": "Properties", "type": "object" }, "PropertyGroups": { "additionalProperties": false, "markdownDescription": "An object that maps strings to the property groups in the component type. Each string in the mapping must be unique to this object.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" } }, "title": "PropertyGroups", "type": "object" }, "Status": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", "markdownDescription": "The status of the component.", "title": "Status" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.CompositeComponent": { "additionalProperties": false, "properties": { "ComponentName": { "markdownDescription": "The name of the component.", "title": "ComponentName", "type": "string" }, "ComponentPath": { "markdownDescription": "The path to the composite component, starting from the top-level component.", "title": "ComponentPath", "type": "string" }, "ComponentTypeId": { "markdownDescription": "The ID of the composite component type.", "title": "ComponentTypeId", "type": "string" }, "Description": { "markdownDescription": "The description of the component type.", "title": "Description", "type": "string" }, "Properties": { "additionalProperties": false, "markdownDescription": "Map of strings to the properties in the component type. Each string in the mapping must be unique to this component.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Property" } }, "title": "Properties", "type": "object" }, "PropertyGroups": { "additionalProperties": false, "markdownDescription": "The property groups.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.PropertyGroup" } }, "title": "PropertyGroups", "type": "object" }, "Status": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Status", "markdownDescription": "The current status of the composite component.", "title": "Status" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.DataType": { "additionalProperties": false, "properties": { "AllowedValues": { "items": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" }, "markdownDescription": "The allowed values.", "title": "AllowedValues", "type": "array" }, "NestedType": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", "markdownDescription": "The nested type.", "title": "NestedType" }, "Relationship": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Relationship", "markdownDescription": "The relationship.", "title": "Relationship" }, "Type": { "markdownDescription": "The entity type.", "title": "Type", "type": "string" }, "UnitOfMeasure": { "markdownDescription": "The unit of measure.", "title": "UnitOfMeasure", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.DataValue": { "additionalProperties": false, "properties": { "BooleanValue": { "markdownDescription": "A boolean value.", "title": "BooleanValue", "type": "boolean" }, "DoubleValue": { "markdownDescription": "A double value.", "title": "DoubleValue", "type": "number" }, "Expression": { "markdownDescription": "An expression that produces the value.", "title": "Expression", "type": "string" }, "IntegerValue": { "markdownDescription": "An integer value.", "title": "IntegerValue", "type": "number" }, "ListValue": { "items": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" }, "markdownDescription": "A list of multiple values.", "title": "ListValue", "type": "array" }, "LongValue": { "markdownDescription": "A long value.", "title": "LongValue", "type": "number" }, "MapValue": { "additionalProperties": false, "markdownDescription": "An object that maps strings to multiple DataValue objects.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue" } }, "title": "MapValue", "type": "object" }, "RelationshipValue": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.RelationshipValue", "markdownDescription": "A value that relates a component to another component.", "title": "RelationshipValue" }, "StringValue": { "markdownDescription": "A string value.", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.Definition": { "additionalProperties": false, "properties": { "Configuration": { "additionalProperties": true, "markdownDescription": "The configuration.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Configuration", "type": "object" }, "DataType": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataType", "markdownDescription": "The data type", "title": "DataType" }, "DefaultValue": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", "markdownDescription": "The default value.", "title": "DefaultValue" }, "IsExternalId": { "markdownDescription": "Displays if the entity has a external Id.", "title": "IsExternalId", "type": "boolean" }, "IsFinal": { "markdownDescription": "Displays if the entity is final.", "title": "IsFinal", "type": "boolean" }, "IsImported": { "markdownDescription": "Displays if the entity is imported.", "title": "IsImported", "type": "boolean" }, "IsInherited": { "markdownDescription": "Displays if the entity is inherited.", "title": "IsInherited", "type": "boolean" }, "IsRequiredInEntity": { "markdownDescription": "Displays if the entity is a required entity.", "title": "IsRequiredInEntity", "type": "boolean" }, "IsStoredExternally": { "markdownDescription": "Displays if the entity is tored externally.", "title": "IsStoredExternally", "type": "boolean" }, "IsTimeSeries": { "markdownDescription": "Displays if the entity", "title": "IsTimeSeries", "type": "boolean" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.Error": { "additionalProperties": false, "properties": { "Code": { "markdownDescription": "The entity error code.", "title": "Code", "type": "string" }, "Message": { "markdownDescription": "The entity error message.", "title": "Message", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.Property": { "additionalProperties": false, "properties": { "Definition": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Definition", "markdownDescription": "An object that specifies information about a property.", "title": "Definition" }, "Value": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.DataValue", "markdownDescription": "An object that contains information about a value for a time series property.", "title": "Value" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.PropertyGroup": { "additionalProperties": false, "properties": { "GroupType": { "markdownDescription": "The group type.", "title": "GroupType", "type": "string" }, "PropertyNames": { "items": { "type": "string" }, "markdownDescription": "The property names.", "title": "PropertyNames", "type": "array" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.Relationship": { "additionalProperties": false, "properties": { "RelationshipType": { "markdownDescription": "The relationship type.", "title": "RelationshipType", "type": "string" }, "TargetComponentTypeId": { "markdownDescription": "the component type Id target.", "title": "TargetComponentTypeId", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.RelationshipValue": { "additionalProperties": false, "properties": { "TargetComponentName": { "markdownDescription": "The target component name.", "title": "TargetComponentName", "type": "string" }, "TargetEntityId": { "markdownDescription": "The target entity Id.", "title": "TargetEntityId", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Entity.Status": { "additionalProperties": false, "properties": { "Error": { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity.Error", "markdownDescription": "The error message.", "title": "Error" }, "State": { "markdownDescription": "The current state of the entity, component, component type, or workspace.\n\nValid Values: `CREATING | UPDATING | DELETING | ACTIVE | ERROR`", "title": "State", "type": "string" } }, "type": "object" }, "AWS::IoTTwinMaker::Scene": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Capabilities": { "items": { "type": "string" }, "markdownDescription": "A list of capabilities that the scene uses to render.", "title": "Capabilities", "type": "array" }, "ContentLocation": { "markdownDescription": "The relative path that specifies the location of the content definition file.", "title": "ContentLocation", "type": "string" }, "Description": { "markdownDescription": "The description of this scene.", "title": "Description", "type": "string" }, "SceneId": { "markdownDescription": "The ID of the scene.", "title": "SceneId", "type": "string" }, "SceneMetadata": { "additionalProperties": true, "markdownDescription": "The scene metadata.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "SceneMetadata", "type": "object" }, "Tags": { "additionalProperties": true, "markdownDescription": "The ComponentType tags.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "WorkspaceId": { "markdownDescription": "", "title": "WorkspaceId", "type": "string" } }, "required": [ "ContentLocation", "SceneId", "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTTwinMaker::Scene" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTTwinMaker::SyncJob": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SyncRole": { "markdownDescription": "The SyncJob IAM role. This IAM role is used by the sync job to read from the syncSource, and create, update or delete the corresponding resources.", "title": "SyncRole", "type": "string" }, "SyncSource": { "markdownDescription": "The sync source.\n\n> Currently the only supported syncSoucre is `SITEWISE` .", "title": "SyncSource", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata you can use to manage the SyncJob.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "WorkspaceId": { "markdownDescription": "The ID of the workspace that contains the sync job.", "title": "WorkspaceId", "type": "string" } }, "required": [ "SyncRole", "SyncSource", "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTTwinMaker::SyncJob" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTTwinMaker::Workspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the workspace.", "title": "Description", "type": "string" }, "Role": { "markdownDescription": "The ARN of the execution role associated with the workspace.", "title": "Role", "type": "string" }, "S3Location": { "markdownDescription": "The ARN of the S3 bucket where resources associated with the workspace are stored.", "title": "S3Location", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata that you can use to manage the workspace.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "WorkspaceId": { "markdownDescription": "The ID of the workspace.", "title": "WorkspaceId", "type": "string" } }, "required": [ "Role", "S3Location", "WorkspaceId" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTTwinMaker::Workspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::Destination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the new resource. Maximum length is 2048 characters.", "title": "Description", "type": "string" }, "Expression": { "markdownDescription": "The rule name to send messages to.", "title": "Expression", "type": "string" }, "ExpressionType": { "markdownDescription": "The type of value in `Expression` .", "title": "ExpressionType", "type": "string" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM Role that authorizes the destination.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ "Expression", "ExpressionType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::Destination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::DeviceProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile", "markdownDescription": "LoRaWAN device profile object.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::DeviceProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTWireless::DeviceProfile.LoRaWANDeviceProfile": { "additionalProperties": false, "properties": { "ClassBTimeout": { "markdownDescription": "The ClassBTimeout value.", "title": "ClassBTimeout", "type": "number" }, "ClassCTimeout": { "markdownDescription": "The ClassCTimeout value.", "title": "ClassCTimeout", "type": "number" }, "FactoryPresetFreqsList": { "items": { "type": "number" }, "markdownDescription": "The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000.", "title": "FactoryPresetFreqsList", "type": "array" }, "MacVersion": { "markdownDescription": "The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile.", "title": "MacVersion", "type": "string" }, "MaxDutyCycle": { "markdownDescription": "The MaxDutyCycle value.", "title": "MaxDutyCycle", "type": "number" }, "MaxEirp": { "markdownDescription": "The MaxEIRP value.", "title": "MaxEirp", "type": "number" }, "PingSlotDr": { "markdownDescription": "The PingSlotDR value.", "title": "PingSlotDr", "type": "number" }, "PingSlotFreq": { "markdownDescription": "The PingSlotFreq value.", "title": "PingSlotFreq", "type": "number" }, "PingSlotPeriod": { "markdownDescription": "The PingSlotPeriod value.", "title": "PingSlotPeriod", "type": "number" }, "RegParamsRevision": { "markdownDescription": "The version of regional parameters.", "title": "RegParamsRevision", "type": "string" }, "RfRegion": { "markdownDescription": "The frequency band (RFRegion) value.", "title": "RfRegion", "type": "string" }, "RxDataRate2": { "markdownDescription": "The RXDataRate2 value.", "title": "RxDataRate2", "type": "number" }, "RxDelay1": { "markdownDescription": "The RXDelay1 value.", "title": "RxDelay1", "type": "number" }, "RxDrOffset1": { "markdownDescription": "The RXDROffset1 value.", "title": "RxDrOffset1", "type": "number" }, "RxFreq2": { "markdownDescription": "The RXFreq2 value.", "title": "RxFreq2", "type": "number" }, "Supports32BitFCnt": { "markdownDescription": "The Supports32BitFCnt value.", "title": "Supports32BitFCnt", "type": "boolean" }, "SupportsClassB": { "markdownDescription": "The SupportsClassB value.", "title": "SupportsClassB", "type": "boolean" }, "SupportsClassC": { "markdownDescription": "The SupportsClassC value.", "title": "SupportsClassC", "type": "boolean" }, "SupportsJoin": { "markdownDescription": "The SupportsJoin value.", "title": "SupportsJoin", "type": "boolean" } }, "type": "object" }, "AWS::IoTWireless::FuotaTask": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociateMulticastGroup": { "markdownDescription": "The ID of the multicast group to associate with a FUOTA task.", "title": "AssociateMulticastGroup", "type": "string" }, "AssociateWirelessDevice": { "markdownDescription": "The ID of the wireless device to associate with a multicast group.", "title": "AssociateWirelessDevice", "type": "string" }, "Description": { "markdownDescription": "The description of the new resource.", "title": "Description", "type": "string" }, "DisassociateMulticastGroup": { "markdownDescription": "The ID of the multicast group to disassociate from a FUOTA task.", "title": "DisassociateMulticastGroup", "type": "string" }, "DisassociateWirelessDevice": { "markdownDescription": "The ID of the wireless device to disassociate from a FUOTA task.", "title": "DisassociateWirelessDevice", "type": "string" }, "FirmwareUpdateImage": { "markdownDescription": "The S3 URI points to a firmware update image that is to be used with a FUOTA task.", "title": "FirmwareUpdateImage", "type": "string" }, "FirmwareUpdateRole": { "markdownDescription": "The firmware update role that is to be used with a FUOTA task.", "title": "FirmwareUpdateRole", "type": "string" }, "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::FuotaTask.LoRaWAN", "markdownDescription": "The LoRaWAN information used with a FUOTA task.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of a FUOTA task.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ "FirmwareUpdateImage", "FirmwareUpdateRole", "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::FuotaTask" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::FuotaTask.LoRaWAN": { "additionalProperties": false, "properties": { "RfRegion": { "markdownDescription": "The frequency band (RFRegion) value.", "title": "RfRegion", "type": "string" }, "StartTime": { "markdownDescription": "Start time of a FUOTA task.", "title": "StartTime", "type": "string" } }, "required": [ "RfRegion" ], "type": "object" }, "AWS::IoTWireless::MulticastGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociateWirelessDevice": { "markdownDescription": "The ID of the wireless device to associate with a multicast group.", "title": "AssociateWirelessDevice", "type": "string" }, "Description": { "markdownDescription": "The description of the multicast group.", "title": "Description", "type": "string" }, "DisassociateWirelessDevice": { "markdownDescription": "The ID of the wireless device to disassociate from a multicast group.", "title": "DisassociateWirelessDevice", "type": "string" }, "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup.LoRaWAN", "markdownDescription": "The LoRaWAN information that is to be used with the multicast group.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of the multicast group.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "required": [ "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::MulticastGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::MulticastGroup.LoRaWAN": { "additionalProperties": false, "properties": { "DlClass": { "markdownDescription": "DlClass for LoRaWAN. Valid values are ClassB and ClassC.", "title": "DlClass", "type": "string" }, "NumberOfDevicesInGroup": { "markdownDescription": "Number of devices that are associated to the multicast group.", "title": "NumberOfDevicesInGroup", "type": "number" }, "NumberOfDevicesRequested": { "markdownDescription": "Number of devices that are requested to be associated with the multicast group.", "title": "NumberOfDevicesRequested", "type": "number" }, "RfRegion": { "markdownDescription": "The frequency band (RFRegion) value.", "title": "RfRegion", "type": "string" } }, "required": [ "DlClass", "RfRegion" ], "type": "object" }, "AWS::IoTWireless::NetworkAnalyzerConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the resource.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "Name of the network analyzer configuration.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to attach to the specified resource. Tags are metadata that you can use to manage a resource.", "title": "Tags", "type": "array" }, "TraceContent": { "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent", "markdownDescription": "Trace content for your wireless gateway and wireless device resources.", "title": "TraceContent" }, "WirelessDevices": { "items": { "type": "string" }, "markdownDescription": "Wireless device resources to add to the network analyzer configuration. Provide the `WirelessDeviceId` of the resource to add in the input array.", "title": "WirelessDevices", "type": "array" }, "WirelessGateways": { "items": { "type": "string" }, "markdownDescription": "Wireless gateway resources to add to the network analyzer configuration. Provide the `WirelessGatewayId` of the resource to add in the input array.", "title": "WirelessGateways", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::NetworkAnalyzerConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::NetworkAnalyzerConfiguration.TraceContent": { "additionalProperties": false, "properties": { "LogLevel": { "markdownDescription": "The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs", "title": "LogLevel", "type": "string" }, "WirelessDeviceFrameInfo": { "markdownDescription": "`FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server.", "title": "WirelessDeviceFrameInfo", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::PartnerAccount": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountLinked": { "markdownDescription": "Whether the partner account is linked to the AWS account.", "title": "AccountLinked", "type": "boolean" }, "PartnerAccountId": { "markdownDescription": "The ID of the partner account to update.", "title": "PartnerAccountId", "type": "string" }, "PartnerType": { "markdownDescription": "The partner type.", "title": "PartnerType", "type": "string" }, "Sidewalk": { "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo", "markdownDescription": "The Sidewalk account credentials.", "title": "Sidewalk" }, "SidewalkResponse": { "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint", "markdownDescription": "Information about a Sidewalk account.", "title": "SidewalkResponse" }, "SidewalkUpdate": { "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount", "markdownDescription": "Sidewalk update.", "title": "SidewalkUpdate" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::PartnerAccount" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfo": { "additionalProperties": false, "properties": { "AppServerPrivateKey": { "markdownDescription": "The Sidewalk application server private key. The application server private key is a secret key, which you should handle in a similar way as you would an application password. You can protect the application server private key by storing the value in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "AppServerPrivateKey", "type": "string" } }, "required": [ "AppServerPrivateKey" ], "type": "object" }, "AWS::IoTWireless::PartnerAccount.SidewalkAccountInfoWithFingerprint": { "additionalProperties": false, "properties": { "AmazonId": { "markdownDescription": "The Sidewalk Amazon ID.", "title": "AmazonId", "type": "string" }, "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" }, "Fingerprint": { "markdownDescription": "The fingerprint of the Sidewalk application server private key.", "title": "Fingerprint", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::PartnerAccount.SidewalkUpdateAccount": { "additionalProperties": false, "properties": { "AppServerPrivateKey": { "markdownDescription": "The new Sidewalk application server private key.", "title": "AppServerPrivateKey", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::ServiceProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile", "markdownDescription": "LoRaWAN service profile object.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::ServiceProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::IoTWireless::ServiceProfile.LoRaWANServiceProfile": { "additionalProperties": false, "properties": { "AddGwMetadata": { "markdownDescription": "The AddGWMetaData value.", "title": "AddGwMetadata", "type": "boolean" }, "ChannelMask": { "markdownDescription": "The ChannelMask value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "ChannelMask", "type": "string" }, "DevStatusReqFreq": { "markdownDescription": "The DevStatusReqFreq value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DevStatusReqFreq", "type": "number" }, "DlBucketSize": { "markdownDescription": "The DLBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DlBucketSize", "type": "number" }, "DlRate": { "markdownDescription": "The DLRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DlRate", "type": "number" }, "DlRatePolicy": { "markdownDescription": "The DLRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DlRatePolicy", "type": "string" }, "DrMax": { "markdownDescription": "The DRMax value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DrMax", "type": "number" }, "DrMin": { "markdownDescription": "The DRMin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "DrMin", "type": "number" }, "HrAllowed": { "markdownDescription": "The HRAllowed value that describes whether handover roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "HrAllowed", "type": "boolean" }, "MinGwDiversity": { "markdownDescription": "The MinGwDiversity value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "MinGwDiversity", "type": "number" }, "NwkGeoLoc": { "markdownDescription": "The NwkGeoLoc value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "NwkGeoLoc", "type": "boolean" }, "PrAllowed": { "markdownDescription": "The PRAllowed value that describes whether passive roaming is allowed.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "PrAllowed", "type": "boolean" }, "RaAllowed": { "markdownDescription": "The RAAllowed value that describes whether roaming activation is allowed.", "title": "RaAllowed", "type": "boolean" }, "ReportDevStatusBattery": { "markdownDescription": "The ReportDevStatusBattery value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "ReportDevStatusBattery", "type": "boolean" }, "ReportDevStatusMargin": { "markdownDescription": "The ReportDevStatusMargin value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "ReportDevStatusMargin", "type": "boolean" }, "TargetPer": { "markdownDescription": "The TargetPer value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "TargetPer", "type": "number" }, "UlBucketSize": { "markdownDescription": "The UlBucketSize value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "UlBucketSize", "type": "number" }, "UlRate": { "markdownDescription": "The ULRate value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "UlRate", "type": "number" }, "UlRatePolicy": { "markdownDescription": "The ULRatePolicy value.\n\nThis property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt`", "title": "UlRatePolicy", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::TaskDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoCreateTasks": { "markdownDescription": "Whether to automatically create tasks using this task definition for all gateways with the specified current version. If `false` , the task must be created by calling `CreateWirelessGatewayTask` .", "title": "AutoCreateTasks", "type": "boolean" }, "LoRaWANUpdateGatewayTaskEntry": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry", "markdownDescription": "LoRaWANUpdateGatewayTaskEntry object.", "title": "LoRaWANUpdateGatewayTaskEntry" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" }, "TaskDefinitionType": { "markdownDescription": "A filter to list only the wireless gateway task definitions that use this task definition type.", "title": "TaskDefinitionType", "type": "string" }, "Update": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate", "markdownDescription": "Information about the gateways to update.", "title": "Update" } }, "required": [ "AutoCreateTasks" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::TaskDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion": { "additionalProperties": false, "properties": { "Model": { "markdownDescription": "The model number of the wireless gateway.", "title": "Model", "type": "string" }, "PackageVersion": { "markdownDescription": "The version of the wireless gateway firmware.", "title": "PackageVersion", "type": "string" }, "Station": { "markdownDescription": "The basic station version of the wireless gateway.", "title": "Station", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate": { "additionalProperties": false, "properties": { "CurrentVersion": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", "markdownDescription": "The version of the gateways that should receive the update.", "title": "CurrentVersion" }, "SigKeyCrc": { "markdownDescription": "The CRC of the signature private key to check.", "title": "SigKeyCrc", "type": "number" }, "UpdateSignature": { "markdownDescription": "The signature used to verify the update firmware.", "title": "UpdateSignature", "type": "string" }, "UpdateVersion": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", "markdownDescription": "The firmware version to update the gateway to.", "title": "UpdateVersion" } }, "type": "object" }, "AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskEntry": { "additionalProperties": false, "properties": { "CurrentVersion": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", "markdownDescription": "The version of the gateways that should receive the update.", "title": "CurrentVersion" }, "UpdateVersion": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANGatewayVersion", "markdownDescription": "The firmware version to update the gateway to.", "title": "UpdateVersion" } }, "type": "object" }, "AWS::IoTWireless::TaskDefinition.UpdateWirelessGatewayTaskCreate": { "additionalProperties": false, "properties": { "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition.LoRaWANUpdateGatewayTaskCreate", "markdownDescription": "The properties that relate to the LoRaWAN wireless gateway.", "title": "LoRaWAN" }, "UpdateDataRole": { "markdownDescription": "The IAM role used to read data from the S3 bucket.", "title": "UpdateDataRole", "type": "string" }, "UpdateDataSource": { "markdownDescription": "The link to the S3 bucket.", "title": "UpdateDataSource", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::WirelessDevice": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the new resource. Maximum length is 2048.", "title": "Description", "type": "string" }, "DestinationName": { "markdownDescription": "The name of the destination to assign to the new wireless device. Can have only have alphanumeric, - (hyphen) and _ (underscore) characters and it can't have any spaces.", "title": "DestinationName", "type": "string" }, "LastUplinkReceivedAt": { "markdownDescription": "The date and time when the most recent uplink was received.", "title": "LastUplinkReceivedAt", "type": "string" }, "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.LoRaWANDevice", "markdownDescription": "The device configuration information to use to create the wireless device. Must be at least one of OtaaV10x, OtaaV11, AbpV11, or AbpV10x.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "Positioning": { "markdownDescription": "FPort values for the GNSS, Stream, and ClockSync functions of the positioning information.", "title": "Positioning", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" }, "ThingArn": { "markdownDescription": "The ARN of the thing to associate with the wireless device.", "title": "ThingArn", "type": "string" }, "Type": { "markdownDescription": "The wireless device type.", "title": "Type", "type": "string" } }, "required": [ "DestinationName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::WirelessDevice" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.AbpV10x": { "additionalProperties": false, "properties": { "DevAddr": { "markdownDescription": "The DevAddr value.", "title": "DevAddr", "type": "string" }, "SessionKeys": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x", "markdownDescription": "Session keys for ABP v1.0.x.", "title": "SessionKeys" } }, "required": [ "DevAddr", "SessionKeys" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.AbpV11": { "additionalProperties": false, "properties": { "DevAddr": { "markdownDescription": "The DevAddr value.", "title": "DevAddr", "type": "string" }, "SessionKeys": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11", "markdownDescription": "Session keys for ABP v1.1.", "title": "SessionKeys" } }, "required": [ "DevAddr", "SessionKeys" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.Application": { "additionalProperties": false, "properties": { "DestinationName": { "markdownDescription": "The name of the position data destination that describes the IoT rule that processes the device's position data.", "title": "DestinationName", "type": "string" }, "FPort": { "markdownDescription": "The name of the new destination for the device.", "title": "FPort", "type": "number" }, "Type": { "markdownDescription": "Application type, which can be specified to obtain real-time position information of your LoRaWAN device.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::WirelessDevice.FPorts": { "additionalProperties": false, "properties": { "Applications": { "items": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.Application" }, "markdownDescription": "LoRaWAN application configuration, which can be used to perform geolocation.", "title": "Applications", "type": "array" } }, "type": "object" }, "AWS::IoTWireless::WirelessDevice.LoRaWANDevice": { "additionalProperties": false, "properties": { "AbpV10x": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV10x", "markdownDescription": "ABP device object for LoRaWAN specification v1.0.x.", "title": "AbpV10x" }, "AbpV11": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.AbpV11", "markdownDescription": "ABP device object for create APIs for v1.1.", "title": "AbpV11" }, "DevEui": { "markdownDescription": "The DevEUI value.", "title": "DevEui", "type": "string" }, "DeviceProfileId": { "markdownDescription": "The ID of the device profile for the new wireless device.", "title": "DeviceProfileId", "type": "string" }, "FPorts": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.FPorts", "markdownDescription": "List of FPort assigned for different LoRaWAN application packages to use.", "title": "FPorts" }, "OtaaV10x": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV10x", "markdownDescription": "OTAA device object for create APIs for v1.0.x", "title": "OtaaV10x" }, "OtaaV11": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice.OtaaV11", "markdownDescription": "OTAA device object for v1.1 for create APIs.", "title": "OtaaV11" }, "ServiceProfileId": { "markdownDescription": "The ID of the service profile.", "title": "ServiceProfileId", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::WirelessDevice.OtaaV10x": { "additionalProperties": false, "properties": { "AppEui": { "markdownDescription": "The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3.", "title": "AppEui", "type": "string" }, "AppKey": { "markdownDescription": "The AppKey value.", "title": "AppKey", "type": "string" } }, "required": [ "AppEui", "AppKey" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.OtaaV11": { "additionalProperties": false, "properties": { "AppKey": { "markdownDescription": "The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "AppKey", "type": "string" }, "JoinEui": { "markdownDescription": "The JoinEUI value.", "title": "JoinEui", "type": "string" }, "NwkKey": { "markdownDescription": "The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "NwkKey", "type": "string" } }, "required": [ "AppKey", "JoinEui", "NwkKey" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV10x": { "additionalProperties": false, "properties": { "AppSKey": { "markdownDescription": "The AppSKey value.", "title": "AppSKey", "type": "string" }, "NwkSKey": { "markdownDescription": "The NwkKey value.", "title": "NwkSKey", "type": "string" } }, "required": [ "AppSKey", "NwkSKey" ], "type": "object" }, "AWS::IoTWireless::WirelessDevice.SessionKeysAbpV11": { "additionalProperties": false, "properties": { "AppSKey": { "markdownDescription": "The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "AppSKey", "type": "string" }, "FNwkSIntKey": { "markdownDescription": "The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "FNwkSIntKey", "type": "string" }, "NwkSEncKey": { "markdownDescription": "The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "NwkSEncKey", "type": "string" }, "SNwkSIntKey": { "markdownDescription": "The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value.", "title": "SNwkSIntKey", "type": "string" } }, "required": [ "AppSKey", "FNwkSIntKey", "NwkSEncKey", "SNwkSIntKey" ], "type": "object" }, "AWS::IoTWireless::WirelessDeviceImportTask": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationName": { "markdownDescription": "The name of the destination that describes the IoT rule to route messages from the Sidewalk devices in the import task to other applications.", "title": "DestinationName", "type": "string" }, "Sidewalk": { "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk", "markdownDescription": "The Sidewalk-related information of the wireless device import task.", "title": "Sidewalk" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Adds to or modifies the tags of the given resource. Tags are metadata that you can use to manage a resource.", "title": "Tags", "type": "array" } }, "required": [ "DestinationName", "Sidewalk" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::WirelessDeviceImportTask" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::WirelessDeviceImportTask.Sidewalk": { "additionalProperties": false, "properties": { "DeviceCreationFile": { "markdownDescription": "The CSV file contained in an S3 bucket that's used for adding devices to an import task.", "title": "DeviceCreationFile", "type": "string" }, "DeviceCreationFileList": { "items": { "type": "string" }, "markdownDescription": "List of Sidewalk devices that are added to the import task.", "title": "DeviceCreationFileList", "type": "array" }, "Role": { "markdownDescription": "The IAM role that allows AWS IoT Wireless to access the CSV file in the S3 bucket.", "title": "Role", "type": "string" }, "SidewalkManufacturingSn": { "markdownDescription": "The Sidewalk manufacturing serial number (SMSN) of the Sidewalk device.", "title": "SidewalkManufacturingSn", "type": "string" } }, "type": "object" }, "AWS::IoTWireless::WirelessGateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the new resource. The maximum length is 2048 characters.", "title": "Description", "type": "string" }, "LastUplinkReceivedAt": { "markdownDescription": "The date and time when the most recent uplink was received.", "title": "LastUplinkReceivedAt", "type": "string" }, "LoRaWAN": { "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway.LoRaWANGateway", "markdownDescription": "The gateway configuration information to use to create the wireless gateway.", "title": "LoRaWAN" }, "Name": { "markdownDescription": "The name of the new resource.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags are an array of key-value pairs to attach to the specified resource. Tags can have a minimum of 0 and a maximum of 50 items.", "title": "Tags", "type": "array" }, "ThingArn": { "markdownDescription": "The ARN of the thing to associate with the wireless gateway.", "title": "ThingArn", "type": "string" }, "ThingName": { "markdownDescription": "The name of the thing associated with the wireless gateway. The value is empty if a thing isn't associated with the gateway.", "title": "ThingName", "type": "string" } }, "required": [ "LoRaWAN" ], "type": "object" }, "Type": { "enum": [ "AWS::IoTWireless::WirelessGateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::IoTWireless::WirelessGateway.LoRaWANGateway": { "additionalProperties": false, "properties": { "GatewayEui": { "markdownDescription": "The gateway's EUI value.", "title": "GatewayEui", "type": "string" }, "RfRegion": { "markdownDescription": "The frequency band (RFRegion) value.", "title": "RfRegion", "type": "string" } }, "required": [ "GatewayEui", "RfRegion" ], "type": "object" }, "AWS::KMS::Alias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AliasName": { "markdownDescription": "Specifies the alias name. This value must begin with `alias/` followed by a name, such as `alias/ExampleAlias` .\n\n> If you change the value of the `AliasName` property, the existing alias is deleted and a new alias is created for the specified KMS key. This change can disrupt applications that use the alias. It can also allow or deny access to a KMS key affected by attribute-based access control (ABAC). \n\nThe alias must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with `alias/aws/` . The `alias/aws/` prefix is reserved for [AWS managed keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) .", "title": "AliasName", "type": "string" }, "TargetKeyId": { "markdownDescription": "Associates the alias with the specified [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) . The KMS key must be in the same AWS account and Region.\n\nA valid key ID is required. If you supply a null or empty string value, this operation returns an error.\n\nFor help finding the key ID and ARN, see [Finding the key ID and ARN](https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn) in the *AWS Key Management Service Developer Guide* .\n\nSpecify the key ID or the key ARN of the KMS key.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n\nTo get the key ID and key ARN for a KMS key, use [ListKeys](https://docs.aws.amazon.com/kms/latest/APIReference/API_ListKeys.html) or [DescribeKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html) .", "title": "TargetKeyId", "type": "string" } }, "required": [ "AliasName", "TargetKeyId" ], "type": "object" }, "Type": { "enum": [ "AWS::KMS::Alias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KMS::Key": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BypassPolicyLockoutSafetyCheck": { "markdownDescription": "Skips (\"bypasses\") the key policy lockout safety check. The default value is false.\n\n> Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.\n> \n> For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-default.html#prevent-unmanageable-key) in the *AWS Key Management Service Developer Guide* . \n\nUse this parameter only when you intend to prevent the principal that is making the request from making a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key.", "title": "BypassPolicyLockoutSafetyCheck", "type": "boolean" }, "Description": { "markdownDescription": "A description of the KMS key. Use a description that helps you to distinguish this KMS key from others in the account, such as its intended use.", "title": "Description", "type": "string" }, "EnableKeyRotation": { "markdownDescription": "Enables automatic rotation of the key material for the specified KMS key. By default, automatic key rotation is not enabled.\n\nAWS KMS supports automatic rotation only for symmetric encryption KMS keys ( `KeySpec` = `SYMMETRIC_DEFAULT` ). For asymmetric KMS keys, HMAC KMS keys, and KMS keys with Origin `EXTERNAL` , omit the `EnableKeyRotation` property or set it to `false` .\n\nTo enable automatic key rotation of the key material for a multi-Region KMS key, set `EnableKeyRotation` to `true` on the primary key (created by using `AWS::KMS::Key` ). AWS KMS copies the rotation status to all replica keys. For details, see [Rotating multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate) in the *AWS Key Management Service Developer Guide* .\n\nWhen you enable automatic rotation, AWS KMS automatically creates new key material for the KMS key one year after the enable date and every year thereafter. AWS KMS retains all key material until you delete the KMS key. For detailed information about automatic key rotation, see [Rotating KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", "title": "EnableKeyRotation", "type": "boolean" }, "Enabled": { "markdownDescription": "Specifies whether the KMS key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the KMS key might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations.\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", "title": "Enabled", "type": "boolean" }, "KeyPolicy": { "markdownDescription": "The key policy to attach to the KMS key.\n\nIf you provide a key policy, it must meet the following criteria:\n\n- The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *AWS Key Management Service Developer Guide* . (To omit this condition, set `BypassPolicyLockoutSafetyCheck` to true.)\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nIf you do not provide a key policy, AWS KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *AWS Key Management Service Developer Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters\n- Printable characters in the Basic Latin and Latin-1 Supplement character set\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", "title": "KeyPolicy", "type": "object" }, "KeySpec": { "markdownDescription": "Specifies the type of KMS key to create. The default value, `SYMMETRIC_DEFAULT` , creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, `SYMMETRIC_DEFAULT` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the `KeySpec` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *AWS Key Management Service Developer Guide* .\n\nThe `KeySpec` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [AWS KMS condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *AWS Key Management Service Developer Guide* .\n\n> If you change the value of the `KeySpec` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. > [AWS services that are integrated with AWS KMS](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *AWS Key Management Service Developer Guide* . \n\nAWS KMS supports the following key specs for KMS keys:\n\n- Symmetric encryption key (default)\n\n- `SYMMETRIC_DEFAULT` (AES-256-GCM)\n- HMAC keys (symmetric)\n\n- `HMAC_224`\n- `HMAC_256`\n- `HMAC_384`\n- `HMAC_512`\n- Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n\n- `RSA_2048`\n- `RSA_3072`\n- `RSA_4096`\n- Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n\n- `ECC_NIST_P256` (secp256r1)\n- `ECC_NIST_P384` (secp384r1)\n- `ECC_NIST_P521` (secp521r1)\n- Other asymmetric elliptic curve key pairs (signing and verification)\n\n- `ECC_SECG_P256K1` (secp256k1), commonly used for cryptocurrencies.\n- SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n\n- `SM2` (China Regions only)", "title": "KeySpec", "type": "string" }, "KeyUsage": { "markdownDescription": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is `ENCRYPT_DECRYPT` . This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the `KeyUsage` value after the KMS key is created.\n\n> If you change the value of the `KeyUsage` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nSelect only one valid value.\n\n- For symmetric encryption KMS keys, omit the parameter or specify `ENCRYPT_DECRYPT` .\n- For HMAC KMS keys (symmetric), specify `GENERATE_VERIFY_MAC` .\n- For asymmetric KMS keys with RSA key pairs, specify `ENCRYPT_DECRYPT` or `SIGN_VERIFY` .\n- For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify `SIGN_VERIFY` or `KEY_AGREEMENT` .\n- For asymmetric KMS keys with `ECC_SECG_P256K1` key pairs specify `SIGN_VERIFY` .\n- For asymmetric KMS keys with SM2 key pairs (China Regions only), specify `ENCRYPT_DECRYPT` , `SIGN_VERIFY` , or `KEY_AGREEMENT` .", "title": "KeyUsage", "type": "string" }, "MultiRegion": { "markdownDescription": "Creates a multi-Region primary key that you can replicate in other AWS Regions . You can't change the `MultiRegion` value after the KMS key is created.\n\nFor a list of AWS Regions in which multi-Region keys are supported, see [Multi-Region keys in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the ** .\n\n> If you change the value of the `MultiRegion` property on an existing KMS key, the update request fails, regardless of the value of the [`UpdateReplacePolicy` attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) . This prevents you from accidentally deleting a KMS key by changing an immutable property value. \n\nFor a multi-Region key, set to this property to `true` . For a single-Region key, omit this property or set it to `false` . The default value is `false` .\n\n*Multi-Region keys* are an AWS KMS feature that lets you create multiple interoperable KMS keys in different AWS Regions . Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n\nTo create a replica of this primary key in a different AWS Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.", "title": "MultiRegion", "type": "boolean" }, "Origin": { "markdownDescription": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is `AWS_KMS` , which means that AWS KMS creates the key material.\n\nTo [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to `EXTERNAL` . For more information about importing key material into AWS KMS , see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *AWS Key Management Service Developer Guide* .\n\nYou can ignore `ENABLED` when Origin is `EXTERNAL` . When a KMS key with Origin `EXTERNAL` is created, the key state is `PENDING_IMPORT` and `ENABLED` is `false` . After you import the key material, `ENABLED` updated to `true` . The KMS key can then be used for Cryptographic Operations.\n\n> AWS CloudFormation doesn't support creating an `Origin` parameter of the `AWS_CLOUDHSM` or `EXTERNAL_KEY_STORE` values.", "title": "Origin", "type": "string" }, "PendingWindowInDays": { "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a KMS key from a CloudFormation stack, AWS KMS schedules the KMS key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of KMS key is `Pending Deletion` or `Pending Replica Deletion` , which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the KMS key.\n\nAWS KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to `PendingReplicaDeletion` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to `PendingDeletion` and the waiting period specified by `PendingWindowInDays` begins. When this waiting period expires, AWS KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nYou cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the AWS KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n\nFor information about the `Pending Deletion` and `Pending Replica Deletion` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", "title": "PendingWindowInDays", "type": "number" }, "RotationPeriodInDays": { "markdownDescription": "Specifies a custom period of time between each rotation date. If no value is specified, the default value is 365 days.\n\nThe rotation period defines the number of days after you enable automatic key rotation that AWS KMS will rotate your key material, and the number of days between each automatic rotation thereafter.\n\nYou can use the [`kms:RotationPeriodInDays`](https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days) condition key to further constrain the values that principals can specify in the `RotationPeriodInDays` parameter.\n\nFor more information about rotating KMS keys and automatic rotation, see [Rotating keys](https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html) in the *AWS Key Management Service Developer Guide* .", "title": "RotationPeriodInDays", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nFor information about tags in AWS KMS , see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) in the *AWS Key Management Service Developer Guide* . For information about tags in CloudFormation, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::KMS::Key" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::KMS::ReplicaKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the KMS key.\n\nThe default value is an empty string (no description).\n\nThe description is not a shared property of multi-Region keys. You can specify the same description or a different description for each key in a set of related multi-Region keys. AWS Key Management Service does not synchronize this property.", "title": "Description", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations.\n\nWhen `Enabled` is `true` , the *key state* of the KMS key is `Enabled` . When `Enabled` is `false` , the key state of the KMS key is `Disabled` . The default value is `true` .\n\nThe actual key state of the replica might be affected by actions taken outside of CloudFormation, such as running the [EnableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_EnableKey.html) , [DisableKey](https://docs.aws.amazon.com/kms/latest/APIReference/API_DisableKey.html) , or [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operations. Also, while the replica key is being created, its key state is `Creating` . When the process is complete, the key state of the replica key changes to `Enabled` .\n\nFor information about the key states of a KMS key, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* .", "title": "Enabled", "type": "boolean" }, "KeyPolicy": { "markdownDescription": "The key policy that authorizes use of the replica key.\n\nThe key policy is not a shared property of multi-Region keys. You can specify the same key policy or a different key policy for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nThe key policy must conform to the following rules.\n\n- The key policy must give the caller [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) permission on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, refer to the scenario in the [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) section of the **AWS Key Management Service Developer Guide** .\n- Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to AWS KMS . When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to AWS KMS . For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *AWS Identity and Access Management User Guide* .\n\nA key policy document can include only the following characters:\n\n- Printable ASCII characters from the space character ( `\\u0020` ) through the end of the ASCII character range.\n- Printable characters in the Basic Latin and Latin-1 Supplement character set (through `\\u00FF` ).\n- The tab ( `\\u0009` ), line feed ( `\\u000A` ), and carriage return ( `\\u000D` ) special characters\n\n*Minimum* : `1`\n\n*Maximum* : `32768`", "title": "KeyPolicy", "type": "object" }, "PendingWindowInDays": { "markdownDescription": "Specifies the number of days in the waiting period before AWS KMS deletes a replica key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n\nWhen you remove a replica key from a CloudFormation stack, AWS KMS schedules the replica key for deletion and starts the mandatory waiting period. The `PendingWindowInDays` property determines the length of waiting period. During the waiting period, the key state of replica key is `Pending Deletion` , which prevents it from being used in cryptographic operations. When the waiting period expires, AWS KMS permanently deletes the replica key.\n\nIf the KMS key is a multi-Region primary key with replica keys, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.\n\nYou cannot use a CloudFormation template to cancel deletion of the replica after you remove it from the stack, regardless of the waiting period. However, if you specify a replica key in your template that is based on the same primary key as the original replica key, CloudFormation creates a new replica key with the same key ID, key material, and other shared properties of the original replica key. This new replica key can decrypt ciphertext that was encrypted under the original replica key, or any related multi-Region key.\n\nFor detailed information about deleting multi-Region keys, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* .\n\nFor information about the `PendingDeletion` key state, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *AWS Key Management Service Developer Guide* . For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *AWS Key Management Service API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *AWS Key Management Service Developer Guide* .", "title": "PendingWindowInDays", "type": "number" }, "PrimaryKeyArn": { "markdownDescription": "Specifies the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS partition. You can create only one replica of a given primary key in each AWS Region .\n\n> If you change the `PrimaryKeyArn` value of a replica key, the existing replica key is scheduled for deletion and a new replica key is created based on the specified primary key. While it is scheduled for deletion, the existing replica key becomes unusable. You can cancel the scheduled deletion of the key outside of CloudFormation.\n> \n> However, if you inadvertently delete a replica key, you can decrypt ciphertext encrypted by that replica key by using any related multi-Region key. If necessary, you can recreate the replica in the same Region after the previous one is completely deleted. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *AWS Key Management Service Developer Guide* \n\nSpecify the key ARN of an existing multi-Region primary key. For example, `arn:aws:kms:us-east-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab` .", "title": "PrimaryKeyArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags to the replica key.\n\n> Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see [ABAC for AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/abac.html) in the *AWS Key Management Service Developer Guide* . \n\nTags are not a shared property of multi-Region keys. You can specify the same tags or different tags for each key in a set of related multi-Region keys. AWS KMS does not synchronize this property.\n\nEach tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You cannot have more than one tag on a KMS key with the same tag key. If you specify an existing tag key with a different tag value, AWS KMS replaces the current tag value with the specified one.\n\nWhen you assign tags to an AWS resource, AWS generates a cost allocation report with usage and costs aggregated by tags. Tags can also be used to control access to a KMS key. For details, see [Tagging keys](https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html) .", "title": "Tags", "type": "array" } }, "required": [ "KeyPolicy", "PrimaryKeyArn" ], "type": "object" }, "Type": { "enum": [ "AWS::KMS::ReplicaKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KafkaConnect::Connector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Capacity": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.Capacity", "markdownDescription": "The connector's compute capacity settings.", "title": "Capacity" }, "ConnectorConfiguration": { "additionalProperties": true, "markdownDescription": "The configuration of the connector.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ConnectorConfiguration", "type": "object" }, "ConnectorDescription": { "markdownDescription": "The description of the connector.", "title": "ConnectorDescription", "type": "string" }, "ConnectorName": { "markdownDescription": "The name of the connector.", "title": "ConnectorName", "type": "string" }, "KafkaCluster": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaCluster", "markdownDescription": "The details of the Apache Kafka cluster to which the connector is connected.", "title": "KafkaCluster" }, "KafkaClusterClientAuthentication": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication", "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. The value is NONE when no client authentication is used.", "title": "KafkaClusterClientAuthentication" }, "KafkaClusterEncryptionInTransit": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit", "markdownDescription": "Details of encryption in transit to the Apache Kafka cluster.", "title": "KafkaClusterEncryptionInTransit" }, "KafkaConnectVersion": { "markdownDescription": "The version of Kafka Connect. It has to be compatible with both the Apache Kafka cluster's version and the plugins.", "title": "KafkaConnectVersion", "type": "string" }, "LogDelivery": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.LogDelivery", "markdownDescription": "The settings for delivering connector logs to Amazon CloudWatch Logs.", "title": "LogDelivery" }, "Plugins": { "items": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.Plugin" }, "markdownDescription": "Specifies which plugin to use for the connector. You must specify a single-element list. Amazon MSK Connect does not currently support specifying multiple plugins.", "title": "Plugins", "type": "array" }, "ServiceExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used by the connector to access Amazon Web Services resources.", "title": "ServiceExecutionRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "WorkerConfiguration": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerConfiguration", "markdownDescription": "The worker configurations that are in use with the connector.", "title": "WorkerConfiguration" } }, "required": [ "Capacity", "ConnectorConfiguration", "ConnectorName", "KafkaCluster", "KafkaClusterClientAuthentication", "KafkaClusterEncryptionInTransit", "KafkaConnectVersion", "Plugins", "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::KafkaConnect::Connector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KafkaConnect::Connector.ApacheKafkaCluster": { "additionalProperties": false, "properties": { "BootstrapServers": { "markdownDescription": "The bootstrap servers of the cluster.", "title": "BootstrapServers", "type": "string" }, "Vpc": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.Vpc", "markdownDescription": "Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster.", "title": "Vpc" } }, "required": [ "BootstrapServers", "Vpc" ], "type": "object" }, "AWS::KafkaConnect::Connector.AutoScaling": { "additionalProperties": false, "properties": { "MaxWorkerCount": { "markdownDescription": "The maximum number of workers allocated to the connector.", "title": "MaxWorkerCount", "type": "number" }, "McuCount": { "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", "title": "McuCount", "type": "number" }, "MinWorkerCount": { "markdownDescription": "The minimum number of workers allocated to the connector.", "title": "MinWorkerCount", "type": "number" }, "ScaleInPolicy": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleInPolicy", "markdownDescription": "The sacle-in policy for the connector.", "title": "ScaleInPolicy" }, "ScaleOutPolicy": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.ScaleOutPolicy", "markdownDescription": "The sacle-out policy for the connector.", "title": "ScaleOutPolicy" } }, "required": [ "MaxWorkerCount", "McuCount", "MinWorkerCount", "ScaleInPolicy", "ScaleOutPolicy" ], "type": "object" }, "AWS::KafkaConnect::Connector.Capacity": { "additionalProperties": false, "properties": { "AutoScaling": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.AutoScaling", "markdownDescription": "Information about the auto scaling parameters for the connector.", "title": "AutoScaling" }, "ProvisionedCapacity": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.ProvisionedCapacity", "markdownDescription": "Details about a fixed capacity allocated to a connector.", "title": "ProvisionedCapacity" } }, "type": "object" }, "AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether log delivery to Amazon CloudWatch Logs is enabled.", "title": "Enabled", "type": "boolean" }, "LogGroup": { "markdownDescription": "The name of the CloudWatch log group that is the destination for log delivery.", "title": "LogGroup", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::KafkaConnect::Connector.CustomPlugin": { "additionalProperties": false, "properties": { "CustomPluginArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the custom plugin.", "title": "CustomPluginArn", "type": "string" }, "Revision": { "markdownDescription": "The revision of the custom plugin.", "title": "Revision", "type": "number" } }, "required": [ "CustomPluginArn", "Revision" ], "type": "object" }, "AWS::KafkaConnect::Connector.FirehoseLogDelivery": { "additionalProperties": false, "properties": { "DeliveryStream": { "markdownDescription": "The name of the Kinesis Data Firehose delivery stream that is the destination for log delivery.", "title": "DeliveryStream", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether connector logs get delivered to Amazon Kinesis Data Firehose.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::KafkaConnect::Connector.KafkaCluster": { "additionalProperties": false, "properties": { "ApacheKafkaCluster": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.ApacheKafkaCluster", "markdownDescription": "The Apache Kafka cluster to which the connector is connected.", "title": "ApacheKafkaCluster" } }, "required": [ "ApacheKafkaCluster" ], "type": "object" }, "AWS::KafkaConnect::Connector.KafkaClusterClientAuthentication": { "additionalProperties": false, "properties": { "AuthenticationType": { "markdownDescription": "The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used.", "title": "AuthenticationType", "type": "string" } }, "required": [ "AuthenticationType" ], "type": "object" }, "AWS::KafkaConnect::Connector.KafkaClusterEncryptionInTransit": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The type of encryption in transit to the Apache Kafka cluster.", "title": "EncryptionType", "type": "string" } }, "required": [ "EncryptionType" ], "type": "object" }, "AWS::KafkaConnect::Connector.LogDelivery": { "additionalProperties": false, "properties": { "WorkerLogDelivery": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.WorkerLogDelivery", "markdownDescription": "The workers can send worker logs to different destination types. This configuration specifies the details of these destinations.", "title": "WorkerLogDelivery" } }, "required": [ "WorkerLogDelivery" ], "type": "object" }, "AWS::KafkaConnect::Connector.Plugin": { "additionalProperties": false, "properties": { "CustomPlugin": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.CustomPlugin", "markdownDescription": "Details about a custom plugin.", "title": "CustomPlugin" } }, "required": [ "CustomPlugin" ], "type": "object" }, "AWS::KafkaConnect::Connector.ProvisionedCapacity": { "additionalProperties": false, "properties": { "McuCount": { "markdownDescription": "The number of microcontroller units (MCUs) allocated to each connector worker. The valid values are 1,2,4,8.", "title": "McuCount", "type": "number" }, "WorkerCount": { "markdownDescription": "The number of workers that are allocated to the connector.", "title": "WorkerCount", "type": "number" } }, "required": [ "WorkerCount" ], "type": "object" }, "AWS::KafkaConnect::Connector.S3LogDelivery": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket that is the destination for log delivery.", "title": "Bucket", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether connector logs get sent to the specified Amazon S3 destination.", "title": "Enabled", "type": "boolean" }, "Prefix": { "markdownDescription": "The S3 prefix that is the destination for log delivery.", "title": "Prefix", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::KafkaConnect::Connector.ScaleInPolicy": { "additionalProperties": false, "properties": { "CpuUtilizationPercentage": { "markdownDescription": "Specifies the CPU utilization percentage threshold at which you want connector scale in to be triggered.", "title": "CpuUtilizationPercentage", "type": "number" } }, "required": [ "CpuUtilizationPercentage" ], "type": "object" }, "AWS::KafkaConnect::Connector.ScaleOutPolicy": { "additionalProperties": false, "properties": { "CpuUtilizationPercentage": { "markdownDescription": "The CPU utilization percentage threshold at which you want connector scale out to be triggered.", "title": "CpuUtilizationPercentage", "type": "number" } }, "required": [ "CpuUtilizationPercentage" ], "type": "object" }, "AWS::KafkaConnect::Connector.Vpc": { "additionalProperties": false, "properties": { "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups for the connector.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The subnets for the connector.", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroups", "Subnets" ], "type": "object" }, "AWS::KafkaConnect::Connector.WorkerConfiguration": { "additionalProperties": false, "properties": { "Revision": { "markdownDescription": "The revision of the worker configuration.", "title": "Revision", "type": "number" }, "WorkerConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the worker configuration.", "title": "WorkerConfigurationArn", "type": "string" } }, "required": [ "Revision", "WorkerConfigurationArn" ], "type": "object" }, "AWS::KafkaConnect::Connector.WorkerLogDelivery": { "additionalProperties": false, "properties": { "CloudWatchLogs": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.CloudWatchLogsLogDelivery", "markdownDescription": "Details about delivering logs to Amazon CloudWatch Logs.", "title": "CloudWatchLogs" }, "Firehose": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.FirehoseLogDelivery", "markdownDescription": "Details about delivering logs to Amazon Kinesis Data Firehose.", "title": "Firehose" }, "S3": { "$ref": "#/definitions/AWS::KafkaConnect::Connector.S3LogDelivery", "markdownDescription": "Details about delivering logs to Amazon S3.", "title": "S3" } }, "type": "object" }, "AWS::KafkaConnect::CustomPlugin": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The format of the plugin file.", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "The description of the custom plugin.", "title": "Description", "type": "string" }, "Location": { "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.CustomPluginLocation", "markdownDescription": "Information about the location of the custom plugin.", "title": "Location" }, "Name": { "markdownDescription": "The name of the custom plugin.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "ContentType", "Location", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::KafkaConnect::CustomPlugin" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KafkaConnect::CustomPlugin.CustomPluginFileDescription": { "additionalProperties": false, "properties": { "FileMd5": { "markdownDescription": "The hex-encoded MD5 checksum of the custom plugin file. You can use it to validate the file.", "title": "FileMd5", "type": "string" }, "FileSize": { "markdownDescription": "The size in bytes of the custom plugin file. You can use it to validate the file.", "title": "FileSize", "type": "number" } }, "type": "object" }, "AWS::KafkaConnect::CustomPlugin.CustomPluginLocation": { "additionalProperties": false, "properties": { "S3Location": { "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin.S3Location", "markdownDescription": "The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3.", "title": "S3Location" } }, "required": [ "S3Location" ], "type": "object" }, "AWS::KafkaConnect::CustomPlugin.S3Location": { "additionalProperties": false, "properties": { "BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an S3 bucket.", "title": "BucketArn", "type": "string" }, "FileKey": { "markdownDescription": "The file key for an object in an S3 bucket.", "title": "FileKey", "type": "string" }, "ObjectVersion": { "markdownDescription": "The version of an object in an S3 bucket.", "title": "ObjectVersion", "type": "string" } }, "required": [ "BucketArn", "FileKey" ], "type": "object" }, "AWS::KafkaConnect::WorkerConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of a worker configuration.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the worker configuration.", "title": "Name", "type": "string" }, "PropertiesFileContent": { "markdownDescription": "Base64 encoded contents of the connect-distributed.properties file.", "title": "PropertiesFileContent", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Name", "PropertiesFileContent" ], "type": "object" }, "Type": { "enum": [ "AWS::KafkaConnect::WorkerConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Kendra::DataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomDocumentEnrichmentConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration", "markdownDescription": "Configuration information for altering document metadata and content during the document ingestion process.", "title": "CustomDocumentEnrichmentConfiguration" }, "DataSourceConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceConfiguration", "markdownDescription": "Configuration information for an Amazon Kendra data source. The contents of the configuration depend on the type of data source. You can only specify one type of data source in the configuration.\n\nYou can't specify the `Configuration` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `Configuration` parameter is required for all other data sources.", "title": "DataSourceConfiguration" }, "Description": { "markdownDescription": "A description for the data source connector.", "title": "Description", "type": "string" }, "IndexId": { "markdownDescription": "The identifier of the index you want to use with the data source connector.", "title": "IndexId", "type": "string" }, "LanguageCode": { "markdownDescription": "The code for a language. This shows a supported language for all documents in the data source. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", "title": "LanguageCode", "type": "string" }, "Name": { "markdownDescription": "The name of the data source.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source.\n\nYou can't specify the `RoleArn` parameter when the `Type` parameter is set to `CUSTOM` .\n\nThe `RoleArn` parameter is required for all other data sources.", "title": "RoleArn", "type": "string" }, "Schedule": { "markdownDescription": "Sets the frequency that Amazon Kendra checks the documents in your data source and updates the index. If you don't set a schedule, Amazon Kendra doesn't periodically update the index.", "title": "Schedule", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the data source.", "title": "Type", "type": "string" } }, "required": [ "IndexId", "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Kendra::DataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Kendra::DataSource.AccessControlListConfiguration": { "additionalProperties": false, "properties": { "KeyPath": { "markdownDescription": "Path to the AWS S3 bucket that contains the access control list files.", "title": "KeyPath", "type": "string" } }, "type": "object" }, "AWS::Kendra::DataSource.AclConfiguration": { "additionalProperties": false, "properties": { "AllowedGroupsColumnName": { "markdownDescription": "A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation.", "title": "AllowedGroupsColumnName", "type": "string" } }, "required": [ "AllowedGroupsColumnName" ], "type": "object" }, "AWS::Kendra::DataSource.ColumnConfiguration": { "additionalProperties": false, "properties": { "ChangeDetectingColumns": { "items": { "type": "string" }, "markdownDescription": "One to five columns that indicate when a document in the database has changed.", "title": "ChangeDetectingColumns", "type": "array" }, "DocumentDataColumnName": { "markdownDescription": "The column that contains the contents of the document.", "title": "DocumentDataColumnName", "type": "string" }, "DocumentIdColumnName": { "markdownDescription": "The column that provides the document's identifier.", "title": "DocumentIdColumnName", "type": "string" }, "DocumentTitleColumnName": { "markdownDescription": "The column that contains the title of the document.", "title": "DocumentTitleColumnName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation.", "title": "FieldMappings", "type": "array" } }, "required": [ "ChangeDetectingColumns", "DocumentDataColumnName", "DocumentIdColumnName" ], "type": "object" }, "AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration": { "additionalProperties": false, "properties": { "AttachmentFieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping.", "title": "AttachmentFieldMappings", "type": "array" }, "CrawlAttachments": { "markdownDescription": "`TRUE` to index attachments of pages and blogs in Confluence.", "title": "CrawlAttachments", "type": "boolean" } }, "type": "object" }, "AWS::Kendra::DataSource.ConfluenceAttachmentToIndexFieldMapping": { "additionalProperties": false, "properties": { "DataSourceFieldName": { "markdownDescription": "The name of the field in the data source.\n\nYou must first create the index field using the `UpdateIndex` API.", "title": "DataSourceFieldName", "type": "string" }, "DateFieldFormat": { "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", "title": "DateFieldFormat", "type": "string" }, "IndexFieldName": { "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", "title": "IndexFieldName", "type": "string" } }, "required": [ "DataSourceFieldName", "IndexFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.ConfluenceBlogConfiguration": { "additionalProperties": false, "properties": { "BlogFieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping.", "title": "BlogFieldMappings", "type": "array" } }, "type": "object" }, "AWS::Kendra::DataSource.ConfluenceBlogToIndexFieldMapping": { "additionalProperties": false, "properties": { "DataSourceFieldName": { "markdownDescription": "The name of the field in the data source.", "title": "DataSourceFieldName", "type": "string" }, "DateFieldFormat": { "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", "title": "DateFieldFormat", "type": "string" }, "IndexFieldName": { "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", "title": "IndexFieldName", "type": "string" } }, "required": [ "DataSourceFieldName", "IndexFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.ConfluenceConfiguration": { "additionalProperties": false, "properties": { "AttachmentConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceAttachmentConfiguration", "markdownDescription": "Configuration information for indexing attachments to Confluence blogs and pages.", "title": "AttachmentConfiguration" }, "BlogConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceBlogConfiguration", "markdownDescription": "Configuration information for indexing Confluence blogs.", "title": "BlogConfiguration" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", "title": "ExclusionPatterns", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index.", "title": "InclusionPatterns", "type": "array" }, "PageConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageConfiguration", "markdownDescription": "Configuration information for indexing Confluence pages.", "title": "PageConfiguration" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password.\n\nYou can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) .", "title": "SecretArn", "type": "string" }, "ServerUrl": { "markdownDescription": "The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* .", "title": "ServerUrl", "type": "string" }, "SpaceConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceConfiguration", "markdownDescription": "Configuration information for indexing Confluence spaces.", "title": "SpaceConfiguration" }, "Version": { "markdownDescription": "The version or the type of Confluence installation to connect to.", "title": "Version", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", "markdownDescription": "Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) .", "title": "VpcConfiguration" } }, "required": [ "SecretArn", "ServerUrl", "Version" ], "type": "object" }, "AWS::Kendra::DataSource.ConfluencePageConfiguration": { "additionalProperties": false, "properties": { "PageFieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `PageFieldMappings` parameter, you must specify at least one field mapping.", "title": "PageFieldMappings", "type": "array" } }, "type": "object" }, "AWS::Kendra::DataSource.ConfluencePageToIndexFieldMapping": { "additionalProperties": false, "properties": { "DataSourceFieldName": { "markdownDescription": "The name of the field in the data source.", "title": "DataSourceFieldName", "type": "string" }, "DateFieldFormat": { "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", "title": "DateFieldFormat", "type": "string" }, "IndexFieldName": { "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", "title": "IndexFieldName", "type": "string" } }, "required": [ "DataSourceFieldName", "IndexFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.ConfluenceSpaceConfiguration": { "additionalProperties": false, "properties": { "CrawlArchivedSpaces": { "markdownDescription": "`TRUE` to index archived spaces.", "title": "CrawlArchivedSpaces", "type": "boolean" }, "CrawlPersonalSpaces": { "markdownDescription": "`TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) .", "title": "CrawlPersonalSpaces", "type": "boolean" }, "ExcludeSpaces": { "items": { "type": "string" }, "markdownDescription": "A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded.", "title": "ExcludeSpaces", "type": "array" }, "IncludeSpaces": { "items": { "type": "string" }, "markdownDescription": "A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded.", "title": "IncludeSpaces", "type": "array" }, "SpaceFieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata.\n\nIf you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping.", "title": "SpaceFieldMappings", "type": "array" } }, "type": "object" }, "AWS::Kendra::DataSource.ConfluenceSpaceToIndexFieldMapping": { "additionalProperties": false, "properties": { "DataSourceFieldName": { "markdownDescription": "The name of the field in the data source.", "title": "DataSourceFieldName", "type": "string" }, "DateFieldFormat": { "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field you must specify the date format. If the field is not a date field, an exception is thrown.", "title": "DateFieldFormat", "type": "string" }, "IndexFieldName": { "markdownDescription": "The name of the index field to map to the Confluence data source field. The index field type must match the Confluence field type.", "title": "IndexFieldName", "type": "string" } }, "required": [ "DataSourceFieldName", "IndexFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.ConnectionConfiguration": { "additionalProperties": false, "properties": { "DatabaseHost": { "markdownDescription": "The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address.", "title": "DatabaseHost", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database containing the document data.", "title": "DatabaseName", "type": "string" }, "DatabasePort": { "markdownDescription": "The port that the database uses for connections.", "title": "DatabasePort", "type": "number" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide.", "title": "SecretArn", "type": "string" }, "TableName": { "markdownDescription": "The name of the table that contains the document data.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseHost", "DatabaseName", "DatabasePort", "SecretArn", "TableName" ], "type": "object" }, "AWS::Kendra::DataSource.CustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { "InlineConfigurations": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration" }, "markdownDescription": "Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra.", "title": "InlineConfigurations", "type": "array" }, "PostExtractionHookConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", "title": "PostExtractionHookConfiguration" }, "PreExtractionHookConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.HookConfiguration", "markdownDescription": "Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) .", "title": "PreExtractionHookConfiguration" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::Kendra::DataSource.DataSourceConfiguration": { "additionalProperties": false, "properties": { "ConfluenceConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConfluenceConfiguration", "markdownDescription": "Provides the configuration information to connect to Confluence as your data source.", "title": "ConfluenceConfiguration" }, "DatabaseConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DatabaseConfiguration", "markdownDescription": "Provides the configuration information to connect to a database as your data source.", "title": "DatabaseConfiguration" }, "GoogleDriveConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.GoogleDriveConfiguration", "markdownDescription": "Provides the configuration information to connect to Google Drive as your data source.", "title": "GoogleDriveConfiguration" }, "OneDriveConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveConfiguration", "markdownDescription": "Provides the configuration information to connect to Microsoft OneDrive as your data source.", "title": "OneDriveConfiguration" }, "S3Configuration": { "$ref": "#/definitions/AWS::Kendra::DataSource.S3DataSourceConfiguration", "markdownDescription": "Provides the configuration information to connect to an Amazon S3 bucket as your data source.\n\n> Amazon Kendra now supports an upgraded Amazon S3 connector.\n> \n> You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector.\n> \n> Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector.\n> \n> We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024.", "title": "S3Configuration" }, "SalesforceConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceConfiguration", "markdownDescription": "Provides the configuration information to connect to Salesforce as your data source.", "title": "SalesforceConfiguration" }, "ServiceNowConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowConfiguration", "markdownDescription": "Provides the configuration information to connect to ServiceNow as your data source.", "title": "ServiceNowConfiguration" }, "SharePointConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SharePointConfiguration", "markdownDescription": "Provides the configuration information to connect to Microsoft SharePoint as your data source.", "title": "SharePointConfiguration" }, "WebCrawlerConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerConfiguration", "markdownDescription": "Provides the configuration information required for Amazon Kendra Web Crawler.", "title": "WebCrawlerConfiguration" }, "WorkDocsConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.WorkDocsConfiguration", "markdownDescription": "Provides the configuration information to connect to Amazon WorkDocs as your data source.", "title": "WorkDocsConfiguration" } }, "type": "object" }, "AWS::Kendra::DataSource.DataSourceToIndexFieldMapping": { "additionalProperties": false, "properties": { "DataSourceFieldName": { "markdownDescription": "The name of the field in the data source. You must first create the index field using the `UpdateIndex` API.", "title": "DataSourceFieldName", "type": "string" }, "DateFieldFormat": { "markdownDescription": "The format for date fields in the data source. If the field specified in `DataSourceFieldName` is a date field, you must specify the date format. If the field is not a date field, an exception is thrown.", "title": "DateFieldFormat", "type": "string" }, "IndexFieldName": { "markdownDescription": "The name of the index field to map to the data source field. The index field type must match the data source field type.", "title": "IndexFieldName", "type": "string" } }, "required": [ "DataSourceFieldName", "IndexFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.DataSourceVpcConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device.", "title": "SubnetIds", "type": "array" } }, "required": [ "SecurityGroupIds", "SubnetIds" ], "type": "object" }, "AWS::Kendra::DataSource.DatabaseConfiguration": { "additionalProperties": false, "properties": { "AclConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.AclConfiguration", "markdownDescription": "Information about the database column that provides information for user context filtering.", "title": "AclConfiguration" }, "ColumnConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ColumnConfiguration", "markdownDescription": "Information about where the index should get the document information from the database.", "title": "ColumnConfiguration" }, "ConnectionConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ConnectionConfiguration", "markdownDescription": "Configuration information that's required to connect to a database.", "title": "ConnectionConfiguration" }, "DatabaseEngineType": { "markdownDescription": "The type of database engine that runs the database.", "title": "DatabaseEngineType", "type": "string" }, "SqlConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SqlConfiguration", "markdownDescription": "Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source.", "title": "SqlConfiguration" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", "markdownDescription": "Provides information for connecting to an Amazon VPC.", "title": "VpcConfiguration" } }, "required": [ "ColumnConfiguration", "ConnectionConfiguration", "DatabaseEngineType" ], "type": "object" }, "AWS::Kendra::DataSource.DocumentAttributeCondition": { "additionalProperties": false, "properties": { "ConditionDocumentAttributeKey": { "markdownDescription": "The identifier of the document attribute used for the condition.\n\nFor example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents.\n\nAmazon Kendra currently does not support `_document_body` as an attribute key used for the condition.", "title": "ConditionDocumentAttributeKey", "type": "string" }, "ConditionOnValue": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", "markdownDescription": "The value used by the operator.\n\nFor example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value.", "title": "ConditionOnValue" }, "Operator": { "markdownDescription": "The condition operator.\n\nFor example, you can use 'Contains' to partially match a string.", "title": "Operator", "type": "string" } }, "required": [ "ConditionDocumentAttributeKey", "Operator" ], "type": "object" }, "AWS::Kendra::DataSource.DocumentAttributeTarget": { "additionalProperties": false, "properties": { "TargetDocumentAttributeKey": { "markdownDescription": "The identifier of the target document attribute or metadata field.\n\nFor example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents.", "title": "TargetDocumentAttributeKey", "type": "string" }, "TargetDocumentAttributeValue": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeValue", "markdownDescription": "The target value you want to create for the target attribute.\n\nFor example, 'Finance' could be the target value for the target attribute key 'Department'.", "title": "TargetDocumentAttributeValue" }, "TargetDocumentAttributeValueDeletion": { "markdownDescription": "`TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . To create a target value ( `TargetDocumentAttributeValue` ), set this to `FALSE` .", "title": "TargetDocumentAttributeValueDeletion", "type": "boolean" } }, "required": [ "TargetDocumentAttributeKey" ], "type": "object" }, "AWS::Kendra::DataSource.DocumentAttributeValue": { "additionalProperties": false, "properties": { "DateValue": { "markdownDescription": "A date expressed as an ISO 8601 string.\n\nIt is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time.", "title": "DateValue", "type": "string" }, "LongValue": { "markdownDescription": "A long integer value.", "title": "LongValue", "type": "number" }, "StringListValue": { "items": { "type": "string" }, "markdownDescription": "A list of strings. The default maximum length or number of strings is 10.", "title": "StringListValue", "type": "array" }, "StringValue": { "markdownDescription": "A string, such as \"department\".", "title": "StringValue", "type": "string" } }, "type": "object" }, "AWS::Kendra::DataSource.DocumentsMetadataConfiguration": { "additionalProperties": false, "properties": { "S3Prefix": { "markdownDescription": "A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files.", "title": "S3Prefix", "type": "string" } }, "type": "object" }, "AWS::Kendra::DataSource.GoogleDriveConfiguration": { "additionalProperties": false, "properties": { "ExcludeMimeTypes": { "items": { "type": "string" }, "markdownDescription": "A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded.\n\nFor a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", "title": "ExcludeMimeTypes", "type": "array" }, "ExcludeSharedDrives": { "items": { "type": "string" }, "markdownDescription": "A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded.", "title": "ExcludeSharedDrives", "type": "array" }, "ExcludeUserAccounts": { "items": { "type": "string" }, "markdownDescription": "A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way.", "title": "ExcludeUserAccounts", "type": "array" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", "title": "ExclusionPatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata.", "title": "FieldMappings", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", "title": "InclusionPatterns", "type": "array" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) .", "title": "SecretArn", "type": "string" } }, "required": [ "SecretArn" ], "type": "object" }, "AWS::Kendra::DataSource.HookConfiguration": { "additionalProperties": false, "properties": { "InvocationCondition": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", "markdownDescription": "The condition used for when a Lambda function should be invoked.\n\nFor example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time.", "title": "InvocationCondition" }, "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) .", "title": "LambdaArn", "type": "string" }, "S3Bucket": { "markdownDescription": "Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) .", "title": "S3Bucket", "type": "string" } }, "required": [ "LambdaArn", "S3Bucket" ], "type": "object" }, "AWS::Kendra::DataSource.InlineCustomDocumentEnrichmentConfiguration": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeCondition", "markdownDescription": "Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Kendra.", "title": "Condition" }, "DocumentContentDeletion": { "markdownDescription": "`TRUE` to delete content if the condition used for the target attribute is met.", "title": "DocumentContentDeletion", "type": "boolean" }, "Target": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentAttributeTarget", "markdownDescription": "Configuration of the target document attribute or metadata field when ingesting documents into Amazon Kendra. You can also include a value.", "title": "Target" } }, "type": "object" }, "AWS::Kendra::DataSource.OneDriveConfiguration": { "additionalProperties": false, "properties": { "DisableLocalGroups": { "markdownDescription": "`TRUE` to disable local groups information.", "title": "DisableLocalGroups", "type": "boolean" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", "title": "ExclusionPatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata.", "title": "FieldMappings", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the file name.", "title": "InclusionPatterns", "type": "array" }, "OneDriveUsers": { "$ref": "#/definitions/AWS::Kendra::DataSource.OneDriveUsers", "markdownDescription": "A list of user accounts whose documents should be indexed.", "title": "OneDriveUsers" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application.", "title": "SecretArn", "type": "string" }, "TenantDomain": { "markdownDescription": "The Azure Active Directory domain of the organization.", "title": "TenantDomain", "type": "string" } }, "required": [ "OneDriveUsers", "SecretArn", "TenantDomain" ], "type": "object" }, "AWS::Kendra::DataSource.OneDriveUsers": { "additionalProperties": false, "properties": { "OneDriveUserList": { "items": { "type": "string" }, "markdownDescription": "A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users.", "title": "OneDriveUserList", "type": "array" }, "OneDriveUserS3Path": { "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", "markdownDescription": "The S3 bucket location of a file containing a list of users whose documents should be indexed.", "title": "OneDriveUserS3Path" } }, "type": "object" }, "AWS::Kendra::DataSource.ProxyConfiguration": { "additionalProperties": false, "properties": { "Credentials": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nThe credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials.", "title": "Credentials", "type": "string" }, "Host": { "markdownDescription": "The name of the website host you want to connect to via a web proxy server.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port number of the website host you want to connect to via a web proxy server.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", "title": "Port", "type": "number" } }, "required": [ "Host", "Port" ], "type": "object" }, "AWS::Kendra::DataSource.S3DataSourceConfiguration": { "additionalProperties": false, "properties": { "AccessControlListConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.AccessControlListConfiguration", "markdownDescription": "Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) .", "title": "AccessControlListConfiguration" }, "BucketName": { "markdownDescription": "The name of the bucket that contains the documents.", "title": "BucketName", "type": "string" }, "DocumentsMetadataConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DocumentsMetadataConfiguration", "markdownDescription": "Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document.", "title": "DocumentsMetadataConfiguration" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", "title": "ExclusionPatterns", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include:\n\n- */myapp/config/** \u2014All files inside config directory.\n- ***/*.png* \u2014All .png files in all directories.\n- ***/*.{png, ico, md}* \u2014All .png, .ico or .md files in all directories.\n- */myapp/src/**/*.ts* \u2014All .ts files inside src directory (and all its subdirectories).\n- ***/!(*.module).ts* \u2014All .ts files but not .module.ts\n- **.png , *.jpg* \u2014All PNG and JPEG image files in a directory (files with the extensions .png and .jpg).\n- **internal** \u2014All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'.\n- ***/*internal** \u2014All internal-related files in a directory and its subdirectories.\n\nFor more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference.", "title": "InclusionPatterns", "type": "array" }, "InclusionPrefixes": { "items": { "type": "string" }, "markdownDescription": "A list of S3 prefixes for the documents that should be included in the index.", "title": "InclusionPrefixes", "type": "array" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::Kendra::DataSource.S3Path": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket that contains the file.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name of the file.", "title": "Key", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration": { "additionalProperties": false, "properties": { "DocumentDataFieldName": { "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column.", "title": "DocumentTitleFieldName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps fields from a Salesforce chatter feed into Amazon Kendra index fields.", "title": "FieldMappings", "type": "array" }, "IncludeFilterTypes": { "items": { "type": "string" }, "markdownDescription": "Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both.", "title": "IncludeFilterTypes", "type": "array" } }, "required": [ "DocumentDataFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceConfiguration": { "additionalProperties": false, "properties": { "ChatterFeedConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceChatterFeedConfiguration", "markdownDescription": "Configuration information for Salesforce chatter feeds.", "title": "ChatterFeedConfiguration" }, "CrawlAttachments": { "markdownDescription": "Indicates whether Amazon Kendra should index attachments to Salesforce objects.", "title": "CrawlAttachments", "type": "boolean" }, "ExcludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", "title": "ExcludeAttachmentFilePatterns", "type": "array" }, "IncludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe pattern is applied to the name of the attached file.", "title": "IncludeAttachmentFilePatterns", "type": "array" }, "KnowledgeArticleConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration", "markdownDescription": "Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both.", "title": "KnowledgeArticleConfiguration" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys:\n\n- authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token.\n- consumerKey - The application public key generated when you created your Salesforce application.\n- consumerSecret - The application private key generated when you created your Salesforce application.\n- password - The password associated with the user logging in to the Salesforce instance.\n- securityToken - The token associated with the user logging in to the Salesforce instance.\n- username - The user name of the user logging in to the Salesforce instance.", "title": "SecretArn", "type": "string" }, "ServerUrl": { "markdownDescription": "The instance URL for the Salesforce site that you want to index.", "title": "ServerUrl", "type": "string" }, "StandardObjectAttachmentConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration", "markdownDescription": "Configuration information for processing attachments to Salesforce standard objects.", "title": "StandardObjectAttachmentConfiguration" }, "StandardObjectConfigurations": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration" }, "markdownDescription": "Configuration of the Salesforce standard objects that Amazon Kendra indexes.", "title": "StandardObjectConfigurations", "type": "array" } }, "required": [ "SecretArn", "ServerUrl" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { "DocumentDataFieldName": { "markdownDescription": "The name of the field in the custom knowledge article that contains the document data to index.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the field in the custom knowledge article that contains the document title.", "title": "DocumentTitleFieldName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of the custom knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", "title": "FieldMappings", "type": "array" }, "Name": { "markdownDescription": "The name of the configuration.", "title": "Name", "type": "string" } }, "required": [ "DocumentDataFieldName", "Name" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { "CustomKnowledgeArticleTypeConfigurations": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceCustomKnowledgeArticleTypeConfiguration" }, "markdownDescription": "Configuration information for custom Salesforce knowledge articles.", "title": "CustomKnowledgeArticleTypeConfigurations", "type": "array" }, "IncludedStates": { "items": { "type": "string" }, "markdownDescription": "Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state.", "title": "IncludedStates", "type": "array" }, "StandardKnowledgeArticleTypeConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration", "markdownDescription": "Configuration information for standard Salesforce knowledge articles.", "title": "StandardKnowledgeArticleTypeConfiguration" } }, "required": [ "IncludedStates" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceStandardKnowledgeArticleTypeConfiguration": { "additionalProperties": false, "properties": { "DocumentDataFieldName": { "markdownDescription": "The name of the field that contains the document data to index.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the field that contains the document title.", "title": "DocumentTitleFieldName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", "title": "FieldMappings", "type": "array" } }, "required": [ "DocumentDataFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.SalesforceStandardObjectAttachmentConfiguration": { "additionalProperties": false, "properties": { "DocumentTitleFieldName": { "markdownDescription": "The name of the field used for the document title.", "title": "DocumentTitleFieldName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "One or more objects that map fields in attachments to Amazon Kendra index fields.", "title": "FieldMappings", "type": "array" } }, "type": "object" }, "AWS::Kendra::DataSource.SalesforceStandardObjectConfiguration": { "additionalProperties": false, "properties": { "DocumentDataFieldName": { "markdownDescription": "The name of the field in the standard object table that contains the document contents.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the field in the standard object table that contains the document title.", "title": "DocumentTitleFieldName", "type": "string" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of the standard object to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata.", "title": "FieldMappings", "type": "array" }, "Name": { "markdownDescription": "The name of the standard object.", "title": "Name", "type": "string" } }, "required": [ "DocumentDataFieldName", "Name" ], "type": "object" }, "AWS::Kendra::DataSource.ServiceNowConfiguration": { "additionalProperties": false, "properties": { "AuthenticationType": { "markdownDescription": "The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password.\n\nWhen you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", "title": "AuthenticationType", "type": "string" }, "HostUrl": { "markdownDescription": "The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.*", "title": "HostUrl", "type": "string" }, "KnowledgeArticleConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration", "markdownDescription": "Configuration information for crawling knowledge articles in the ServiceNow site.", "title": "KnowledgeArticleConfiguration" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) .", "title": "SecretArn", "type": "string" }, "ServiceCatalogConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration", "markdownDescription": "Configuration information for crawling service catalogs in the ServiceNow site.", "title": "ServiceCatalogConfiguration" }, "ServiceNowBuildVersion": { "markdownDescription": "The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` .", "title": "ServiceNowBuildVersion", "type": "string" } }, "required": [ "HostUrl", "SecretArn", "ServiceNowBuildVersion" ], "type": "object" }, "AWS::Kendra::DataSource.ServiceNowKnowledgeArticleConfiguration": { "additionalProperties": false, "properties": { "CrawlAttachments": { "markdownDescription": "`TRUE` to index attachments to knowledge articles.", "title": "CrawlAttachments", "type": "boolean" }, "DocumentDataFieldName": { "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", "title": "DocumentTitleFieldName", "type": "string" }, "ExcludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", "title": "ExcludeAttachmentFilePatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", "title": "FieldMappings", "type": "array" }, "FilterQuery": { "markdownDescription": "A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private.\n\nThe query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) .", "title": "FilterQuery", "type": "string" }, "IncludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.", "title": "IncludeAttachmentFilePatterns", "type": "array" } }, "required": [ "DocumentDataFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.ServiceNowServiceCatalogConfiguration": { "additionalProperties": false, "properties": { "CrawlAttachments": { "markdownDescription": "`TRUE` to index attachments to service catalog items.", "title": "CrawlAttachments", "type": "boolean" }, "DocumentDataFieldName": { "markdownDescription": "The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index.", "title": "DocumentDataFieldName", "type": "string" }, "DocumentTitleFieldName": { "markdownDescription": "The name of the ServiceNow field that is mapped to the index document title field.", "title": "DocumentTitleFieldName", "type": "string" }, "ExcludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", "title": "ExcludeAttachmentFilePatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata.", "title": "FieldMappings", "type": "array" }, "IncludeAttachmentFilePatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index.\n\nThe regex is applied to the file name of the attachment.", "title": "IncludeAttachmentFilePatterns", "type": "array" } }, "required": [ "DocumentDataFieldName" ], "type": "object" }, "AWS::Kendra::DataSource.SharePointConfiguration": { "additionalProperties": false, "properties": { "CrawlAttachments": { "markdownDescription": "`TRUE` to index document attachments.", "title": "CrawlAttachments", "type": "boolean" }, "DisableLocalGroups": { "markdownDescription": "`TRUE` to disable local groups information.", "title": "DisableLocalGroups", "type": "boolean" }, "DocumentTitleFieldName": { "markdownDescription": "The Microsoft SharePoint attribute field that contains the title of the document.", "title": "DocumentTitleFieldName", "type": "string" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index.\n\nThe regex is applied to the display URL of the SharePoint document.", "title": "ExclusionPatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) .", "title": "FieldMappings", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index.\n\nThe regex applies to the display URL of the SharePoint document.", "title": "InclusionPatterns", "type": "array" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) .", "title": "SecretArn", "type": "string" }, "SharePointVersion": { "markdownDescription": "The version of Microsoft SharePoint that you use.", "title": "SharePointVersion", "type": "string" }, "SslCertificateS3Path": { "$ref": "#/definitions/AWS::Kendra::DataSource.S3Path", "markdownDescription": "Information required to find a specific file in an Amazon S3 bucket.", "title": "SslCertificateS3Path" }, "Urls": { "items": { "type": "string" }, "markdownDescription": "The Microsoft SharePoint site URLs for the documents you want to index.", "title": "Urls", "type": "array" }, "UseChangeLog": { "markdownDescription": "`TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint.", "title": "UseChangeLog", "type": "boolean" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceVpcConfiguration", "markdownDescription": "Provides information for connecting to an Amazon VPC.", "title": "VpcConfiguration" } }, "required": [ "SecretArn", "SharePointVersion", "Urls" ], "type": "object" }, "AWS::Kendra::DataSource.SqlConfiguration": { "additionalProperties": false, "properties": { "QueryIdentifiersEnclosingOption": { "markdownDescription": "Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (\") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` .\n\nBy default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes.\n\nPostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case.\n\nFor MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` .", "title": "QueryIdentifiersEnclosingOption", "type": "string" } }, "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration": { "additionalProperties": false, "properties": { "BasicAuthentication": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerBasicAuthentication" }, "markdownDescription": "The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials.\n\nThe list includes the name and port number of the website host.", "title": "BasicAuthentication", "type": "array" } }, "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerBasicAuthentication": { "additionalProperties": false, "properties": { "Credentials": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html)\n\nYou use a secret if basic authentication credentials are required to connect to a website. The secret stores your credentials of user name and password.", "title": "Credentials", "type": "string" }, "Host": { "markdownDescription": "The name of the website host you want to connect to using authentication credentials.\n\nFor example, the host name of https://a.example.com/page1.html is \"a.example.com\".", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port number of the website host you want to connect to using authentication credentials.\n\nFor example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS.", "title": "Port", "type": "number" } }, "required": [ "Credentials", "Host", "Port" ], "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerConfiguration": { "additionalProperties": false, "properties": { "AuthenticationConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerAuthenticationConfiguration", "markdownDescription": "Configuration information required to connect to websites using authentication.\n\nYou can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.", "title": "AuthenticationConfiguration" }, "CrawlDepth": { "markdownDescription": "The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2.", "title": "CrawlDepth", "type": "number" }, "MaxContentSizePerPageInMegaBytes": { "markdownDescription": "The maximum size (in MB) of a web page or attachment to crawl.\n\nFiles larger than this size (in MB) are skipped/not crawled.\n\nThe default maximum size of a web page or attachment is set to 50 MB.", "title": "MaxContentSizePerPageInMegaBytes", "type": "number" }, "MaxLinksPerPage": { "markdownDescription": "The maximum number of URLs on a web page to include when crawling a website. This number is per web page.\n\nAs a website\u2019s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance.\n\nThe default maximum links per page is 100.", "title": "MaxLinksPerPage", "type": "number" }, "MaxUrlsPerMinuteCrawlRate": { "markdownDescription": "The maximum number of URLs crawled per website host per minute.\n\nA minimum of one URL is required.\n\nThe default maximum number of URLs crawled per website host per minute is 300.", "title": "MaxUrlsPerMinuteCrawlRate", "type": "number" }, "ProxyConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.ProxyConfiguration", "markdownDescription": "Configuration information required to connect to your internal websites via a web proxy.\n\nYou must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is \"a.example.com\" and the port is 443, the standard port for HTTPS.\n\nWeb proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) .", "title": "ProxyConfiguration" }, "UrlExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", "title": "UrlExclusionPatterns", "type": "array" }, "UrlInclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index.", "title": "UrlInclusionPatterns", "type": "array" }, "Urls": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerUrls", "markdownDescription": "Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl.\n\nYou can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs.\n\nYou can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling.\n\n*When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.*", "title": "Urls" } }, "required": [ "Urls" ], "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration": { "additionalProperties": false, "properties": { "SeedUrls": { "items": { "type": "string" }, "markdownDescription": "The list of seed or starting point URLs of the websites you want to crawl.\n\nThe list can include a maximum of 100 seed URLs.", "title": "SeedUrls", "type": "array" }, "WebCrawlerMode": { "markdownDescription": "You can choose one of the following modes:\n\n- `HOST_ONLY` \u2014crawl only the website host names. For example, if the seed URL is \"abc.example.com\", then only URLs with host name \"abc.example.com\" are crawled.\n- `SUBDOMAINS` \u2014crawl the website host names with subdomains. For example, if the seed URL is \"abc.example.com\", then \"a.abc.example.com\" and \"b.abc.example.com\" are also crawled.\n- `EVERYTHING` \u2014crawl the website host names with subdomains and other domains that the web pages link to.\n\nThe default mode is set to `HOST_ONLY` .", "title": "WebCrawlerMode", "type": "string" } }, "required": [ "SeedUrls" ], "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration": { "additionalProperties": false, "properties": { "SiteMaps": { "items": { "type": "string" }, "markdownDescription": "The list of sitemap URLs of the websites you want to crawl.\n\nThe list can include a maximum of three sitemap URLs.", "title": "SiteMaps", "type": "array" } }, "required": [ "SiteMaps" ], "type": "object" }, "AWS::Kendra::DataSource.WebCrawlerUrls": { "additionalProperties": false, "properties": { "SeedUrlConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSeedUrlConfiguration", "markdownDescription": "Configuration of the seed or starting point URLs of the websites you want to crawl.\n\nYou can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to.\n\nYou can list up to 100 seed URLs.", "title": "SeedUrlConfiguration" }, "SiteMapsConfiguration": { "$ref": "#/definitions/AWS::Kendra::DataSource.WebCrawlerSiteMapsConfiguration", "markdownDescription": "Configuration of the sitemap URLs of the websites you want to crawl.\n\nOnly URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs.", "title": "SiteMapsConfiguration" } }, "type": "object" }, "AWS::Kendra::DataSource.WorkDocsConfiguration": { "additionalProperties": false, "properties": { "CrawlComments": { "markdownDescription": "`TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on.\n\nThe default is set to `FALSE` .", "title": "CrawlComments", "type": "boolean" }, "ExclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to exclude certain files in your Amazon WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don\u2019t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", "title": "ExclusionPatterns", "type": "array" }, "FieldMappings": { "items": { "$ref": "#/definitions/AWS::Kendra::DataSource.DataSourceToIndexFieldMapping" }, "markdownDescription": "A list of `DataSourceToIndexFieldMapping` objects that map Amazon WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Amazon WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Amazon WorkDocs data source field names must exist in your Amazon WorkDocs custom metadata.", "title": "FieldMappings", "type": "array" }, "InclusionPatterns": { "items": { "type": "string" }, "markdownDescription": "A list of regular expression patterns to include certain files in your Amazon WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index.", "title": "InclusionPatterns", "type": "array" }, "OrganizationId": { "markdownDescription": "The identifier of the directory corresponding to your Amazon WorkDocs site repository.\n\nYou can find the organization ID in the [AWS Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your Amazon WorkDocs site directory has an ID, which is the organization ID. You can also set up a new Amazon WorkDocs directory in the AWS Directory Service console and enable a Amazon WorkDocs site for the directory in the Amazon WorkDocs console.", "title": "OrganizationId", "type": "string" }, "UseChangeLog": { "markdownDescription": "`TRUE` to use the Amazon WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in Amazon WorkDocs.", "title": "UseChangeLog", "type": "boolean" } }, "required": [ "OrganizationId" ], "type": "object" }, "AWS::Kendra::Faq": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the FAQ.", "title": "Description", "type": "string" }, "FileFormat": { "markdownDescription": "The format of the input file. You can choose between a basic CSV format, a CSV format that includes customs attributes in a header, and a JSON format that includes custom attributes.\n\nThe format must match the format of the file stored in the S3 bucket identified in the S3Path parameter.\n\nValid values are:\n\n- `CSV`\n- `CSV_WITH_HEADER`\n- `JSON`", "title": "FileFormat", "type": "string" }, "IndexId": { "markdownDescription": "The identifier of the index that contains the FAQ.", "title": "IndexId", "type": "string" }, "LanguageCode": { "markdownDescription": "The code for a language. This shows a supported language for the FAQ document as part of the summary information for FAQs. English is supported by default. For more information on supported languages, including their codes, see [Adding documents in languages other than English](https://docs.aws.amazon.com/kendra/latest/dg/in-adding-languages.html) .", "title": "LanguageCode", "type": "string" }, "Name": { "markdownDescription": "The name that you assigned the FAQ when you created or updated the FAQ.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the S3 bucket that contains the FAQ.", "title": "RoleArn", "type": "string" }, "S3Path": { "$ref": "#/definitions/AWS::Kendra::Faq.S3Path", "markdownDescription": "The Amazon Simple Storage Service (Amazon S3) location of the FAQ input data.", "title": "S3Path" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "IndexId", "Name", "RoleArn", "S3Path" ], "type": "object" }, "Type": { "enum": [ "AWS::Kendra::Faq" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Kendra::Faq.S3Path": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket that contains the file.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name of the file.", "title": "Key", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::Kendra::Index": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityUnits": { "$ref": "#/definitions/AWS::Kendra::Index.CapacityUnitsConfiguration", "markdownDescription": "Specifies additional capacity units configured for your Enterprise Edition index. You can add and remove capacity units to fit your usage requirements.", "title": "CapacityUnits" }, "Description": { "markdownDescription": "A description for the index.", "title": "Description", "type": "string" }, "DocumentMetadataConfigurations": { "items": { "$ref": "#/definitions/AWS::Kendra::Index.DocumentMetadataConfiguration" }, "markdownDescription": "Specifies the properties of an index field. You can add either a custom or a built-in field. You can add and remove built-in fields at any time. When a built-in field is removed it's configuration reverts to the default for the field. Custom fields can't be removed from an index after they are added.", "title": "DocumentMetadataConfigurations", "type": "array" }, "Edition": { "markdownDescription": "Indicates whether the index is a Enterprise Edition index or a Developer Edition index. Valid values are `DEVELOPER_EDITION` and `ENTERPRISE_EDITION` .", "title": "Edition", "type": "string" }, "Name": { "markdownDescription": "The name of the index.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "An IAM role that gives Amazon Kendra permissions to access your Amazon CloudWatch logs and metrics. This is also the role used when you use the [BatchPutDocument](https://docs.aws.amazon.com/kendra/latest/dg/BatchPutDocument.html) operation to index documents from an Amazon S3 bucket.", "title": "RoleArn", "type": "string" }, "ServerSideEncryptionConfiguration": { "$ref": "#/definitions/AWS::Kendra::Index.ServerSideEncryptionConfiguration", "markdownDescription": "The identifier of the AWS KMS customer managed key (CMK) to use to encrypt data indexed by Amazon Kendra. Amazon Kendra doesn't support asymmetric CMKs.", "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "UserContextPolicy": { "markdownDescription": "The user context policy.\n\nATTRIBUTE_FILTER\n\n- All indexed content is searchable and displayable for all users. If you want to filter search results on user context, you can use the attribute filters of `_user_id` and `_group_ids` or you can provide user and group information in `UserContext` .\n\nUSER_TOKEN\n\n- Enables token-based user access control to filter search results on user context. All documents with no access control and all documents accessible to the user will be searchable and displayable.", "title": "UserContextPolicy", "type": "string" }, "UserTokenConfigurations": { "items": { "$ref": "#/definitions/AWS::Kendra::Index.UserTokenConfiguration" }, "markdownDescription": "Defines the type of user token used for the index.", "title": "UserTokenConfigurations", "type": "array" } }, "required": [ "Edition", "Name", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Kendra::Index" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Kendra::Index.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { "QueryCapacityUnits": { "markdownDescription": "The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity.\n\nA single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units.\n\n`GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second).", "title": "QueryCapacityUnits", "type": "number" }, "StorageCapacityUnits": { "markdownDescription": "The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units.", "title": "StorageCapacityUnits", "type": "number" } }, "required": [ "QueryCapacityUnits", "StorageCapacityUnits" ], "type": "object" }, "AWS::Kendra::Index.DocumentMetadataConfiguration": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the index field.", "title": "Name", "type": "string" }, "Relevance": { "$ref": "#/definitions/AWS::Kendra::Index.Relevance", "markdownDescription": "Provides tuning parameters to determine how the field affects the search results.", "title": "Relevance" }, "Search": { "$ref": "#/definitions/AWS::Kendra::Index.Search", "markdownDescription": "Provides information about how the field is used during a search.", "title": "Search" }, "Type": { "markdownDescription": "The data type of the index field.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::Kendra::Index.JsonTokenTypeConfiguration": { "additionalProperties": false, "properties": { "GroupAttributeField": { "markdownDescription": "The group attribute field.", "title": "GroupAttributeField", "type": "string" }, "UserNameAttributeField": { "markdownDescription": "The user name attribute field.", "title": "UserNameAttributeField", "type": "string" } }, "required": [ "GroupAttributeField", "UserNameAttributeField" ], "type": "object" }, "AWS::Kendra::Index.JwtTokenTypeConfiguration": { "additionalProperties": false, "properties": { "ClaimRegex": { "markdownDescription": "The regular expression that identifies the claim.", "title": "ClaimRegex", "type": "string" }, "GroupAttributeField": { "markdownDescription": "The group attribute field.", "title": "GroupAttributeField", "type": "string" }, "Issuer": { "markdownDescription": "The issuer of the token.", "title": "Issuer", "type": "string" }, "KeyLocation": { "markdownDescription": "The location of the key.", "title": "KeyLocation", "type": "string" }, "SecretManagerArn": { "markdownDescription": "The Amazon Resource Name (arn) of the secret.", "title": "SecretManagerArn", "type": "string" }, "URL": { "markdownDescription": "The signing key URL.", "title": "URL", "type": "string" }, "UserNameAttributeField": { "markdownDescription": "The user name attribute field.", "title": "UserNameAttributeField", "type": "string" } }, "required": [ "KeyLocation" ], "type": "object" }, "AWS::Kendra::Index.Relevance": { "additionalProperties": false, "properties": { "Duration": { "markdownDescription": "Specifies the time period that the boost applies to. For example, to make the boost apply to documents with the field value within the last month, you would use \"2628000s\". Once the field value is beyond the specified range, the effect of the boost drops off. The higher the importance, the faster the effect drops off. If you don't specify a value, the default is 3 months. The value of the field is a numeric string followed by the character \"s\", for example \"86400s\" for one day, or \"604800s\" for one week.\n\nOnly applies to `DATE` fields.", "title": "Duration", "type": "string" }, "Freshness": { "markdownDescription": "Indicates that this field determines how \"fresh\" a document is. For example, if document 1 was created on November 5, and document 2 was created on October 31, document 1 is \"fresher\" than document 2. Only applies to `DATE` fields.", "title": "Freshness", "type": "boolean" }, "Importance": { "markdownDescription": "The relative importance of the field in the search. Larger numbers provide more of a boost than smaller numbers.", "title": "Importance", "type": "number" }, "RankOrder": { "markdownDescription": "Determines how values should be interpreted.\n\nWhen the `RankOrder` field is `ASCENDING` , higher numbers are better. For example, a document with a rating score of 10 is higher ranking than a document with a rating score of 1.\n\nWhen the `RankOrder` field is `DESCENDING` , lower numbers are better. For example, in a task tracking application, a priority 1 task is more important than a priority 5 task.\n\nOnly applies to `LONG` fields.", "title": "RankOrder", "type": "string" }, "ValueImportanceItems": { "items": { "$ref": "#/definitions/AWS::Kendra::Index.ValueImportanceItem" }, "markdownDescription": "An array of key-value pairs for different boosts when they appear in the search result list. For example, if you want to boost query terms that match the \"department\" field in the result, query terms that match this field are boosted in the result. You can add entries from the department field to boost documents with those values higher.\n\nFor example, you can add entries to the map with names of departments. If you add \"HR\", 5 and \"Legal\",3 those departments are given special attention when they appear in the metadata of a document.", "title": "ValueImportanceItems", "type": "array" } }, "type": "object" }, "AWS::Kendra::Index.Search": { "additionalProperties": false, "properties": { "Displayable": { "markdownDescription": "Determines whether the field is returned in the query response. The default is `true` .", "title": "Displayable", "type": "boolean" }, "Facetable": { "markdownDescription": "Indicates that the field can be used to create search facets, a count of results for each value in the field. The default is `false` .", "title": "Facetable", "type": "boolean" }, "Searchable": { "markdownDescription": "Determines whether the field is used in the search. If the `Searchable` field is `true` , you can use relevance tuning to manually tune how Amazon Kendra weights the field in the search. The default is `true` for string fields and `false` for number and date fields.", "title": "Searchable", "type": "boolean" }, "Sortable": { "markdownDescription": "Determines whether the field can be used to sort the results of a query. The default is `false` .", "title": "Sortable", "type": "boolean" } }, "type": "object" }, "AWS::Kendra::Index.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys.", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::Kendra::Index.UserTokenConfiguration": { "additionalProperties": false, "properties": { "JsonTokenTypeConfiguration": { "$ref": "#/definitions/AWS::Kendra::Index.JsonTokenTypeConfiguration", "markdownDescription": "Information about the JSON token type configuration.", "title": "JsonTokenTypeConfiguration" }, "JwtTokenTypeConfiguration": { "$ref": "#/definitions/AWS::Kendra::Index.JwtTokenTypeConfiguration", "markdownDescription": "Information about the JWT token type configuration.", "title": "JwtTokenTypeConfiguration" } }, "type": "object" }, "AWS::Kendra::Index.ValueImportanceItem": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The document metadata value used for the search boost.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The boost value for a document when the key is part of the metadata of a document.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::KendraRanking::ExecutionPlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CapacityUnits": { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration", "markdownDescription": "You can set additional capacity units to meet the needs of your rescore execution plan. You are given a single capacity unit by default. If you want to use the default capacity, you don't set additional capacity units. For more information on the default capacity and additional capacity units, see [Adjusting capacity](https://docs.aws.amazon.com/kendra/latest/dg/adjusting-capacity.html) .", "title": "CapacityUnits" }, "Description": { "markdownDescription": "A description for the rescore execution plan.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the rescore execution plan.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs that identify or categorize your rescore execution plan. You can also use tags to help control access to the rescore execution plan. Tag keys and values can consist of Unicode letters, digits, white space. They can also consist of underscore, period, colon, equal, plus, and asperand.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::KendraRanking::ExecutionPlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KendraRanking::ExecutionPlan.CapacityUnitsConfiguration": { "additionalProperties": false, "properties": { "RescoreCapacityUnits": { "markdownDescription": "The amount of extra capacity for your rescore execution plan.\n\nA single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units.", "title": "RescoreCapacityUnits", "type": "number" } }, "required": [ "RescoreCapacityUnits" ], "type": "object" }, "AWS::Kinesis::Stream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the Kinesis stream. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the stream name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "Name", "type": "string" }, "RetentionPeriodHours": { "markdownDescription": "The number of hours for the data records that are stored in shards to remain accessible. The default value is 24. For more information about the stream retention period, see [Changing the Data Retention Period](https://docs.aws.amazon.com/streams/latest/dev/kinesis-extended-retention.html) in the Amazon Kinesis Developer Guide.", "title": "RetentionPeriodHours", "type": "number" }, "ShardCount": { "markdownDescription": "The number of shards that the stream uses. For greater provisioned throughput, increase the number of shards.", "title": "ShardCount", "type": "number" }, "StreamEncryption": { "$ref": "#/definitions/AWS::Kinesis::Stream.StreamEncryption", "markdownDescription": "When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption.", "title": "StreamEncryption" }, "StreamModeDetails": { "$ref": "#/definitions/AWS::Kinesis::Stream.StreamModeDetails", "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", "title": "StreamModeDetails" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the Kinesis stream. For information about constraints for this property, see [Tag Restrictions](https://docs.aws.amazon.com/streams/latest/dev/tagging.html#tagging-restrictions) in the *Amazon Kinesis Developer Guide* .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Kinesis::Stream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Kinesis::Stream.StreamEncryption": { "additionalProperties": false, "properties": { "EncryptionType": { "markdownDescription": "The encryption type to use. The only valid value is `KMS` .", "title": "EncryptionType", "type": "string" }, "KeyId": { "markdownDescription": "The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by \"alias/\".You can also use a master key owned by Kinesis Data Streams by specifying the alias `aws/kinesis` .\n\n- Key ARN example: `arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012`\n- Alias ARN example: `arn:aws:kms:us-east-1:123456789012:alias/MyAliasName`\n- Globally unique key ID example: `12345678-1234-1234-1234-123456789012`\n- Alias name example: `alias/MyAliasName`\n- Master key owned by Kinesis Data Streams: `alias/aws/kinesis`", "title": "KeyId", "type": "string" } }, "required": [ "EncryptionType", "KeyId" ], "type": "object" }, "AWS::Kinesis::Stream.StreamModeDetails": { "additionalProperties": false, "properties": { "StreamMode": { "markdownDescription": "Specifies the capacity mode to which you want to set your data stream. Currently, in Kinesis Data Streams, you can choose between an *on-demand* capacity mode and a *provisioned* capacity mode for your data streams.", "title": "StreamMode", "type": "string" } }, "required": [ "StreamMode" ], "type": "object" }, "AWS::Kinesis::StreamConsumer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConsumerName": { "markdownDescription": "The name of the consumer is something you choose when you register the consumer.", "title": "ConsumerName", "type": "string" }, "StreamARN": { "markdownDescription": "The ARN of the stream with which you registered the consumer.", "title": "StreamARN", "type": "string" } }, "required": [ "ConsumerName", "StreamARN" ], "type": "object" }, "Type": { "enum": [ "AWS::Kinesis::StreamConsumer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalytics::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationCode": { "markdownDescription": "One or more SQL statements that read input data, transform it, and generate output. For example, you can write a SQL statement that reads data from one in-application stream, generates a running average of the number of advertisement clicks by vendor, and insert resulting rows in another in-application stream using pumps. For more information about the typical pattern, see [Application Code](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-app-code.html) .\n\nYou can provide such series of SQL statements, where output of one statement can be used as the input for the next statement. You store intermediate results by creating in-application streams and pumps.\n\nNote that the application code must create the streams with names specified in the `Outputs` . For example, if your `Outputs` defines output streams named `ExampleOutputStream1` and `ExampleOutputStream2` , then your application code must create these streams.", "title": "ApplicationCode", "type": "string" }, "ApplicationDescription": { "markdownDescription": "Summary description of the application.", "title": "ApplicationDescription", "type": "string" }, "ApplicationName": { "markdownDescription": "Name of your Amazon Kinesis Analytics application (for example, `sample-app` ).", "title": "ApplicationName", "type": "string" }, "Inputs": { "items": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.Input" }, "markdownDescription": "Use this parameter to configure the application input.\n\nYou can configure your application to receive input from a single streaming source. In this configuration, you map this streaming source to an in-application stream that is created. Your application code can then query the in-application stream like a table (you can think of it as a constantly updating table).\n\nFor the streaming source, you provide its Amazon Resource Name (ARN) and format of data on the stream (for example, JSON, CSV, etc.). You also must provide an IAM role that Amazon Kinesis Analytics can assume to read this stream on your behalf.\n\nTo create the in-application stream, you need to specify a schema to transform your data into a schematized version used in SQL. In the schema, you provide the necessary mapping of the data elements in the streaming source to record columns in the in-app stream.", "title": "Inputs", "type": "array" } }, "required": [ "Inputs" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalytics::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalytics::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { "RecordColumnDelimiter": { "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", "title": "RecordColumnDelimiter", "type": "string" }, "RecordRowDelimiter": { "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", "title": "RecordRowDelimiter", "type": "string" } }, "required": [ "RecordColumnDelimiter", "RecordRowDelimiter" ], "type": "object" }, "AWS::KinesisAnalytics::Application.Input": { "additionalProperties": false, "properties": { "InputParallelism": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputParallelism", "markdownDescription": "Describes the number of in-application streams to create.\n\nData from your source is routed to these in-application input streams.\n\nSee [Configuring Application Input](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-input.html) .", "title": "InputParallelism" }, "InputProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputProcessingConfiguration", "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputprocessingconfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) .", "title": "InputProcessingConfiguration" }, "InputSchema": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputSchema", "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", "title": "InputSchema" }, "KinesisFirehoseInput": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisFirehoseInput", "markdownDescription": "If the streaming source is an Amazon Kinesis Firehose delivery stream, identifies the delivery stream's ARN and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", "title": "KinesisFirehoseInput" }, "KinesisStreamsInput": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.KinesisStreamsInput", "markdownDescription": "If the streaming source is an Amazon Kinesis stream, identifies the stream's Amazon Resource Name (ARN) and an IAM role that enables Amazon Kinesis Analytics to access the stream on your behalf.\n\nNote: Either `KinesisStreamsInput` or `KinesisFirehoseInput` is required.", "title": "KinesisStreamsInput" }, "NamePrefix": { "markdownDescription": "Name prefix to use when creating an in-application stream. Suppose that you specify a prefix \"MyInApplicationStream.\" Amazon Kinesis Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with names \"MyInApplicationStream_001,\" \"MyInApplicationStream_002,\" and so on.", "title": "NamePrefix", "type": "string" } }, "required": [ "InputSchema", "NamePrefix" ], "type": "object" }, "AWS::KinesisAnalytics::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The ARN of the [AWS Lambda](https://docs.aws.amazon.com/lambda/) function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of the IAM role that is used to access the AWS Lambda function.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::Application.InputParallelism": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "Number of in-application streams to create. For more information, see [Limits](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/limits.html) .", "title": "Count", "type": "number" } }, "type": "object" }, "AWS::KinesisAnalytics::Application.InputProcessingConfiguration": { "additionalProperties": false, "properties": { "InputLambdaProcessor": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.InputLambdaProcessor", "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisanalytics-application-inputlambdaprocessor.html) that is used to preprocess the records in the stream before being processed by your application code.", "title": "InputLambdaProcessor" } }, "type": "object" }, "AWS::KinesisAnalytics::Application.InputSchema": { "additionalProperties": false, "properties": { "RecordColumns": { "items": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordColumn" }, "markdownDescription": "A list of `RecordColumn` objects.", "title": "RecordColumns", "type": "array" }, "RecordEncoding": { "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", "title": "RecordEncoding", "type": "string" }, "RecordFormat": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.RecordFormat", "markdownDescription": "Specifies the format of the records on the streaming source.", "title": "RecordFormat" } }, "required": [ "RecordColumns", "RecordFormat" ], "type": "object" }, "AWS::KinesisAnalytics::Application.JSONMappingParameters": { "additionalProperties": false, "properties": { "RecordRowPath": { "markdownDescription": "Path to the top-level parent that contains the records.", "title": "RecordRowPath", "type": "string" } }, "required": [ "RecordRowPath" ], "type": "object" }, "AWS::KinesisAnalytics::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "ARN of the input delivery stream.", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to make sure that the role has the necessary permissions to access the stream.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "ARN of the input Amazon Kinesis stream to read.", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to access the stream on your behalf. You need to grant the necessary permissions to this role.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::Application.MappingParameters": { "additionalProperties": false, "properties": { "CSVMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.CSVMappingParameters", "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", "title": "CSVMappingParameters" }, "JSONMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.JSONMappingParameters", "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", "title": "JSONMappingParameters" } }, "type": "object" }, "AWS::KinesisAnalytics::Application.RecordColumn": { "additionalProperties": false, "properties": { "Mapping": { "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", "title": "Mapping", "type": "string" }, "Name": { "markdownDescription": "Name of the column created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, "SqlType": { "markdownDescription": "Type of column created in the in-application input stream or reference table.", "title": "SqlType", "type": "string" } }, "required": [ "Name", "SqlType" ], "type": "object" }, "AWS::KinesisAnalytics::Application.RecordFormat": { "additionalProperties": false, "properties": { "MappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::Application.MappingParameters", "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", "title": "MappingParameters" }, "RecordFormatType": { "markdownDescription": "The type of record format.", "title": "RecordFormatType", "type": "string" } }, "required": [ "RecordFormatType" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "Name of the application to which you want to add the output configuration.", "title": "ApplicationName", "type": "string" }, "Output": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.Output", "markdownDescription": "An array of objects, each describing one output configuration. In the output configuration, you specify the name of an in-application stream, a destination (that is, an Amazon Kinesis stream, an Amazon Kinesis Firehose delivery stream, or an AWS Lambda function), and record the formation to use when writing to the destination.", "title": "Output" } }, "required": [ "ApplicationName", "Output" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalytics::ApplicationOutput" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { "RecordFormatType": { "markdownDescription": "Specifies the format of the records on the output stream.", "title": "RecordFormatType", "type": "string" } }, "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "ARN of the destination Amazon Kinesis Firehose delivery stream to write to.", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "ARN of the destination Amazon Kinesis stream to write to.", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination stream on your behalf. You need to grant the necessary permissions to this role.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: AWS Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", "title": "ResourceARN", "type": "string" }, "RoleARN": { "markdownDescription": "ARN of the IAM role that Amazon Kinesis Analytics can assume to write to the destination function on your behalf. You need to grant the necessary permissions to this role.", "title": "RoleARN", "type": "string" } }, "required": [ "ResourceARN", "RoleARN" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationOutput.Output": { "additionalProperties": false, "properties": { "DestinationSchema": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.DestinationSchema", "markdownDescription": "Describes the data format when records are written to the destination. For more information, see [Configuring Application Output](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/how-it-works-output.html) .", "title": "DestinationSchema" }, "KinesisFirehoseOutput": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisFirehoseOutput", "markdownDescription": "Identifies an Amazon Kinesis Firehose delivery stream as the destination.", "title": "KinesisFirehoseOutput" }, "KinesisStreamsOutput": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.KinesisStreamsOutput", "markdownDescription": "Identifies an Amazon Kinesis stream as the destination.", "title": "KinesisStreamsOutput" }, "LambdaOutput": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput.LambdaOutput", "markdownDescription": "Identifies an AWS Lambda function as the destination.", "title": "LambdaOutput" }, "Name": { "markdownDescription": "Name of the in-application stream.", "title": "Name", "type": "string" } }, "required": [ "DestinationSchema" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "Name of an existing application.", "title": "ApplicationName", "type": "string" }, "ReferenceDataSource": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource", "markdownDescription": "The reference data source can be an object in your Amazon S3 bucket. Amazon Kinesis Analytics reads the object and copies the data into the in-application table that is created. You provide an S3 bucket, object key name, and the resulting in-application table that is created. You must also provide an IAM role with the necessary permissions that Amazon Kinesis Analytics can assume to read the object from your S3 bucket on your behalf.", "title": "ReferenceDataSource" } }, "required": [ "ApplicationName", "ReferenceDataSource" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalytics::ApplicationReferenceDataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { "RecordColumnDelimiter": { "markdownDescription": "Column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", "title": "RecordColumnDelimiter", "type": "string" }, "RecordRowDelimiter": { "markdownDescription": "Row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", "title": "RecordRowDelimiter", "type": "string" } }, "required": [ "RecordColumnDelimiter", "RecordRowDelimiter" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { "RecordRowPath": { "markdownDescription": "Path to the top-level parent that contains the records.", "title": "RecordRowPath", "type": "string" } }, "required": [ "RecordRowPath" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { "CSVMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.CSVMappingParameters", "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", "title": "CSVMappingParameters" }, "JSONMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.JSONMappingParameters", "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", "title": "JSONMappingParameters" } }, "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { "Mapping": { "markdownDescription": "Reference to the data element in the streaming input or the reference data source. This element is required if the [RecordFormatType](https://docs.aws.amazon.com/kinesisanalytics/latest/dev/API_RecordFormat.html#analytics-Type-RecordFormat-RecordFormatTypel) is `JSON` .", "title": "Mapping", "type": "string" }, "Name": { "markdownDescription": "Name of the column created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, "SqlType": { "markdownDescription": "Type of column created in the in-application input stream or reference table.", "title": "SqlType", "type": "string" } }, "required": [ "Name", "SqlType" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { "MappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.MappingParameters", "markdownDescription": "When configuring application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", "title": "MappingParameters" }, "RecordFormatType": { "markdownDescription": "The type of record format.", "title": "RecordFormatType", "type": "string" } }, "required": [ "RecordFormatType" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { "ReferenceSchema": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema", "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", "title": "ReferenceSchema" }, "S3ReferenceDataSource": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource", "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. Also identifies the IAM role Amazon Kinesis Analytics can assume to read this object on your behalf. An Amazon Kinesis Analytics application loads reference data only once. If the data changes, you call the `UpdateApplication` operation to trigger reloading of data into your application.", "title": "S3ReferenceDataSource" }, "TableName": { "markdownDescription": "Name of the in-application table to create.", "title": "TableName", "type": "string" } }, "required": [ "ReferenceSchema" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { "RecordColumns": { "items": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordColumn" }, "markdownDescription": "A list of RecordColumn objects.", "title": "RecordColumns", "type": "array" }, "RecordEncoding": { "markdownDescription": "Specifies the encoding of the records in the reference source. For example, UTF-8.", "title": "RecordEncoding", "type": "string" }, "RecordFormat": { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource.RecordFormat", "markdownDescription": "Specifies the format of the records on the reference source.", "title": "RecordFormat" } }, "required": [ "RecordColumns", "RecordFormat" ], "type": "object" }, "AWS::KinesisAnalytics::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { "BucketARN": { "markdownDescription": "Amazon Resource Name (ARN) of the S3 bucket.", "title": "BucketARN", "type": "string" }, "FileKey": { "markdownDescription": "Object key name containing reference data.", "title": "FileKey", "type": "string" }, "ReferenceRoleARN": { "markdownDescription": "ARN of the IAM role that the service can assume to read data on your behalf. This role must have permission for the `s3:GetObject` action on the object and trust policy that allows Amazon Kinesis Analytics service principal to assume this role.", "title": "ReferenceRoleARN", "type": "string" } }, "required": [ "BucketARN", "FileKey", "ReferenceRoleARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration", "markdownDescription": "Use this parameter to configure the application.", "title": "ApplicationConfiguration" }, "ApplicationDescription": { "markdownDescription": "The description of the application.", "title": "ApplicationDescription", "type": "string" }, "ApplicationMaintenanceConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration", "markdownDescription": "", "title": "ApplicationMaintenanceConfiguration" }, "ApplicationMode": { "markdownDescription": "To create a Kinesis Data Analytics Studio notebook, you must set the mode to `INTERACTIVE` . However, for a Kinesis Data Analytics for Apache Flink application, the mode is optional.", "title": "ApplicationMode", "type": "string" }, "ApplicationName": { "markdownDescription": "The name of the application.", "title": "ApplicationName", "type": "string" }, "RunConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RunConfiguration", "markdownDescription": "Describes the starting parameters for an Managed Service for Apache Flink application.", "title": "RunConfiguration" }, "RuntimeEnvironment": { "markdownDescription": "The runtime environment for the application.", "title": "RuntimeEnvironment", "type": "string" }, "ServiceExecutionRole": { "markdownDescription": "Specifies the IAM role that the application uses to access external resources.", "title": "ServiceExecutionRole", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of one or more tags to assign to the application. A tag is a key-value pair that identifies an application. Note that the maximum number of application tags includes system tags. The maximum number of user-defined application tags is 50.", "title": "Tags", "type": "array" } }, "required": [ "RuntimeEnvironment", "ServiceExecutionRole" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalyticsV2::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration": { "additionalProperties": false, "properties": { "CodeContent": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CodeContent", "markdownDescription": "The location and type of the application code.", "title": "CodeContent" }, "CodeContentType": { "markdownDescription": "Specifies whether the code content is in text or zip format.", "title": "CodeContentType", "type": "string" } }, "required": [ "CodeContent", "CodeContentType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ApplicationConfiguration": { "additionalProperties": false, "properties": { "ApplicationCodeConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationCodeConfiguration", "markdownDescription": "The code location and type parameters for a Managed Service for Apache Flink application.", "title": "ApplicationCodeConfiguration" }, "ApplicationSnapshotConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration", "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", "title": "ApplicationSnapshotConfiguration" }, "EnvironmentProperties": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.EnvironmentProperties", "markdownDescription": "Describes execution properties for a Managed Service for Apache Flink application.", "title": "EnvironmentProperties" }, "FlinkApplicationConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration", "markdownDescription": "The creation and update parameters for a Managed Service for Apache Flink application.", "title": "FlinkApplicationConfiguration" }, "SqlApplicationConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration", "markdownDescription": "The creation and update parameters for a SQL-based Kinesis Data Analytics application.", "title": "SqlApplicationConfiguration" }, "VpcConfigurations": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.VpcConfiguration" }, "markdownDescription": "The array of descriptions of VPC configurations available to the application.", "title": "VpcConfigurations", "type": "array" }, "ZeppelinApplicationConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration", "markdownDescription": "The configuration parameters for a Kinesis Data Analytics Studio notebook.", "title": "ZeppelinApplicationConfiguration" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ApplicationMaintenanceConfiguration": { "additionalProperties": false, "properties": { "ApplicationMaintenanceWindowStartTime": { "markdownDescription": "Specifies the start time of the maintence window.", "title": "ApplicationMaintenanceWindowStartTime", "type": "string" } }, "required": [ "ApplicationMaintenanceWindowStartTime" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration": { "additionalProperties": false, "properties": { "ApplicationRestoreType": { "markdownDescription": "Specifies how the application should be restored.", "title": "ApplicationRestoreType", "type": "string" }, "SnapshotName": { "markdownDescription": "The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if `RESTORE_FROM_CUSTOM_SNAPSHOT` is specified for the `ApplicationRestoreType` .", "title": "SnapshotName", "type": "string" } }, "required": [ "ApplicationRestoreType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ApplicationSnapshotConfiguration": { "additionalProperties": false, "properties": { "SnapshotsEnabled": { "markdownDescription": "Describes whether snapshots are enabled for a Managed Service for Apache Flink application.", "title": "SnapshotsEnabled", "type": "boolean" } }, "required": [ "SnapshotsEnabled" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.CSVMappingParameters": { "additionalProperties": false, "properties": { "RecordColumnDelimiter": { "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", "title": "RecordColumnDelimiter", "type": "string" }, "RecordRowDelimiter": { "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", "title": "RecordRowDelimiter", "type": "string" } }, "required": [ "RecordColumnDelimiter", "RecordRowDelimiter" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.CatalogConfiguration": { "additionalProperties": false, "properties": { "GlueDataCatalogConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration", "markdownDescription": "The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook.", "title": "GlueDataCatalogConfiguration" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration": { "additionalProperties": false, "properties": { "CheckpointInterval": { "markdownDescription": "Describes the interval in milliseconds between checkpoint operations.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointInterval` value of 60000, even if this value is set to another value using this API or in application code.", "title": "CheckpointInterval", "type": "number" }, "CheckpointingEnabled": { "markdownDescription": "Describes whether checkpointing is enabled for a Managed Service for Apache Flink application.\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `CheckpointingEnabled` value of `true` , even if this value is set to another value using this API or in application code.", "title": "CheckpointingEnabled", "type": "boolean" }, "ConfigurationType": { "markdownDescription": "Describes whether the application uses Managed Service for Apache Flink' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled` , `CheckpointInterval` , or `MinPauseBetweenCheckpoints` parameters.\n\n> If this value is set to `DEFAULT` , the application will use the following values, even if they are set to other values using APIs or application code:\n> \n> - *CheckpointingEnabled:* true\n> - *CheckpointInterval:* 60000\n> - *MinPauseBetweenCheckpoints:* 5000", "title": "ConfigurationType", "type": "string" }, "MinPauseBetweenCheckpoints": { "markdownDescription": "Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the `CheckpointInterval` , the application otherwise performs continual checkpoint operations. For more information, see [Tuning Checkpointing](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/large_state_tuning/#tuning-checkpointing) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> If `CheckpointConfiguration.ConfigurationType` is `DEFAULT` , the application will use a `MinPauseBetweenCheckpoints` value of 5000, even if this value is set using this API or in application code.", "title": "MinPauseBetweenCheckpoints", "type": "number" } }, "required": [ "ConfigurationType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.CodeContent": { "additionalProperties": false, "properties": { "S3ContentLocation": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", "markdownDescription": "Information about the Amazon S3 bucket that contains the application code.", "title": "S3ContentLocation" }, "TextContent": { "markdownDescription": "The text-format code for a Managed Service for Apache Flink application.", "title": "TextContent", "type": "string" }, "ZipFileContent": { "markdownDescription": "The zip-format code for a Managed Service for Apache Flink application.", "title": "ZipFileContent", "type": "string" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration": { "additionalProperties": false, "properties": { "ArtifactType": { "markdownDescription": "Set this to either `UDF` or `DEPENDENCY_JAR` . `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket.", "title": "ArtifactType", "type": "string" }, "MavenReference": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MavenReference", "markdownDescription": "The parameters required to fully specify a Maven reference.", "title": "MavenReference" }, "S3ContentLocation": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentLocation", "markdownDescription": "The location of the custom artifacts.", "title": "S3ContentLocation" } }, "required": [ "ArtifactType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration": { "additionalProperties": false, "properties": { "S3ContentLocation": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation", "markdownDescription": "The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data.", "title": "S3ContentLocation" } }, "required": [ "S3ContentLocation" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.EnvironmentProperties": { "additionalProperties": false, "properties": { "PropertyGroups": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.PropertyGroup" }, "markdownDescription": "Describes the execution property groups.", "title": "PropertyGroups", "type": "array" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.FlinkApplicationConfiguration": { "additionalProperties": false, "properties": { "CheckpointConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CheckpointConfiguration", "markdownDescription": "Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see [Checkpoints for Fault Tolerance](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/concepts/programming-model.html#checkpoints-for-fault-tolerance) in the [Apache Flink Documentation](https://docs.aws.amazon.com/https://ci.apache.org/projects/flink/flink-docs-release-1.8/) .", "title": "CheckpointConfiguration" }, "MonitoringConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration", "markdownDescription": "Describes configuration parameters for Amazon CloudWatch logging for an application.", "title": "MonitoringConfiguration" }, "ParallelismConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration", "markdownDescription": "Describes parameters for how an application executes multiple tasks simultaneously.", "title": "ParallelismConfiguration" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration": { "additionalProperties": false, "properties": { "AllowNonRestoredState": { "markdownDescription": "When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. This will happen if the program is updated between snapshots to remove stateful parameters, and state data in the snapshot no longer corresponds to valid application data. For more information, see [Allowing Non-Restored State](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master/docs/ops/state/savepoints/#allowing-non-restored-state) in the [Apache Flink documentation](https://docs.aws.amazon.com/https://nightlies.apache.org/flink/flink-docs-master) .\n\n> This value defaults to `false` . If you update your application without specifying this parameter, `AllowNonRestoredState` will be set to `false` , even if it was previously set to `true` .", "title": "AllowNonRestoredState", "type": "boolean" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.GlueDataCatalogConfiguration": { "additionalProperties": false, "properties": { "DatabaseARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the database.", "title": "DatabaseARN", "type": "string" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.Input": { "additionalProperties": false, "properties": { "InputParallelism": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputParallelism", "markdownDescription": "Describes the number of in-application streams to create.", "title": "InputParallelism" }, "InputProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration", "markdownDescription": "The [InputProcessingConfiguration](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputProcessingConfiguration.html) for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) .", "title": "InputProcessingConfiguration" }, "InputSchema": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputSchema", "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created.\n\nAlso used to describe the format of the reference data source.", "title": "InputSchema" }, "KinesisFirehoseInput": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput", "markdownDescription": "If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN.", "title": "KinesisFirehoseInput" }, "KinesisStreamsInput": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput", "markdownDescription": "If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN).", "title": "KinesisStreamsInput" }, "NamePrefix": { "markdownDescription": "The name prefix to use when creating an in-application stream. Suppose that you specify a prefix \" `MyInApplicationStream` .\" Kinesis Data Analytics then creates one or more (as per the `InputParallelism` count you specified) in-application streams with the names \" `MyInApplicationStream_001` ,\" \" `MyInApplicationStream_002` ,\" and so on.", "title": "NamePrefix", "type": "string" } }, "required": [ "InputSchema", "NamePrefix" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The ARN of the Amazon Lambda function that operates on records in the stream.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.InputParallelism": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "The number of in-application streams to create.", "title": "Count", "type": "number" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.InputProcessingConfiguration": { "additionalProperties": false, "properties": { "InputLambdaProcessor": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.InputLambdaProcessor", "markdownDescription": "The [InputLambdaProcessor](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_InputLambdaProcessor.html) that is used to preprocess the records in the stream before being processed by your application code.", "title": "InputLambdaProcessor" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.InputSchema": { "additionalProperties": false, "properties": { "RecordColumns": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordColumn" }, "markdownDescription": "A list of `RecordColumn` objects.", "title": "RecordColumns", "type": "array" }, "RecordEncoding": { "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", "title": "RecordEncoding", "type": "string" }, "RecordFormat": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.RecordFormat", "markdownDescription": "Specifies the format of the records on the streaming source.", "title": "RecordFormat" } }, "required": [ "RecordColumns", "RecordFormat" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.JSONMappingParameters": { "additionalProperties": false, "properties": { "RecordRowPath": { "markdownDescription": "The path to the top-level parent that contains the records.", "title": "RecordRowPath", "type": "string" } }, "required": [ "RecordRowPath" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.KinesisFirehoseInput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the delivery stream.", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.KinesisStreamsInput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The ARN of the input Kinesis data stream to read.", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.MappingParameters": { "additionalProperties": false, "properties": { "CSVMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CSVMappingParameters", "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", "title": "CSVMappingParameters" }, "JSONMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.JSONMappingParameters", "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", "title": "JSONMappingParameters" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.MavenReference": { "additionalProperties": false, "properties": { "ArtifactId": { "markdownDescription": "The artifact ID of the Maven reference.", "title": "ArtifactId", "type": "string" }, "GroupId": { "markdownDescription": "The group ID of the Maven reference.", "title": "GroupId", "type": "string" }, "Version": { "markdownDescription": "The version of the Maven reference.", "title": "Version", "type": "string" } }, "required": [ "ArtifactId", "GroupId", "Version" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.MonitoringConfiguration": { "additionalProperties": false, "properties": { "ConfigurationType": { "markdownDescription": "Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to `CUSTOM` in order to set the `LogLevel` or `MetricsLevel` parameters.", "title": "ConfigurationType", "type": "string" }, "LogLevel": { "markdownDescription": "Describes the verbosity of the CloudWatch Logs for an application.", "title": "LogLevel", "type": "string" }, "MetricsLevel": { "markdownDescription": "Describes the granularity of the CloudWatch Logs for an application. The `Parallelism` level is not recommended for applications with a Parallelism over 64 due to excessive costs.", "title": "MetricsLevel", "type": "string" } }, "required": [ "ConfigurationType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ParallelismConfiguration": { "additionalProperties": false, "properties": { "AutoScalingEnabled": { "markdownDescription": "Describes whether the Managed Service for Apache Flink service can increase the parallelism of the application in response to increased throughput.", "title": "AutoScalingEnabled", "type": "boolean" }, "ConfigurationType": { "markdownDescription": "Describes whether the application uses the default parallelism for the Managed Service for Apache Flink service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled` , `Parallelism` , or `ParallelismPerKPU` properties.", "title": "ConfigurationType", "type": "string" }, "Parallelism": { "markdownDescription": "Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if [ParallelismConfiguration:AutoScalingEnabled](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_ParallelismConfiguration.html#kinesisanalytics-Type-ParallelismConfiguration-AutoScalingEnabled.html) is set to `true` .", "title": "Parallelism", "type": "number" }, "ParallelismPerKPU": { "markdownDescription": "Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see [Amazon Kinesis Data Analytics Pricing](https://docs.aws.amazon.com/kinesis/data-analytics/pricing/) .", "title": "ParallelismPerKPU", "type": "number" } }, "required": [ "ConfigurationType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.PropertyGroup": { "additionalProperties": false, "properties": { "PropertyGroupId": { "markdownDescription": "Describes the key of an application execution property key-value pair.", "title": "PropertyGroupId", "type": "string" }, "PropertyMap": { "additionalProperties": true, "markdownDescription": "Describes the value of an application execution property key-value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "PropertyMap", "type": "object" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.RecordColumn": { "additionalProperties": false, "properties": { "Mapping": { "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", "title": "Mapping", "type": "string" }, "Name": { "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, "SqlType": { "markdownDescription": "The type of column created in the in-application input stream or reference table.", "title": "SqlType", "type": "string" } }, "required": [ "Name", "SqlType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.RecordFormat": { "additionalProperties": false, "properties": { "MappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.MappingParameters", "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", "title": "MappingParameters" }, "RecordFormatType": { "markdownDescription": "The type of record format.", "title": "RecordFormatType", "type": "string" } }, "required": [ "RecordFormatType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.RunConfiguration": { "additionalProperties": false, "properties": { "ApplicationRestoreConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ApplicationRestoreConfiguration", "markdownDescription": "Describes the restore behavior of a restarting application.", "title": "ApplicationRestoreConfiguration" }, "FlinkRunConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.FlinkRunConfiguration", "markdownDescription": "Describes the starting parameters for a Managed Service for Apache Flink application.", "title": "FlinkRunConfiguration" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.S3ContentBaseLocation": { "additionalProperties": false, "properties": { "BasePath": { "markdownDescription": "The base path for the S3 bucket.", "title": "BasePath", "type": "string" }, "BucketARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", "title": "BucketARN", "type": "string" } }, "required": [ "BucketARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.S3ContentLocation": { "additionalProperties": false, "properties": { "BucketARN": { "markdownDescription": "The Amazon Resource Name (ARN) for the S3 bucket containing the application code.", "title": "BucketARN", "type": "string" }, "FileKey": { "markdownDescription": "The file key for the object containing the application code.", "title": "FileKey", "type": "string" }, "ObjectVersion": { "markdownDescription": "The version of the object containing the application code.", "title": "ObjectVersion", "type": "string" } }, "required": [ "BucketARN", "FileKey" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.SqlApplicationConfiguration": { "additionalProperties": false, "properties": { "Inputs": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.Input" }, "markdownDescription": "The array of [Input](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_Input.html) objects describing the input streams used by the application.", "title": "Inputs", "type": "array" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.VpcConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The array of [SecurityGroup](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SecurityGroup.html) IDs used by the VPC configuration.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The array of [Subnet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Subnet.html) IDs used by the VPC configuration.", "title": "SubnetIds", "type": "array" } }, "required": [ "SecurityGroupIds", "SubnetIds" ], "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ZeppelinApplicationConfiguration": { "additionalProperties": false, "properties": { "CatalogConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CatalogConfiguration", "markdownDescription": "The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook.", "title": "CatalogConfiguration" }, "CustomArtifactsConfiguration": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.CustomArtifactConfiguration" }, "markdownDescription": "A list of `CustomArtifactConfiguration` objects.", "title": "CustomArtifactsConfiguration", "type": "array" }, "DeployAsApplicationConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.DeployAsApplicationConfiguration", "markdownDescription": "The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state.", "title": "DeployAsApplicationConfiguration" }, "MonitoringConfiguration": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration", "markdownDescription": "The monitoring configuration of a Kinesis Data Analytics Studio notebook.", "title": "MonitoringConfiguration" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::Application.ZeppelinMonitoringConfiguration": { "additionalProperties": false, "properties": { "LogLevel": { "markdownDescription": "The verbosity of the CloudWatch Logs for an application. You can set it to `INFO` , `WARN` , `ERROR` , or `DEBUG` .", "title": "LogLevel", "type": "string" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the application.", "title": "ApplicationName", "type": "string" }, "CloudWatchLoggingOption": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption", "markdownDescription": "Provides a description of Amazon CloudWatch logging options, including the log stream Amazon Resource Name (ARN).", "title": "CloudWatchLoggingOption" } }, "required": [ "ApplicationName", "CloudWatchLoggingOption" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption.CloudWatchLoggingOption": { "additionalProperties": false, "properties": { "LogStreamARN": { "markdownDescription": "The ARN of the CloudWatch log to receive application messages.", "title": "LogStreamARN", "type": "string" } }, "required": [ "LogStreamARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the application.", "title": "ApplicationName", "type": "string" }, "Output": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.Output", "markdownDescription": "Describes a SQL-based Kinesis Data Analytics application's output configuration, in which you identify an in-application stream and a destination where you want the in-application stream data to be written. The destination can be a Kinesis data stream or a Kinesis Data Firehose delivery stream.", "title": "Output" } }, "required": [ "ApplicationName", "Output" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalyticsV2::ApplicationOutput" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema": { "additionalProperties": false, "properties": { "RecordFormatType": { "markdownDescription": "Specifies the format of the records on the output stream.", "title": "RecordFormatType", "type": "string" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The ARN of the destination delivery stream to write to.", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The ARN of the destination Kinesis data stream to write to.", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput": { "additionalProperties": false, "properties": { "ResourceARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination Lambda function to write to.\n\n> To specify an earlier version of the Lambda function than the latest, include the Lambda function version in the Lambda function ARN. For more information about Lambda ARNs, see [Example ARNs: Amazon Lambda](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-lambda)", "title": "ResourceARN", "type": "string" } }, "required": [ "ResourceARN" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationOutput.Output": { "additionalProperties": false, "properties": { "DestinationSchema": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.DestinationSchema", "markdownDescription": "Describes the data format when records are written to the destination.", "title": "DestinationSchema" }, "KinesisFirehoseOutput": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisFirehoseOutput", "markdownDescription": "Identifies a Kinesis Data Firehose delivery stream as the destination.", "title": "KinesisFirehoseOutput" }, "KinesisStreamsOutput": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.KinesisStreamsOutput", "markdownDescription": "Identifies a Kinesis data stream as the destination.", "title": "KinesisStreamsOutput" }, "LambdaOutput": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput.LambdaOutput", "markdownDescription": "Identifies an Amazon Lambda function as the destination.", "title": "LambdaOutput" }, "Name": { "markdownDescription": "The name of the in-application stream.", "title": "Name", "type": "string" } }, "required": [ "DestinationSchema" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationName": { "markdownDescription": "The name of the application.", "title": "ApplicationName", "type": "string" }, "ReferenceDataSource": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource", "markdownDescription": "For a SQL-based Kinesis Data Analytics application, describes the reference data source by providing the source information (Amazon S3 bucket name and object key name), the resulting in-application table name that is created, and the necessary schema to map the data elements in the Amazon S3 object to the in-application table.", "title": "ReferenceDataSource" } }, "required": [ "ApplicationName", "ReferenceDataSource" ], "type": "object" }, "Type": { "enum": [ "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters": { "additionalProperties": false, "properties": { "RecordColumnDelimiter": { "markdownDescription": "The column delimiter. For example, in a CSV format, a comma (\",\") is the typical column delimiter.", "title": "RecordColumnDelimiter", "type": "string" }, "RecordRowDelimiter": { "markdownDescription": "The row delimiter. For example, in a CSV format, *'\\n'* is the typical row delimiter.", "title": "RecordRowDelimiter", "type": "string" } }, "required": [ "RecordColumnDelimiter", "RecordRowDelimiter" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters": { "additionalProperties": false, "properties": { "RecordRowPath": { "markdownDescription": "The path to the top-level parent that contains the records.", "title": "RecordRowPath", "type": "string" } }, "required": [ "RecordRowPath" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters": { "additionalProperties": false, "properties": { "CSVMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.CSVMappingParameters", "markdownDescription": "Provides additional mapping information when the record format uses delimiters (for example, CSV).", "title": "CSVMappingParameters" }, "JSONMappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.JSONMappingParameters", "markdownDescription": "Provides additional mapping information when JSON is the record format on the streaming source.", "title": "JSONMappingParameters" } }, "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn": { "additionalProperties": false, "properties": { "Mapping": { "markdownDescription": "A reference to the data element in the streaming input or the reference data source.", "title": "Mapping", "type": "string" }, "Name": { "markdownDescription": "The name of the column that is created in the in-application input stream or reference table.", "title": "Name", "type": "string" }, "SqlType": { "markdownDescription": "The type of column created in the in-application input stream or reference table.", "title": "SqlType", "type": "string" } }, "required": [ "Name", "SqlType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat": { "additionalProperties": false, "properties": { "MappingParameters": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.MappingParameters", "markdownDescription": "When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source.", "title": "MappingParameters" }, "RecordFormatType": { "markdownDescription": "The type of record format.", "title": "RecordFormatType", "type": "string" } }, "required": [ "RecordFormatType" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceDataSource": { "additionalProperties": false, "properties": { "ReferenceSchema": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema", "markdownDescription": "Describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream.", "title": "ReferenceSchema" }, "S3ReferenceDataSource": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource", "markdownDescription": "Identifies the S3 bucket and object that contains the reference data. A Kinesis Data Analytics application loads reference data only once. If the data changes, you call the [UpdateApplication](https://docs.aws.amazon.com/managed-flink/latest/apiv2/API_UpdateApplication.html) operation to trigger reloading of data into your application.", "title": "S3ReferenceDataSource" }, "TableName": { "markdownDescription": "The name of the in-application table to create.", "title": "TableName", "type": "string" } }, "required": [ "ReferenceSchema" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.ReferenceSchema": { "additionalProperties": false, "properties": { "RecordColumns": { "items": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordColumn" }, "markdownDescription": "A list of `RecordColumn` objects.", "title": "RecordColumns", "type": "array" }, "RecordEncoding": { "markdownDescription": "Specifies the encoding of the records in the streaming source. For example, UTF-8.", "title": "RecordEncoding", "type": "string" }, "RecordFormat": { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.RecordFormat", "markdownDescription": "Specifies the format of the records on the streaming source.", "title": "RecordFormat" } }, "required": [ "RecordColumns", "RecordFormat" ], "type": "object" }, "AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource.S3ReferenceDataSource": { "additionalProperties": false, "properties": { "BucketARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the S3 bucket.", "title": "BucketARN", "type": "string" }, "FileKey": { "markdownDescription": "The object key name containing the reference data.", "title": "FileKey", "type": "string" } }, "required": [ "BucketARN", "FileKey" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmazonOpenSearchServerlessDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration", "markdownDescription": "Describes the configuration of a destination in the Serverless offering for Amazon OpenSearch Service.", "title": "AmazonOpenSearchServerlessDestinationConfiguration" }, "AmazonopensearchserviceDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration", "markdownDescription": "The destination in Amazon OpenSearch Service. You can specify only one destination.", "title": "AmazonopensearchserviceDestinationConfiguration" }, "DeliveryStreamEncryptionConfigurationInput": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput", "markdownDescription": "Specifies the type and Amazon Resource Name (ARN) of the CMK to use for Server-Side Encryption (SSE).", "title": "DeliveryStreamEncryptionConfigurationInput" }, "DeliveryStreamName": { "markdownDescription": "The name of the delivery stream.", "title": "DeliveryStreamName", "type": "string" }, "DeliveryStreamType": { "markdownDescription": "The delivery stream type. This can be one of the following values:\n\n- `DirectPut` : Provider applications access the delivery stream directly.\n- `KinesisStreamAsSource` : The delivery stream uses a Kinesis data stream as a source.", "title": "DeliveryStreamType", "type": "string" }, "ElasticsearchDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration", "markdownDescription": "An Amazon ES destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon ES destination to an Amazon S3 or Amazon Redshift destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", "title": "ElasticsearchDestinationConfiguration" }, "ExtendedS3DestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration", "markdownDescription": "An Amazon S3 destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Extended S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", "title": "ExtendedS3DestinationConfiguration" }, "HttpEndpointDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration", "markdownDescription": "Enables configuring Kinesis Firehose to deliver data to any HTTP endpoint destination. You can specify only one destination.", "title": "HttpEndpointDestinationConfiguration" }, "KinesisStreamSourceConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration", "markdownDescription": "When a Kinesis stream is used as the source for the delivery stream, a [KinesisStreamSourceConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-kinesisfirehose-deliverystream-kinesisstreamsourceconfiguration.html) containing the Kinesis stream ARN and the role ARN for the source stream.", "title": "KinesisStreamSourceConfiguration" }, "MSKSourceConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration", "markdownDescription": "The configuration for the Amazon MSK cluster to be used as the source for a delivery stream.", "title": "MSKSourceConfiguration" }, "RedshiftDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration", "markdownDescription": "An Amazon Redshift destination for the delivery stream.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon Redshift destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", "title": "RedshiftDestinationConfiguration" }, "S3DestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The `S3DestinationConfiguration` property type specifies an Amazon Simple Storage Service (Amazon S3) destination to which Amazon Kinesis Data Firehose (Kinesis Data Firehose) delivers data.\n\nConditional. You must specify only one destination configuration.\n\nIf you change the delivery stream destination from an Amazon S3 destination to an Amazon ES destination, update requires [some interruptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-some-interrupt) .", "title": "S3DestinationConfiguration" }, "SnowflakeDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration", "markdownDescription": "Configure Snowflake destination", "title": "SnowflakeDestinationConfiguration" }, "SplunkDestinationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration", "markdownDescription": "The configuration of a destination in Splunk for the delivery stream.", "title": "SplunkDestinationConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A set of tags to assign to the delivery stream. A tag is a key-value pair that you can define and assign to AWS resources. Tags are metadata. For example, you can add friendly names and descriptions or other types of information that can help you distinguish the delivery stream. For more information about tags, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the AWS Billing and Cost Management User Guide.\n\nYou can specify up to 50 tags when creating a delivery stream.\n\nIf you specify tags in the `CreateDeliveryStream` action, Amazon Data Firehose performs an additional authorization on the `firehose:TagDeliveryStream` action to verify if users have permissions to create tags. If you do not provide this permission, requests to create new Firehose delivery streams with IAM resource tags will fail with an `AccessDeniedException` such as following.\n\n*AccessDeniedException*\n\nUser: arn:aws:sts::x:assumed-role/x/x is not authorized to perform: firehose:TagDeliveryStream on resource: arn:aws:firehose:us-east-1:x:deliverystream/x with an explicit deny in an identity-based policy.\n\nFor an example IAM policy, see [Tag example.](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CreateDeliveryStream.html#API_CreateDeliveryStream_Examples)", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::KinesisFirehose::DeliveryStream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints": { "additionalProperties": false, "properties": { "IntervalInSeconds": { "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", "title": "IntervalInSeconds", "type": "number" }, "SizeInMBs": { "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.\n\nWe recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", "title": "SizeInMBs", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessDestinationConfiguration": { "additionalProperties": false, "properties": { "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessBufferingHints", "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "", "title": "CloudWatchLoggingOptions" }, "CollectionEndpoint": { "markdownDescription": "The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service.", "title": "CollectionEndpoint", "type": "string" }, "IndexName": { "markdownDescription": "The Serverless offering for Amazon OpenSearch Service index name.", "title": "IndexName", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions", "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes).", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents.", "title": "RoleARN", "type": "string" }, "S3BackupMode": { "markdownDescription": "Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix.", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "", "title": "S3Configuration" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", "markdownDescription": "", "title": "VpcConfiguration" } }, "required": [ "IndexName", "RoleARN", "S3Configuration" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonOpenSearchServerlessRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints": { "additionalProperties": false, "properties": { "IntervalInSeconds": { "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes).", "title": "IntervalInSeconds", "type": "number" }, "SizeInMBs": { "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher.", "title": "SizeInMBs", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceDestinationConfiguration": { "additionalProperties": false, "properties": { "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceBufferingHints", "markdownDescription": "The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "ClusterEndpoint": { "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field.", "title": "ClusterEndpoint", "type": "string" }, "DocumentIdOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", "title": "DocumentIdOptions" }, "DomainARN": { "markdownDescription": "The ARN of the Amazon OpenSearch Service domain.", "title": "DomainARN", "type": "string" }, "IndexName": { "markdownDescription": "The Amazon OpenSearch Service index name.", "title": "IndexName", "type": "string" }, "IndexRotationPeriod": { "markdownDescription": "The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data.", "title": "IndexRotationPeriod", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "Describes a data processing configuration.", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions", "markdownDescription": "The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes).", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents.", "title": "RoleARN", "type": "string" }, "S3BackupMode": { "markdownDescription": "Defines how documents should be delivered to Amazon S3.", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "Describes the configuration of a destination in Amazon S3.", "title": "S3Configuration" }, "TypeName": { "markdownDescription": "The Amazon OpenSearch Service type name.", "title": "TypeName", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", "markdownDescription": "The details of the VPC of the Amazon OpenSearch Service destination.", "title": "VpcConfiguration" } }, "required": [ "IndexName", "RoleARN", "S3Configuration" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AmazonopensearchserviceRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration": { "additionalProperties": false, "properties": { "Connectivity": { "markdownDescription": "The type of connectivity used to access the Amazon MSK cluster.", "title": "Connectivity", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of the role used to access the Amazon MSK cluster.", "title": "RoleARN", "type": "string" } }, "required": [ "Connectivity", "RoleARN" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.BufferingHints": { "additionalProperties": false, "properties": { "IntervalInSeconds": { "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "IntervalInSeconds", "type": "number" }, "SizeInMBs": { "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "SizeInMBs", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether CloudWatch Logs logging is enabled.", "title": "Enabled", "type": "boolean" }, "LogGroupName": { "markdownDescription": "The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use.\n\nConditional. If you enable logging, you must specify this property.", "title": "LogGroupName", "type": "string" }, "LogStreamName": { "markdownDescription": "The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery.\n\nConditional. If you enable logging, you must specify this property.", "title": "LogStreamName", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.CopyCommand": { "additionalProperties": false, "properties": { "CopyOptions": { "markdownDescription": "Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "CopyOptions", "type": "string" }, "DataTableColumns": { "markdownDescription": "A comma-separated list of column names.", "title": "DataTableColumns", "type": "string" }, "DataTableName": { "markdownDescription": "The name of the target table. The table must already exist in the database.", "title": "DataTableName", "type": "string" } }, "required": [ "DataTableName" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details.", "title": "Enabled", "type": "boolean" }, "InputFormatConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration", "markdownDescription": "Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true.", "title": "InputFormatConfiguration" }, "OutputFormatConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration", "markdownDescription": "Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true.", "title": "OutputFormatConfiguration" }, "SchemaConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration", "markdownDescription": "Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true.", "title": "SchemaConfiguration" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.DeliveryStreamEncryptionConfigurationInput": { "additionalProperties": false, "properties": { "KeyARN": { "markdownDescription": "If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK.", "title": "KeyARN", "type": "string" }, "KeyType": { "markdownDescription": "Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) .\n\nYou can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams.\n\n> To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide.", "title": "KeyType", "type": "string" } }, "required": [ "KeyType" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.Deserializer": { "additionalProperties": false, "properties": { "HiveJsonSerDe": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe", "markdownDescription": "The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe.", "title": "HiveJsonSerDe" }, "OpenXJsonSerDe": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe", "markdownDescription": "The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe.", "title": "OpenXJsonSerDe" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions": { "additionalProperties": false, "properties": { "DefaultDocumentIdFormat": { "markdownDescription": "When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs.\n\nWhen the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance.", "title": "DefaultDocumentIdFormat", "type": "string" } }, "required": [ "DefaultDocumentIdFormat" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream.", "title": "Enabled", "type": "boolean" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", "markdownDescription": "Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix.", "title": "RetryOptions" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints": { "additionalProperties": false, "properties": { "IntervalInSeconds": { "markdownDescription": "The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "IntervalInSeconds", "type": "number" }, "SizeInMBs": { "markdownDescription": "The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "SizeInMBs", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ElasticsearchDestinationConfiguration": { "additionalProperties": false, "properties": { "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchBufferingHints", "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "The Amazon CloudWatch Logs logging options for the delivery stream.", "title": "CloudWatchLoggingOptions" }, "ClusterEndpoint": { "markdownDescription": "The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field.", "title": "ClusterEndpoint", "type": "string" }, "DocumentIdOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DocumentIdOptions", "markdownDescription": "Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID.", "title": "DocumentIdOptions" }, "DomainARN": { "markdownDescription": "The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* .\n\nSpecify either `ClusterEndpoint` or `DomainARN` .", "title": "DomainARN", "type": "string" }, "IndexName": { "markdownDescription": "The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing.", "title": "IndexName", "type": "string" }, "IndexRotationPeriod": { "markdownDescription": "The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* .", "title": "IndexRotationPeriod", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions", "markdownDescription": "The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES.", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) .", "title": "RoleARN", "type": "string" }, "S3BackupMode": { "markdownDescription": "The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The S3 bucket where Kinesis Data Firehose backs up incoming data.", "title": "S3Configuration" }, "TypeName": { "markdownDescription": "The Elasticsearch type name that Amazon ES adds to documents when indexing data.", "title": "TypeName", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.VpcConfiguration", "markdownDescription": "The details of the VPC of the Amazon ES destination.", "title": "VpcConfiguration" } }, "required": [ "IndexName", "RoleARN", "S3Configuration" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ElasticsearchRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration": { "additionalProperties": false, "properties": { "KMSEncryptionConfig": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig", "markdownDescription": "The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data.", "title": "KMSEncryptionConfig" }, "NoEncryptionConfig": { "markdownDescription": "Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "NoEncryptionConfig", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ExtendedS3DestinationConfiguration": { "additionalProperties": false, "properties": { "BucketARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", "title": "BucketARN", "type": "string" }, "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", "markdownDescription": "The buffering option.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "The Amazon CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "CompressionFormat": { "markdownDescription": "The compression format. If no value is specified, the default is `UNCOMPRESSED` .", "title": "CompressionFormat", "type": "string" }, "CustomTimeZone": { "markdownDescription": "The time zone you prefer. UTC is the default.", "title": "CustomTimeZone", "type": "string" }, "DataFormatConversionConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DataFormatConversionConfiguration", "markdownDescription": "The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3.", "title": "DataFormatConversionConfiguration" }, "DynamicPartitioningConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.DynamicPartitioningConfiguration", "markdownDescription": "The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys.", "title": "DynamicPartitioningConfiguration" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", "markdownDescription": "The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` .", "title": "EncryptionConfiguration" }, "ErrorOutputPrefix": { "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", "title": "ErrorOutputPrefix", "type": "string" }, "FileExtension": { "markdownDescription": "Specify a file extension. It will override the default file extension", "title": "FileExtension", "type": "string" }, "Prefix": { "markdownDescription": "The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", "title": "Prefix", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", "title": "ProcessingConfiguration" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* .", "title": "RoleARN", "type": "string" }, "S3BackupConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The configuration for backup in Amazon S3.", "title": "S3BackupConfiguration" }, "S3BackupMode": { "markdownDescription": "The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it.", "title": "S3BackupMode", "type": "string" } }, "required": [ "BucketARN", "RoleARN" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.HiveJsonSerDe": { "additionalProperties": false, "properties": { "TimestampFormats": { "items": { "type": "string" }, "markdownDescription": "Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default.", "title": "TimestampFormats", "type": "array" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute": { "additionalProperties": false, "properties": { "AttributeName": { "markdownDescription": "The name of the HTTP endpoint common attribute.", "title": "AttributeName", "type": "string" }, "AttributeValue": { "markdownDescription": "The value of the HTTP endpoint common attribute.", "title": "AttributeValue", "type": "string" } }, "required": [ "AttributeName", "AttributeValue" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration": { "additionalProperties": false, "properties": { "AccessKey": { "markdownDescription": "The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination.", "title": "AccessKey", "type": "string" }, "Name": { "markdownDescription": "The name of the HTTP endpoint selected as the destination.", "title": "Name", "type": "string" }, "Url": { "markdownDescription": "The URL of the HTTP endpoint selected as the destination.", "title": "Url", "type": "string" } }, "required": [ "Url" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.HttpEndpointDestinationConfiguration": { "additionalProperties": false, "properties": { "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", "markdownDescription": "The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "Describes the Amazon CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "EndpointConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointConfiguration", "markdownDescription": "The configuration of the HTTP endpoint selected as the destination.", "title": "EndpointConfiguration" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "Describes the data processing configuration.", "title": "ProcessingConfiguration" }, "RequestConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration", "markdownDescription": "The configuration of the request sent to the HTTP endpoint specified as the destination.", "title": "RequestConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RetryOptions", "markdownDescription": "Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination.", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs.", "title": "RoleARN", "type": "string" }, "S3BackupMode": { "markdownDescription": "Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly).", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "Describes the configuration of a destination in Amazon S3.", "title": "S3Configuration" } }, "required": [ "EndpointConfiguration", "S3Configuration" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.HttpEndpointRequestConfiguration": { "additionalProperties": false, "properties": { "CommonAttributes": { "items": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.HttpEndpointCommonAttribute" }, "markdownDescription": "Describes the metadata sent to the HTTP endpoint destination.", "title": "CommonAttributes", "type": "array" }, "ContentEncoding": { "markdownDescription": "Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation.", "title": "ContentEncoding", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.InputFormatConfiguration": { "additionalProperties": false, "properties": { "Deserializer": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Deserializer", "markdownDescription": "Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request.", "title": "Deserializer" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.KMSEncryptionConfig": { "additionalProperties": false, "properties": { "AWSKMSKeyARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.", "title": "AWSKMSKeyARN", "type": "string" } }, "required": [ "AWSKMSKeyARN" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.KinesisStreamSourceConfiguration": { "additionalProperties": false, "properties": { "KinesisStreamARN": { "markdownDescription": "The ARN of the source Kinesis data stream.", "title": "KinesisStreamARN", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of the role that provides access to the source Kinesis data stream.", "title": "RoleARN", "type": "string" } }, "required": [ "KinesisStreamARN", "RoleARN" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.MSKSourceConfiguration": { "additionalProperties": false, "properties": { "AuthenticationConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.AuthenticationConfiguration", "markdownDescription": "The authentication configuration of the Amazon MSK cluster.", "title": "AuthenticationConfiguration" }, "MSKClusterARN": { "markdownDescription": "The ARN of the Amazon MSK cluster.", "title": "MSKClusterARN", "type": "string" }, "TopicName": { "markdownDescription": "The topic name within the Amazon MSK cluster.", "title": "TopicName", "type": "string" } }, "required": [ "AuthenticationConfiguration", "MSKClusterARN", "TopicName" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.OpenXJsonSerDe": { "additionalProperties": false, "properties": { "CaseInsensitive": { "markdownDescription": "When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them.", "title": "CaseInsensitive", "type": "boolean" }, "ColumnToJsonKeyMappings": { "additionalProperties": true, "markdownDescription": "Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{\"ts\": \"timestamp\"}` to map this key to a column named `ts` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "ColumnToJsonKeyMappings", "type": "object" }, "ConvertDotsInJsonKeysToUnderscores": { "markdownDescription": "When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is \"a.b\", you can define the column name to be \"a_b\" when using this option.\n\nThe default is `false` .", "title": "ConvertDotsInJsonKeysToUnderscores", "type": "boolean" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.OrcSerDe": { "additionalProperties": false, "properties": { "BlockSizeBytes": { "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", "title": "BlockSizeBytes", "type": "number" }, "BloomFilterColumns": { "items": { "type": "string" }, "markdownDescription": "The column names for which you want Firehose to create bloom filters. The default is `null` .", "title": "BloomFilterColumns", "type": "array" }, "BloomFilterFalsePositiveProbability": { "markdownDescription": "The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1.", "title": "BloomFilterFalsePositiveProbability", "type": "number" }, "Compression": { "markdownDescription": "The compression code to use over data blocks. The default is `SNAPPY` .", "title": "Compression", "type": "string" }, "DictionaryKeyThreshold": { "markdownDescription": "Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1.", "title": "DictionaryKeyThreshold", "type": "number" }, "EnablePadding": { "markdownDescription": "Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` .", "title": "EnablePadding", "type": "boolean" }, "FormatVersion": { "markdownDescription": "The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` .", "title": "FormatVersion", "type": "string" }, "PaddingTolerance": { "markdownDescription": "A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size.\n\nFor the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task.\n\nKinesis Data Firehose ignores this parameter when `EnablePadding` is `false` .", "title": "PaddingTolerance", "type": "number" }, "RowIndexStride": { "markdownDescription": "The number of rows between index entries. The default is 10,000 and the minimum is 1,000.", "title": "RowIndexStride", "type": "number" }, "StripeSizeBytes": { "markdownDescription": "The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB.", "title": "StripeSizeBytes", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.OutputFormatConfiguration": { "additionalProperties": false, "properties": { "Serializer": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Serializer", "markdownDescription": "Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request.", "title": "Serializer" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ParquetSerDe": { "additionalProperties": false, "properties": { "BlockSizeBytes": { "markdownDescription": "The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations.", "title": "BlockSizeBytes", "type": "number" }, "Compression": { "markdownDescription": "The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed.", "title": "Compression", "type": "string" }, "EnableDictionaryCompression": { "markdownDescription": "Indicates whether to enable dictionary compression.", "title": "EnableDictionaryCompression", "type": "boolean" }, "MaxPaddingBytes": { "markdownDescription": "The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0.", "title": "MaxPaddingBytes", "type": "number" }, "PageSizeBytes": { "markdownDescription": "The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB.", "title": "PageSizeBytes", "type": "number" }, "WriterVersion": { "markdownDescription": "Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` .", "title": "WriterVersion", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether data processing is enabled (true) or disabled (false).", "title": "Enabled", "type": "boolean" }, "Processors": { "items": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.Processor" }, "markdownDescription": "The data processors.", "title": "Processors", "type": "array" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.Processor": { "additionalProperties": false, "properties": { "Parameters": { "items": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessorParameter" }, "markdownDescription": "The processor parameters.", "title": "Parameters", "type": "array" }, "Type": { "markdownDescription": "The type of processor. Valid values: `Lambda` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.ProcessorParameter": { "additionalProperties": false, "properties": { "ParameterName": { "markdownDescription": "The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "The parameter value.", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterName", "ParameterValue" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.RedshiftDestinationConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "The CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "ClusterJDBCURL": { "markdownDescription": "The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster.", "title": "ClusterJDBCURL", "type": "string" }, "CopyCommand": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CopyCommand", "markdownDescription": "Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket.", "title": "CopyCommand" }, "Password": { "markdownDescription": "The password for the Amazon Redshift user that you specified in the `Username` property.", "title": "Password", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "The data processing configuration for the Kinesis Data Firehose delivery stream.", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions", "markdownDescription": "The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes).", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* .", "title": "RoleARN", "type": "string" }, "S3BackupConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The configuration for backup in Amazon S3.", "title": "S3BackupConfiguration" }, "S3BackupMode": { "markdownDescription": "The Amazon S3 backup mode. After you create a delivery stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the delivery stream to disable it.", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them.", "title": "S3Configuration" }, "Username": { "markdownDescription": "The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster.", "title": "Username", "type": "string" } }, "required": [ "ClusterJDBCURL", "CopyCommand", "Password", "RoleARN", "S3Configuration", "Username" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.RedshiftRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.RetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration": { "additionalProperties": false, "properties": { "BucketARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to.", "title": "BucketARN", "type": "string" }, "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.BufferingHints", "markdownDescription": "Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "The CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "CompressionFormat": { "markdownDescription": "The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* .", "title": "CompressionFormat", "type": "string" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.EncryptionConfiguration", "markdownDescription": "Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket.", "title": "EncryptionConfiguration" }, "ErrorOutputPrefix": { "markdownDescription": "A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) .", "title": "ErrorOutputPrefix", "type": "string" }, "Prefix": { "markdownDescription": "A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered.", "title": "Prefix", "type": "string" }, "RoleARN": { "markdownDescription": "The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* .", "title": "RoleARN", "type": "string" } }, "required": [ "BucketARN", "RoleARN" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SchemaConfiguration": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "Specifies the name of the AWS Glue database that contains the schema for the output data.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified.", "title": "DatabaseName", "type": "string" }, "Region": { "markdownDescription": "If you don't specify an AWS Region, the default is the current Region.", "title": "Region", "type": "string" }, "RoleARN": { "markdownDescription": "The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified.", "title": "RoleARN", "type": "string" }, "TableName": { "markdownDescription": "Specifies the AWS Glue table that contains the column information that constitutes your data schema.\n\n> If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified.", "title": "TableName", "type": "string" }, "VersionId": { "markdownDescription": "Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up.", "title": "VersionId", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.Serializer": { "additionalProperties": false, "properties": { "OrcSerDe": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.OrcSerDe", "markdownDescription": "A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) .", "title": "OrcSerDe" }, "ParquetSerDe": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ParquetSerDe", "markdownDescription": "A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/documentation/latest/) .", "title": "ParquetSerDe" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SnowflakeDestinationConfiguration": { "additionalProperties": false, "properties": { "AccountUrl": { "markdownDescription": "URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional.", "title": "AccountUrl", "type": "string" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "", "title": "CloudWatchLoggingOptions" }, "ContentColumnName": { "markdownDescription": "The name of the record content column", "title": "ContentColumnName", "type": "string" }, "DataLoadingOption": { "markdownDescription": "Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column.", "title": "DataLoadingOption", "type": "string" }, "Database": { "markdownDescription": "All data in Snowflake is maintained in databases.", "title": "Database", "type": "string" }, "KeyPassphrase": { "markdownDescription": "Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", "title": "KeyPassphrase", "type": "string" }, "MetaDataColumnName": { "markdownDescription": "The name of the record metadata column", "title": "MetaDataColumnName", "type": "string" }, "PrivateKey": { "markdownDescription": "The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) .", "title": "PrivateKey", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions", "markdownDescription": "The time period where Firehose will retry sending data to the chosen HTTP endpoint.", "title": "RetryOptions" }, "RoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the Snowflake role", "title": "RoleARN", "type": "string" }, "S3BackupMode": { "markdownDescription": "Choose an S3 backup mode", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "", "title": "S3Configuration" }, "Schema": { "markdownDescription": "Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views", "title": "Schema", "type": "string" }, "SnowflakeRoleConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration", "markdownDescription": "Optionally configure a Snowflake role. Otherwise the default user role will be used.", "title": "SnowflakeRoleConfiguration" }, "SnowflakeVpcConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration", "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", "title": "SnowflakeVpcConfiguration" }, "Table": { "markdownDescription": "All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.", "title": "Table", "type": "string" }, "User": { "markdownDescription": "User login name for the Snowflake account.", "title": "User", "type": "string" } }, "required": [ "AccountUrl", "Database", "PrivateKey", "RoleARN", "S3Configuration", "Schema", "Table", "User" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SnowflakeRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "the time period where Firehose will retry sending data to the chosen HTTP endpoint.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SnowflakeRoleConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enable Snowflake role", "title": "Enabled", "type": "boolean" }, "SnowflakeRole": { "markdownDescription": "The Snowflake role you wish to configure", "title": "SnowflakeRole", "type": "string" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SnowflakeVpcConfiguration": { "additionalProperties": false, "properties": { "PrivateLinkVpceId": { "markdownDescription": "The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink)", "title": "PrivateLinkVpceId", "type": "string" } }, "required": [ "PrivateLinkVpceId" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints": { "additionalProperties": false, "properties": { "IntervalInSeconds": { "markdownDescription": "Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute).", "title": "IntervalInSeconds", "type": "number" }, "SizeInMBs": { "markdownDescription": "Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5.", "title": "SizeInMBs", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SplunkDestinationConfiguration": { "additionalProperties": false, "properties": { "BufferingHints": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkBufferingHints", "markdownDescription": "The buffering options. If no value is specified, the default values for Splunk are used.", "title": "BufferingHints" }, "CloudWatchLoggingOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.CloudWatchLoggingOptions", "markdownDescription": "The Amazon CloudWatch logging options for your delivery stream.", "title": "CloudWatchLoggingOptions" }, "HECAcknowledgmentTimeoutInSeconds": { "markdownDescription": "The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings.", "title": "HECAcknowledgmentTimeoutInSeconds", "type": "number" }, "HECEndpoint": { "markdownDescription": "The HTTP Event Collector (HEC) endpoint to which Firehose sends your data.", "title": "HECEndpoint", "type": "string" }, "HECEndpointType": { "markdownDescription": "This type can be either `Raw` or `Event` .", "title": "HECEndpointType", "type": "string" }, "HECToken": { "markdownDescription": "This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint.", "title": "HECToken", "type": "string" }, "ProcessingConfiguration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.ProcessingConfiguration", "markdownDescription": "The data processing configuration.", "title": "ProcessingConfiguration" }, "RetryOptions": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions", "markdownDescription": "The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk.", "title": "RetryOptions" }, "S3BackupMode": { "markdownDescription": "Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` .\n\nYou can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` .", "title": "S3BackupMode", "type": "string" }, "S3Configuration": { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream.S3DestinationConfiguration", "markdownDescription": "The configuration for the backup Amazon S3 location.", "title": "S3Configuration" } }, "required": [ "HECEndpoint", "HECEndpointType", "HECToken", "S3Configuration" ], "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.SplunkRetryOptions": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt.", "title": "DurationInSeconds", "type": "number" } }, "type": "object" }, "AWS::KinesisFirehose::DeliveryStream.VpcConfiguration": { "additionalProperties": false, "properties": { "RoleARN": { "markdownDescription": "The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions:\n\n- `ec2:DescribeVpcs`\n- `ec2:DescribeVpcAttribute`\n- `ec2:DescribeSubnets`\n- `ec2:DescribeSecurityGroups`\n- `ec2:DescribeNetworkInterfaces`\n- `ec2:CreateNetworkInterface`\n- `ec2:CreateNetworkInterfacePermission`\n- `ec2:DeleteNetworkInterface`\n\nIf you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance.", "title": "RoleARN", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.\n\nThe number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here.", "title": "SubnetIds", "type": "array" } }, "required": [ "RoleARN", "SecurityGroupIds", "SubnetIds" ], "type": "object" }, "AWS::KinesisVideo::SignalingChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MessageTtlSeconds": { "markdownDescription": "The period of time (in seconds) a signaling channel retains undelivered messages before they are discarded. Use `API_UpdateSignalingChannel` to update this value.", "title": "MessageTtlSeconds", "type": "number" }, "Name": { "markdownDescription": "A name for the signaling channel that you are creating. It must be unique for each AWS account and AWS Region .", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "A type of the signaling channel that you are creating. Currently, `SINGLE_MASTER` is the only supported channel type.", "title": "Type", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::KinesisVideo::SignalingChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::KinesisVideo::Stream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataRetentionInHours": { "markdownDescription": "How long the stream retains data, in hours.", "title": "DataRetentionInHours", "type": "number" }, "DeviceName": { "markdownDescription": "The name of the device that is associated with the stream.", "title": "DeviceName", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service ( AWS KMS ) key that Kinesis Video Streams uses to encrypt data on the stream.", "title": "KmsKeyId", "type": "string" }, "MediaType": { "markdownDescription": "The `MediaType` of the stream.", "title": "MediaType", "type": "string" }, "Name": { "markdownDescription": "The name of the stream.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::KinesisVideo::Stream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::LakeFormation::DataCellsFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "An array of UTF-8 strings. A list of column names.", "title": "ColumnNames", "type": "array" }, "ColumnWildcard": { "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.ColumnWildcard", "markdownDescription": "A wildcard with exclusions. You must specify either a `ColumnNames` list or the `ColumnWildCard` .", "title": "ColumnWildcard" }, "DatabaseName": { "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA database in the Data Catalog .", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe name given by the user to the data filter cell.", "title": "Name", "type": "string" }, "RowFilter": { "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter.RowFilter", "markdownDescription": "A PartiQL predicate.", "title": "RowFilter" }, "TableCatalogId": { "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe ID of the catalog to which the table belongs.", "title": "TableCatalogId", "type": "string" }, "TableName": { "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nA table in the database.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "Name", "TableCatalogId", "TableName" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::DataCellsFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::DataCellsFilter.ColumnWildcard": { "additionalProperties": false, "properties": { "ExcludedColumnNames": { "items": { "type": "string" }, "markdownDescription": "Excludes column names. Any column with this name will be excluded.", "title": "ExcludedColumnNames", "type": "array" } }, "type": "object" }, "AWS::LakeFormation::DataCellsFilter.RowFilter": { "additionalProperties": false, "properties": { "AllRowsWildcard": { "markdownDescription": "A wildcard for all rows.", "title": "AllRowsWildcard", "type": "object" }, "FilterExpression": { "markdownDescription": "A filter expression.", "title": "FilterExpression", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::DataLakeSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Admins": { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.Admins", "markdownDescription": "A list of AWS Lake Formation principals.", "title": "Admins" }, "AllowExternalDataFiltering": { "markdownDescription": "Whether to allow Amazon EMR clusters or other third-party query engines to access data managed by Lake Formation .\n\nIf set to true, you allow Amazon EMR clusters or other third-party engines to access data in Amazon S3 locations that are registered with Lake Formation .\n\nIf false or null, no third-party query engines will be able to access data in Amazon S3 locations that are registered with Lake Formation.\n\nFor more information, see [External data filtering setting](https://docs.aws.amazon.com/lake-formation/latest/dg/initial-LF-setup.html#external-data-filter) .", "title": "AllowExternalDataFiltering", "type": "boolean" }, "AllowFullTableExternalDataAccess": { "markdownDescription": "Specifies whether query engines and applications can get credentials without IAM session tags if the user has full table access. It provides query engines and applications performance benefits as well as simplifies data access. Amazon EMR on Amazon EC2 is able to leverage this setting.\n\nFor more information, see [](https://docs.aws.amazon.com/lake-formation/latest/dg/using-cred-vending.html)", "title": "AllowFullTableExternalDataAccess", "type": "boolean" }, "AuthorizedSessionTagValueList": { "items": { "type": "string" }, "markdownDescription": "Lake Formation relies on a privileged process secured by Amazon EMR or the third party integrator to tag the user's role while assuming it. Lake Formation will publish the acceptable key-value pair, for example key = \"LakeFormationTrustedCaller\" and value = \"TRUE\" and the third party integrator must properly tag the temporary security credentials that will be used to call Lake Formation 's administrative API operations.", "title": "AuthorizedSessionTagValueList", "type": "array" }, "CreateDatabaseDefaultPermissions": { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions", "markdownDescription": "Specifies whether access control on a newly created database is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicates that the user's IAM permissions determine the access to the database. This is referred to as the setting \"Use only IAM access control,\" and is to support backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", "title": "CreateDatabaseDefaultPermissions" }, "CreateTableDefaultPermissions": { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions", "markdownDescription": "Specifies whether access control on a newly created table is managed by Lake Formation permissions or exclusively by IAM permissions.\n\nA null value indicates that the access is controlled by Lake Formation permissions. `ALL` permissions assigned to `IAM_ALLOWED_PRINCIPALS` group indicate that the user's IAM permissions determine the access to the table. This is referred to as the setting \"Use only IAM access control,\" and is to support the backward compatibility with the AWS Glue permission model implemented by IAM permissions.\n\nThe only permitted values are an empty array or an array that contains a single JSON object that grants `ALL` permissions to `IAM_ALLOWED_PRINCIPALS` .\n\nFor more information, see [Changing the default security settings for your data lake](https://docs.aws.amazon.com/lake-formation/latest/dg/change-settings.html) .", "title": "CreateTableDefaultPermissions" }, "ExternalDataFilteringAllowList": { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList", "markdownDescription": "A list of the account IDs of AWS accounts with Amazon EMR clusters or third-party engines that are allwed to perform data filtering.", "title": "ExternalDataFilteringAllowList" }, "MutationType": { "markdownDescription": "Specifies whether the data lake settings are updated by adding new values to the current settings ( `APPEND` ) or by replacing the current settings with new settings ( `REPLACE` ).\n\n> If you choose `REPLACE` , your current data lake settings will be replaced with the new values in your template.", "title": "MutationType", "type": "string" }, "Parameters": { "markdownDescription": "A key-value map that provides an additional configuration on your data lake. `CrossAccountVersion` is the key you can configure in the `Parameters` field. Accepted values for the `CrossAccountVersion` key are 1, 2, and 3.", "title": "Parameters", "type": "object" }, "TrustedResourceOwners": { "items": { "type": "string" }, "markdownDescription": "An array of UTF-8 strings.\n\nA list of the resource-owning account IDs that the caller's account can use to share their user access details (user ARNs). The user ARNs can be logged in the resource owner's CloudTrail log. You may want to specify this property when you are in a high-trust boundary, such as the same team or company.", "title": "TrustedResourceOwners", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::DataLakeSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::LakeFormation::DataLakeSettings.Admins": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::LakeFormation::DataLakeSettings.CreateDatabaseDefaultPermissions": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::LakeFormation::DataLakeSettings.CreateTableDefaultPermissions": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::LakeFormation::DataLakeSettings.DataLakePrincipal": { "additionalProperties": false, "properties": { "DataLakePrincipalIdentifier": { "markdownDescription": "An identifier for the Lake Formation principal.", "title": "DataLakePrincipalIdentifier", "type": "string" } }, "required": [ "DataLakePrincipalIdentifier" ], "type": "object" }, "AWS::LakeFormation::DataLakeSettings.ExternalDataFilteringAllowList": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::LakeFormation::DataLakeSettings.PrincipalPermissions": { "additionalProperties": false, "properties": { "Permissions": { "items": { "type": "string" }, "markdownDescription": "The permissions that are granted to the principal.", "title": "Permissions", "type": "array" }, "Principal": { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings.DataLakePrincipal", "markdownDescription": "The principal who is granted permissions.", "title": "Principal" } }, "required": [ "Permissions", "Principal" ], "type": "object" }, "AWS::LakeFormation::Permissions": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataLakePrincipal": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLakePrincipal", "markdownDescription": "The AWS Lake Formation principal.", "title": "DataLakePrincipal" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "The permissions granted or revoked.", "title": "Permissions", "type": "array" }, "PermissionsWithGrantOption": { "items": { "type": "string" }, "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", "title": "PermissionsWithGrantOption", "type": "array" }, "Resource": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.Resource", "markdownDescription": "A structure for the resource.", "title": "Resource" } }, "required": [ "DataLakePrincipal", "Resource" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::Permissions" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::Permissions.ColumnWildcard": { "additionalProperties": false, "properties": { "ExcludedColumnNames": { "items": { "type": "string" }, "markdownDescription": "Excludes column names. Any column with this name will be excluded.", "title": "ExcludedColumnNames", "type": "array" } }, "type": "object" }, "AWS::LakeFormation::Permissions.DataLakePrincipal": { "additionalProperties": false, "properties": { "DataLakePrincipalIdentifier": { "markdownDescription": "An identifier for the Lake Formation principal.", "title": "DataLakePrincipalIdentifier", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::Permissions.DataLocationResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "S3Resource": { "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", "title": "S3Resource", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::Permissions.DatabaseResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "Name": { "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::Permissions.Resource": { "additionalProperties": false, "properties": { "DataLocationResource": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.DataLocationResource", "markdownDescription": "A structure for a data location object where permissions are granted or revoked.", "title": "DataLocationResource" }, "DatabaseResource": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.DatabaseResource", "markdownDescription": "A structure for the database object.", "title": "DatabaseResource" }, "TableResource": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableResource", "markdownDescription": "A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "TableResource" }, "TableWithColumnsResource": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWithColumnsResource", "markdownDescription": "A structure for a table with columns object. This object is only used when granting a SELECT permission.", "title": "TableWithColumnsResource" } }, "type": "object" }, "AWS::LakeFormation::Permissions.TableResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table.", "title": "Name", "type": "string" }, "TableWildcard": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.TableWildcard", "markdownDescription": "An empty object representing all tables under a database. If this field is specified instead of the `Name` field, all tables under `DatabaseName` will have permission changes applied.", "title": "TableWildcard" } }, "type": "object" }, "AWS::LakeFormation::Permissions.TableWildcard": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::LakeFormation::Permissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", "title": "ColumnNames", "type": "array" }, "ColumnWildcard": { "$ref": "#/definitions/AWS::LakeFormation::Permissions.ColumnWildcard", "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", "title": "ColumnWildcard" }, "DatabaseName": { "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::PrincipalPermissions": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your Lake Formation environment.", "title": "Catalog", "type": "string" }, "Permissions": { "items": { "type": "string" }, "markdownDescription": "The permissions granted or revoked.", "title": "Permissions", "type": "array" }, "PermissionsWithGrantOption": { "items": { "type": "string" }, "markdownDescription": "Indicates the ability to grant permissions (as a subset of permissions granted).", "title": "PermissionsWithGrantOption", "type": "array" }, "Principal": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal", "markdownDescription": "The principal to be granted a permission.", "title": "Principal" }, "Resource": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.Resource", "markdownDescription": "The resource to be granted or revoked permissions.", "title": "Resource" } }, "required": [ "Permissions", "PermissionsWithGrantOption", "Principal", "Resource" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::PrincipalPermissions" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.ColumnWildcard": { "additionalProperties": false, "properties": { "ExcludedColumnNames": { "items": { "type": "string" }, "markdownDescription": "Excludes column names. Any column with this name will be excluded.", "title": "ExcludedColumnNames", "type": "array" } }, "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "A database in the Data Catalog .", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name given by the user to the data filter cell.", "title": "Name", "type": "string" }, "TableCatalogId": { "markdownDescription": "The ID of the catalog to which the table belongs.", "title": "TableCatalogId", "type": "string" }, "TableName": { "markdownDescription": "The name of the table.", "title": "TableName", "type": "string" } }, "required": [ "DatabaseName", "Name", "TableCatalogId", "TableName" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.DataLakePrincipal": { "additionalProperties": false, "properties": { "DataLakePrincipalIdentifier": { "markdownDescription": "An identifier for the AWS Lake Formation principal.", "title": "DataLakePrincipalIdentifier", "type": "string" } }, "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.DataLocationResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", "title": "CatalogId", "type": "string" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the data location resource.", "title": "ResourceArn", "type": "string" } }, "required": [ "CatalogId", "ResourceArn" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.DatabaseResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "Name": { "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", "title": "Name", "type": "string" } }, "required": [ "CatalogId", "Name" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.LFTag": { "additionalProperties": false, "properties": { "TagKey": { "markdownDescription": "The key-name for the LF-tag.", "title": "TagKey", "type": "string" }, "TagValues": { "items": { "type": "string" }, "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", "title": "TagValues", "type": "array" } }, "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog where the location is registered with Data Catalog .", "title": "CatalogId", "type": "string" }, "TagKey": { "markdownDescription": "The key-name for the LF-tag.", "title": "TagKey", "type": "string" }, "TagValues": { "items": { "type": "string" }, "markdownDescription": "A list of possible values for the corresponding `TagKey` of an LF-tag key-value pair.", "title": "TagValues", "type": "array" } }, "required": [ "CatalogId", "TagKey", "TagValues" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", "title": "CatalogId", "type": "string" }, "Expression": { "items": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTag" }, "markdownDescription": "A list of LF-tag conditions that apply to the resource's LF-tag policy.", "title": "Expression", "type": "array" }, "ResourceType": { "markdownDescription": "The resource type for which the LF-tag policy applies.", "title": "ResourceType", "type": "string" } }, "required": [ "CatalogId", "Expression", "ResourceType" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.Resource": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", "title": "Catalog", "type": "object" }, "DataCellsFilter": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataCellsFilterResource", "markdownDescription": "A data cell filter.", "title": "DataCellsFilter" }, "DataLocation": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DataLocationResource", "markdownDescription": "The location of an Amazon S3 path where permissions are granted or revoked.", "title": "DataLocation" }, "Database": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.DatabaseResource", "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", "title": "Database" }, "LFTag": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagKeyResource", "markdownDescription": "The LF-tag key and values attached to a resource.", "title": "LFTag" }, "LFTagPolicy": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.LFTagPolicyResource", "markdownDescription": "A list of LF-tag conditions that define a resource's LF-tag policy.", "title": "LFTagPolicy" }, "Table": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableResource", "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "Table" }, "TableWithColumns": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource", "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", "title": "TableWithColumns" } }, "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.TableResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog. By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table.", "title": "Name", "type": "string" }, "TableWildcard": { "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", "title": "TableWildcard", "type": "object" } }, "required": [ "CatalogId", "DatabaseName" ], "type": "object" }, "AWS::LakeFormation::PrincipalPermissions.TableWithColumnsResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog where the location is registered with AWS Lake Formation .", "title": "CatalogId", "type": "string" }, "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", "title": "ColumnNames", "type": "array" }, "ColumnWildcard": { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions.ColumnWildcard", "markdownDescription": "A wildcard specified by a `ColumnWildcard` object. At least one of `ColumnNames` or `ColumnWildcard` is required.", "title": "ColumnWildcard" }, "DatabaseName": { "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "Name", "type": "string" } }, "required": [ "CatalogId", "DatabaseName", "Name" ], "type": "object" }, "AWS::LakeFormation::Resource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HybridAccessEnabled": { "markdownDescription": "Indicates whether the data access of tables pointing to the location can be managed by both Lake Formation permissions as well as Amazon S3 bucket policies.", "title": "HybridAccessEnabled", "type": "boolean" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "ResourceArn", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role that registered a resource.", "title": "RoleArn", "type": "string" }, "UseServiceLinkedRole": { "markdownDescription": "Designates a trusted caller, an IAM principal, by registering this caller with the Data Catalog .", "title": "UseServiceLinkedRole", "type": "boolean" }, "WithFederation": { "markdownDescription": "Allows Lake Formation to assume a role to access tables in a federated database.", "title": "WithFederation", "type": "boolean" } }, "required": [ "ResourceArn", "UseServiceLinkedRole" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::Resource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::Tag": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "Catalog id string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe identifier for the Data Catalog . By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", "title": "CatalogId", "type": "string" }, "TagKey": { "markdownDescription": "UTF-8 string, not less than 1 or more than 255 bytes long, matching the [single-line string pattern](https://docs.aws.amazon.com/lake-formation/latest/dg/aws-lake-formation-api-aws-lake-formation-api-common.html) .\n\nThe key-name for the LF-tag.", "title": "TagKey", "type": "string" }, "TagValues": { "items": { "type": "string" }, "markdownDescription": "An array of UTF-8 strings, not less than 1 or more than 50 strings.\n\nA list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", "title": "TagValues", "type": "array" } }, "required": [ "TagKey", "TagValues" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::Tag" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::TagAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LFTags": { "items": { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.LFTagPair" }, "markdownDescription": "A structure containing an LF-tag key-value pair.", "title": "LFTags", "type": "array" }, "Resource": { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.Resource", "markdownDescription": "UTF-8 string (valid values: `DATABASE | TABLE` ).\n\nThe resource for which the LF-tag policy applies.", "title": "Resource" } }, "required": [ "LFTags", "Resource" ], "type": "object" }, "Type": { "enum": [ "AWS::LakeFormation::TagAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LakeFormation::TagAssociation.DatabaseResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it should be the account ID of the caller.", "title": "CatalogId", "type": "string" }, "Name": { "markdownDescription": "The name of the database resource. Unique to the Data Catalog.", "title": "Name", "type": "string" } }, "required": [ "CatalogId", "Name" ], "type": "object" }, "AWS::LakeFormation::TagAssociation.LFTagPair": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "TagKey": { "markdownDescription": "The key-name for the LF-tag.", "title": "TagKey", "type": "string" }, "TagValues": { "items": { "type": "string" }, "markdownDescription": "A list of possible values of the corresponding `TagKey` of an LF-tag key-value pair.", "title": "TagValues", "type": "array" } }, "required": [ "CatalogId", "TagKey", "TagValues" ], "type": "object" }, "AWS::LakeFormation::TagAssociation.Resource": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment.", "title": "Catalog", "type": "object" }, "Database": { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.DatabaseResource", "markdownDescription": "The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal.", "title": "Database" }, "Table": { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableResource", "markdownDescription": "The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "Table" }, "TableWithColumns": { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation.TableWithColumnsResource", "markdownDescription": "The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3.", "title": "TableWithColumns" } }, "type": "object" }, "AWS::LakeFormation::TagAssociation.TableResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "The identifier for the Data Catalog . By default, it is the account ID of the caller.", "title": "CatalogId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table.", "title": "Name", "type": "string" }, "TableWildcard": { "markdownDescription": "A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}.\n\nAt least one of `TableResource$Name` or `TableResource$TableWildcard` is required.", "title": "TableWildcard", "type": "object" } }, "required": [ "CatalogId", "DatabaseName" ], "type": "object" }, "AWS::LakeFormation::TagAssociation.TableWithColumnsResource": { "additionalProperties": false, "properties": { "CatalogId": { "markdownDescription": "A wildcard object representing every table under a database.\n\nAt least one of TableResource$Name or TableResource$TableWildcard is required.", "title": "CatalogId", "type": "string" }, "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required.", "title": "ColumnNames", "type": "array" }, "DatabaseName": { "markdownDescription": "The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal.", "title": "DatabaseName", "type": "string" }, "Name": { "markdownDescription": "The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal.", "title": "Name", "type": "string" } }, "required": [ "CatalogId", "ColumnNames", "DatabaseName", "Name" ], "type": "object" }, "AWS::Lambda::Alias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the alias.", "title": "Description", "type": "string" }, "FunctionName": { "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", "title": "FunctionName", "type": "string" }, "FunctionVersion": { "markdownDescription": "The function version that the alias invokes.", "title": "FunctionVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the alias.", "title": "Name", "type": "string" }, "ProvisionedConcurrencyConfig": { "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", "markdownDescription": "Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.", "title": "ProvisionedConcurrencyConfig" }, "RoutingConfig": { "$ref": "#/definitions/AWS::Lambda::Alias.AliasRoutingConfiguration", "markdownDescription": "The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.", "title": "RoutingConfig" } }, "required": [ "FunctionName", "FunctionVersion", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::Alias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Alias.AliasRoutingConfiguration": { "additionalProperties": false, "properties": { "AdditionalVersionWeights": { "items": { "$ref": "#/definitions/AWS::Lambda::Alias.VersionWeight" }, "markdownDescription": "The second version, and the percentage of traffic that's routed to it.", "title": "AdditionalVersionWeights", "type": "array" } }, "required": [ "AdditionalVersionWeights" ], "type": "object" }, "AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { "ProvisionedConcurrentExecutions": { "markdownDescription": "The amount of provisioned concurrency to allocate for the alias.", "title": "ProvisionedConcurrentExecutions", "type": "number" } }, "required": [ "ProvisionedConcurrentExecutions" ], "type": "object" }, "AWS::Lambda::Alias.VersionWeight": { "additionalProperties": false, "properties": { "FunctionVersion": { "markdownDescription": "The qualifier of the second version.", "title": "FunctionVersion", "type": "string" }, "FunctionWeight": { "markdownDescription": "The percentage of traffic that the alias routes to the second version.", "title": "FunctionWeight", "type": "number" } }, "required": [ "FunctionVersion", "FunctionWeight" ], "type": "object" }, "AWS::Lambda::CodeSigningConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedPublishers": { "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.AllowedPublishers", "markdownDescription": "List of allowed publishers.", "title": "AllowedPublishers" }, "CodeSigningPolicies": { "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig.CodeSigningPolicies", "markdownDescription": "The code signing policy controls the validation failure action for signature mismatch or expiry.", "title": "CodeSigningPolicies" }, "Description": { "markdownDescription": "Code signing configuration description.", "title": "Description", "type": "string" } }, "required": [ "AllowedPublishers" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::CodeSigningConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::CodeSigningConfig.AllowedPublishers": { "additionalProperties": false, "properties": { "SigningProfileVersionArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) for each of the signing profiles. A signing profile defines a trusted user who can sign a code package.", "title": "SigningProfileVersionArns", "type": "array" } }, "required": [ "SigningProfileVersionArns" ], "type": "object" }, "AWS::Lambda::CodeSigningConfig.CodeSigningPolicies": { "additionalProperties": false, "properties": { "UntrustedArtifactOnDeployment": { "markdownDescription": "Code signing configuration policy for deployment validation failure. If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.\n\nDefault value: `Warn`", "title": "UntrustedArtifactOnDeployment", "type": "string" } }, "required": [ "UntrustedArtifactOnDeployment" ], "type": "object" }, "AWS::Lambda::EventInvokeConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationConfig": { "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.DestinationConfig", "markdownDescription": "A destination for events after they have been sent to a function for processing.\n\n**Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.\n- *Queue* - The ARN of a standard SQS queue.\n- *Topic* - The ARN of a standard SNS topic.\n- *Event Bus* - The ARN of an Amazon EventBridge event bus.", "title": "DestinationConfig" }, "FunctionName": { "markdownDescription": "The name of the Lambda function.\n\n*Minimum* : `1`\n\n*Maximum* : `64`\n\n*Pattern* : `([a-zA-Z0-9-_]+)`", "title": "FunctionName", "type": "string" }, "MaximumEventAgeInSeconds": { "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing.", "title": "MaximumEventAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "The maximum number of times to retry when the function returns an error.", "title": "MaximumRetryAttempts", "type": "number" }, "Qualifier": { "markdownDescription": "The identifier of a version or alias.\n\n- *Version* - A version number.\n- *Alias* - An alias name.\n- *Latest* - To specify the unpublished version, use `$LATEST` .", "title": "Qualifier", "type": "string" } }, "required": [ "FunctionName", "Qualifier" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::EventInvokeConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::EventInvokeConfig.DestinationConfig": { "additionalProperties": false, "properties": { "OnFailure": { "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnFailure", "markdownDescription": "The destination configuration for failed invocations.", "title": "OnFailure" }, "OnSuccess": { "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig.OnSuccess", "markdownDescription": "The destination configuration for successful invocations.", "title": "OnSuccess" } }, "type": "object" }, "AWS::Lambda::EventInvokeConfig.OnFailure": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations) , you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n\nTo retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", "title": "Destination", "type": "string" } }, "required": [ "Destination" ], "type": "object" }, "AWS::Lambda::EventInvokeConfig.OnSuccess": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.", "title": "Destination", "type": "string" } }, "required": [ "Destination" ], "type": "object" }, "AWS::Lambda::EventSourceMapping": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AmazonManagedKafkaEventSourceConfig": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig", "markdownDescription": "Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source.", "title": "AmazonManagedKafkaEventSourceConfig" }, "BatchSize": { "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation (6 MB).\n\n- *Amazon Kinesis* \u2013 Default 100. Max 10,000.\n- *Amazon DynamoDB Streams* \u2013 Default 100. Max 10,000.\n- *Amazon Simple Queue Service* \u2013 Default 10. For standard queues the max is 10,000. For FIFO queues the max is 10.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Self-managed Apache Kafka* \u2013 Default 100. Max 10,000.\n- *Amazon MQ (ActiveMQ and RabbitMQ)* \u2013 Default 100. Max 10,000.\n- *DocumentDB* \u2013 Default 100. Max 10,000.", "title": "BatchSize", "type": "number" }, "BisectBatchOnFunctionError": { "markdownDescription": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.", "title": "BisectBatchOnFunctionError", "type": "boolean" }, "DestinationConfig": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DestinationConfig", "markdownDescription": "(Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", "title": "DestinationConfig" }, "DocumentDBEventSourceConfig": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig", "markdownDescription": "Specific configuration settings for a DocumentDB event source.", "title": "DocumentDBEventSourceConfig" }, "Enabled": { "markdownDescription": "When true, the event source mapping is active. When false, Lambda pauses polling and invocation.\n\nDefault: True", "title": "Enabled", "type": "boolean" }, "EventSourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the event source.\n\n- *Amazon Kinesis* \u2013 The ARN of the data stream or a stream consumer.\n- *Amazon DynamoDB Streams* \u2013 The ARN of the stream.\n- *Amazon Simple Queue Service* \u2013 The ARN of the queue.\n- *Amazon Managed Streaming for Apache Kafka* \u2013 The ARN of the cluster or the ARN of the VPC connection (for [cross-account event source mappings](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#msk-multi-vpc) ).\n- *Amazon MQ* \u2013 The ARN of the broker.\n- *Amazon DocumentDB* \u2013 The ARN of the DocumentDB change stream.", "title": "EventSourceArn", "type": "string" }, "FilterCriteria": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.FilterCriteria", "markdownDescription": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) .", "title": "FilterCriteria" }, "FunctionName": { "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* \u2013 `MyFunction` .\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Version or Alias ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:MyFunction:PROD` .\n- *Partial ARN* \u2013 `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length.", "title": "FunctionName", "type": "string" }, "FunctionResponseTypes": { "items": { "type": "string" }, "markdownDescription": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n\nValid Values: `ReportBatchItemFailures`", "title": "FunctionResponseTypes", "type": "array" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n\n*Default ( Kinesis , DynamoDB , Amazon SQS event sources)* : 0\n\n*Default ( Amazon MSK , Kafka, Amazon MQ , Amazon DocumentDB event sources)* : 500 ms\n\n*Related setting:* For Amazon SQS event sources, when you set `BatchSize` to a value greater than 10, you must set `MaximumBatchingWindowInSeconds` to at least 1.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "MaximumRecordAgeInSeconds": { "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records older than the specified age. The default value is -1,\nwhich sets the maximum age to infinite. When the value is set to infinite, Lambda never discards old records.\n\n> The minimum valid value for maximum record age is 60s. Although values less than 60 and greater than -1 fall within the parameter's absolute range, they are not allowed", "title": "MaximumRecordAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "(Kinesis and DynamoDB Streams only) Discard records after the specified number of retries. The default value is -1,\nwhich sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, Lambda retries failed records until the record expires in the event source.", "title": "MaximumRetryAttempts", "type": "number" }, "ParallelizationFactor": { "markdownDescription": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.", "title": "ParallelizationFactor", "type": "number" }, "Queues": { "items": { "type": "string" }, "markdownDescription": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.", "title": "Queues", "type": "array" }, "ScalingConfig": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.ScalingConfig", "markdownDescription": "(Amazon SQS only) The scaling configuration for the event source. For more information, see [Configuring maximum concurrency for Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency) .", "title": "ScalingConfig" }, "SelfManagedEventSource": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedEventSource", "markdownDescription": "The self-managed Apache Kafka cluster for your event source.", "title": "SelfManagedEventSource" }, "SelfManagedKafkaEventSourceConfig": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig", "markdownDescription": "Specific configuration settings for a self-managed Apache Kafka event source.", "title": "SelfManagedKafkaEventSourceConfig" }, "SourceAccessConfigurations": { "items": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.SourceAccessConfiguration" }, "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source.", "title": "SourceAccessConfigurations", "type": "array" }, "StartingPosition": { "markdownDescription": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB.\n\n- *LATEST* - Read only new records.\n- *TRIM_HORIZON* - Process all available records.\n- *AT_TIMESTAMP* - Specify a time from which to start reading records.", "title": "StartingPosition", "type": "string" }, "StartingPositionTimestamp": { "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. `StartingPositionTimestamp` cannot be in the future.", "title": "StartingPositionTimestamp", "type": "number" }, "Topics": { "items": { "type": "string" }, "markdownDescription": "The name of the Kafka topic.", "title": "Topics", "type": "array" }, "TumblingWindowInSeconds": { "markdownDescription": "(Kinesis and DynamoDB Streams only) The duration in seconds of a processing window for DynamoDB and Kinesis Streams event sources. A value of 0 seconds indicates no tumbling window.", "title": "TumblingWindowInSeconds", "type": "number" } }, "required": [ "FunctionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::EventSourceMapping" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::EventSourceMapping.AmazonManagedKafkaEventSourceConfig": { "additionalProperties": false, "properties": { "ConsumerGroupId": { "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", "title": "ConsumerGroupId", "type": "string" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.DestinationConfig": { "additionalProperties": false, "properties": { "OnFailure": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.OnFailure", "markdownDescription": "The destination configuration for failed invocations.", "title": "OnFailure" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.DocumentDBEventSourceConfig": { "additionalProperties": false, "properties": { "CollectionName": { "markdownDescription": "The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections.", "title": "CollectionName", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the database to consume within the DocumentDB cluster.", "title": "DatabaseName", "type": "string" }, "FullDocument": { "markdownDescription": "Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes.", "title": "FullDocument", "type": "string" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.Endpoints": { "additionalProperties": false, "properties": { "KafkaBootstrapServers": { "items": { "type": "string" }, "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", "title": "KafkaBootstrapServers", "type": "array" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.Filter": { "additionalProperties": false, "properties": { "Pattern": { "markdownDescription": "A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax) .", "title": "Pattern", "type": "string" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.FilterCriteria": { "additionalProperties": false, "properties": { "Filters": { "items": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Filter" }, "markdownDescription": "A list of filters.", "title": "Filters", "type": "array" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.OnFailure": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination resource.\n\nTo retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n\nTo retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations) , you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n\nTo retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.", "title": "Destination", "type": "string" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.ScalingConfig": { "additionalProperties": false, "properties": { "MaximumConcurrency": { "markdownDescription": "Limits the number of concurrent instances that the Amazon SQS event source can invoke.", "title": "MaximumConcurrency", "type": "number" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.SelfManagedEventSource": { "additionalProperties": false, "properties": { "Endpoints": { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping.Endpoints", "markdownDescription": "The list of bootstrap servers for your Kafka brokers in the following format: `\"KafkaBootstrapServers\": [\"abc.xyz.com:xxxx\",\"abc2.xyz.com:xxxx\"]` .", "title": "Endpoints" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.SelfManagedKafkaEventSourceConfig": { "additionalProperties": false, "properties": { "ConsumerGroupId": { "markdownDescription": "The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id) .", "title": "ConsumerGroupId", "type": "string" } }, "type": "object" }, "AWS::Lambda::EventSourceMapping.SourceAccessConfiguration": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of authentication protocol, VPC components, or virtual host for your event source. For example: `\"Type\":\"SASL_SCRAM_512_AUTH\"` .\n\n- `BASIC_AUTH` \u2013 (Amazon MQ) The AWS Secrets Manager secret that stores your broker credentials.\n- `BASIC_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers.\n- `VPC_SUBNET` \u2013 (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster.\n- `VPC_SECURITY_GROUP` \u2013 (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_256_AUTH` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers.\n- `SASL_SCRAM_512_AUTH` \u2013 (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers.\n- `VIRTUAL_HOST` \u2013- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call.\n- `CLIENT_CERTIFICATE_TLS_AUTH` \u2013 (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers.\n- `SERVER_ROOT_CA_CERTIFICATE` \u2013 (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers.", "title": "Type", "type": "string" }, "URI": { "markdownDescription": "The value for your chosen configuration in `Type` . For example: `\"URI\": \"arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName\"` .", "title": "URI", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Architectures": { "items": { "type": "string" }, "markdownDescription": "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is `x86_64` .", "title": "Architectures", "type": "array" }, "Code": { "$ref": "#/definitions/AWS::Lambda::Function.Code", "markdownDescription": "The code for the function.", "title": "Code" }, "CodeSigningConfigArn": { "markdownDescription": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration\nincludes a set of signing profiles, which define the trusted publishers for this function.", "title": "CodeSigningConfigArn", "type": "string" }, "DeadLetterConfig": { "$ref": "#/definitions/AWS::Lambda::Function.DeadLetterConfig", "markdownDescription": "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq) .", "title": "DeadLetterConfig" }, "Description": { "markdownDescription": "A description of the function.", "title": "Description", "type": "string" }, "Environment": { "$ref": "#/definitions/AWS::Lambda::Function.Environment", "markdownDescription": "Environment variables that are accessible from function code during execution.", "title": "Environment" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", "markdownDescription": "The size of the function's `/tmp` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", "title": "EphemeralStorage" }, "FileSystemConfigs": { "items": { "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" }, "markdownDescription": "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` attribute to ensure that the mount target is created or updated before the function.\n\nFor more information about using the `DependsOn` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html) .", "title": "FileSystemConfigs", "type": "array" }, "FunctionName": { "markdownDescription": "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, AWS CloudFormation generates one.\n\nIf you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "FunctionName", "type": "string" }, "Handler": { "markdownDescription": "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html) .", "title": "Handler", "type": "string" }, "ImageConfig": { "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", "markdownDescription": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms) .", "title": "ImageConfig" }, "KmsKeyArn": { "markdownDescription": "The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption) . When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR).\nIf you don't provide a customer managed key, Lambda uses a default service key.", "title": "KmsKeyArn", "type": "string" }, "Layers": { "items": { "type": "string" }, "markdownDescription": "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", "title": "Layers", "type": "array" }, "LoggingConfig": { "$ref": "#/definitions/AWS::Lambda::Function.LoggingConfig", "markdownDescription": "The function's Amazon CloudWatch Logs configuration settings.", "title": "LoggingConfig" }, "MemorySize": { "markdownDescription": "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", "title": "MemorySize", "type": "number" }, "PackageType": { "markdownDescription": "The type of deployment package. Set to `Image` for container image and set `Zip` for .zip file archive.", "title": "PackageType", "type": "string" }, "ReservedConcurrentExecutions": { "markdownDescription": "The number of simultaneous executions to reserve for the function.", "title": "ReservedConcurrentExecutions", "type": "number" }, "Role": { "markdownDescription": "The Amazon Resource Name (ARN) of the function's execution role.", "title": "Role", "type": "string" }, "Runtime": { "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n\nThe following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels) .\n\nFor a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported) .", "title": "Runtime", "type": "string" }, "RuntimeManagementConfig": { "$ref": "#/definitions/AWS::Lambda::Function.RuntimeManagementConfig", "markdownDescription": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) .", "title": "RuntimeManagementConfig" }, "SnapStart": { "$ref": "#/definitions/AWS::Lambda::Function.SnapStart", "markdownDescription": "The function's [AWS Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", "title": "SnapStart" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.", "title": "Tags", "type": "array" }, "Timeout": { "markdownDescription": "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) .", "title": "Timeout", "type": "number" }, "TracingConfig": { "$ref": "#/definitions/AWS::Lambda::Function.TracingConfig", "markdownDescription": "Set `Mode` to `Active` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) .", "title": "TracingConfig" }, "VpcConfig": { "$ref": "#/definitions/AWS::Lambda::Function.VpcConfig", "markdownDescription": "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html) .", "title": "VpcConfig" } }, "required": [ "Code", "Role" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::Function" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Function.Code": { "additionalProperties": false, "properties": { "ImageUri": { "markdownDescription": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.", "title": "ImageUri", "type": "string" }, "S3Bucket": { "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The Amazon S3 key of the deployment package.", "title": "S3Key", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "For versioned objects, the version of the deployment package object to use.", "title": "S3ObjectVersion", "type": "string" }, "ZipFile": { "markdownDescription": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named `index` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) . This zip file cannot exceed 4MB. For the `Handler` property, the first part of the handler identifier must be `index` . For example, `index.handler` .\n\nFor JSON, you must escape quotes and special characters such as newline ( `\\n` ) with a backslash.\n\nIf you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( [cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html) ) that simplifies sending responses. See [Using AWS Lambda with AWS CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.", "title": "ZipFile", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.DeadLetterConfig": { "additionalProperties": false, "properties": { "TargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", "title": "TargetArn", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.Environment": { "additionalProperties": false, "properties": { "Variables": { "additionalProperties": true, "markdownDescription": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Variables", "type": "object" } }, "type": "object" }, "AWS::Lambda::Function.EphemeralStorage": { "additionalProperties": false, "properties": { "Size": { "markdownDescription": "The size of the function's `/tmp` directory.", "title": "Size", "type": "number" } }, "required": [ "Size" ], "type": "object" }, "AWS::Lambda::Function.FileSystemConfig": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", "title": "Arn", "type": "string" }, "LocalMountPath": { "markdownDescription": "The path where the function can access the file system, starting with `/mnt/` .", "title": "LocalMountPath", "type": "string" } }, "required": [ "Arn", "LocalMountPath" ], "type": "object" }, "AWS::Lambda::Function.ImageConfig": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", "title": "Command", "type": "array" }, "EntryPoint": { "items": { "type": "string" }, "markdownDescription": "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", "title": "EntryPoint", "type": "array" }, "WorkingDirectory": { "markdownDescription": "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", "title": "WorkingDirectory", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.LoggingConfig": { "additionalProperties": false, "properties": { "ApplicationLogLevel": { "markdownDescription": "Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where `TRACE` is the highest level and `FATAL` is the lowest.", "title": "ApplicationLogLevel", "type": "string" }, "LogFormat": { "markdownDescription": "The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.", "title": "LogFormat", "type": "string" }, "LogGroup": { "markdownDescription": "The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named `/aws/lambda/` . To use a different log group, enter an existing log group or enter a new log group name.", "title": "LogGroup", "type": "string" }, "SystemLogLevel": { "markdownDescription": "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where `DEBUG` is the highest level and `WARN` is the lowest.", "title": "SystemLogLevel", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.RuntimeManagementConfig": { "additionalProperties": false, "properties": { "RuntimeVersionArn": { "markdownDescription": "The ARN of the runtime version you want the function to use.\n\n> This is only required if you're using the *Manual* runtime update mode.", "title": "RuntimeVersionArn", "type": "string" }, "UpdateRuntimeOn": { "markdownDescription": "Specify the runtime update mode.\n\n- *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase) . This is the best choice for most customers to ensure they always benefit from runtime updates.\n- *FunctionUpdate* - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n- *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback) .\n\n*Valid Values* : `Auto` | `FunctionUpdate` | `Manual`", "title": "UpdateRuntimeOn", "type": "string" } }, "required": [ "UpdateRuntimeOn" ], "type": "object" }, "AWS::Lambda::Function.SnapStart": { "additionalProperties": false, "properties": { "ApplyOn": { "markdownDescription": "Set `ApplyOn` to `PublishedVersions` to create a snapshot of the initialized execution environment when you publish a function version.", "title": "ApplyOn", "type": "string" } }, "required": [ "ApplyOn" ], "type": "object" }, "AWS::Lambda::Function.SnapStartResponse": { "additionalProperties": false, "properties": { "ApplyOn": { "markdownDescription": "When set to `PublishedVersions` , Lambda creates a snapshot of the execution environment when you publish a function version.", "title": "ApplyOn", "type": "string" }, "OptimizationStatus": { "markdownDescription": "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using) , this response element indicates whether SnapStart is activated for the specified function version.", "title": "OptimizationStatus", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.TracingConfig": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The tracing mode.", "title": "Mode", "type": "string" } }, "type": "object" }, "AWS::Lambda::Function.VpcConfig": { "additionalProperties": false, "properties": { "Ipv6AllowedForDualStack": { "markdownDescription": "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", "title": "Ipv6AllowedForDualStack", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC security group IDs.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC subnet IDs.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::Lambda::LayerVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CompatibleArchitectures": { "items": { "type": "string" }, "markdownDescription": "A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .", "title": "CompatibleArchitectures", "type": "array" }, "CompatibleRuntimes": { "items": { "type": "string" }, "markdownDescription": "A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .", "title": "CompatibleRuntimes", "type": "array" }, "Content": { "$ref": "#/definitions/AWS::Lambda::LayerVersion.Content", "markdownDescription": "The function layer archive.", "title": "Content" }, "Description": { "markdownDescription": "The description of the version.", "title": "Description", "type": "string" }, "LayerName": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", "title": "LayerName", "type": "string" }, "LicenseInfo": { "markdownDescription": "The layer's software license. It can be any of the following:\n\n- An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .\n- The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .\n- The full text of the license.", "title": "LicenseInfo", "type": "string" } }, "required": [ "Content" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::LayerVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::LayerVersion.Content": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The Amazon S3 bucket of the layer archive.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The Amazon S3 key of the layer archive.", "title": "S3Key", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "For versioned objects, the version of the layer archive object to use.", "title": "S3ObjectVersion", "type": "string" } }, "required": [ "S3Bucket", "S3Key" ], "type": "object" }, "AWS::Lambda::LayerVersionPermission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The API action that grants access to the layer. For example, `lambda:GetLayerVersion` .", "title": "Action", "type": "string" }, "LayerVersionArn": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the layer.", "title": "LayerVersionArn", "type": "string" }, "OrganizationId": { "markdownDescription": "With the principal set to `*` , grant permission to all accounts in the specified organization.", "title": "OrganizationId", "type": "string" }, "Principal": { "markdownDescription": "An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified). For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.", "title": "Principal", "type": "string" } }, "required": [ "Action", "LayerVersionArn", "Principal" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::LayerVersionPermission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Permission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that the principal can use on the function. For example, `lambda:InvokeFunction` or `lambda:GetFunction` .", "title": "Action", "type": "string" }, "EventSourceToken": { "markdownDescription": "For Alexa Smart Home functions, a token that the invoker must supply.", "title": "EventSourceToken", "type": "string" }, "FunctionName": { "markdownDescription": "The name or ARN of the Lambda function, version, or alias.\n\n**Name formats** - *Function name* \u2013 `my-function` (name-only), `my-function:v1` (with alias).\n- *Function ARN* \u2013 `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* \u2013 `123456789012:function:my-function` .\n\nYou can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", "title": "FunctionName", "type": "string" }, "FunctionUrlAuthType": { "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", "title": "FunctionUrlAuthType", "type": "string" }, "Principal": { "markdownDescription": "The AWS service or AWS account that invokes the function. If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.", "title": "Principal", "type": "string" }, "PrincipalOrgID": { "markdownDescription": "The identifier for your organization in AWS Organizations . Use this to grant permissions to all the AWS accounts under this organization.", "title": "PrincipalOrgID", "type": "string" }, "SourceAccount": { "markdownDescription": "For AWS service , the ID of the AWS account that owns the resource. Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.", "title": "SourceAccount", "type": "string" }, "SourceArn": { "markdownDescription": "For AWS services , the ARN of the AWS resource that invokes the function. For example, an Amazon S3 bucket or Amazon SNS topic.\n\nNote that Lambda configures the comparison using the `StringLike` operator.", "title": "SourceArn", "type": "string" } }, "required": [ "Action", "FunctionName", "Principal" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::Permission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Url": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthType": { "markdownDescription": "The type of authentication that your function URL uses. Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .", "title": "AuthType", "type": "string" }, "Cors": { "$ref": "#/definitions/AWS::Lambda::Url.Cors", "markdownDescription": "The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.", "title": "Cors" }, "InvokeMode": { "markdownDescription": "Use one of the following options:\n\n- `BUFFERED` \u2013 This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.\n- `RESPONSE_STREAM` \u2013 Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .", "title": "InvokeMode", "type": "string" }, "Qualifier": { "markdownDescription": "The alias name.", "title": "Qualifier", "type": "string" }, "TargetFunctionArn": { "markdownDescription": "The name of the Lambda function.\n\n**Name formats** - *Function name* - `my-function` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:my-function` .\n- *Partial ARN* - `123456789012:function:my-function` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", "title": "TargetFunctionArn", "type": "string" } }, "required": [ "AuthType", "TargetFunctionArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::Url" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Url.Cors": { "additionalProperties": false, "properties": { "AllowCredentials": { "markdownDescription": "Whether you want to allow cookies or other credentials in requests to your function URL. The default is `false` .", "title": "AllowCredentials", "type": "boolean" }, "AllowHeaders": { "items": { "type": "string" }, "markdownDescription": "The HTTP headers that origins can include in requests to your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", "title": "AllowHeaders", "type": "array" }, "AllowMethods": { "items": { "type": "string" }, "markdownDescription": "The HTTP methods that are allowed when calling your function URL. For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).", "title": "AllowMethods", "type": "array" }, "AllowOrigins": { "items": { "type": "string" }, "markdownDescription": "The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .\n\nAlternatively, you can grant access to all origins with the wildcard character ( `*` ).", "title": "AllowOrigins", "type": "array" }, "ExposeHeaders": { "items": { "type": "string" }, "markdownDescription": "The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: `Date` , `Keep-Alive` , `X-Custom-Header` .", "title": "ExposeHeaders", "type": "array" }, "MaxAge": { "markdownDescription": "The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results.", "title": "MaxAge", "type": "number" } }, "type": "object" }, "AWS::Lambda::Version": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CodeSha256": { "markdownDescription": "Only publish a version if the hash value matches the value that's specified. Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.", "title": "CodeSha256", "type": "string" }, "Description": { "markdownDescription": "A description for the version to override the description in the function configuration. Updates are not supported for this property.", "title": "Description", "type": "string" }, "FunctionName": { "markdownDescription": "The name or ARN of the Lambda function.\n\n**Name formats** - *Function name* - `MyFunction` .\n- *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .\n- *Partial ARN* - `123456789012:function:MyFunction` .\n\nThe length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.", "title": "FunctionName", "type": "string" }, "ProvisionedConcurrencyConfig": { "$ref": "#/definitions/AWS::Lambda::Version.ProvisionedConcurrencyConfiguration", "markdownDescription": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property.", "title": "ProvisionedConcurrencyConfig" }, "RuntimePolicy": { "$ref": "#/definitions/AWS::Lambda::Version.RuntimePolicy", "markdownDescription": "", "title": "RuntimePolicy" } }, "required": [ "FunctionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lambda::Version" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lambda::Version.ProvisionedConcurrencyConfiguration": { "additionalProperties": false, "properties": { "ProvisionedConcurrentExecutions": { "markdownDescription": "The amount of provisioned concurrency to allocate for the version.", "title": "ProvisionedConcurrentExecutions", "type": "number" } }, "required": [ "ProvisionedConcurrentExecutions" ], "type": "object" }, "AWS::Lambda::Version.RuntimePolicy": { "additionalProperties": false, "properties": { "RuntimeVersionArn": { "markdownDescription": "", "title": "RuntimeVersionArn", "type": "string" }, "UpdateRuntimeOn": { "markdownDescription": "", "title": "UpdateRuntimeOn", "type": "string" } }, "required": [ "UpdateRuntimeOn" ], "type": "object" }, "AWS::Lex::Bot": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoBuildBotLocales": { "markdownDescription": "Indicates whether Amazon Lex V2 should automatically build the locales for the bot after a change.", "title": "AutoBuildBotLocales", "type": "boolean" }, "BotFileS3Location": { "$ref": "#/definitions/AWS::Lex::Bot.S3Location", "markdownDescription": "The Amazon S3 location of files used to import a bot. The files must be in the import format specified in [JSON format for importing and exporting](https://docs.aws.amazon.com/lexv2/latest/dg/import-export-format.html) in the *Amazon Lex developer guide.*", "title": "BotFileS3Location" }, "BotLocales": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.BotLocale" }, "markdownDescription": "A list of locales for the bot.", "title": "BotLocales", "type": "array" }, "BotTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to add to the bot. You can only add tags when you import a bot. You can't use the `UpdateBot` operation to update tags. To update tags, use the `TagResource` operation.", "title": "BotTags", "type": "array" }, "DataPrivacy": { "$ref": "#/definitions/AWS::Lex::Bot.DataPrivacy", "markdownDescription": "By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot.", "title": "DataPrivacy" }, "Description": { "markdownDescription": "The description of the version.", "title": "Description", "type": "string" }, "IdleSessionTTLInSeconds": { "markdownDescription": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.\n\nA user interaction remains active for the amount of time specified. If no conversation occurs during this time, the session expires and Amazon Lex deletes any data provided before the timeout.\n\nYou can specify between 60 (1 minute) and 86,400 (24 hours) seconds.", "title": "IdleSessionTTLInSeconds", "type": "number" }, "Name": { "markdownDescription": "The name of the bot locale.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to build and run the bot.", "title": "RoleArn", "type": "string" }, "TestBotAliasSettings": { "$ref": "#/definitions/AWS::Lex::Bot.TestBotAliasSettings", "markdownDescription": "Specifies configuration settings for the alias used to test the bot. If the `TestBotAliasSettings` property is not specified, the settings are configured with default values.", "title": "TestBotAliasSettings" }, "TestBotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to add to the test alias for a bot. You can only add tags when you import a bot. You can't use the `UpdateAlias` operation to update tags. To update tags on the test alias, use the `TagResource` operation.", "title": "TestBotAliasTags", "type": "array" } }, "required": [ "DataPrivacy", "IdleSessionTTLInSeconds", "Name", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Lex::Bot" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lex::Bot.AdvancedRecognitionSetting": { "additionalProperties": false, "properties": { "AudioRecognitionStrategy": { "markdownDescription": "Enables using the slot values as a custom vocabulary for recognizing user utterances.", "title": "AudioRecognitionStrategy", "type": "string" } }, "type": "object" }, "AWS::Lex::Bot.AllowedInputTypes": { "additionalProperties": false, "properties": { "AllowAudioInput": { "markdownDescription": "Indicates whether audio input is allowed.", "title": "AllowAudioInput", "type": "boolean" }, "AllowDTMFInput": { "markdownDescription": "Indicates whether DTMF input is allowed.", "title": "AllowDTMFInput", "type": "boolean" } }, "required": [ "AllowAudioInput", "AllowDTMFInput" ], "type": "object" }, "AWS::Lex::Bot.AudioAndDTMFInputSpecification": { "additionalProperties": false, "properties": { "AudioSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.AudioSpecification", "markdownDescription": "Specifies the settings on audio input.", "title": "AudioSpecification" }, "DTMFSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.DTMFSpecification", "markdownDescription": "Specifies the settings on DTMF input.", "title": "DTMFSpecification" }, "StartTimeoutMs": { "markdownDescription": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.", "title": "StartTimeoutMs", "type": "number" } }, "required": [ "StartTimeoutMs" ], "type": "object" }, "AWS::Lex::Bot.AudioLogDestination": { "additionalProperties": false, "properties": { "S3Bucket": { "$ref": "#/definitions/AWS::Lex::Bot.S3BucketLogDestination", "markdownDescription": "Specifies the Amazon S3 bucket where the audio files are stored.", "title": "S3Bucket" } }, "required": [ "S3Bucket" ], "type": "object" }, "AWS::Lex::Bot.AudioLogSetting": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::Lex::Bot.AudioLogDestination", "markdownDescription": "Specifies the location of the audio log files collected when conversation logging is enabled for a bot.", "title": "Destination" }, "Enabled": { "markdownDescription": "Determines whether audio logging in enabled for the bot.", "title": "Enabled", "type": "boolean" } }, "required": [ "Destination", "Enabled" ], "type": "object" }, "AWS::Lex::Bot.AudioSpecification": { "additionalProperties": false, "properties": { "EndTimeoutMs": { "markdownDescription": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.", "title": "EndTimeoutMs", "type": "number" }, "MaxLengthMs": { "markdownDescription": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.", "title": "MaxLengthMs", "type": "number" } }, "required": [ "EndTimeoutMs", "MaxLengthMs" ], "type": "object" }, "AWS::Lex::Bot.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { "CodeHookSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.CodeHookSpecification", "markdownDescription": "Specifies the Lambda function that should be used in the locale.", "title": "CodeHookSpecification" }, "Enabled": { "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::Lex::Bot.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { "BotAliasLocaleSetting": { "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettings", "markdownDescription": "Specifies locale settings for a locale.", "title": "BotAliasLocaleSetting" }, "LocaleId": { "markdownDescription": "Specifies the locale that the settings apply to.", "title": "LocaleId", "type": "string" } }, "required": [ "BotAliasLocaleSetting", "LocaleId" ], "type": "object" }, "AWS::Lex::Bot.BotLocale": { "additionalProperties": false, "properties": { "CustomVocabulary": { "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabulary", "markdownDescription": "Specifies a custom vocabulary to use with a specific locale.", "title": "CustomVocabulary" }, "Description": { "markdownDescription": "A description of the bot locale. Use this to help identify the bot locale in lists.", "title": "Description", "type": "string" }, "Intents": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.Intent" }, "markdownDescription": "One or more intents defined for the locale.", "title": "Intents", "type": "array" }, "LocaleId": { "markdownDescription": "The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales.", "title": "LocaleId", "type": "string" }, "NluConfidenceThreshold": { "markdownDescription": "Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot.", "title": "NluConfidenceThreshold", "type": "number" }, "SlotTypes": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotType" }, "markdownDescription": "One or more slot types defined for the locale.", "title": "SlotTypes", "type": "array" }, "VoiceSettings": { "$ref": "#/definitions/AWS::Lex::Bot.VoiceSettings", "markdownDescription": "Defines settings for using an Amazon Polly voice to communicate with a user.", "title": "VoiceSettings" } }, "required": [ "LocaleId", "NluConfidenceThreshold" ], "type": "object" }, "AWS::Lex::Bot.Button": { "additionalProperties": false, "properties": { "Text": { "markdownDescription": "The text that appears on the button. Use this to tell the user what value is returned when they choose this button.", "title": "Text", "type": "string" }, "Value": { "markdownDescription": "The value returned to Amazon Lex when the user chooses this button. This must be one of the slot values configured for the slot.", "title": "Value", "type": "string" } }, "required": [ "Text", "Value" ], "type": "object" }, "AWS::Lex::Bot.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { "CloudWatchLogGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", "title": "CloudWatchLogGroupArn", "type": "string" }, "LogPrefix": { "markdownDescription": "The prefix of the log stream name within the log group that you specified", "title": "LogPrefix", "type": "string" } }, "required": [ "CloudWatchLogGroupArn", "LogPrefix" ], "type": "object" }, "AWS::Lex::Bot.CodeHookSpecification": { "additionalProperties": false, "properties": { "LambdaCodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.LambdaCodeHook", "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", "title": "LambdaCodeHook" } }, "required": [ "LambdaCodeHook" ], "type": "object" }, "AWS::Lex::Bot.Condition": { "additionalProperties": false, "properties": { "ExpressionString": { "markdownDescription": "The expression string that is evaluated.", "title": "ExpressionString", "type": "string" } }, "required": [ "ExpressionString" ], "type": "object" }, "AWS::Lex::Bot.ConditionalBranch": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/AWS::Lex::Bot.Condition", "markdownDescription": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken.", "title": "Condition" }, "Name": { "markdownDescription": "The name of the branch.", "title": "Name", "type": "string" }, "NextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "The next step in the conversation.", "title": "NextStep" }, "Response": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", "title": "Response" } }, "required": [ "Condition", "Name", "NextStep" ], "type": "object" }, "AWS::Lex::Bot.ConditionalSpecification": { "additionalProperties": false, "properties": { "ConditionalBranches": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalBranch" }, "markdownDescription": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true.", "title": "ConditionalBranches", "type": "array" }, "DefaultBranch": { "$ref": "#/definitions/AWS::Lex::Bot.DefaultConditionalBranch", "markdownDescription": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step.", "title": "DefaultBranch" }, "IsActive": { "markdownDescription": "Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated.", "title": "IsActive", "type": "boolean" } }, "required": [ "ConditionalBranches", "DefaultBranch", "IsActive" ], "type": "object" }, "AWS::Lex::Bot.ConversationLogSettings": { "additionalProperties": false, "properties": { "AudioLogSettings": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.AudioLogSetting" }, "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", "title": "AudioLogSettings", "type": "array" }, "TextLogSettings": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.TextLogSetting" }, "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", "title": "TextLogSettings", "type": "array" } }, "type": "object" }, "AWS::Lex::Bot.CustomPayload": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The string that is sent to your application.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::Lex::Bot.CustomVocabulary": { "additionalProperties": false, "properties": { "CustomVocabularyItems": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.CustomVocabularyItem" }, "markdownDescription": "Specifies a list of words that you expect to be used during a conversation with your bot.", "title": "CustomVocabularyItems", "type": "array" } }, "required": [ "CustomVocabularyItems" ], "type": "object" }, "AWS::Lex::Bot.CustomVocabularyItem": { "additionalProperties": false, "properties": { "DisplayAs": { "markdownDescription": "The DisplayAs value for the custom vocabulary item from the custom vocabulary list.", "title": "DisplayAs", "type": "string" }, "Phrase": { "markdownDescription": "Specifies 1 - 4 words that should be recognized.", "title": "Phrase", "type": "string" }, "Weight": { "markdownDescription": "Specifies the degree to which the phrase recognition is boosted. The default value is 1.", "title": "Weight", "type": "number" } }, "required": [ "Phrase" ], "type": "object" }, "AWS::Lex::Bot.DTMFSpecification": { "additionalProperties": false, "properties": { "DeletionCharacter": { "markdownDescription": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.", "title": "DeletionCharacter", "type": "string" }, "EndCharacter": { "markdownDescription": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.", "title": "EndCharacter", "type": "string" }, "EndTimeoutMs": { "markdownDescription": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.", "title": "EndTimeoutMs", "type": "number" }, "MaxLength": { "markdownDescription": "The maximum number of DTMF digits allowed in an utterance.", "title": "MaxLength", "type": "number" } }, "required": [ "DeletionCharacter", "EndCharacter", "EndTimeoutMs", "MaxLength" ], "type": "object" }, "AWS::Lex::Bot.DataPrivacy": { "additionalProperties": false, "properties": { "ChildDirected": { "markdownDescription": "For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) .", "title": "ChildDirected", "type": "boolean" } }, "required": [ "ChildDirected" ], "type": "object" }, "AWS::Lex::Bot.DefaultConditionalBranch": { "additionalProperties": false, "properties": { "NextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "The next step in the conversation.", "title": "NextStep" }, "Response": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", "title": "Response" } }, "type": "object" }, "AWS::Lex::Bot.DialogAction": { "additionalProperties": false, "properties": { "SlotToElicit": { "markdownDescription": "If the dialog action is `ElicitSlot` , defines the slot to elicit from the user.", "title": "SlotToElicit", "type": "string" }, "SuppressNextMessage": { "markdownDescription": "When true the next message for the intent is not used.", "title": "SuppressNextMessage", "type": "boolean" }, "Type": { "markdownDescription": "The action that the bot should execute.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Lex::Bot.DialogCodeHookInvocationSetting": { "additionalProperties": false, "properties": { "EnableCodeHookInvocation": { "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", "title": "EnableCodeHookInvocation", "type": "boolean" }, "InvocationLabel": { "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", "title": "InvocationLabel", "type": "string" }, "IsActive": { "markdownDescription": "Determines whether a dialog code hook is used when the intent is activated.", "title": "IsActive", "type": "boolean" }, "PostCodeHookSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification", "markdownDescription": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete.", "title": "PostCodeHookSpecification" } }, "required": [ "EnableCodeHookInvocation", "IsActive", "PostCodeHookSpecification" ], "type": "object" }, "AWS::Lex::Bot.DialogCodeHookSetting": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables the dialog code hook so that it processes user requests.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::Lex::Bot.DialogState": { "additionalProperties": false, "properties": { "DialogAction": { "$ref": "#/definitions/AWS::Lex::Bot.DialogAction", "markdownDescription": "Defines the action that the bot executes at runtime when the conversation reaches this step.", "title": "DialogAction" }, "Intent": { "$ref": "#/definitions/AWS::Lex::Bot.IntentOverride", "markdownDescription": "Override settings to configure the intent state.", "title": "Intent" }, "SessionAttributes": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SessionAttribute" }, "markdownDescription": "Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application.", "title": "SessionAttributes", "type": "array" } }, "type": "object" }, "AWS::Lex::Bot.ElicitationCodeHookInvocationSetting": { "additionalProperties": false, "properties": { "EnableCodeHookInvocation": { "markdownDescription": "Indicates whether a Lambda function should be invoked for the dialog.", "title": "EnableCodeHookInvocation", "type": "boolean" }, "InvocationLabel": { "markdownDescription": "A label that indicates the dialog step from which the dialog code hook is happening.", "title": "InvocationLabel", "type": "string" } }, "required": [ "EnableCodeHookInvocation" ], "type": "object" }, "AWS::Lex::Bot.ExternalSourceSetting": { "additionalProperties": false, "properties": { "GrammarSlotTypeSetting": { "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSetting", "markdownDescription": "Settings required for a slot type based on a grammar that you provide.", "title": "GrammarSlotTypeSetting" } }, "type": "object" }, "AWS::Lex::Bot.FulfillmentCodeHookSetting": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether a Lambda function should be invoked to fulfill a specific intent.", "title": "Enabled", "type": "boolean" }, "FulfillmentUpdatesSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdatesSpecification", "markdownDescription": "Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations.", "title": "FulfillmentUpdatesSpecification" }, "IsActive": { "markdownDescription": "Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run.", "title": "IsActive", "type": "boolean" }, "PostFulfillmentStatusSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.PostFulfillmentStatusSpecification", "markdownDescription": "Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations.", "title": "PostFulfillmentStatusSpecification" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::Lex::Bot.FulfillmentStartResponseSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Determines whether the user can interrupt the start message while it is playing.", "title": "AllowInterrupt", "type": "boolean" }, "DelayInSeconds": { "markdownDescription": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.", "title": "DelayInSeconds", "type": "number" }, "MessageGroups": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, "markdownDescription": "1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user.", "title": "MessageGroups", "type": "array" } }, "required": [ "DelayInSeconds", "MessageGroups" ], "type": "object" }, "AWS::Lex::Bot.FulfillmentUpdateResponseSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Determines whether the user can interrupt an update message while it is playing.", "title": "AllowInterrupt", "type": "boolean" }, "FrequencyInSeconds": { "markdownDescription": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.", "title": "FrequencyInSeconds", "type": "number" }, "MessageGroups": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, "markdownDescription": "1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.", "title": "MessageGroups", "type": "array" } }, "required": [ "FrequencyInSeconds", "MessageGroups" ], "type": "object" }, "AWS::Lex::Bot.FulfillmentUpdatesSpecification": { "additionalProperties": false, "properties": { "Active": { "markdownDescription": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.\n\nIf the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required.", "title": "Active", "type": "boolean" }, "StartResponse": { "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentStartResponseSpecification", "markdownDescription": "Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running.", "title": "StartResponse" }, "TimeoutInSeconds": { "markdownDescription": "The length of time that the fulfillment Lambda function should run before it times out.", "title": "TimeoutInSeconds", "type": "number" }, "UpdateResponse": { "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentUpdateResponseSpecification", "markdownDescription": "Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running.", "title": "UpdateResponse" } }, "required": [ "Active" ], "type": "object" }, "AWS::Lex::Bot.GrammarSlotTypeSetting": { "additionalProperties": false, "properties": { "Source": { "$ref": "#/definitions/AWS::Lex::Bot.GrammarSlotTypeSource", "markdownDescription": "The source of the grammar used to create the slot type.", "title": "Source" } }, "type": "object" }, "AWS::Lex::Bot.GrammarSlotTypeSource": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The AWS KMS key required to decrypt the contents of the grammar, if any.", "title": "KmsKeyArn", "type": "string" }, "S3BucketName": { "markdownDescription": "The name of the Amazon S3 bucket that contains the grammar source.", "title": "S3BucketName", "type": "string" }, "S3ObjectKey": { "markdownDescription": "The path to the grammar in the Amazon S3 bucket.", "title": "S3ObjectKey", "type": "string" } }, "required": [ "S3BucketName", "S3ObjectKey" ], "type": "object" }, "AWS::Lex::Bot.ImageResponseCard": { "additionalProperties": false, "properties": { "Buttons": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.Button" }, "markdownDescription": "A list of buttons that should be displayed on the response card. The arrangement of the buttons is determined by the platform that displays the button.", "title": "Buttons", "type": "array" }, "ImageUrl": { "markdownDescription": "The URL of an image to display on the response card. The image URL must be publicly available so that the platform displaying the response card has access to the image.", "title": "ImageUrl", "type": "string" }, "Subtitle": { "markdownDescription": "The subtitle to display on the response card. The format of the subtitle is determined by the platform displaying the response card.", "title": "Subtitle", "type": "string" }, "Title": { "markdownDescription": "The title to display on the response card. The format of the title is determined by the platform displaying the response card.", "title": "Title", "type": "string" } }, "required": [ "Title" ], "type": "object" }, "AWS::Lex::Bot.InitialResponseSetting": { "additionalProperties": false, "properties": { "CodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", "markdownDescription": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.", "title": "CodeHook" }, "Conditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", "title": "Conditional" }, "InitialResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", "title": "InitialResponse" }, "NextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "The next step in the conversation.", "title": "NextStep" } }, "type": "object" }, "AWS::Lex::Bot.InputContext": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the context.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::Lex::Bot.Intent": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the intent. Use the description to help identify the intent in lists.", "title": "Description", "type": "string" }, "DialogCodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookSetting", "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction.", "title": "DialogCodeHook" }, "FulfillmentCodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.FulfillmentCodeHookSetting", "markdownDescription": "Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user.", "title": "FulfillmentCodeHook" }, "InitialResponseSetting": { "$ref": "#/definitions/AWS::Lex::Bot.InitialResponseSetting", "markdownDescription": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.", "title": "InitialResponseSetting" }, "InputContexts": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.InputContext" }, "markdownDescription": "A list of contexts that must be active for this intent to be considered by Amazon Lex .", "title": "InputContexts", "type": "array" }, "IntentClosingSetting": { "$ref": "#/definitions/AWS::Lex::Bot.IntentClosingSetting", "markdownDescription": "Sets the response that Amazon Lex sends to the user when the intent is closed.", "title": "IntentClosingSetting" }, "IntentConfirmationSetting": { "$ref": "#/definitions/AWS::Lex::Bot.IntentConfirmationSetting", "markdownDescription": "Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers \"no,\" the settings contain a statement that is sent to the user to end the intent.", "title": "IntentConfirmationSetting" }, "KendraConfiguration": { "$ref": "#/definitions/AWS::Lex::Bot.KendraConfiguration", "markdownDescription": "Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance.", "title": "KendraConfiguration" }, "Name": { "markdownDescription": "The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent.", "title": "Name", "type": "string" }, "OutputContexts": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.OutputContext" }, "markdownDescription": "A list of contexts that the intent activates when it is fulfilled.", "title": "OutputContexts", "type": "array" }, "ParentIntentSignature": { "markdownDescription": "A unique identifier for the built-in intent to base this intent on.", "title": "ParentIntentSignature", "type": "string" }, "SampleUtterances": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" }, "markdownDescription": "A list of utterances that a user might say to signal the intent.", "title": "SampleUtterances", "type": "array" }, "SlotPriorities": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotPriority" }, "markdownDescription": "Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order.", "title": "SlotPriorities", "type": "array" }, "Slots": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.Slot" }, "markdownDescription": "A list of slots that the intent requires for fulfillment.", "title": "Slots", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "AWS::Lex::Bot.IntentClosingSetting": { "additionalProperties": false, "properties": { "ClosingResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "The response that Amazon Lex sends to the user when the intent is complete.", "title": "ClosingResponse" }, "Conditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` .", "title": "Conditional" }, "IsActive": { "markdownDescription": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true.", "title": "IsActive", "type": "boolean" }, "NextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot executes after playing the intent's closing response.", "title": "NextStep" } }, "type": "object" }, "AWS::Lex::Bot.IntentConfirmationSetting": { "additionalProperties": false, "properties": { "CodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", "markdownDescription": "The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` .", "title": "CodeHook" }, "ConfirmationConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the intent is closed.", "title": "ConfirmationConditional" }, "ConfirmationNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot executes when the customer confirms the intent.", "title": "ConfirmationNextStep" }, "ConfirmationResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", "title": "ConfirmationResponse" }, "DeclinationConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the intent is declined.", "title": "DeclinationConditional" }, "DeclinationNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot executes when the customer declines the intent.", "title": "DeclinationNextStep" }, "DeclinationResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "When the user answers \"no\" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled.", "title": "DeclinationResponse" }, "ElicitationCodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", "markdownDescription": "The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries.", "title": "ElicitationCodeHook" }, "FailureConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.", "title": "FailureConditional" }, "FailureNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "The next step to take in the conversation if the confirmation step fails.", "title": "FailureNextStep" }, "FailureResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails.", "title": "FailureResponse" }, "IsActive": { "markdownDescription": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true.", "title": "IsActive", "type": "boolean" }, "PromptSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", "markdownDescription": "Prompts the user to confirm the intent. This question should have a yes or no answer.\n\nAmazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information.", "title": "PromptSpecification" } }, "required": [ "PromptSpecification" ], "type": "object" }, "AWS::Lex::Bot.IntentOverride": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the intent. Only required when you're switching intents.", "title": "Name", "type": "string" }, "Slots": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverrideMap" }, "markdownDescription": "A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden.", "title": "Slots", "type": "array" } }, "type": "object" }, "AWS::Lex::Bot.KendraConfiguration": { "additionalProperties": false, "properties": { "KendraIndex": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot.", "title": "KendraIndex", "type": "string" }, "QueryFilterString": { "markdownDescription": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) .", "title": "QueryFilterString", "type": "string" }, "QueryFilterStringEnabled": { "markdownDescription": "Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index.", "title": "QueryFilterStringEnabled", "type": "boolean" } }, "required": [ "KendraIndex" ], "type": "object" }, "AWS::Lex::Bot.LambdaCodeHook": { "additionalProperties": false, "properties": { "CodeHookInterfaceVersion": { "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", "title": "CodeHookInterfaceVersion", "type": "string" }, "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", "title": "LambdaArn", "type": "string" } }, "required": [ "CodeHookInterfaceVersion", "LambdaArn" ], "type": "object" }, "AWS::Lex::Bot.Message": { "additionalProperties": false, "properties": { "CustomPayload": { "$ref": "#/definitions/AWS::Lex::Bot.CustomPayload", "markdownDescription": "A message in a custom format defined by the client application.", "title": "CustomPayload" }, "ImageResponseCard": { "$ref": "#/definitions/AWS::Lex::Bot.ImageResponseCard", "markdownDescription": "A message that defines a response card that the client application can show to the user.", "title": "ImageResponseCard" }, "PlainTextMessage": { "$ref": "#/definitions/AWS::Lex::Bot.PlainTextMessage", "markdownDescription": "A message in plain text format.", "title": "PlainTextMessage" }, "SSMLMessage": { "$ref": "#/definitions/AWS::Lex::Bot.SSMLMessage", "markdownDescription": "A message in Speech Synthesis Markup Language (SSML).", "title": "SSMLMessage" } }, "type": "object" }, "AWS::Lex::Bot.MessageGroup": { "additionalProperties": false, "properties": { "Message": { "$ref": "#/definitions/AWS::Lex::Bot.Message", "markdownDescription": "The primary message that Amazon Lex should send to the user.", "title": "Message" }, "Variations": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.Message" }, "markdownDescription": "Message variations to send to the user. When variations are defined, Amazon Lex chooses the primary message or one of the variations to send to the user.", "title": "Variations", "type": "array" } }, "required": [ "Message" ], "type": "object" }, "AWS::Lex::Bot.MultipleValuesSetting": { "additionalProperties": false, "properties": { "AllowMultipleValues": { "markdownDescription": "Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value.\n\nMulti-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` .\n\nIf the `allowMutlipleValues` is not set, the default value is `false` .", "title": "AllowMultipleValues", "type": "boolean" } }, "type": "object" }, "AWS::Lex::Bot.ObfuscationSetting": { "additionalProperties": false, "properties": { "ObfuscationSettingType": { "markdownDescription": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.", "title": "ObfuscationSettingType", "type": "string" } }, "required": [ "ObfuscationSettingType" ], "type": "object" }, "AWS::Lex::Bot.OutputContext": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the output context.", "title": "Name", "type": "string" }, "TimeToLiveInSeconds": { "markdownDescription": "The amount of time, in seconds, that the output context should remain active. The time is figured from the first time the context is sent to the user.", "title": "TimeToLiveInSeconds", "type": "number" }, "TurnsToLive": { "markdownDescription": "The number of conversation turns that the output context should remain active. The number of turns is counted from the first time that the context is sent to the user.", "title": "TurnsToLive", "type": "number" } }, "required": [ "Name", "TimeToLiveInSeconds", "TurnsToLive" ], "type": "object" }, "AWS::Lex::Bot.PlainTextMessage": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The message to send to the user.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::Lex::Bot.PostDialogCodeHookInvocationSpecification": { "additionalProperties": false, "properties": { "FailureConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", "title": "FailureConditional" }, "FailureNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", "title": "FailureNextStep" }, "FailureResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails.", "title": "FailureResponse" }, "SuccessConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the dialog code hook finishes successfully.", "title": "SuccessConditional" }, "SuccessNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifics the next step the bot runs after the dialog code hook finishes successfully.", "title": "SuccessNextStep" }, "SuccessResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds.", "title": "SuccessResponse" }, "TimeoutConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate if the code hook times out.", "title": "TimeoutConditional" }, "TimeoutNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot runs when the code hook times out.", "title": "TimeoutNextStep" }, "TimeoutResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out.", "title": "TimeoutResponse" } }, "type": "object" }, "AWS::Lex::Bot.PostFulfillmentStatusSpecification": { "additionalProperties": false, "properties": { "FailureConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", "title": "FailureConditional" }, "FailureNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` .", "title": "FailureNextStep" }, "FailureResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful.", "title": "FailureResponse" }, "SuccessConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully.", "title": "SuccessConditional" }, "SuccessNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully.", "title": "SuccessNextStep" }, "SuccessResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful.", "title": "SuccessResponse" }, "TimeoutConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate if the fulfillment code hook times out.", "title": "TimeoutConditional" }, "TimeoutNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot runs when the fulfillment code hook times out.", "title": "TimeoutNextStep" }, "TimeoutResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period.", "title": "TimeoutResponse" } }, "type": "object" }, "AWS::Lex::Bot.PromptAttemptSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Indicates whether the user can interrupt a speech prompt attempt from the bot.", "title": "AllowInterrupt", "type": "boolean" }, "AllowedInputTypes": { "$ref": "#/definitions/AWS::Lex::Bot.AllowedInputTypes", "markdownDescription": "Indicates the allowed input types of the prompt attempt.", "title": "AllowedInputTypes" }, "AudioAndDTMFInputSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.AudioAndDTMFInputSpecification", "markdownDescription": "Specifies the settings on audio and DTMF input.", "title": "AudioAndDTMFInputSpecification" }, "TextInputSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.TextInputSpecification", "markdownDescription": "Specifies the settings on text input.", "title": "TextInputSpecification" } }, "required": [ "AllowedInputTypes" ], "type": "object" }, "AWS::Lex::Bot.PromptSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Indicates whether the user can interrupt a speech prompt from the bot.", "title": "AllowInterrupt", "type": "boolean" }, "MaxRetries": { "markdownDescription": "The maximum number of times the bot tries to elicit a response from the user using this prompt.", "title": "MaxRetries", "type": "number" }, "MessageGroupsList": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, "markdownDescription": "A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime.", "title": "MessageGroupsList", "type": "array" }, "MessageSelectionStrategy": { "markdownDescription": "Indicates how a message is selected from a message group among retries.", "title": "MessageSelectionStrategy", "type": "string" }, "PromptAttemptsSpecification": { "additionalProperties": false, "markdownDescription": "Specifies the advanced settings on each attempt of the prompt.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Lex::Bot.PromptAttemptSpecification" } }, "title": "PromptAttemptsSpecification", "type": "object" } }, "required": [ "MaxRetries", "MessageGroupsList" ], "type": "object" }, "AWS::Lex::Bot.ResponseSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Indicates whether the user can interrupt a speech response from Amazon Lex.", "title": "AllowInterrupt", "type": "boolean" }, "MessageGroupsList": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, "markdownDescription": "A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime.", "title": "MessageGroupsList", "type": "array" } }, "required": [ "MessageGroupsList" ], "type": "object" }, "AWS::Lex::Bot.S3BucketLogDestination": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", "title": "KmsKeyArn", "type": "string" }, "LogPrefix": { "markdownDescription": "The S3 prefix to assign to audio log files.", "title": "LogPrefix", "type": "string" }, "S3BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", "title": "S3BucketArn", "type": "string" } }, "required": [ "LogPrefix", "S3BucketArn" ], "type": "object" }, "AWS::Lex::Bot.S3Location": { "additionalProperties": false, "properties": { "S3Bucket": { "markdownDescription": "The S3 bucket name.", "title": "S3Bucket", "type": "string" }, "S3ObjectKey": { "markdownDescription": "The path and file name to the object in the S3 bucket.", "title": "S3ObjectKey", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "The version of the object in the S3 bucket.", "title": "S3ObjectVersion", "type": "string" } }, "required": [ "S3Bucket", "S3ObjectKey" ], "type": "object" }, "AWS::Lex::Bot.SSMLMessage": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The SSML text that defines the prompt.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::Lex::Bot.SampleUtterance": { "additionalProperties": false, "properties": { "Utterance": { "markdownDescription": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.", "title": "Utterance", "type": "string" } }, "required": [ "Utterance" ], "type": "object" }, "AWS::Lex::Bot.SampleValue": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The value that can be used for a slot type.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::Lex::Bot.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { "DetectSentiment": { "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", "title": "DetectSentiment", "type": "boolean" } }, "required": [ "DetectSentiment" ], "type": "object" }, "AWS::Lex::Bot.SessionAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of the session attribute.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The session-specific context information for the session attribute.", "title": "Value", "type": "string" } }, "required": [ "Key" ], "type": "object" }, "AWS::Lex::Bot.Slot": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the slot.", "title": "Description", "type": "string" }, "MultipleValuesSetting": { "$ref": "#/definitions/AWS::Lex::Bot.MultipleValuesSetting", "markdownDescription": "Indicates whether a slot can return multiple values.", "title": "MultipleValuesSetting" }, "Name": { "markdownDescription": "The name given to the slot.", "title": "Name", "type": "string" }, "ObfuscationSetting": { "$ref": "#/definitions/AWS::Lex::Bot.ObfuscationSetting", "markdownDescription": "Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs.", "title": "ObfuscationSetting" }, "SlotTypeName": { "markdownDescription": "The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot.", "title": "SlotTypeName", "type": "string" }, "ValueElicitationSetting": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueElicitationSetting", "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value.\n- TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", "title": "ValueElicitationSetting" } }, "required": [ "Name", "SlotTypeName", "ValueElicitationSetting" ], "type": "object" }, "AWS::Lex::Bot.SlotCaptureSetting": { "additionalProperties": false, "properties": { "CaptureConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate after the slot value is captured.", "title": "CaptureConditional" }, "CaptureNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out.", "title": "CaptureNextStep" }, "CaptureResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input.", "title": "CaptureResponse" }, "CodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.DialogCodeHookInvocationSetting", "markdownDescription": "Code hook called after Amazon Lex successfully captures a slot value.", "title": "CodeHook" }, "ElicitationCodeHook": { "$ref": "#/definitions/AWS::Lex::Bot.ElicitationCodeHookInvocationSetting", "markdownDescription": "Code hook called when Amazon Lex doesn't capture a slot value.", "title": "ElicitationCodeHook" }, "FailureConditional": { "$ref": "#/definitions/AWS::Lex::Bot.ConditionalSpecification", "markdownDescription": "A list of conditional branches to evaluate when the slot value isn't captured.", "title": "FailureConditional" }, "FailureNextStep": { "$ref": "#/definitions/AWS::Lex::Bot.DialogState", "markdownDescription": "Specifies the next step that the bot runs when the slot value code is not recognized.", "title": "FailureNextStep" }, "FailureResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured.", "title": "FailureResponse" } }, "type": "object" }, "AWS::Lex::Bot.SlotDefaultValue": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "The default value to use when a user doesn't provide a value for a slot.", "title": "DefaultValue", "type": "string" } }, "required": [ "DefaultValue" ], "type": "object" }, "AWS::Lex::Bot.SlotDefaultValueSpecification": { "additionalProperties": false, "properties": { "DefaultValueList": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValue" }, "markdownDescription": "A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list.", "title": "DefaultValueList", "type": "array" } }, "required": [ "DefaultValueList" ], "type": "object" }, "AWS::Lex::Bot.SlotPriority": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "The priority that Amazon Lex should apply to the slot.", "title": "Priority", "type": "number" }, "SlotName": { "markdownDescription": "The name of the slot.", "title": "SlotName", "type": "string" } }, "required": [ "Priority", "SlotName" ], "type": "object" }, "AWS::Lex::Bot.SlotType": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the slot type. Use the description to help identify the slot type in lists.", "title": "Description", "type": "string" }, "ExternalSourceSetting": { "$ref": "#/definitions/AWS::Lex::Bot.ExternalSourceSetting", "markdownDescription": "Sets the type of external information used to create the slot type.", "title": "ExternalSourceSetting" }, "Name": { "markdownDescription": "The name of the slot type. A slot type name must be unique withing the account.", "title": "Name", "type": "string" }, "ParentSlotTypeSignature": { "markdownDescription": "The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type.\n\nOnly `AMAZON.AlphaNumeric` is supported.", "title": "ParentSlotTypeSignature", "type": "string" }, "SlotTypeValues": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotTypeValue" }, "markdownDescription": "A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot.", "title": "SlotTypeValues", "type": "array" }, "ValueSelectionSetting": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueSelectionSetting", "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", "title": "ValueSelectionSetting" } }, "required": [ "Name" ], "type": "object" }, "AWS::Lex::Bot.SlotTypeValue": { "additionalProperties": false, "properties": { "SampleValue": { "$ref": "#/definitions/AWS::Lex::Bot.SampleValue", "markdownDescription": "The value of the slot type entry.", "title": "SampleValue" }, "Synonyms": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SampleValue" }, "markdownDescription": "Additional values related to the slot type entry.", "title": "Synonyms", "type": "array" } }, "required": [ "SampleValue" ], "type": "object" }, "AWS::Lex::Bot.SlotValue": { "additionalProperties": false, "properties": { "InterpretedValue": { "markdownDescription": "The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list.", "title": "InterpretedValue", "type": "string" } }, "type": "object" }, "AWS::Lex::Bot.SlotValueElicitationSetting": { "additionalProperties": false, "properties": { "DefaultValueSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.SlotDefaultValueSpecification", "markdownDescription": "A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values.", "title": "DefaultValueSpecification" }, "PromptSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.PromptSpecification", "markdownDescription": "The prompt that Amazon Lex uses to elicit the slot value from the user.", "title": "PromptSpecification" }, "SampleUtterances": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SampleUtterance" }, "markdownDescription": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances.", "title": "SampleUtterances", "type": "array" }, "SlotCaptureSetting": { "$ref": "#/definitions/AWS::Lex::Bot.SlotCaptureSetting", "markdownDescription": "Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user.", "title": "SlotCaptureSetting" }, "SlotConstraint": { "markdownDescription": "Specifies whether the slot is required or optional.", "title": "SlotConstraint", "type": "string" }, "WaitAndContinueSpecification": { "$ref": "#/definitions/AWS::Lex::Bot.WaitAndContinueSpecification", "markdownDescription": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input.", "title": "WaitAndContinueSpecification" } }, "required": [ "SlotConstraint" ], "type": "object" }, "AWS::Lex::Bot.SlotValueOverride": { "additionalProperties": false, "properties": { "Shape": { "markdownDescription": "When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value.", "title": "Shape", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValue", "markdownDescription": "The current value of the slot.", "title": "Value" }, "Values": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride" }, "markdownDescription": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\"", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::Lex::Bot.SlotValueOverrideMap": { "additionalProperties": false, "properties": { "SlotName": { "markdownDescription": "The name of the slot.", "title": "SlotName", "type": "string" }, "SlotValueOverride": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueOverride", "markdownDescription": "The SlotValueOverride object to which the slot name will be mapped.", "title": "SlotValueOverride" } }, "type": "object" }, "AWS::Lex::Bot.SlotValueRegexFilter": { "additionalProperties": false, "properties": { "Pattern": { "markdownDescription": "A regular expression used to validate the value of a slot.\n\nUse a standard regular expression. Amazon Lex supports the following characters in the regular expression:\n\n- A-Z, a-z\n- 0-9\n- Unicode characters (\"\\\u2060u\")\n\nRepresent Unicode characters with four digits, for example \"\\\u2060u0041\" or \"\\\u2060u005A\".\n\nThe following regular expression operators are not supported:\n\n- Infinite repeaters: *, +, or {x,} with no upper bound.\n- Wild card (.)", "title": "Pattern", "type": "string" } }, "required": [ "Pattern" ], "type": "object" }, "AWS::Lex::Bot.SlotValueSelectionSetting": { "additionalProperties": false, "properties": { "AdvancedRecognitionSetting": { "$ref": "#/definitions/AWS::Lex::Bot.AdvancedRecognitionSetting", "markdownDescription": "Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances.", "title": "AdvancedRecognitionSetting" }, "RegexFilter": { "$ref": "#/definitions/AWS::Lex::Bot.SlotValueRegexFilter", "markdownDescription": "A regular expression used to validate the value of a slot.", "title": "RegexFilter" }, "ResolutionStrategy": { "markdownDescription": "Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values:\n\n- `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value.\n- `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned.\n\nIf you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` .", "title": "ResolutionStrategy", "type": "string" } }, "required": [ "ResolutionStrategy" ], "type": "object" }, "AWS::Lex::Bot.StillWaitingResponseSpecification": { "additionalProperties": false, "properties": { "AllowInterrupt": { "markdownDescription": "Indicates that the user can interrupt the response by speaking while the message is being played.", "title": "AllowInterrupt", "type": "boolean" }, "FrequencyInSeconds": { "markdownDescription": "How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes.", "title": "FrequencyInSeconds", "type": "number" }, "MessageGroupsList": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.MessageGroup" }, "markdownDescription": "One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user.", "title": "MessageGroupsList", "type": "array" }, "TimeoutInSeconds": { "markdownDescription": "If Amazon Lex waits longer than this length of time for a response, it will stop sending messages.", "title": "TimeoutInSeconds", "type": "number" } }, "required": [ "FrequencyInSeconds", "MessageGroupsList", "TimeoutInSeconds" ], "type": "object" }, "AWS::Lex::Bot.TestBotAliasSettings": { "additionalProperties": false, "properties": { "BotAliasLocaleSettings": { "items": { "$ref": "#/definitions/AWS::Lex::Bot.BotAliasLocaleSettingsItem" }, "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale.", "title": "BotAliasLocaleSettings", "type": "array" }, "ConversationLogSettings": { "$ref": "#/definitions/AWS::Lex::Bot.ConversationLogSettings", "markdownDescription": "Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users.", "title": "ConversationLogSettings" }, "Description": { "markdownDescription": "Specifies a description for the test bot alias.", "title": "Description", "type": "string" }, "SentimentAnalysisSettings": { "$ref": "#/definitions/AWS::Lex::Bot.SentimentAnalysisSettings", "markdownDescription": "Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", "title": "SentimentAnalysisSettings" } }, "type": "object" }, "AWS::Lex::Bot.TextInputSpecification": { "additionalProperties": false, "properties": { "StartTimeoutMs": { "markdownDescription": "Time for which a bot waits before re-prompting a customer for text input.", "title": "StartTimeoutMs", "type": "number" } }, "required": [ "StartTimeoutMs" ], "type": "object" }, "AWS::Lex::Bot.TextLogDestination": { "additionalProperties": false, "properties": { "CloudWatch": { "$ref": "#/definitions/AWS::Lex::Bot.CloudWatchLogGroupLogDestination", "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", "title": "CloudWatch" } }, "required": [ "CloudWatch" ], "type": "object" }, "AWS::Lex::Bot.TextLogSetting": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::Lex::Bot.TextLogDestination", "markdownDescription": "Specifies the Amazon CloudWatch Logs destination log group for conversation text logs.", "title": "Destination" }, "Enabled": { "markdownDescription": "Determines whether conversation logs should be stored for an alias.", "title": "Enabled", "type": "boolean" } }, "required": [ "Destination", "Enabled" ], "type": "object" }, "AWS::Lex::Bot.VoiceSettings": { "additionalProperties": false, "properties": { "Engine": { "markdownDescription": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* .\n\nIf you do not specify a value, the default is `standard` .", "title": "Engine", "type": "string" }, "VoiceId": { "markdownDescription": "The identifier of the Amazon Polly voice to use.", "title": "VoiceId", "type": "string" } }, "required": [ "VoiceId" ], "type": "object" }, "AWS::Lex::Bot.WaitAndContinueSpecification": { "additionalProperties": false, "properties": { "ContinueResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation.", "title": "ContinueResponse" }, "IsActive": { "markdownDescription": "Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true.", "title": "IsActive", "type": "boolean" }, "StillWaitingResponse": { "$ref": "#/definitions/AWS::Lex::Bot.StillWaitingResponseSpecification", "markdownDescription": "A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user.", "title": "StillWaitingResponse" }, "WaitingResponse": { "$ref": "#/definitions/AWS::Lex::Bot.ResponseSpecification", "markdownDescription": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue.", "title": "WaitingResponse" } }, "required": [ "ContinueResponse", "WaitingResponse" ], "type": "object" }, "AWS::Lex::BotAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BotAliasLocaleSettings": { "items": { "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettingsItem" }, "markdownDescription": "Specifies settings that are unique to a locale. For example, you can use different Lambda function depending on the bot's locale.", "title": "BotAliasLocaleSettings", "type": "array" }, "BotAliasName": { "markdownDescription": "The name of the bot alias.", "title": "BotAliasName", "type": "string" }, "BotAliasTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nYou can only add tags when you specify an alias.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "BotAliasTags", "type": "array" }, "BotId": { "markdownDescription": "The unique identifier of the bot.", "title": "BotId", "type": "string" }, "BotVersion": { "markdownDescription": "The version of the bot that the bot alias references.", "title": "BotVersion", "type": "string" }, "ConversationLogSettings": { "$ref": "#/definitions/AWS::Lex::BotAlias.ConversationLogSettings", "markdownDescription": "Specifies whether Amazon Lex logs text and audio for conversations with the bot. When you enable conversation logs, text logs store text input, transcripts of audio input, and associated metadata in Amazon CloudWatch logs. Audio logs store input in Amazon S3 .", "title": "ConversationLogSettings" }, "Description": { "markdownDescription": "The description of the bot alias.", "title": "Description", "type": "string" }, "SentimentAnalysisSettings": { "$ref": "#/definitions/AWS::Lex::BotAlias.SentimentAnalysisSettings", "markdownDescription": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.", "title": "SentimentAnalysisSettings" } }, "required": [ "BotAliasName", "BotId" ], "type": "object" }, "Type": { "enum": [ "AWS::Lex::BotAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lex::BotAlias.AudioLogDestination": { "additionalProperties": false, "properties": { "S3Bucket": { "$ref": "#/definitions/AWS::Lex::BotAlias.S3BucketLogDestination", "markdownDescription": "The S3 bucket location where audio logs are stored.", "title": "S3Bucket" } }, "required": [ "S3Bucket" ], "type": "object" }, "AWS::Lex::BotAlias.AudioLogSetting": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogDestination", "markdownDescription": "The location of audio log files collected when conversation logging is enabled for a bot.", "title": "Destination" }, "Enabled": { "markdownDescription": "Determines whether audio logging in enabled for the bot.", "title": "Enabled", "type": "boolean" } }, "required": [ "Destination", "Enabled" ], "type": "object" }, "AWS::Lex::BotAlias.BotAliasLocaleSettings": { "additionalProperties": false, "properties": { "CodeHookSpecification": { "$ref": "#/definitions/AWS::Lex::BotAlias.CodeHookSpecification", "markdownDescription": "Specifies the Lambda function that should be used in the locale.", "title": "CodeHookSpecification" }, "Enabled": { "markdownDescription": "Determines whether the locale is enabled for the bot. If the value is `false` , the locale isn't available for use.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::Lex::BotAlias.BotAliasLocaleSettingsItem": { "additionalProperties": false, "properties": { "BotAliasLocaleSetting": { "$ref": "#/definitions/AWS::Lex::BotAlias.BotAliasLocaleSettings", "markdownDescription": "Specifies settings that are unique to a locale.", "title": "BotAliasLocaleSetting" }, "LocaleId": { "markdownDescription": "The unique identifier of the locale.", "title": "LocaleId", "type": "string" } }, "required": [ "BotAliasLocaleSetting", "LocaleId" ], "type": "object" }, "AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination": { "additionalProperties": false, "properties": { "CloudWatchLogGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the log group where text and metadata logs are delivered.", "title": "CloudWatchLogGroupArn", "type": "string" }, "LogPrefix": { "markdownDescription": "The prefix of the log stream name within the log group that you specified", "title": "LogPrefix", "type": "string" } }, "required": [ "CloudWatchLogGroupArn", "LogPrefix" ], "type": "object" }, "AWS::Lex::BotAlias.CodeHookSpecification": { "additionalProperties": false, "properties": { "LambdaCodeHook": { "$ref": "#/definitions/AWS::Lex::BotAlias.LambdaCodeHook", "markdownDescription": "Specifies a Lambda function that verifies requests to a bot or fulfills the user's request to a bot.", "title": "LambdaCodeHook" } }, "required": [ "LambdaCodeHook" ], "type": "object" }, "AWS::Lex::BotAlias.ConversationLogSettings": { "additionalProperties": false, "properties": { "AudioLogSettings": { "items": { "$ref": "#/definitions/AWS::Lex::BotAlias.AudioLogSetting" }, "markdownDescription": "The Amazon S3 settings for logging audio to an S3 bucket.", "title": "AudioLogSettings", "type": "array" }, "TextLogSettings": { "items": { "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogSetting" }, "markdownDescription": "The Amazon CloudWatch Logs settings for logging text and metadata.", "title": "TextLogSettings", "type": "array" } }, "type": "object" }, "AWS::Lex::BotAlias.LambdaCodeHook": { "additionalProperties": false, "properties": { "CodeHookInterfaceVersion": { "markdownDescription": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.", "title": "CodeHookInterfaceVersion", "type": "string" }, "LambdaArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function.", "title": "LambdaArn", "type": "string" } }, "required": [ "CodeHookInterfaceVersion", "LambdaArn" ], "type": "object" }, "AWS::Lex::BotAlias.S3BucketLogDestination": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an Amazon S3 bucket.", "title": "KmsKeyArn", "type": "string" }, "LogPrefix": { "markdownDescription": "The S3 prefix to assign to audio log files.", "title": "LogPrefix", "type": "string" }, "S3BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.", "title": "S3BucketArn", "type": "string" } }, "required": [ "LogPrefix", "S3BucketArn" ], "type": "object" }, "AWS::Lex::BotAlias.SentimentAnalysisSettings": { "additionalProperties": false, "properties": { "DetectSentiment": { "markdownDescription": "Sets whether Amazon Lex uses Amazon Comprehend to detect the sentiment of user utterances.", "title": "DetectSentiment", "type": "boolean" } }, "required": [ "DetectSentiment" ], "type": "object" }, "AWS::Lex::BotAlias.TextLogDestination": { "additionalProperties": false, "properties": { "CloudWatch": { "$ref": "#/definitions/AWS::Lex::BotAlias.CloudWatchLogGroupLogDestination", "markdownDescription": "Defines the Amazon CloudWatch Logs log group where text and metadata logs are delivered.", "title": "CloudWatch" } }, "required": [ "CloudWatch" ], "type": "object" }, "AWS::Lex::BotAlias.TextLogSetting": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::Lex::BotAlias.TextLogDestination", "markdownDescription": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.", "title": "Destination" }, "Enabled": { "markdownDescription": "Determines whether conversation logs should be stored for an alias.", "title": "Enabled", "type": "boolean" } }, "required": [ "Destination", "Enabled" ], "type": "object" }, "AWS::Lex::BotVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BotId": { "markdownDescription": "The unique identifier of the bot.", "title": "BotId", "type": "string" }, "BotVersionLocaleSpecification": { "items": { "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleSpecification" }, "markdownDescription": "Specifies the locales that Amazon Lex adds to this version. You can choose the Draft version or any other previously published version for each locale. When you specify a source version, the locale data is copied from the source version to the new version.", "title": "BotVersionLocaleSpecification", "type": "array" }, "Description": { "markdownDescription": "The description of the version.", "title": "Description", "type": "string" } }, "required": [ "BotId", "BotVersionLocaleSpecification" ], "type": "object" }, "Type": { "enum": [ "AWS::Lex::BotVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lex::BotVersion.BotVersionLocaleDetails": { "additionalProperties": false, "properties": { "SourceBotVersion": { "markdownDescription": "The version of a bot used for a bot locale.", "title": "SourceBotVersion", "type": "string" } }, "required": [ "SourceBotVersion" ], "type": "object" }, "AWS::Lex::BotVersion.BotVersionLocaleSpecification": { "additionalProperties": false, "properties": { "BotVersionLocaleDetails": { "$ref": "#/definitions/AWS::Lex::BotVersion.BotVersionLocaleDetails", "markdownDescription": "The version of a bot used for a bot locale.", "title": "BotVersionLocaleDetails" }, "LocaleId": { "markdownDescription": "The identifier of the locale to add to the version.", "title": "LocaleId", "type": "string" } }, "required": [ "BotVersionLocaleDetails", "LocaleId" ], "type": "object" }, "AWS::Lex::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Policy": { "markdownDescription": "A resource policy to add to the resource. The policy is a JSON structure that contains one or more statements that define the policy. The policy must follow IAM syntax. If the policy isn't valid, Amazon Lex returns a validation exception.", "title": "Policy", "type": "object" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the bot or bot alias that the resource policy is attached to.", "title": "ResourceArn", "type": "string" } }, "required": [ "Policy", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Lex::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LicenseManager::Grant": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedOperations": { "items": { "type": "string" }, "markdownDescription": "Allowed operations for the grant.", "title": "AllowedOperations", "type": "array" }, "GrantName": { "markdownDescription": "Grant name.", "title": "GrantName", "type": "string" }, "HomeRegion": { "markdownDescription": "Home Region of the grant.", "title": "HomeRegion", "type": "string" }, "LicenseArn": { "markdownDescription": "License ARN.", "title": "LicenseArn", "type": "string" }, "Principals": { "items": { "type": "string" }, "markdownDescription": "The grant principals. You can specify one of the following as an Amazon Resource Name (ARN):\n\n- An AWS account, which includes only the account specified.\n\n- An organizational unit (OU), which includes all accounts in the OU.\n\n- An organization, which will include all accounts across your organization.", "title": "Principals", "type": "array" }, "Status": { "markdownDescription": "Granted license status.", "title": "Status", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::LicenseManager::Grant" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::LicenseManager::License": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Beneficiary": { "markdownDescription": "License beneficiary.", "title": "Beneficiary", "type": "string" }, "ConsumptionConfiguration": { "$ref": "#/definitions/AWS::LicenseManager::License.ConsumptionConfiguration", "markdownDescription": "Configuration for consumption of the license.", "title": "ConsumptionConfiguration" }, "Entitlements": { "items": { "$ref": "#/definitions/AWS::LicenseManager::License.Entitlement" }, "markdownDescription": "License entitlements.", "title": "Entitlements", "type": "array" }, "HomeRegion": { "markdownDescription": "Home Region of the license.", "title": "HomeRegion", "type": "string" }, "Issuer": { "$ref": "#/definitions/AWS::LicenseManager::License.IssuerData", "markdownDescription": "License issuer.", "title": "Issuer" }, "LicenseMetadata": { "items": { "$ref": "#/definitions/AWS::LicenseManager::License.Metadata" }, "markdownDescription": "License metadata.", "title": "LicenseMetadata", "type": "array" }, "LicenseName": { "markdownDescription": "License name.", "title": "LicenseName", "type": "string" }, "ProductName": { "markdownDescription": "Product name.", "title": "ProductName", "type": "string" }, "ProductSKU": { "markdownDescription": "Product SKU.", "title": "ProductSKU", "type": "string" }, "Status": { "markdownDescription": "License status.", "title": "Status", "type": "string" }, "Validity": { "$ref": "#/definitions/AWS::LicenseManager::License.ValidityDateFormat", "markdownDescription": "Date and time range during which the license is valid, in ISO8601-UTC format.", "title": "Validity" } }, "required": [ "ConsumptionConfiguration", "Entitlements", "HomeRegion", "Issuer", "LicenseName", "ProductName", "Validity" ], "type": "object" }, "Type": { "enum": [ "AWS::LicenseManager::License" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LicenseManager::License.BorrowConfiguration": { "additionalProperties": false, "properties": { "AllowEarlyCheckIn": { "markdownDescription": "Indicates whether early check-ins are allowed.", "title": "AllowEarlyCheckIn", "type": "boolean" }, "MaxTimeToLiveInMinutes": { "markdownDescription": "Maximum time for the borrow configuration, in minutes.", "title": "MaxTimeToLiveInMinutes", "type": "number" } }, "required": [ "AllowEarlyCheckIn", "MaxTimeToLiveInMinutes" ], "type": "object" }, "AWS::LicenseManager::License.ConsumptionConfiguration": { "additionalProperties": false, "properties": { "BorrowConfiguration": { "$ref": "#/definitions/AWS::LicenseManager::License.BorrowConfiguration", "markdownDescription": "Details about a borrow configuration.", "title": "BorrowConfiguration" }, "ProvisionalConfiguration": { "$ref": "#/definitions/AWS::LicenseManager::License.ProvisionalConfiguration", "markdownDescription": "Details about a provisional configuration.", "title": "ProvisionalConfiguration" }, "RenewType": { "markdownDescription": "Renewal frequency.", "title": "RenewType", "type": "string" } }, "type": "object" }, "AWS::LicenseManager::License.Entitlement": { "additionalProperties": false, "properties": { "AllowCheckIn": { "markdownDescription": "Indicates whether check-ins are allowed.", "title": "AllowCheckIn", "type": "boolean" }, "MaxCount": { "markdownDescription": "Maximum entitlement count. Use if the unit is not None.", "title": "MaxCount", "type": "number" }, "Name": { "markdownDescription": "Entitlement name.", "title": "Name", "type": "string" }, "Overage": { "markdownDescription": "Indicates whether overages are allowed.", "title": "Overage", "type": "boolean" }, "Unit": { "markdownDescription": "Entitlement unit.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "Entitlement resource. Use only if the unit is None.", "title": "Value", "type": "string" } }, "required": [ "Name", "Unit" ], "type": "object" }, "AWS::LicenseManager::License.IssuerData": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Issuer name.", "title": "Name", "type": "string" }, "SignKey": { "markdownDescription": "Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm.", "title": "SignKey", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::LicenseManager::License.Metadata": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The key name.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::LicenseManager::License.ProvisionalConfiguration": { "additionalProperties": false, "properties": { "MaxTimeToLiveInMinutes": { "markdownDescription": "Maximum time for the provisional configuration, in minutes.", "title": "MaxTimeToLiveInMinutes", "type": "number" } }, "required": [ "MaxTimeToLiveInMinutes" ], "type": "object" }, "AWS::LicenseManager::License.ValidityDateFormat": { "additionalProperties": false, "properties": { "Begin": { "markdownDescription": "Start of the time range.", "title": "Begin", "type": "string" }, "End": { "markdownDescription": "End of the time range.", "title": "End", "type": "string" } }, "required": [ "Begin", "End" ], "type": "object" }, "AWS::Lightsail::Alarm": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlarmName": { "markdownDescription": "The name of the alarm.", "title": "AlarmName", "type": "string" }, "ComparisonOperator": { "markdownDescription": "The arithmetic operation to use when comparing the specified statistic and threshold.", "title": "ComparisonOperator", "type": "string" }, "ContactProtocols": { "items": { "type": "string" }, "markdownDescription": "The contact protocols for the alarm, such as `Email` , `SMS` (text messaging), or both.\n\n*Allowed Values* : `Email` | `SMS`", "title": "ContactProtocols", "type": "array" }, "DatapointsToAlarm": { "markdownDescription": "The number of data points within the evaluation periods that must be breaching to cause the alarm to go to the `ALARM` state.", "title": "DatapointsToAlarm", "type": "number" }, "EvaluationPeriods": { "markdownDescription": "The number of periods over which data is compared to the specified threshold.", "title": "EvaluationPeriods", "type": "number" }, "MetricName": { "markdownDescription": "The name of the metric associated with the alarm.", "title": "MetricName", "type": "string" }, "MonitoredResourceName": { "markdownDescription": "The name of the Lightsail resource that the alarm monitors.", "title": "MonitoredResourceName", "type": "string" }, "NotificationEnabled": { "markdownDescription": "A Boolean value indicating whether the alarm is enabled.", "title": "NotificationEnabled", "type": "boolean" }, "NotificationTriggers": { "items": { "type": "string" }, "markdownDescription": "The alarm states that trigger a notification.\n\n> To specify the `OK` and `INSUFFICIENT_DATA` values, you must also specify `ContactProtocols` values. Otherwise, the `OK` and `INSUFFICIENT_DATA` values will not take effect and the stack will drift. \n\n*Allowed Values* : `OK` | `ALARM` | `INSUFFICIENT_DATA`", "title": "NotificationTriggers", "type": "array" }, "Threshold": { "markdownDescription": "The value against which the specified statistic is compared.", "title": "Threshold", "type": "number" }, "TreatMissingData": { "markdownDescription": "Specifies how the alarm handles missing data points.\n\nAn alarm can treat missing data in the following ways:\n\n- `breaching` - Assumes the missing data is not within the threshold. Missing data counts towards the number of times that the metric is not within the threshold.\n- `notBreaching` - Assumes the missing data is within the threshold. Missing data does not count towards the number of times that the metric is not within the threshold.\n- `ignore` - Ignores the missing data. Maintains the current alarm state.\n- `missing` - Missing data is treated as missing.", "title": "TreatMissingData", "type": "string" } }, "required": [ "AlarmName", "ComparisonOperator", "EvaluationPeriods", "MetricName", "MonitoredResourceName", "Threshold" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Alarm" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Bucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessRules": { "$ref": "#/definitions/AWS::Lightsail::Bucket.AccessRules", "markdownDescription": "An object that describes the access rules for the bucket.", "title": "AccessRules" }, "BucketName": { "markdownDescription": "The name of the bucket.", "title": "BucketName", "type": "string" }, "BundleId": { "markdownDescription": "The bundle ID for the bucket (for example, `small_1_0` ).\n\nA bucket bundle specifies the monthly cost, storage space, and data transfer quota for a bucket.", "title": "BundleId", "type": "string" }, "ObjectVersioning": { "markdownDescription": "Indicates whether object versioning is enabled for the bucket.\n\nThe following options can be configured:\n\n- `Enabled` - Object versioning is enabled.\n- `Suspended` - Object versioning was previously enabled but is currently suspended. Existing object versions are retained.\n- `NeverEnabled` - Object versioning has never been enabled.", "title": "ObjectVersioning", "type": "boolean" }, "ReadOnlyAccessAccounts": { "items": { "type": "string" }, "markdownDescription": "An array of AWS account IDs that have read-only access to the bucket.", "title": "ReadOnlyAccessAccounts", "type": "array" }, "ResourcesReceivingAccess": { "items": { "type": "string" }, "markdownDescription": "An array of Lightsail instances that have access to the bucket.", "title": "ResourcesReceivingAccess", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "BucketName", "BundleId" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Bucket" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Bucket.AccessRules": { "additionalProperties": false, "properties": { "AllowPublicOverrides": { "markdownDescription": "A Boolean value indicating whether the access control list (ACL) permissions that are applied to individual objects override the `GetObject` option that is currently specified.\n\nWhen this is true, you can use the [PutObjectAcl](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectAcl.html) Amazon S3 API operation to set individual objects to public (read-only) or private, using either the `public-read` ACL or the `private` ACL.", "title": "AllowPublicOverrides", "type": "boolean" }, "GetObject": { "markdownDescription": "Specifies the anonymous access to all objects in a bucket.\n\nThe following options can be specified:\n\n- `public` - Sets all objects in the bucket to public (read-only), making them readable by everyone on the internet.\n\nIf the `GetObject` value is set to `public` , then all objects in the bucket default to public regardless of the `allowPublicOverrides` value.\n- `private` - Sets all objects in the bucket to private, making them readable only by you and anyone that you grant access to.\n\nIf the `GetObject` value is set to `private` , and the `allowPublicOverrides` value is set to `true` , then all objects in the bucket default to private unless they are configured with a `public-read` ACL. Individual objects with a `public-read` ACL are readable by everyone on the internet.", "title": "GetObject", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateName": { "markdownDescription": "The name of the certificate.", "title": "CertificateName", "type": "string" }, "DomainName": { "markdownDescription": "The domain name of the certificate.", "title": "DomainName", "type": "string" }, "SubjectAlternativeNames": { "items": { "type": "string" }, "markdownDescription": "An array of strings that specify the alternate domains (such as `example.org` ) and subdomains (such as `blog.example.com` ) of the certificate.", "title": "SubjectAlternativeNames", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "CertificateName", "DomainName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Container": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContainerServiceDeployment": { "$ref": "#/definitions/AWS::Lightsail::Container.ContainerServiceDeployment", "markdownDescription": "An object that describes the current container deployment of the container service.", "title": "ContainerServiceDeployment" }, "IsDisabled": { "markdownDescription": "A Boolean value indicating whether the container service is disabled.", "title": "IsDisabled", "type": "boolean" }, "Power": { "markdownDescription": "The power specification of the container service.\n\nThe power specifies the amount of RAM, the number of vCPUs, and the base price of the container service.", "title": "Power", "type": "string" }, "PrivateRegistryAccess": { "$ref": "#/definitions/AWS::Lightsail::Container.PrivateRegistryAccess", "markdownDescription": "An object that describes the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry ( Amazon ECR ) private repositories.\n\nFor more information, see [Configuring access to an Amazon ECR private repository for an Amazon Lightsail container service](https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-container-service-ecr-private-repo-access) in the *Amazon Lightsail Developer Guide* .", "title": "PrivateRegistryAccess" }, "PublicDomainNames": { "items": { "$ref": "#/definitions/AWS::Lightsail::Container.PublicDomainName" }, "markdownDescription": "The public domain name of the container service, such as `example.com` and `www.example.com` .\n\nYou can specify up to four public domain names for a container service. The domain names that you specify are used when you create a deployment with a container that is configured as the public endpoint of your container service.\n\nIf you don't specify public domain names, then you can use the default domain of the container service.\n\n> You must create and validate an SSL/TLS certificate before you can use public domain names with your container service. Use the [AWS::Lightsail::Certificate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lightsail-certificate.html) resource to create a certificate for the public domain names that you want to use with your container service.", "title": "PublicDomainNames", "type": "array" }, "Scale": { "markdownDescription": "The scale specification of the container service.\n\nThe scale specifies the allocated compute nodes of the container service.", "title": "Scale", "type": "number" }, "ServiceName": { "markdownDescription": "The name of the container service.", "title": "ServiceName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "Power", "Scale", "ServiceName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Container" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Container.Container": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The launch command for the container.", "title": "Command", "type": "array" }, "ContainerName": { "markdownDescription": "The name of the container.", "title": "ContainerName", "type": "string" }, "Environment": { "items": { "$ref": "#/definitions/AWS::Lightsail::Container.EnvironmentVariable" }, "markdownDescription": "The environment variables of the container.", "title": "Environment", "type": "array" }, "Image": { "markdownDescription": "The name of the image used for the container.\n\nContainer images that are sourced from (registered and stored on) your container service start with a colon ( `:` ). For example, if your container service name is `container-service-1` , the container image label is `mystaticsite` , and you want to use the third version ( `3` ) of the registered container image, then you should specify `:container-service-1.mystaticsite.3` . To use the latest version of a container image, specify `latest` instead of a version number (for example, `:container-service-1.mystaticsite.latest` ). Your container service will automatically use the highest numbered version of the registered container image.\n\nContainer images that are sourced from a public registry like Docker Hub don\u2019t start with a colon. For example, `nginx:latest` or `nginx` .", "title": "Image", "type": "string" }, "Ports": { "items": { "$ref": "#/definitions/AWS::Lightsail::Container.PortInfo" }, "markdownDescription": "An object that describes the open firewall ports and protocols of the container.", "title": "Ports", "type": "array" } }, "type": "object" }, "AWS::Lightsail::Container.ContainerServiceDeployment": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::Lightsail::Container.Container" }, "markdownDescription": "An object that describes the configuration for the containers of the deployment.", "title": "Containers", "type": "array" }, "PublicEndpoint": { "$ref": "#/definitions/AWS::Lightsail::Container.PublicEndpoint", "markdownDescription": "An object that describes the endpoint of the deployment.", "title": "PublicEndpoint" } }, "type": "object" }, "AWS::Lightsail::Container.EcrImagePullerRole": { "additionalProperties": false, "properties": { "IsActive": { "markdownDescription": "A boolean value that indicates whether the `ECRImagePullerRole` is active.", "title": "IsActive", "type": "boolean" }, "PrincipalArn": { "markdownDescription": "The principle Amazon Resource Name (ARN) of the role. This property is read-only.", "title": "PrincipalArn", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Container.EnvironmentVariable": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The environment variable value.", "title": "Value", "type": "string" }, "Variable": { "markdownDescription": "The environment variable key.", "title": "Variable", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Container.HealthCheckConfig": { "additionalProperties": false, "properties": { "HealthyThreshold": { "markdownDescription": "The number of consecutive health check successes required before moving the container to the `Healthy` state. The default value is `2` .", "title": "HealthyThreshold", "type": "number" }, "IntervalSeconds": { "markdownDescription": "The approximate interval, in seconds, between health checks of an individual container. You can specify between `5` and `300` seconds. The default value is `5` .", "title": "IntervalSeconds", "type": "number" }, "Path": { "markdownDescription": "The path on the container on which to perform the health check. The default value is `/` .", "title": "Path", "type": "string" }, "SuccessCodes": { "markdownDescription": "The HTTP codes to use when checking for a successful response from a container. You can specify values between `200` and `499` . You can specify multiple values (for example, `200,202` ) or a range of values (for example, `200-299` ).", "title": "SuccessCodes", "type": "string" }, "TimeoutSeconds": { "markdownDescription": "The amount of time, in seconds, during which no response means a failed health check. You can specify between `2` and `60` seconds. The default value is `2` .", "title": "TimeoutSeconds", "type": "number" }, "UnhealthyThreshold": { "markdownDescription": "The number of consecutive health check failures required before moving the container to the `Unhealthy` state. The default value is `2` .", "title": "UnhealthyThreshold", "type": "number" } }, "type": "object" }, "AWS::Lightsail::Container.PortInfo": { "additionalProperties": false, "properties": { "Port": { "markdownDescription": "The open firewall ports of the container.", "title": "Port", "type": "string" }, "Protocol": { "markdownDescription": "The protocol name for the open ports.\n\n*Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP`", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Container.PrivateRegistryAccess": { "additionalProperties": false, "properties": { "EcrImagePullerRole": { "$ref": "#/definitions/AWS::Lightsail::Container.EcrImagePullerRole", "markdownDescription": "An object that describes the activation status of the role that you can use to grant a Lightsail container service access to Amazon ECR private repositories. If the role is activated, the Amazon Resource Name (ARN) of the role is also listed.", "title": "EcrImagePullerRole" } }, "type": "object" }, "AWS::Lightsail::Container.PublicDomainName": { "additionalProperties": false, "properties": { "CertificateName": { "markdownDescription": "The name of the certificate for the public domains.", "title": "CertificateName", "type": "string" }, "DomainNames": { "items": { "type": "string" }, "markdownDescription": "The public domain names to use with the container service.", "title": "DomainNames", "type": "array" } }, "type": "object" }, "AWS::Lightsail::Container.PublicEndpoint": { "additionalProperties": false, "properties": { "ContainerName": { "markdownDescription": "The name of the container entry of the deployment that the endpoint configuration applies to.", "title": "ContainerName", "type": "string" }, "ContainerPort": { "markdownDescription": "The port of the specified container to which traffic is forwarded to.", "title": "ContainerPort", "type": "number" }, "HealthCheckConfig": { "$ref": "#/definitions/AWS::Lightsail::Container.HealthCheckConfig", "markdownDescription": "An object that describes the health check configuration of the container.", "title": "HealthCheckConfig" } }, "type": "object" }, "AWS::Lightsail::Database": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone for the database.", "title": "AvailabilityZone", "type": "string" }, "BackupRetention": { "markdownDescription": "A Boolean value indicating whether automated backup retention is enabled for the database. Data Import Mode is enabled when `BackupRetention` is set to `false` , and is disabled when `BackupRetention` is set to `true` .", "title": "BackupRetention", "type": "boolean" }, "CaCertificateIdentifier": { "markdownDescription": "The certificate associated with the database.", "title": "CaCertificateIdentifier", "type": "string" }, "MasterDatabaseName": { "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n*MySQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, no database is created in the database resource.\n\nConstraints:\n\n- Must contain 1-64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in MySQL, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , and [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nThe name of the database to create when the Lightsail database resource is created. If this parameter isn't specified, a database named `postgres` is created in the database resource.\n\nConstraints:\n\n- Must contain 1-63 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or numbers (0-9).\n- Can't be a word reserved by the specified database engine.\n\nFor more information about reserved words in PostgreSQL, see the SQL Key Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", "title": "MasterDatabaseName", "type": "string" }, "MasterUserPassword": { "markdownDescription": "The password for the primary user of the database. The password can include any printable ASCII character except the following: /, \", or @. It cannot contain spaces.\n\n> The `MasterUserPassword` and `RotateMasterUserPassword` parameters cannot be used together in the same template. \n\n*MySQL*\n\nConstraints: Must contain 8-41 characters.\n\n*PostgreSQL*\n\nConstraints: Must contain 8-128 characters.", "title": "MasterUserPassword", "type": "string" }, "MasterUsername": { "markdownDescription": "The name for the primary user.\n\n*MySQL*\n\nConstraints:\n\n- Required for MySQL.\n- Must be 1-16 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [MySQL 5.6](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.6/en/keywords.html) , [MySQL 5.7](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/5.7/en/keywords.html) , or [MySQL 8.0](https://docs.aws.amazon.com/https://dev.mysql.com/doc/refman/8.0/en/keywords.html) .\n\n*PostgreSQL*\n\nConstraints:\n\n- Required for PostgreSQL.\n- Must be 1-63 letters or numbers. Can contain underscores.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\nFor more information about reserved words in MySQL 5.6 or 5.7, see the Keywords and Reserved Words articles for [PostgreSQL 9.6](https://docs.aws.amazon.com/https://www.postgresql.org/docs/9.6/sql-keywords-appendix.html) , [PostgreSQL 10](https://docs.aws.amazon.com/https://www.postgresql.org/docs/10/sql-keywords-appendix.html) , [PostgreSQL 11](https://docs.aws.amazon.com/https://www.postgresql.org/docs/11/sql-keywords-appendix.html) , and [PostgreSQL 12](https://docs.aws.amazon.com/https://www.postgresql.org/docs/12/sql-keywords-appendix.html) .", "title": "MasterUsername", "type": "string" }, "PreferredBackupWindow": { "markdownDescription": "The daily time range during which automated backups are created for the database (for example, `16:00-16:30` ).", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur for the database, formatted as follows: `ddd:hh24:mi-ddd:hh24:mi` . For example, `Tue:17:00-Tue:17:30` .", "title": "PreferredMaintenanceWindow", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "A Boolean value indicating whether the database is accessible to anyone on the internet.", "title": "PubliclyAccessible", "type": "boolean" }, "RelationalDatabaseBlueprintId": { "markdownDescription": "The blueprint ID for the database (for example, `mysql_8_0` ).", "title": "RelationalDatabaseBlueprintId", "type": "string" }, "RelationalDatabaseBundleId": { "markdownDescription": "The bundle ID for the database (for example, `medium_1_0` ).", "title": "RelationalDatabaseBundleId", "type": "string" }, "RelationalDatabaseName": { "markdownDescription": "The name of the instance.", "title": "RelationalDatabaseName", "type": "string" }, "RelationalDatabaseParameters": { "items": { "$ref": "#/definitions/AWS::Lightsail::Database.RelationalDatabaseParameter" }, "markdownDescription": "An array of parameters for the database.", "title": "RelationalDatabaseParameters", "type": "array" }, "RotateMasterUserPassword": { "markdownDescription": "A Boolean value indicating whether to change the primary user password to a new, strong password generated by Lightsail .\n\n> The `RotateMasterUserPassword` and `MasterUserPassword` parameters cannot be used together in the same template.", "title": "RotateMasterUserPassword", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "MasterDatabaseName", "MasterUsername", "RelationalDatabaseBlueprintId", "RelationalDatabaseBundleId", "RelationalDatabaseName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Database" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Database.RelationalDatabaseParameter": { "additionalProperties": false, "properties": { "AllowedValues": { "markdownDescription": "The valid range of values for the parameter.", "title": "AllowedValues", "type": "string" }, "ApplyMethod": { "markdownDescription": "Indicates when parameter updates are applied.\n\nCan be `immediate` or `pending-reboot` .", "title": "ApplyMethod", "type": "string" }, "ApplyType": { "markdownDescription": "Specifies the engine-specific parameter type.", "title": "ApplyType", "type": "string" }, "DataType": { "markdownDescription": "The valid data type of the parameter.", "title": "DataType", "type": "string" }, "Description": { "markdownDescription": "A description of the parameter.", "title": "Description", "type": "string" }, "IsModifiable": { "markdownDescription": "A Boolean value indicating whether the parameter can be modified.", "title": "IsModifiable", "type": "boolean" }, "ParameterName": { "markdownDescription": "The name of the parameter.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "The value for the parameter.", "title": "ParameterValue", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Disk": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddOns": { "items": { "$ref": "#/definitions/AWS::Lightsail::Disk.AddOn" }, "markdownDescription": "An array of add-ons for the disk.\n\n> If the disk has an add-on enabled when performing a delete disk request, the add-on is automatically disabled before the disk is deleted.", "title": "AddOns", "type": "array" }, "AvailabilityZone": { "markdownDescription": "The AWS Region and Availability Zone location for the disk (for example, `us-east-1a` ).", "title": "AvailabilityZone", "type": "string" }, "DiskName": { "markdownDescription": "The name of the disk.", "title": "DiskName", "type": "string" }, "Location": { "$ref": "#/definitions/AWS::Lightsail::Disk.Location", "markdownDescription": "The AWS Region and Availability Zone where the disk is located.", "title": "Location" }, "SizeInGb": { "markdownDescription": "The size of the disk in GB.", "title": "SizeInGb", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "DiskName", "SizeInGb" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Disk" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Disk.AddOn": { "additionalProperties": false, "properties": { "AddOnType": { "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for a disk.", "title": "AddOnType", "type": "string" }, "AutoSnapshotAddOnRequest": { "$ref": "#/definitions/AWS::Lightsail::Disk.AutoSnapshotAddOn", "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", "title": "AutoSnapshotAddOnRequest" }, "Status": { "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", "title": "Status", "type": "string" } }, "required": [ "AddOnType" ], "type": "object" }, "AWS::Lightsail::Disk.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { "SnapshotTimeOfDay": { "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", "title": "SnapshotTimeOfDay", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Disk.Location": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone where the disk is located.", "title": "AvailabilityZone", "type": "string" }, "RegionName": { "markdownDescription": "The AWS Region where the disk is located.", "title": "RegionName", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BundleId": { "markdownDescription": "The ID of the bundle applied to the distribution.", "title": "BundleId", "type": "string" }, "CacheBehaviorSettings": { "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheSettings", "markdownDescription": "An object that describes the cache behavior settings of the distribution.", "title": "CacheBehaviorSettings" }, "CacheBehaviors": { "items": { "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehaviorPerPath" }, "markdownDescription": "An array of objects that describe the per-path cache behavior of the distribution.", "title": "CacheBehaviors", "type": "array" }, "CertificateName": { "markdownDescription": "The name of the SSL/TLS certificate attached to the distribution.", "title": "CertificateName", "type": "string" }, "DefaultCacheBehavior": { "$ref": "#/definitions/AWS::Lightsail::Distribution.CacheBehavior", "markdownDescription": "An object that describes the default cache behavior of the distribution.", "title": "DefaultCacheBehavior" }, "DistributionName": { "markdownDescription": "The name of the distribution", "title": "DistributionName", "type": "string" }, "IpAddressType": { "markdownDescription": "The IP address type of the distribution.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for IPv4 and IPv6.", "title": "IpAddressType", "type": "string" }, "IsEnabled": { "markdownDescription": "A Boolean value indicating whether the distribution is enabled.", "title": "IsEnabled", "type": "boolean" }, "Origin": { "$ref": "#/definitions/AWS::Lightsail::Distribution.InputOrigin", "markdownDescription": "An object that describes the origin resource of the distribution, such as a Lightsail instance, bucket, or load balancer.\n\nThe distribution pulls, caches, and serves content from the origin.", "title": "Origin" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" } }, "required": [ "BundleId", "DefaultCacheBehavior", "DistributionName", "Origin" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Distribution" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Distribution.CacheBehavior": { "additionalProperties": false, "properties": { "Behavior": { "markdownDescription": "The cache behavior of the distribution.\n\nThe following cache behaviors can be specified:\n\n- *`cache`* - This option is best for static sites. When specified, your distribution caches and serves your entire website as static content. This behavior is ideal for websites with static content that doesn't change depending on who views it, or for websites that don't use cookies, headers, or query strings to personalize content.\n- *`dont-cache`* - This option is best for sites that serve a mix of static and dynamic content. When specified, your distribution caches and serves only the content that is specified in the distribution\u2019s `CacheBehaviorPerPath` parameter. This behavior is ideal for websites or web applications that use cookies, headers, and query strings to personalize content for individual users.", "title": "Behavior", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution.CacheBehaviorPerPath": { "additionalProperties": false, "properties": { "Behavior": { "markdownDescription": "The cache behavior for the specified path.\n\nYou can specify one of the following per-path cache behaviors:\n\n- *`cache`* - This behavior caches the specified path.\n- *`dont-cache`* - This behavior doesn't cache the specified path.", "title": "Behavior", "type": "string" }, "Path": { "markdownDescription": "The path to a directory or file to cache, or not cache. Use an asterisk symbol to specify wildcard directories ( `path/to/assets/*` ), and file types ( `*.html` , `*jpg` , `*js` ). Directories and file paths are case-sensitive.\n\nExamples:\n\n- Specify the following to cache all files in the document root of an Apache web server running on a instance.\n\n`var/www/html/`\n- Specify the following file to cache only the index page in the document root of an Apache web server.\n\n`var/www/html/index.html`\n- Specify the following to cache only the .html files in the document root of an Apache web server.\n\n`var/www/html/*.html`\n- Specify the following to cache only the .jpg, .png, and .gif files in the images sub-directory of the document root of an Apache web server.\n\n`var/www/html/images/*.jpg`\n\n`var/www/html/images/*.png`\n\n`var/www/html/images/*.gif`\n\nSpecify the following to cache all files in the images subdirectory of the document root of an Apache web server.\n\n`var/www/html/images/`", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution.CacheSettings": { "additionalProperties": false, "properties": { "AllowedHTTPMethods": { "markdownDescription": "The HTTP methods that are processed and forwarded to the distribution's origin.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution forwards the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution forwards the `GET` , `HEAD` , and `OPTIONS` methods.\n- `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` - The distribution forwards the `GET` , `HEAD` , `OPTIONS` , `PUT` , `PATCH` , `POST` , and `DELETE` methods.\n\nIf you specify `GET,HEAD,OPTIONS,PUT,PATCH,POST,DELETE` , you might need to restrict access to your distribution's origin so users can't perform operations that you don't want them to. For example, you might not want users to have permission to delete objects from your origin.", "title": "AllowedHTTPMethods", "type": "string" }, "CachedHTTPMethods": { "markdownDescription": "The HTTP method responses that are cached by your distribution.\n\nYou can specify the following options:\n\n- `GET,HEAD` - The distribution caches responses to the `GET` and `HEAD` methods.\n- `GET,HEAD,OPTIONS` - The distribution caches responses to the `GET` , `HEAD` , and `OPTIONS` methods.", "title": "CachedHTTPMethods", "type": "string" }, "DefaultTTL": { "markdownDescription": "The default amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the content has been updated.\n\n> The value specified applies only when the origin does not add HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", "title": "DefaultTTL", "type": "number" }, "ForwardedCookies": { "$ref": "#/definitions/AWS::Lightsail::Distribution.CookieObject", "markdownDescription": "An object that describes the cookies that are forwarded to the origin. Your content is cached based on the cookies that are forwarded.", "title": "ForwardedCookies" }, "ForwardedHeaders": { "$ref": "#/definitions/AWS::Lightsail::Distribution.HeaderObject", "markdownDescription": "An object that describes the headers that are forwarded to the origin. Your content is cached based on the headers that are forwarded.", "title": "ForwardedHeaders" }, "ForwardedQueryStrings": { "$ref": "#/definitions/AWS::Lightsail::Distribution.QueryStringObject", "markdownDescription": "An object that describes the query strings that are forwarded to the origin. Your content is cached based on the query strings that are forwarded.", "title": "ForwardedQueryStrings" }, "MaximumTTL": { "markdownDescription": "The maximum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nThe value specified applies only when the origin adds HTTP headers such as `Cache-Control max-age` , `Cache-Control s-maxage` , and `Expires` to objects.", "title": "MaximumTTL", "type": "number" }, "MinimumTTL": { "markdownDescription": "The minimum amount of time that objects stay in the distribution's cache before the distribution forwards another request to the origin to determine whether the object has been updated.\n\nA value of `0` must be specified for `minimumTTL` if the distribution is configured to forward all headers to the origin.", "title": "MinimumTTL", "type": "number" } }, "type": "object" }, "AWS::Lightsail::Distribution.CookieObject": { "additionalProperties": false, "properties": { "CookiesAllowList": { "items": { "type": "string" }, "markdownDescription": "The specific cookies to forward to your distribution's origin.", "title": "CookiesAllowList", "type": "array" }, "Option": { "markdownDescription": "Specifies which cookies to forward to the distribution's origin for a cache behavior.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all cookies to your origin.\n- *`none`* - Doesn\u2019t forward cookies to your origin.\n- *`allow-list`* - Forwards only the cookies that you specify using the `CookiesAllowList` parameter.", "title": "Option", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution.HeaderObject": { "additionalProperties": false, "properties": { "HeadersAllowList": { "items": { "type": "string" }, "markdownDescription": "The specific headers to forward to your distribution's origin.", "title": "HeadersAllowList", "type": "array" }, "Option": { "markdownDescription": "The headers that you want your distribution to forward to your origin. Your distribution caches your content based on these headers.\n\nUse one of the following configurations for your distribution:\n\n- *`all`* - Forwards all headers to your origin..\n- *`none`* - Forwards only the default headers.\n- *`allow-list`* - Forwards only the headers that you specify using the `HeadersAllowList` parameter.", "title": "Option", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution.InputOrigin": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the origin resource.", "title": "Name", "type": "string" }, "ProtocolPolicy": { "markdownDescription": "The protocol that your Amazon Lightsail distribution uses when establishing a connection with your origin to pull content.", "title": "ProtocolPolicy", "type": "string" }, "RegionName": { "markdownDescription": "The AWS Region name of the origin resource.", "title": "RegionName", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Distribution.QueryStringObject": { "additionalProperties": false, "properties": { "Option": { "markdownDescription": "Indicates whether the distribution forwards and caches based on query strings.", "title": "Option", "type": "boolean" }, "QueryStringsAllowList": { "items": { "type": "string" }, "markdownDescription": "The specific query strings that the distribution forwards to the origin.\n\nYour distribution caches content based on the specified query strings.\n\nIf the `option` parameter is true, then your distribution forwards all query strings, regardless of what you specify using the `QueryStringsAllowList` parameter.", "title": "QueryStringsAllowList", "type": "array" } }, "type": "object" }, "AWS::Lightsail::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AddOns": { "items": { "$ref": "#/definitions/AWS::Lightsail::Instance.AddOn" }, "markdownDescription": "An array of add-ons for the instance.\n\n> If the instance has an add-on enabled when performing a delete instance request, the add-on is automatically disabled before the instance is deleted.", "title": "AddOns", "type": "array" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone for the instance.", "title": "AvailabilityZone", "type": "string" }, "BlueprintId": { "markdownDescription": "The blueprint ID for the instance (for example, `os_amlinux_2016_03` ).", "title": "BlueprintId", "type": "string" }, "BundleId": { "markdownDescription": "The bundle ID for the instance (for example, `micro_1_0` ).", "title": "BundleId", "type": "string" }, "Hardware": { "$ref": "#/definitions/AWS::Lightsail::Instance.Hardware", "markdownDescription": "The hardware properties for the instance, such as the vCPU count, attached disks, and amount of RAM.\n\n> The instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", "title": "Hardware" }, "InstanceName": { "markdownDescription": "The name of the instance.", "title": "InstanceName", "type": "string" }, "KeyPairName": { "markdownDescription": "The name of the key pair to use for the instance.\n\nIf no key pair name is specified, the Regional Lightsail default key pair is used.", "title": "KeyPairName", "type": "string" }, "Location": { "$ref": "#/definitions/AWS::Lightsail::Instance.Location", "markdownDescription": "The location for the instance, such as the AWS Region and Availability Zone.\n\n> The `Location` property is read-only and should not be specified in a create instance or update instance request.", "title": "Location" }, "Networking": { "$ref": "#/definitions/AWS::Lightsail::Instance.Networking", "markdownDescription": "The public ports and the monthly amount of data transfer allocated for the instance.", "title": "Networking" }, "State": { "$ref": "#/definitions/AWS::Lightsail::Instance.State", "markdownDescription": "The status code and the state (for example, `running` ) of the instance.\n\n> The `State` property is read-only and should not be specified in a create instance or update instance request.", "title": "State" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" }, "UserData": { "markdownDescription": "The optional launch script for the instance.\n\nSpecify a launch script to configure an instance with additional user data. For example, you might want to specify `apt-get -y update` as a launch script.\n\n> Depending on the blueprint of your instance, the command to get software on your instance varies. Amazon Linux and CentOS use `yum` , Debian and Ubuntu use `apt-get` , and FreeBSD uses `pkg` .", "title": "UserData", "type": "string" } }, "required": [ "BlueprintId", "BundleId", "InstanceName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::Instance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::Instance.AddOn": { "additionalProperties": false, "properties": { "AddOnType": { "markdownDescription": "The add-on type (for example, `AutoSnapshot` ).\n\n> `AutoSnapshot` is the only add-on that can be enabled for an instance.", "title": "AddOnType", "type": "string" }, "AutoSnapshotAddOnRequest": { "$ref": "#/definitions/AWS::Lightsail::Instance.AutoSnapshotAddOn", "markdownDescription": "The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created.", "title": "AutoSnapshotAddOnRequest" }, "Status": { "markdownDescription": "The status of the add-on.\n\nValid Values: `Enabled` | `Disabled`", "title": "Status", "type": "string" } }, "required": [ "AddOnType" ], "type": "object" }, "AWS::Lightsail::Instance.AutoSnapshotAddOn": { "additionalProperties": false, "properties": { "SnapshotTimeOfDay": { "markdownDescription": "The daily time when an automatic snapshot will be created.\n\nConstraints:\n\n- Must be in `HH:00` format, and in an hourly increment.\n- Specified in Coordinated Universal Time (UTC).\n- The snapshot will be automatically created between the time specified and up to 45 minutes after.", "title": "SnapshotTimeOfDay", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Instance.Disk": { "additionalProperties": false, "properties": { "AttachedTo": { "markdownDescription": "The resources to which the disk is attached.", "title": "AttachedTo", "type": "string" }, "AttachmentState": { "markdownDescription": "(Deprecated) The attachment state of the disk.\n\n> In releases prior to November 14, 2017, this parameter returned `attached` for system disks in the API response. It is now deprecated, but still included in the response. Use `isAttached` instead.", "title": "AttachmentState", "type": "string" }, "DiskName": { "markdownDescription": "The unique name of the disk.", "title": "DiskName", "type": "string" }, "IOPS": { "markdownDescription": "The input/output operations per second (IOPS) of the disk.", "title": "IOPS", "type": "number" }, "IsSystemDisk": { "markdownDescription": "A Boolean value indicating whether this disk is a system disk (has an operating system loaded on it).", "title": "IsSystemDisk", "type": "boolean" }, "Path": { "markdownDescription": "The disk path.", "title": "Path", "type": "string" }, "SizeInGb": { "markdownDescription": "The size of the disk in GB.", "title": "SizeInGb", "type": "string" } }, "required": [ "DiskName", "Path" ], "type": "object" }, "AWS::Lightsail::Instance.Hardware": { "additionalProperties": false, "properties": { "CpuCount": { "markdownDescription": "The number of vCPUs the instance has.\n\n> The `CpuCount` property is read-only and should not be specified in a create instance or update instance request.", "title": "CpuCount", "type": "number" }, "Disks": { "items": { "$ref": "#/definitions/AWS::Lightsail::Instance.Disk" }, "markdownDescription": "The disks attached to the instance.\n\nThe instance restarts when performing an attach disk or detach disk request. This resets the public IP address of your instance if a static IP isn't attached to it.", "title": "Disks", "type": "array" }, "RamSizeInGb": { "markdownDescription": "The amount of RAM in GB on the instance (for example, `1.0` ).\n\n> The `RamSizeInGb` property is read-only and should not be specified in a create instance or update instance request.", "title": "RamSizeInGb", "type": "number" } }, "type": "object" }, "AWS::Lightsail::Instance.Location": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone for the instance.", "title": "AvailabilityZone", "type": "string" }, "RegionName": { "markdownDescription": "The name of the AWS Region for the instance.", "title": "RegionName", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Instance.MonthlyTransfer": { "additionalProperties": false, "properties": { "GbPerMonthAllocated": { "markdownDescription": "The amount of allocated monthly data transfer (in GB) for an instance.", "title": "GbPerMonthAllocated", "type": "string" } }, "type": "object" }, "AWS::Lightsail::Instance.Networking": { "additionalProperties": false, "properties": { "MonthlyTransfer": { "$ref": "#/definitions/AWS::Lightsail::Instance.MonthlyTransfer", "markdownDescription": "The monthly amount of data transfer, in GB, allocated for the instance", "title": "MonthlyTransfer" }, "Ports": { "items": { "$ref": "#/definitions/AWS::Lightsail::Instance.Port" }, "markdownDescription": "An array of ports to open on the instance.", "title": "Ports", "type": "array" } }, "required": [ "Ports" ], "type": "object" }, "AWS::Lightsail::Instance.Port": { "additionalProperties": false, "properties": { "AccessDirection": { "markdownDescription": "The access direction ( `inbound` or `outbound` ).\n\n> Lightsail currently supports only `inbound` access direction.", "title": "AccessDirection", "type": "string" }, "AccessFrom": { "markdownDescription": "The location from which access is allowed. For example, `Anywhere (0.0.0.0/0)` , or `Custom` if a specific IP address or range of IP addresses is allowed.", "title": "AccessFrom", "type": "string" }, "AccessType": { "markdownDescription": "The type of access ( `Public` or `Private` ).", "title": "AccessType", "type": "string" }, "CidrListAliases": { "items": { "type": "string" }, "markdownDescription": "An alias that defines access for a preconfigured range of IP addresses.\n\nThe only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance.", "title": "CidrListAliases", "type": "array" }, "Cidrs": { "items": { "type": "string" }, "markdownDescription": "The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.\n\n> The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. \n\nExamples:\n\n- To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` .\n- To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` .", "title": "Cidrs", "type": "array" }, "CommonName": { "markdownDescription": "The common name of the port information.", "title": "CommonName", "type": "string" }, "FromPort": { "markdownDescription": "The first port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP type for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP type for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", "title": "FromPort", "type": "number" }, "Ipv6Cidrs": { "items": { "type": "string" }, "markdownDescription": "The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used.\n\n> The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance.", "title": "Ipv6Cidrs", "type": "array" }, "Protocol": { "markdownDescription": "The IP protocol name.\n\nThe name can be one of the following:\n\n- `tcp` - Transmission Control Protocol (TCP) provides reliable, ordered, and error-checked delivery of streamed data between applications running on hosts communicating by an IP network. If you have an application that doesn't require reliable data stream service, use UDP instead.\n- `all` - All transport layer protocol types.\n- `udp` - With User Datagram Protocol (UDP), computer applications can send messages (or datagrams) to other hosts on an Internet Protocol (IP) network. Prior communications are not required to set up transmission channels or data paths. Applications that don't require reliable data stream service can use UDP, which provides a connectionless datagram service that emphasizes reduced latency over reliability. If you do require reliable data stream service, use TCP instead.\n- `icmp` - Internet Control Message Protocol (ICMP) is used to send error messages and operational information indicating success or failure when communicating with an instance. For example, an error is indicated when an instance could not be reached. When you specify `icmp` as the `protocol` , you must specify the ICMP type using the `fromPort` parameter, and ICMP code using the `toPort` parameter.", "title": "Protocol", "type": "string" }, "ToPort": { "markdownDescription": "The last port in a range of open ports on an instance.\n\nAllowed ports:\n\n- TCP and UDP - `0` to `65535`\n- ICMP - The ICMP code for IPv4 addresses. For example, specify `8` as the `fromPort` (ICMP type), and `-1` as the `toPort` (ICMP code), to enable ICMP Ping.\n- ICMPv6 - The ICMP code for IPv6 addresses. For example, specify `128` as the `fromPort` (ICMPv6 type), and `0` as `toPort` (ICMPv6 code).", "title": "ToPort", "type": "number" } }, "type": "object" }, "AWS::Lightsail::Instance.State": { "additionalProperties": false, "properties": { "Code": { "markdownDescription": "The status code of the instance.", "title": "Code", "type": "number" }, "Name": { "markdownDescription": "The state of the instance (for example, `running` or `pending` ).", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::Lightsail::LoadBalancer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttachedInstances": { "items": { "type": "string" }, "markdownDescription": "The Lightsail instances to attach to the load balancer.", "title": "AttachedInstances", "type": "array" }, "HealthCheckPath": { "markdownDescription": "The path on the attached instance where the health check will be performed. If no path is specified, the load balancer tries to make a request to the default (root) page ( `/index.html` ).", "title": "HealthCheckPath", "type": "string" }, "InstancePort": { "markdownDescription": "The port that the load balancer uses to direct traffic to your Lightsail instances. For HTTP traffic, specify port `80` . For HTTPS traffic, specify port `443` .", "title": "InstancePort", "type": "number" }, "IpAddressType": { "markdownDescription": "The IP address type of the load balancer.\n\nThe possible values are `ipv4` for IPv4 only, and `dualstack` for both IPv4 and IPv6.", "title": "IpAddressType", "type": "string" }, "LoadBalancerName": { "markdownDescription": "The name of the load balancer.", "title": "LoadBalancerName", "type": "string" }, "SessionStickinessEnabled": { "markdownDescription": "A Boolean value indicating whether session stickiness is enabled.\n\nEnable session stickiness (also known as *session affinity* ) to bind a user's session to a specific instance. This ensures that all requests from the user during the session are sent to the same instance.", "title": "SessionStickinessEnabled", "type": "boolean" }, "SessionStickinessLBCookieDurationSeconds": { "markdownDescription": "The time period, in seconds, after which the load balancer session stickiness cookie should be considered stale. If you do not specify this parameter, the default value is 0, which indicates that the sticky session should last for the duration of the browser session.", "title": "SessionStickinessLBCookieDurationSeconds", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .\n\n> The `Value` of `Tags` is optional for Lightsail resources.", "title": "Tags", "type": "array" }, "TlsPolicyName": { "markdownDescription": "The name of the TLS security policy for the load balancer.", "title": "TlsPolicyName", "type": "string" } }, "required": [ "InstancePort", "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::LoadBalancer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::LoadBalancerTlsCertificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateAlternativeNames": { "items": { "type": "string" }, "markdownDescription": "An array of alternative domain names and subdomain names for your SSL/TLS certificate.\n\nIn addition to the primary domain name, you can have up to nine alternative domain names. Wildcards (such as `*.example.com` ) are not supported.", "title": "CertificateAlternativeNames", "type": "array" }, "CertificateDomainName": { "markdownDescription": "The domain name for the SSL/TLS certificate. For example, `example.com` or `www.example.com` .", "title": "CertificateDomainName", "type": "string" }, "CertificateName": { "markdownDescription": "The name of the SSL/TLS certificate.", "title": "CertificateName", "type": "string" }, "HttpsRedirectionEnabled": { "markdownDescription": "A Boolean value indicating whether HTTPS redirection is enabled for the load balancer that the TLS certificate is attached to.", "title": "HttpsRedirectionEnabled", "type": "boolean" }, "IsAttached": { "markdownDescription": "A Boolean value indicating whether the SSL/TLS certificate is attached to a Lightsail load balancer.", "title": "IsAttached", "type": "boolean" }, "LoadBalancerName": { "markdownDescription": "The name of the load balancer that the SSL/TLS certificate is attached to.", "title": "LoadBalancerName", "type": "string" } }, "required": [ "CertificateDomainName", "CertificateName", "LoadBalancerName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::LoadBalancerTlsCertificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Lightsail::StaticIp": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AttachedTo": { "markdownDescription": "The instance that the static IP is attached to.", "title": "AttachedTo", "type": "string" }, "StaticIpName": { "markdownDescription": "The name of the static IP.", "title": "StaticIpName", "type": "string" } }, "required": [ "StaticIpName" ], "type": "object" }, "Type": { "enum": [ "AWS::Lightsail::StaticIp" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::APIKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Updates the description for the API key resource.", "title": "Description", "type": "string" }, "ExpireTime": { "markdownDescription": "The optional timestamp for when the API key resource will expire in [ISO 8601 format](https://docs.aws.amazon.com/https://www.iso.org/iso-8601-date-and-time-format.html) .", "title": "ExpireTime", "type": "string" }, "ForceDelete": { "markdownDescription": "ForceDelete bypasses an API key's expiry conditions and deletes the key. Set the parameter `true` to delete the key or to `false` to not preemptively delete the API key.\n\nValid values: `true` , or `false` .\n\n> This action is irreversible. Only use ForceDelete if you are certain the key is no longer in use.", "title": "ForceDelete", "type": "boolean" }, "ForceUpdate": { "markdownDescription": "The boolean flag to be included for updating `ExpireTime` or Restrictions details.\nMust be set to `true` to update an API key resource that has been used in the past 7 days. `False` if force update is not preferred.", "title": "ForceUpdate", "type": "boolean" }, "KeyName": { "markdownDescription": "A custom name for the API key resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique API key name.\n- No spaces allowed. For example, `ExampleAPIKey` .", "title": "KeyName", "type": "string" }, "NoExpiry": { "markdownDescription": "Whether the API key should expire. Set to `true` to set the API key to have no expiration time.", "title": "NoExpiry", "type": "boolean" }, "Restrictions": { "$ref": "#/definitions/AWS::Location::APIKey.ApiKeyRestrictions", "markdownDescription": "The API key restrictions for the API key resource.", "title": "Restrictions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair that helps manage, identify, search, and filter your resources by labelling them.", "title": "Tags", "type": "array" } }, "required": [ "KeyName", "Restrictions" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::APIKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::APIKey.ApiKeyRestrictions": { "additionalProperties": false, "properties": { "AllowActions": { "items": { "type": "string" }, "markdownDescription": "A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action.\n\nThe following are valid values for the actions.\n\n- *Map actions*\n\n- `geo:GetMap*` - Allows all actions needed for map rendering.\n- *Place actions*\n\n- `geo:SearchPlaceIndexForText` - Allows geocoding.\n- `geo:SearchPlaceIndexForPosition` - Allows reverse geocoding.\n- `geo:SearchPlaceIndexForSuggestions` - Allows generating suggestions from text.\n- `geo:GetPlace` - Allows finding a place by place ID.\n- *Route actions*\n\n- `geo:CalculateRoute` - Allows point to point routing.\n- `geo:CalculateRouteMatrix` - Allows calculating a matrix of routes.\n\n> You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `[\"geo:GetMap*\"]` is valid but `[\"geo:GetMapTile\"]` is not. Similarly, you cannot use `[\"geo:SearchPlaceIndexFor*\"]` - you must list each of the Place actions separately.", "title": "AllowActions", "type": "array" }, "AllowReferers": { "items": { "type": "string" }, "markdownDescription": "An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) or any symbols in this list `$\\-._+!*`(),;/?:@=&`\n- May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes.\n- May contain wildcard characters question mark (?) and asterisk (*).\n\nQuestion mark (?) will replace any single character (including hexadecimal digits).\n\nAsterisk (*) will replace any multiple characters (including multiple hexadecimal digits).\n- No spaces allowed. For example, `https://example.com` .", "title": "AllowReferers", "type": "array" }, "AllowResources": { "items": { "type": "string" }, "markdownDescription": "A list of allowed resource ARNs that a API key bearer can perform actions on.\n\n- The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type.\n- The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created.\n- Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:).\n- No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` .\n\nFor more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) .", "title": "AllowResources", "type": "array" } }, "required": [ "AllowActions", "AllowResources" ], "type": "object" }, "AWS::Location::GeofenceCollection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CollectionName": { "markdownDescription": "A custom name for the geofence collection.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique geofence collection name.\n- No spaces allowed. For example, `ExampleGeofenceCollection` .", "title": "CollectionName", "type": "string" }, "Description": { "markdownDescription": "An optional description for the geofence collection.", "title": "Description", "type": "string" }, "KmsKeyId": { "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", "title": "KmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Applies one or more tags to the geofence collection. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", "type": "array" } }, "required": [ "CollectionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::GeofenceCollection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::Map": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::Location::Map.MapConfiguration", "markdownDescription": "Specifies the `MapConfiguration` , including the map style, for the map resource that you create. The map style defines the look of maps and the data provider for your map resource.", "title": "Configuration" }, "Description": { "markdownDescription": "An optional description for the map resource.", "title": "Description", "type": "string" }, "MapName": { "markdownDescription": "The name for the map resource.\n\nRequirements:\n\n- Must contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique map resource name.\n- No spaces allowed. For example, `ExampleMap` .", "title": "MapName", "type": "string" }, "PricingPlan": { "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Applies one or more tags to the map resource. A tag is a key-value pair helps manage, identify, search, and filter your resources by labelling them.\n\nFormat: `\"key\" : \"value\"`\n\nRestrictions:\n\n- Maximum 50 tags per resource\n- Each resource tag must be unique with a maximum of one value.\n- Maximum key length: 128 Unicode characters in UTF-8\n- Maximum value length: 256 Unicode characters in UTF-8\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), and the following characters: + - = . _ : / @.\n- Cannot use \"aws:\" as a prefix for a key.", "title": "Tags", "type": "array" } }, "required": [ "Configuration", "MapName" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::Map" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::Map.MapConfiguration": { "additionalProperties": false, "properties": { "CustomLayers": { "items": { "type": "string" }, "markdownDescription": "Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style.\n\n> Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) .", "title": "CustomLayers", "type": "array" }, "PoliticalView": { "markdownDescription": "Specifies the map political view selected from an available data provider.", "title": "PoliticalView", "type": "string" }, "Style": { "markdownDescription": "Specifies the map style selected from an available data provider.\n\nValid [Esri map styles](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) :\n\n- `VectorEsriDarkGrayCanvas` \u2013 The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `RasterEsriImagery` \u2013 The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide.\n- `VectorEsriLightGrayCanvas` \u2013 The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content.\n- `VectorEsriTopographic` \u2013 The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style.\n- `VectorEsriStreets` \u2013 The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map.\n- `VectorEsriNavigation` \u2013 The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices.\n\nValid [HERE Technologies map styles](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) :\n\n- `VectorHereContrast` \u2013 The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering.\n\n> The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it.\n- `VectorHereExplore` \u2013 A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan.\n- `VectorHereExploreTruck` \u2013 A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics.\n- `RasterHereExploreSatellite` \u2013 A global map containing high resolution satellite imagery.\n- `HybridHereExploreSatellite` \u2013 A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved.\n\n> Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved.\n\nValid [GrabMaps map styles](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) :\n\n- `VectorGrabStandardLight` \u2013 The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia.\n- `VectorGrabStandardDark` \u2013 The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia.\n\n> Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) . \n\nValid [Open Data map styles](https://docs.aws.amazon.com/location/latest/developerguide/open-data.html) :\n\n- `VectorOpenDataStandardLight` \u2013 The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataStandardDark` \u2013 Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries.\n- `VectorOpenDataVisualizationLight` \u2013 The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data.\n- `VectorOpenDataVisualizationDark` \u2013 The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data.", "title": "Style", "type": "string" } }, "required": [ "Style" ], "type": "object" }, "AWS::Location::PlaceIndex": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataSource": { "markdownDescription": "Specifies the geospatial data provider for the new place index.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on geocoding coverage](https://docs.aws.amazon.com/https://developers.arcgis.com/rest/geocode/api-reference/geocode-coverage.htm) .\n- `Grab` \u2013 Grab provides place index functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE details on goecoding coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/geocoder/dev_guide/topics/coverage-geocoder.html) .\n\n> If you specify HERE Technologies ( `Here` ) as the data provider, you may not [store results](https://docs.aws.amazon.com//location-places/latest/APIReference/API_DataSourceConfiguration.html) for locations in Japan. For more information, see the [AWS Service Terms](https://docs.aws.amazon.com/service-terms/) for Amazon Location Service.\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", "title": "DataSource", "type": "string" }, "DataSourceConfiguration": { "$ref": "#/definitions/AWS::Location::PlaceIndex.DataSourceConfiguration", "markdownDescription": "Specifies the data storage option requesting Places.", "title": "DataSourceConfiguration" }, "Description": { "markdownDescription": "The optional description for the place index resource.", "title": "Description", "type": "string" }, "IndexName": { "markdownDescription": "The name of the place index resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139), hyphens (-), periods (.), and underscores (_).\n- Must be a unique place index resource name.\n- No spaces allowed. For example, `ExamplePlaceIndex` .", "title": "IndexName", "type": "string" }, "PricingPlan": { "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "DataSource", "IndexName" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::PlaceIndex" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::PlaceIndex.DataSourceConfiguration": { "additionalProperties": false, "properties": { "IntendedUse": { "markdownDescription": "Specifies how the results of an operation will be stored by the caller.\n\nValid values include:\n\n- `SingleUse` specifies that the results won't be stored.\n- `Storage` specifies that the result can be cached or stored in a database.\n\nDefault value: `SingleUse`", "title": "IntendedUse", "type": "string" } }, "type": "object" }, "AWS::Location::RouteCalculator": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CalculatorName": { "markdownDescription": "The name of the route calculator resource.\n\nRequirements:\n\n- Can use alphanumeric characters (A\u2013Z, a\u2013z, 0\u20139) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique Route calculator resource name.\n- No spaces allowed. For example, `ExampleRouteCalculator` .", "title": "CalculatorName", "type": "string" }, "DataSource": { "markdownDescription": "Specifies the data provider of traffic and road network data.\n\n> This field is case-sensitive. Enter the valid values as shown. For example, entering `HERE` returns an error. \n\nValid values include:\n\n- `Esri` \u2013 For additional information about [Esri](https://docs.aws.amazon.com/location/latest/developerguide/esri.html) 's coverage in your region of interest, see [Esri details on street networks and traffic coverage](https://docs.aws.amazon.com/https://doc.arcgis.com/en/arcgis-online/reference/network-coverage.htm) .\n\nRoute calculators that use Esri as a data source only calculate routes that are shorter than 400 km.\n- `Grab` \u2013 Grab provides routing functionality for Southeast Asia. For additional information about [GrabMaps](https://docs.aws.amazon.com/location/latest/developerguide/grab.html) ' coverage, see [GrabMaps countries and areas covered](https://docs.aws.amazon.com/location/latest/developerguide/grab.html#grab-coverage-area) .\n- `Here` \u2013 For additional information about [HERE Technologies](https://docs.aws.amazon.com/location/latest/developerguide/HERE.html) ' coverage in your region of interest, see [HERE car routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/car-routing.html) and [HERE truck routing coverage](https://docs.aws.amazon.com/https://developer.here.com/documentation/routing-api/dev_guide/topics/coverage/truck-routing.html) .\n\nFor additional information , see [Data providers](https://docs.aws.amazon.com/location/latest/developerguide/what-is-data-provider.html) on the *Amazon Location Service Developer Guide* .", "title": "DataSource", "type": "string" }, "Description": { "markdownDescription": "The optional description for the route calculator resource.", "title": "Description", "type": "string" }, "PricingPlan": { "markdownDescription": "No longer used. If included, the only allowed value is `RequestBasedUsage` .\n\n*Allowed Values* : `RequestBasedUsage`", "title": "PricingPlan", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "CalculatorName", "DataSource" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::RouteCalculator" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::Tracker": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description for the tracker resource.", "title": "Description", "type": "string" }, "EventBridgeEnabled": { "markdownDescription": "", "title": "EventBridgeEnabled", "type": "boolean" }, "KmsKeyEnableGeospatialQueries": { "markdownDescription": "", "title": "KmsKeyEnableGeospatialQueries", "type": "boolean" }, "KmsKeyId": { "markdownDescription": "A key identifier for an [AWS KMS customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html) . Enter a key ID, key ARN, alias name, or alias ARN.", "title": "KmsKeyId", "type": "string" }, "PositionFiltering": { "markdownDescription": "Specifies the position filtering for the tracker resource.\n\nValid values:\n\n- `TimeBased` - Location updates are evaluated against linked geofence collections, but not every location update is stored. If your update frequency is more often than 30 seconds, only one update per 30 seconds is stored for each unique device ID.\n- `DistanceBased` - If the device has moved less than 30 m (98.4 ft), location updates are ignored. Location updates within this area are neither evaluated against linked geofence collections, nor stored. This helps control costs by reducing the number of geofence evaluations and historical device positions to paginate through. Distance-based filtering can also reduce the effects of GPS noise when displaying device trajectories on a map.\n- `AccuracyBased` - If the device has moved less than the measured accuracy, location updates are ignored. For example, if two consecutive updates from a device have a horizontal accuracy of 5 m and 10 m, the second update is ignored if the device has moved less than 15 m. Ignored location updates are neither evaluated against linked geofence collections, nor stored. This can reduce the effects of GPS noise when displaying device trajectories on a map, and can help control your costs by reducing the number of geofence evaluations.\n\nThis field is optional. If not specified, the default value is `TimeBased` .", "title": "PositionFiltering", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "TrackerName": { "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", "title": "TrackerName", "type": "string" } }, "required": [ "TrackerName" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::Tracker" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Location::TrackerConsumer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConsumerArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the geofence collection to be associated to tracker resource. Used when you need to specify a resource across all AWS .\n\n- Format example: `arn:aws:geo:region:account-id:geofence-collection/ExampleGeofenceCollectionConsumer`", "title": "ConsumerArn", "type": "string" }, "TrackerName": { "markdownDescription": "The name for the tracker resource.\n\nRequirements:\n\n- Contain only alphanumeric characters (A-Z, a-z, 0-9) , hyphens (-), periods (.), and underscores (_).\n- Must be a unique tracker resource name.\n- No spaces allowed. For example, `ExampleTracker` .", "title": "TrackerName", "type": "string" } }, "required": [ "ConsumerArn", "TrackerName" ], "type": "object" }, "Type": { "enum": [ "AWS::Location::TrackerConsumer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::AccountPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "Specify the policy, in JSON.\n\n*Data protection policy*\n\nA data protection policy must include two JSON blocks:\n\n- The first block must include both a `DataIdentifer` array and an `Operation` property with an `Audit` action. The `DataIdentifer` array lists the types of sensitive data that you want to mask. For more information about the available options, see [Types of data that you can mask](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html) .\n\nThe `Operation` property with an `Audit` action is required to find the sensitive data terms. This `Audit` action must contain a `FindingsDestination` object. You can optionally use that `FindingsDestination` object to list one or more destinations to send audit findings to. If you specify destinations such as log groups, Firehose streams, and S3 buckets, they must already exist.\n- The second block must include both a `DataIdentifer` array and an `Operation` property with an `Deidentify` action. The `DataIdentifer` array must exactly match the `DataIdentifer` array in the first block of the policy.\n\nThe `Operation` property with the `Deidentify` action is what actually masks the data, and it must contain the `\"MaskConfig\": {}` object. The `\"MaskConfig\": {}` object must be empty.\n\n> The contents of the two `DataIdentifer` arrays must match exactly. \n\nIn addition to the two JSON blocks, the `policyDocument` can also include `Name` , `Description` , and `Version` fields. The `Name` is different than the operation's `policyName` parameter, and is used as a dimension when CloudWatch Logs reports audit findings metrics to CloudWatch .\n\nThe JSON specified in `policyDocument` can be up to 30,720 characters long.\n\n*Subscription filter policy*\n\nA subscription filter policy can include the following attributes in a JSON block:\n\n- *DestinationArn* The ARN of the destination to deliver log events to. Supported destinations are:\n\n- An Kinesis Data Streams data stream in the same account as the subscription policy, for same-account delivery.\n- An Firehose data stream in the same account as the subscription policy, for same-account delivery.\n- A Lambda function in the same account as the subscription policy, for same-account delivery.\n- A logical destination in a different account created with [PutDestination](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) , for cross-account delivery. Kinesis Data Streams and Firehose are supported as logical destinations.\n- *RoleArn* The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.\n- *FilterPattern* A filter pattern for subscribing to a filtered stream of log events.\n- *Distribution* The method used to distribute log data to the destination. By default, log data is grouped by log stream, but the grouping can be set to `Random` for a more even distribution. This property is only applicable when the destination is an Kinesis Data Streams data stream.", "title": "PolicyDocument", "type": "string" }, "PolicyName": { "markdownDescription": "A name for the policy. This must be unique within the account.", "title": "PolicyName", "type": "string" }, "PolicyType": { "markdownDescription": "The type of policy that you're creating or updating.", "title": "PolicyType", "type": "string" }, "Scope": { "markdownDescription": "Currently the only valid value for this parameter is `ALL` , which specifies that the policy applies to all log groups in the account. If you omit this parameter, the default of `ALL` is used. To scope down a subscription filter policy to a subset of log groups, use the `selectionCriteria` parameter.", "title": "Scope", "type": "string" }, "SelectionCriteria": { "markdownDescription": "Use this parameter to apply a subscription filter policy to a subset of log groups in the account. Currently, the only supported filter is `LogGroupName NOT IN []` . The `selectionCriteria` string can be up to 25KB in length. The length is determined by using its UTF-8 bytes.\n\nUsing the `selectionCriteria` parameter is useful to help prevent infinite loops. For more information, see [Log recursion prevention](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html) .\n\nSpecifing `selectionCriteria` is valid only when you specify `SUBSCRIPTION_FILTER_POLICY` for `policyType` .", "title": "SelectionCriteria", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName", "PolicyType" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::AccountPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::Delivery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliveryDestinationArn": { "markdownDescription": "The ARN of the delivery destination that is associated with this delivery.", "title": "DeliveryDestinationArn", "type": "string" }, "DeliverySourceName": { "markdownDescription": "The name of the delivery source that is associated with this delivery.", "title": "DeliverySourceName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that have been assigned to this delivery.", "title": "Tags", "type": "array" } }, "required": [ "DeliveryDestinationArn", "DeliverySourceName" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::Delivery" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::DeliveryDestination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliveryDestinationPolicy": { "markdownDescription": "A structure that contains information about one delivery destination policy.", "title": "DeliveryDestinationPolicy", "type": "object" }, "DestinationResourceArn": { "markdownDescription": "The ARN of the AWS destination that this delivery destination represents. That AWS destination can be a log group in CloudWatch Logs, an Amazon S3 bucket, or a delivery stream in Firehose.", "title": "DestinationResourceArn", "type": "string" }, "Name": { "markdownDescription": "The name of this delivery destination.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that have been assigned to this delivery destination.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::DeliveryDestination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::DeliverySource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogType": { "markdownDescription": "The type of log that the source is sending. For valid values for this parameter, see the documentation for the source service.", "title": "LogType", "type": "string" }, "Name": { "markdownDescription": "The unique name of the delivery source.", "title": "Name", "type": "string" }, "ResourceArn": { "markdownDescription": "", "title": "ResourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that have been assigned to this delivery source.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::DeliverySource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::Destination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationName": { "markdownDescription": "The name of the destination.", "title": "DestinationName", "type": "string" }, "DestinationPolicy": { "markdownDescription": "An IAM policy document that governs which AWS accounts can create subscription filters against this destination.", "title": "DestinationPolicy", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that permits CloudWatch Logs to send data to the specified AWS resource.", "title": "RoleArn", "type": "string" }, "TargetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the physical target where the log events are delivered (for example, a Kinesis stream).", "title": "TargetArn", "type": "string" } }, "required": [ "DestinationName", "RoleArn", "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::Destination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::LogAnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "The ID of the account to create the anomaly detector in.", "title": "AccountId", "type": "string" }, "AnomalyVisibilityTime": { "markdownDescription": "The number of days to have visibility on an anomaly. After this time period has elapsed for an anomaly, it will be automatically baselined and the anomaly detector will treat new occurrences of a similar anomaly as normal. Therefore, if you do not correct the cause of an anomaly during the time period specified in `AnomalyVisibilityTime` , it will be considered normal going forward and will not be detected as an anomaly.", "title": "AnomalyVisibilityTime", "type": "number" }, "DetectorName": { "markdownDescription": "A name for this anomaly detector.", "title": "DetectorName", "type": "string" }, "EvaluationFrequency": { "markdownDescription": "Specifies how often the anomaly detector is to run and look for anomalies. Set this value according to the frequency that the log group receives new logs. For example, if the log group receives new log events every 10 minutes, then 15 minutes might be a good setting for `EvaluationFrequency` .", "title": "EvaluationFrequency", "type": "string" }, "FilterPattern": { "markdownDescription": "You can use this parameter to limit the anomaly detection model to examine only log events that match the pattern you specify here. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", "title": "FilterPattern", "type": "string" }, "KmsKeyId": { "markdownDescription": "Optionally assigns a AWS KMS key to secure this anomaly detector and its findings. If a key is assigned, the anomalies found and the model used by this detector are encrypted at rest with the key. If a key is assigned to an anomaly detector, a user must have permissions for both this key and for the anomaly detector to retrieve information about the anomalies that it finds.\n\nFor more information about using a AWS KMS key and to see the required IAM policy, see [Use a AWS KMS key with an anomaly detector](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html) .", "title": "KmsKeyId", "type": "string" }, "LogGroupArnList": { "items": { "type": "string" }, "markdownDescription": "The ARN of the log group that is associated with this anomaly detector. You can specify only one log group ARN.", "title": "LogGroupArnList", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Logs::LogAnomalyDetector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Logs::LogGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataProtectionPolicy": { "markdownDescription": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n\nFor more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html) .", "title": "DataProtectionPolicy", "type": "object" }, "KmsKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key to use when encrypting log data.\n\nTo associate an AWS KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CloudWatch Logs . This enables CloudWatch Logs to decrypt this data whenever it is requested.\n\nIf you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an `InvalidParameterException` error.\n\nLog group data is always encrypted in CloudWatch Logs . If you omit this key, the encryption does not use AWS KMS . For more information, see [Encrypt log data in CloudWatch Logs using AWS Key Management Service](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)", "title": "KmsKeyId", "type": "string" }, "LogGroupClass": { "markdownDescription": "Specifies the log group class for this log group. There are two classes:\n\n- The `Standard` log class supports all CloudWatch Logs features.\n- The `Infrequent Access` log class supports a subset of CloudWatch Logs features and incurs lower costs.\n\nFor details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)", "title": "LogGroupClass", "type": "string" }, "LogGroupName": { "markdownDescription": "The name of the log group. If you don't specify a name, AWS CloudFormation generates a unique ID for the log group.", "title": "LogGroupName", "type": "string" }, "RetentionInDays": { "markdownDescription": "The number of days to retain the log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1096, 1827, 2192, 2557, 2922, 3288, and 3653.\n\nTo set a log group so that its log events do not expire, use [DeleteRetentionPolicy](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html) .", "title": "RetentionInDays", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the log group.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Logs::LogGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Logs::LogStream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "The name of the log group where the log stream is created.", "title": "LogGroupName", "type": "string" }, "LogStreamName": { "markdownDescription": "The name of the log stream. The name must be unique within the log group.", "title": "LogStreamName", "type": "string" } }, "required": [ "LogGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::LogStream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::MetricFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FilterName": { "markdownDescription": "The name of the metric filter.", "title": "FilterName", "type": "string" }, "FilterPattern": { "markdownDescription": "A filter pattern for extracting metric data out of ingested log events. For more information, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", "title": "FilterPattern", "type": "string" }, "LogGroupName": { "markdownDescription": "The name of an existing log group that you want to associate with this metric filter.", "title": "LogGroupName", "type": "string" }, "MetricTransformations": { "items": { "$ref": "#/definitions/AWS::Logs::MetricFilter.MetricTransformation" }, "markdownDescription": "The metric transformations.", "title": "MetricTransformations", "type": "array" } }, "required": [ "FilterPattern", "LogGroupName", "MetricTransformations" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::MetricFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::MetricFilter.Dimension": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name for the CloudWatch metric dimension that the metric filter creates.\n\nDimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:).", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, `$.eventType` for JSON log events, or `$server` for space-delimited log events.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Logs::MetricFilter.MetricTransformation": { "additionalProperties": false, "properties": { "DefaultValue": { "markdownDescription": "(Optional) The value to emit when a filter pattern does not match a log event. This value can be null.", "title": "DefaultValue", "type": "number" }, "Dimensions": { "items": { "$ref": "#/definitions/AWS::Logs::MetricFilter.Dimension" }, "markdownDescription": "The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions.\n\n> Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as `IPAddress` or `requestID` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric.\n> \n> CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges.\n> \n> You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated AWS Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html) .", "title": "Dimensions", "type": "array" }, "MetricName": { "markdownDescription": "The name of the CloudWatch metric.", "title": "MetricName", "type": "string" }, "MetricNamespace": { "markdownDescription": "A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace) .", "title": "MetricNamespace", "type": "string" }, "MetricValue": { "markdownDescription": "The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like `Error` , specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as `$.size` .", "title": "MetricValue", "type": "string" }, "Unit": { "markdownDescription": "The unit to assign to the metric. If you omit this, the unit is set as `None` .", "title": "Unit", "type": "string" } }, "required": [ "MetricName", "MetricNamespace", "MetricValue" ], "type": "object" }, "AWS::Logs::QueryDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogGroupNames": { "items": { "type": "string" }, "markdownDescription": "Use this parameter if you want the query to query only certain log groups.", "title": "LogGroupNames", "type": "array" }, "Name": { "markdownDescription": "A name for the query definition.\n\n> You can use the name to create a folder structure for your queries. To create a folder, use a forward slash (/) to prefix your desired query name with your desired folder name. For example, `/ *folder-name* / *query-name*` .", "title": "Name", "type": "string" }, "QueryString": { "markdownDescription": "The query string to use for this query definition. For more information, see [CloudWatch Logs Insights Query Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html) .", "title": "QueryString", "type": "string" } }, "required": [ "Name", "QueryString" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::QueryDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "The details of the policy. It must be formatted in JSON, and you must use backslashes to escape characters that need to be escaped in JSON strings, such as double quote marks.", "title": "PolicyDocument", "type": "string" }, "PolicyName": { "markdownDescription": "The name of the resource policy.", "title": "PolicyName", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Logs::SubscriptionFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination.", "title": "DestinationArn", "type": "string" }, "Distribution": { "markdownDescription": "The method used to distribute log data to the destination, which can be either random or grouped by log stream.", "title": "Distribution", "type": "string" }, "FilterName": { "markdownDescription": "The name of the subscription filter.", "title": "FilterName", "type": "string" }, "FilterPattern": { "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) .", "title": "FilterPattern", "type": "string" }, "LogGroupName": { "markdownDescription": "The log group to associate with the subscription filter. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events.", "title": "LogGroupName", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that grants CloudWatch Logs permissions to deliver ingested log events to the destination stream. You don't need to provide the ARN when you are working with a logical destination for cross-account delivery.", "title": "RoleArn", "type": "string" } }, "required": [ "DestinationArn", "FilterPattern", "LogGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::Logs::SubscriptionFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataDelayOffsetInMinutes": { "markdownDescription": "A period of time (in minutes) by which inference on the data is delayed after the data starts. For instance, if an offset delay time of five minutes was selected, inference will not begin on the data until the first data measurement after the five minute mark. For example, if five minutes is selected, the inference scheduler will wake up at the configured frequency with the additional five minute delay time to check the customer S3 bucket. The customer can upload data at the same frequency and they don't need to stop and restart the scheduler when uploading new data.", "title": "DataDelayOffsetInMinutes", "type": "number" }, "DataInputConfiguration": { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration", "markdownDescription": "Specifies configuration information for the input data for the inference scheduler, including delimiter, format, and dataset location.", "title": "DataInputConfiguration" }, "DataOutputConfiguration": { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration", "markdownDescription": "Specifies configuration information for the output results for the inference scheduler, including the Amazon S3 location for the output.", "title": "DataOutputConfiguration" }, "DataUploadFrequency": { "markdownDescription": "How often data is uploaded to the source S3 bucket for the input data. This value is the length of time between data uploads. For instance, if you select 5 minutes, Amazon Lookout for Equipment will upload the real-time data to the source bucket once every 5 minutes. This frequency also determines how often Amazon Lookout for Equipment starts a scheduled inference on your data. In this example, it starts once every 5 minutes.", "title": "DataUploadFrequency", "type": "string" }, "InferenceSchedulerName": { "markdownDescription": "The name of the inference scheduler.", "title": "InferenceSchedulerName", "type": "string" }, "ModelName": { "markdownDescription": "The name of the machine learning model used for the inference scheduler.", "title": "ModelName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a role with permission to access the data source being used for the inference.", "title": "RoleArn", "type": "string" }, "ServerSideKmsKeyId": { "markdownDescription": "Provides the identifier of the AWS KMS key used to encrypt inference scheduler data by Amazon Lookout for Equipment .", "title": "ServerSideKmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Any tags associated with the inference scheduler.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DataInputConfiguration", "DataOutputConfiguration", "DataUploadFrequency", "ModelName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::LookoutEquipment::InferenceScheduler" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler.DataInputConfiguration": { "additionalProperties": false, "properties": { "InferenceInputNameConfiguration": { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration", "markdownDescription": "", "title": "InferenceInputNameConfiguration" }, "InputTimeZoneOffset": { "markdownDescription": "", "title": "InputTimeZoneOffset", "type": "string" }, "S3InputConfiguration": { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration", "markdownDescription": "", "title": "S3InputConfiguration" } }, "required": [ "S3InputConfiguration" ], "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler.DataOutputConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "", "title": "KmsKeyId", "type": "string" }, "S3OutputConfiguration": { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration", "markdownDescription": "", "title": "S3OutputConfiguration" } }, "required": [ "S3OutputConfiguration" ], "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler.InputNameConfiguration": { "additionalProperties": false, "properties": { "ComponentTimestampDelimiter": { "markdownDescription": "", "title": "ComponentTimestampDelimiter", "type": "string" }, "TimestampFormat": { "markdownDescription": "", "title": "TimestampFormat", "type": "string" } }, "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler.S3InputConfiguration": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "", "title": "Bucket", "type": "string" }, "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::LookoutEquipment::InferenceScheduler.S3OutputConfiguration": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "", "title": "Bucket", "type": "string" }, "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::LookoutMetrics::Alert": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::LookoutMetrics::Alert.Action", "markdownDescription": "Action that will be triggered when there is an alert.", "title": "Action" }, "AlertDescription": { "markdownDescription": "A description of the alert.", "title": "AlertDescription", "type": "string" }, "AlertName": { "markdownDescription": "The name of the alert.", "title": "AlertName", "type": "string" }, "AlertSensitivityThreshold": { "markdownDescription": "An integer from 0 to 100 specifying the alert sensitivity threshold.", "title": "AlertSensitivityThreshold", "type": "number" }, "AnomalyDetectorArn": { "markdownDescription": "The ARN of the detector to which the alert is attached.", "title": "AnomalyDetectorArn", "type": "string" } }, "required": [ "Action", "AlertSensitivityThreshold", "AnomalyDetectorArn" ], "type": "object" }, "Type": { "enum": [ "AWS::LookoutMetrics::Alert" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LookoutMetrics::Alert.Action": { "additionalProperties": false, "properties": { "LambdaConfiguration": { "$ref": "#/definitions/AWS::LookoutMetrics::Alert.LambdaConfiguration", "markdownDescription": "A configuration for an AWS Lambda channel.", "title": "LambdaConfiguration" }, "SNSConfiguration": { "$ref": "#/definitions/AWS::LookoutMetrics::Alert.SNSConfiguration", "markdownDescription": "A configuration for an Amazon SNS channel.", "title": "SNSConfiguration" } }, "type": "object" }, "AWS::LookoutMetrics::Alert.LambdaConfiguration": { "additionalProperties": false, "properties": { "LambdaArn": { "markdownDescription": "The ARN of the Lambda function.", "title": "LambdaArn", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that has permission to invoke the Lambda function.", "title": "RoleArn", "type": "string" } }, "required": [ "LambdaArn", "RoleArn" ], "type": "object" }, "AWS::LookoutMetrics::Alert.SNSConfiguration": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "The ARN of the IAM role that has access to the target SNS topic.", "title": "RoleArn", "type": "string" }, "SnsTopicArn": { "markdownDescription": "The ARN of the target SNS topic.", "title": "SnsTopicArn", "type": "string" } }, "required": [ "RoleArn", "SnsTopicArn" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AnomalyDetectorConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig", "markdownDescription": "Contains information about the configuration of the anomaly detector.", "title": "AnomalyDetectorConfig" }, "AnomalyDetectorDescription": { "markdownDescription": "A description of the detector.", "title": "AnomalyDetectorDescription", "type": "string" }, "AnomalyDetectorName": { "markdownDescription": "The name of the detector.", "title": "AnomalyDetectorName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key to use to encrypt your data.", "title": "KmsKeyArn", "type": "string" }, "MetricSetList": { "items": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSet" }, "markdownDescription": "The detector's dataset.", "title": "MetricSetList", "type": "array" } }, "required": [ "AnomalyDetectorConfig", "MetricSetList" ], "type": "object" }, "Type": { "enum": [ "AWS::LookoutMetrics::AnomalyDetector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.AnomalyDetectorConfig": { "additionalProperties": false, "properties": { "AnomalyDetectorFrequency": { "markdownDescription": "The frequency at which the detector analyzes its source data.", "title": "AnomalyDetectorFrequency", "type": "string" } }, "required": [ "AnomalyDetectorFrequency" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig": { "additionalProperties": false, "properties": { "FlowName": { "markdownDescription": "name of the flow.", "title": "FlowName", "type": "string" }, "RoleArn": { "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access the flow.", "title": "RoleArn", "type": "string" } }, "required": [ "FlowName", "RoleArn" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "An IAM role that gives Amazon Lookout for Metrics permission to access data in Amazon CloudWatch.", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor": { "additionalProperties": false, "properties": { "Charset": { "markdownDescription": "The character set in which the source CSV file is written.", "title": "Charset", "type": "string" }, "ContainsHeader": { "markdownDescription": "Whether or not the source CSV file contains a header.", "title": "ContainsHeader", "type": "boolean" }, "Delimiter": { "markdownDescription": "The character used to delimit the source CSV file.", "title": "Delimiter", "type": "string" }, "FileCompression": { "markdownDescription": "The level of compression of the source CSV file.", "title": "FileCompression", "type": "string" }, "HeaderList": { "items": { "type": "string" }, "markdownDescription": "A list of the source CSV file's headers, if any.", "title": "HeaderList", "type": "array" }, "QuoteSymbol": { "markdownDescription": "The character used as a quote character.", "title": "QuoteSymbol", "type": "string" } }, "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor": { "additionalProperties": false, "properties": { "CsvFormatDescriptor": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CsvFormatDescriptor", "markdownDescription": "Contains information about how a source CSV data file should be analyzed.", "title": "CsvFormatDescriptor" }, "JsonFormatDescriptor": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor", "markdownDescription": "Contains information about how a source JSON data file should be analyzed.", "title": "JsonFormatDescriptor" } }, "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.JsonFormatDescriptor": { "additionalProperties": false, "properties": { "Charset": { "markdownDescription": "The character set in which the source JSON file is written.", "title": "Charset", "type": "string" }, "FileCompression": { "markdownDescription": "The level of compression of the source CSV file.", "title": "FileCompression", "type": "string" } }, "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.Metric": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The function with which the metric is calculated.", "title": "AggregationFunction", "type": "string" }, "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "Namespace": { "markdownDescription": "The namespace for the metric.", "title": "Namespace", "type": "string" } }, "required": [ "AggregationFunction", "MetricName" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.MetricSet": { "additionalProperties": false, "properties": { "DimensionList": { "items": { "type": "string" }, "markdownDescription": "A list of the fields you want to treat as dimensions.", "title": "DimensionList", "type": "array" }, "MetricList": { "items": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.Metric" }, "markdownDescription": "A list of metrics that the dataset will contain.", "title": "MetricList", "type": "array" }, "MetricSetDescription": { "markdownDescription": "A description of the dataset you are creating.", "title": "MetricSetDescription", "type": "string" }, "MetricSetFrequency": { "markdownDescription": "The frequency with which the source data will be analyzed for anomalies.", "title": "MetricSetFrequency", "type": "string" }, "MetricSetName": { "markdownDescription": "The name of the dataset.", "title": "MetricSetName", "type": "string" }, "MetricSource": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.MetricSource", "markdownDescription": "Contains information about how the source data should be interpreted.", "title": "MetricSource" }, "Offset": { "markdownDescription": "After an interval ends, the amount of seconds that the detector waits before importing data. Offset is only supported for S3, Redshift, Athena and datasources.", "title": "Offset", "type": "number" }, "TimestampColumn": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.TimestampColumn", "markdownDescription": "Contains information about the column used for tracking time in your source data.", "title": "TimestampColumn" }, "Timezone": { "markdownDescription": "The time zone in which your source data was recorded.", "title": "Timezone", "type": "string" } }, "required": [ "MetricList", "MetricSetName", "MetricSource" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.MetricSource": { "additionalProperties": false, "properties": { "AppFlowConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.AppFlowConfig", "markdownDescription": "Details about an AppFlow datasource.", "title": "AppFlowConfig" }, "CloudwatchConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.CloudwatchConfig", "markdownDescription": "Details about an Amazon CloudWatch monitoring datasource.", "title": "CloudwatchConfig" }, "RDSSourceConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig", "markdownDescription": "Details about an Amazon Relational Database Service (RDS) datasource.", "title": "RDSSourceConfig" }, "RedshiftSourceConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig", "markdownDescription": "Details about an Amazon Redshift database datasource.", "title": "RedshiftSourceConfig" }, "S3SourceConfig": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig", "markdownDescription": "Contains information about the configuration of the S3 bucket that contains source files.", "title": "S3SourceConfig" } }, "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.RDSSourceConfig": { "additionalProperties": false, "properties": { "DBInstanceIdentifier": { "markdownDescription": "A string identifying the database instance.", "title": "DBInstanceIdentifier", "type": "string" }, "DatabaseHost": { "markdownDescription": "The host name of the database.", "title": "DatabaseHost", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the RDS database.", "title": "DatabaseName", "type": "string" }, "DatabasePort": { "markdownDescription": "The port number where the database can be accessed.", "title": "DatabasePort", "type": "number" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role.", "title": "RoleArn", "type": "string" }, "SecretManagerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", "title": "SecretManagerArn", "type": "string" }, "TableName": { "markdownDescription": "The name of the table in the database.", "title": "TableName", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", "markdownDescription": "An object containing information about the Amazon Virtual Private Cloud (VPC) configuration.", "title": "VpcConfiguration" } }, "required": [ "DBInstanceIdentifier", "DatabaseHost", "DatabaseName", "DatabasePort", "RoleArn", "SecretManagerArn", "TableName", "VpcConfiguration" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.RedshiftSourceConfig": { "additionalProperties": false, "properties": { "ClusterIdentifier": { "markdownDescription": "A string identifying the Redshift cluster.", "title": "ClusterIdentifier", "type": "string" }, "DatabaseHost": { "markdownDescription": "The name of the database host.", "title": "DatabaseHost", "type": "string" }, "DatabaseName": { "markdownDescription": "The Redshift database name.", "title": "DatabaseName", "type": "string" }, "DatabasePort": { "markdownDescription": "The port number where the database can be accessed.", "title": "DatabasePort", "type": "number" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role providing access to the database.", "title": "RoleArn", "type": "string" }, "SecretManagerArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager role.", "title": "SecretManagerArn", "type": "string" }, "TableName": { "markdownDescription": "The table name of the Redshift database.", "title": "TableName", "type": "string" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration", "markdownDescription": "Contains information about the Amazon Virtual Private Cloud (VPC) configuration.", "title": "VpcConfiguration" } }, "required": [ "ClusterIdentifier", "DatabaseHost", "DatabaseName", "DatabasePort", "RoleArn", "SecretManagerArn", "TableName", "VpcConfiguration" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.S3SourceConfig": { "additionalProperties": false, "properties": { "FileFormatDescriptor": { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector.FileFormatDescriptor", "markdownDescription": "Contains information about a source file's formatting.", "title": "FileFormatDescriptor" }, "HistoricalDataPathList": { "items": { "type": "string" }, "markdownDescription": "A list of paths to the historical data files.", "title": "HistoricalDataPathList", "type": "array" }, "RoleArn": { "markdownDescription": "The ARN of an IAM role that has read and write access permissions to the source S3 bucket.", "title": "RoleArn", "type": "string" }, "TemplatedPathList": { "items": { "type": "string" }, "markdownDescription": "A list of templated paths to the source files.", "title": "TemplatedPathList", "type": "array" } }, "required": [ "FileFormatDescriptor", "RoleArn" ], "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.TimestampColumn": { "additionalProperties": false, "properties": { "ColumnFormat": { "markdownDescription": "The format of the timestamp column.", "title": "ColumnFormat", "type": "string" }, "ColumnName": { "markdownDescription": "The name of the timestamp column.", "title": "ColumnName", "type": "string" } }, "type": "object" }, "AWS::LookoutMetrics::AnomalyDetector.VpcConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIdList": { "items": { "type": "string" }, "markdownDescription": "An array of strings containing the list of security groups.", "title": "SecurityGroupIdList", "type": "array" }, "SubnetIdList": { "items": { "type": "string" }, "markdownDescription": "An array of strings containing the Amazon VPC subnet IDs (e.g., `subnet-0bb1c79de3EXAMPLE` .", "title": "SubnetIdList", "type": "array" } }, "required": [ "SecurityGroupIdList", "SubnetIdList" ], "type": "object" }, "AWS::LookoutVision::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ProjectName": { "markdownDescription": "The name of the project.", "title": "ProjectName", "type": "string" } }, "required": [ "ProjectName" ], "type": "object" }, "Type": { "enum": [ "AWS::LookoutVision::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::M2::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Definition": { "$ref": "#/definitions/AWS::M2::Application.Definition", "markdownDescription": "The application definition for a particular application. You can specify either inline JSON or an Amazon S3 bucket location.\n\nFor information about application definitions, see the [AWS Mainframe Modernization User Guide](https://docs.aws.amazon.com/m2/latest/userguide/applications-m2-definition.html) .", "title": "Definition" }, "Description": { "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, "EngineType": { "markdownDescription": "The type of the target platform for this application.", "title": "EngineType", "type": "string" }, "KmsKeyId": { "markdownDescription": "The identifier of a customer managed key.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role associated with the application.", "title": "RoleArn", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Definition", "EngineType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::M2::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::M2::Application.Definition": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content of the application definition. This is a JSON object that contains the resource configuration/definitions that identify an application.", "title": "Content", "type": "string" }, "S3Location": { "markdownDescription": "The S3 bucket that contains the application definition.", "title": "S3Location", "type": "string" } }, "type": "object" }, "AWS::M2::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the runtime environment.", "title": "Description", "type": "string" }, "EngineType": { "markdownDescription": "The target platform for the runtime environment.", "title": "EngineType", "type": "string" }, "EngineVersion": { "markdownDescription": "The version of the runtime engine.", "title": "EngineVersion", "type": "string" }, "HighAvailabilityConfig": { "$ref": "#/definitions/AWS::M2::Environment.HighAvailabilityConfig", "markdownDescription": "Defines the details of a high availability configuration.", "title": "HighAvailabilityConfig" }, "InstanceType": { "markdownDescription": "The instance type of the runtime environment.", "title": "InstanceType", "type": "string" }, "KmsKeyId": { "markdownDescription": "The identifier of a customer managed key.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the runtime environment.", "title": "Name", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "Configures the maintenance window that you want for the runtime environment. The maintenance window must have the format `ddd:hh24:mi-ddd:hh24:mi` and must be less than 24 hours. The following two examples are valid maintenance windows: `sun:23:45-mon:00:15` or `sat:01:00-sat:03:00` .\n\nIf you do not provide a value, a random system-generated value will be assigned.", "title": "PreferredMaintenanceWindow", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "Specifies whether the runtime environment is publicly accessible.", "title": "PubliclyAccessible", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The list of security groups for the VPC associated with this runtime environment.", "title": "SecurityGroupIds", "type": "array" }, "StorageConfigurations": { "items": { "$ref": "#/definitions/AWS::M2::Environment.StorageConfiguration" }, "markdownDescription": "Defines the storage configuration for a runtime environment.", "title": "StorageConfigurations", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The list of subnets associated with the VPC for this runtime environment.", "title": "SubnetIds", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "EngineType", "InstanceType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::M2::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::M2::Environment.EfsStorageConfiguration": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The file system identifier.", "title": "FileSystemId", "type": "string" }, "MountPoint": { "markdownDescription": "The mount point for the file system.", "title": "MountPoint", "type": "string" } }, "required": [ "FileSystemId", "MountPoint" ], "type": "object" }, "AWS::M2::Environment.FsxStorageConfiguration": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The file system identifier.", "title": "FileSystemId", "type": "string" }, "MountPoint": { "markdownDescription": "The mount point for the file system.", "title": "MountPoint", "type": "string" } }, "required": [ "FileSystemId", "MountPoint" ], "type": "object" }, "AWS::M2::Environment.HighAvailabilityConfig": { "additionalProperties": false, "properties": { "DesiredCapacity": { "markdownDescription": "The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100.", "title": "DesiredCapacity", "type": "number" } }, "required": [ "DesiredCapacity" ], "type": "object" }, "AWS::M2::Environment.StorageConfiguration": { "additionalProperties": false, "properties": { "Efs": { "$ref": "#/definitions/AWS::M2::Environment.EfsStorageConfiguration", "markdownDescription": "Defines the storage configuration for an Amazon EFS file system.", "title": "Efs" }, "Fsx": { "$ref": "#/definitions/AWS::M2::Environment.FsxStorageConfiguration", "markdownDescription": "Defines the storage configuration for an Amazon FSx file system.", "title": "Fsx" } }, "type": "object" }, "AWS::MSK::BatchScramSecret": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterArn": { "markdownDescription": "", "title": "ClusterArn", "type": "string" }, "SecretArnList": { "items": { "type": "string" }, "markdownDescription": "", "title": "SecretArnList", "type": "array" } }, "required": [ "ClusterArn" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::BatchScramSecret" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BrokerNodeGroupInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.BrokerNodeGroupInfo", "markdownDescription": "Information about the broker nodes in the cluster.", "title": "BrokerNodeGroupInfo" }, "ClientAuthentication": { "$ref": "#/definitions/AWS::MSK::Cluster.ClientAuthentication", "markdownDescription": "Includes all client authentication related information.", "title": "ClientAuthentication" }, "ClusterName": { "markdownDescription": "The name of the cluster.", "title": "ClusterName", "type": "string" }, "ConfigurationInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.ConfigurationInfo", "markdownDescription": "Represents the configuration that you want MSK to use for the cluster.", "title": "ConfigurationInfo" }, "CurrentVersion": { "markdownDescription": "The version of the cluster that you want to update.", "title": "CurrentVersion", "type": "string" }, "EncryptionInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInfo", "markdownDescription": "Includes all encryption-related information.", "title": "EncryptionInfo" }, "EnhancedMonitoring": { "markdownDescription": "Specifies the level of monitoring for the MSK cluster. The possible values are `DEFAULT` , `PER_BROKER` , and `PER_TOPIC_PER_BROKER` .", "title": "EnhancedMonitoring", "type": "string" }, "KafkaVersion": { "markdownDescription": "The version of Apache Kafka. You can use Amazon MSK to create clusters that use Apache Kafka versions 1.1.1 and 2.2.1.", "title": "KafkaVersion", "type": "string" }, "LoggingInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.LoggingInfo", "markdownDescription": "Logging Info details.", "title": "LoggingInfo" }, "NumberOfBrokerNodes": { "markdownDescription": "The number of broker nodes in the cluster.", "title": "NumberOfBrokerNodes", "type": "number" }, "OpenMonitoring": { "$ref": "#/definitions/AWS::MSK::Cluster.OpenMonitoring", "markdownDescription": "The settings for open monitoring.", "title": "OpenMonitoring" }, "StorageMode": { "markdownDescription": "This controls storage mode for supported storage tiers.", "title": "StorageMode", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Create tags when creating the cluster.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "BrokerNodeGroupInfo", "ClusterName", "KafkaVersion", "NumberOfBrokerNodes" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::Cluster.BrokerLogs": { "additionalProperties": false, "properties": { "CloudWatchLogs": { "$ref": "#/definitions/AWS::MSK::Cluster.CloudWatchLogs", "markdownDescription": "Details of the CloudWatch Logs destination for broker logs.", "title": "CloudWatchLogs" }, "Firehose": { "$ref": "#/definitions/AWS::MSK::Cluster.Firehose", "markdownDescription": "Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs.", "title": "Firehose" }, "S3": { "$ref": "#/definitions/AWS::MSK::Cluster.S3", "markdownDescription": "Details of the Amazon S3 destination for broker logs.", "title": "S3" } }, "type": "object" }, "AWS::MSK::Cluster.BrokerNodeGroupInfo": { "additionalProperties": false, "properties": { "BrokerAZDistribution": { "markdownDescription": "This parameter is currently not in use.", "title": "BrokerAZDistribution", "type": "string" }, "ClientSubnets": { "items": { "type": "string" }, "markdownDescription": "The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces inside these subnets. Client applications use elastic network interfaces to produce and consume data.\n\nIf you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify.\n\nClient subnets can't occupy the Availability Zone with ID `use1-az3` .", "title": "ClientSubnets", "type": "array" }, "ConnectivityInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.ConnectivityInfo", "markdownDescription": "Information about the cluster's connectivity setting.", "title": "ConnectivityInfo" }, "InstanceType": { "markdownDescription": "The type of Amazon EC2 instances to use for brokers. The following instance types are allowed: kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge, and kafka.t3.small.", "title": "InstanceType", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups to associate with the elastic network interfaces in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission.", "title": "SecurityGroups", "type": "array" }, "StorageInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.StorageInfo", "markdownDescription": "Contains information about storage volumes attached to Amazon MSK broker nodes.", "title": "StorageInfo" } }, "required": [ "ClientSubnets", "InstanceType" ], "type": "object" }, "AWS::MSK::Cluster.ClientAuthentication": { "additionalProperties": false, "properties": { "Sasl": { "$ref": "#/definitions/AWS::MSK::Cluster.Sasl", "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", "title": "Sasl" }, "Tls": { "$ref": "#/definitions/AWS::MSK::Cluster.Tls", "markdownDescription": "Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` .", "title": "Tls" }, "Unauthenticated": { "$ref": "#/definitions/AWS::MSK::Cluster.Unauthenticated", "markdownDescription": "Details for ClientAuthentication using no authentication.", "title": "Unauthenticated" } }, "type": "object" }, "AWS::MSK::Cluster.CloudWatchLogs": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether broker logs get sent to the specified CloudWatch Logs destination.", "title": "Enabled", "type": "boolean" }, "LogGroup": { "markdownDescription": "The CloudWatch log group that is the destination for broker logs.", "title": "LogGroup", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.ConfigurationInfo": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "ARN of the configuration to use.", "title": "Arn", "type": "string" }, "Revision": { "markdownDescription": "The revision of the configuration to use.", "title": "Revision", "type": "number" } }, "required": [ "Arn", "Revision" ], "type": "object" }, "AWS::MSK::Cluster.ConnectivityInfo": { "additionalProperties": false, "properties": { "PublicAccess": { "$ref": "#/definitions/AWS::MSK::Cluster.PublicAccess", "markdownDescription": "Access control settings for the cluster's brokers.", "title": "PublicAccess" }, "VpcConnectivity": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivity", "markdownDescription": "VPC connection control settings for brokers", "title": "VpcConnectivity" } }, "type": "object" }, "AWS::MSK::Cluster.EBSStorageInfo": { "additionalProperties": false, "properties": { "ProvisionedThroughput": { "$ref": "#/definitions/AWS::MSK::Cluster.ProvisionedThroughput", "markdownDescription": "EBS volume provisioned throughput information.", "title": "ProvisionedThroughput" }, "VolumeSize": { "markdownDescription": "The size in GiB of the EBS volume for the data drive on each broker node.", "title": "VolumeSize", "type": "number" } }, "type": "object" }, "AWS::MSK::Cluster.EncryptionAtRest": { "additionalProperties": false, "properties": { "DataVolumeKMSKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it.", "title": "DataVolumeKMSKeyId", "type": "string" } }, "required": [ "DataVolumeKMSKeyId" ], "type": "object" }, "AWS::MSK::Cluster.EncryptionInTransit": { "additionalProperties": false, "properties": { "ClientBroker": { "markdownDescription": "Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values.\n\n`TLS` means that client-broker communication is enabled with TLS only.\n\n`TLS_PLAINTEXT` means that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data.\n\n`PLAINTEXT` means that client-broker communication is enabled in plaintext only.\n\nThe default value is `TLS` .", "title": "ClientBroker", "type": "string" }, "InCluster": { "markdownDescription": "When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext.\n\nThe default value is true.", "title": "InCluster", "type": "boolean" } }, "type": "object" }, "AWS::MSK::Cluster.EncryptionInfo": { "additionalProperties": false, "properties": { "EncryptionAtRest": { "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionAtRest", "markdownDescription": "The data-volume encryption details.", "title": "EncryptionAtRest" }, "EncryptionInTransit": { "$ref": "#/definitions/AWS::MSK::Cluster.EncryptionInTransit", "markdownDescription": "The details for encryption in transit.", "title": "EncryptionInTransit" } }, "type": "object" }, "AWS::MSK::Cluster.Firehose": { "additionalProperties": false, "properties": { "DeliveryStream": { "markdownDescription": "The Kinesis Data Firehose delivery stream that is the destination for broker logs.", "title": "DeliveryStream", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether broker logs get sent to the specified Kinesis Data Firehose delivery stream.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.Iam": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "SASL/IAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.JmxExporter": { "additionalProperties": false, "properties": { "EnabledInBroker": { "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", "title": "EnabledInBroker", "type": "boolean" } }, "required": [ "EnabledInBroker" ], "type": "object" }, "AWS::MSK::Cluster.LoggingInfo": { "additionalProperties": false, "properties": { "BrokerLogs": { "$ref": "#/definitions/AWS::MSK::Cluster.BrokerLogs", "markdownDescription": "You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations.", "title": "BrokerLogs" } }, "required": [ "BrokerLogs" ], "type": "object" }, "AWS::MSK::Cluster.NodeExporter": { "additionalProperties": false, "properties": { "EnabledInBroker": { "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", "title": "EnabledInBroker", "type": "boolean" } }, "required": [ "EnabledInBroker" ], "type": "object" }, "AWS::MSK::Cluster.OpenMonitoring": { "additionalProperties": false, "properties": { "Prometheus": { "$ref": "#/definitions/AWS::MSK::Cluster.Prometheus", "markdownDescription": "Prometheus exporter settings.", "title": "Prometheus" } }, "required": [ "Prometheus" ], "type": "object" }, "AWS::MSK::Cluster.Prometheus": { "additionalProperties": false, "properties": { "JmxExporter": { "$ref": "#/definitions/AWS::MSK::Cluster.JmxExporter", "markdownDescription": "Indicates whether you want to enable or disable the JMX Exporter.", "title": "JmxExporter" }, "NodeExporter": { "$ref": "#/definitions/AWS::MSK::Cluster.NodeExporter", "markdownDescription": "Indicates whether you want to enable or disable the Node Exporter.", "title": "NodeExporter" } }, "type": "object" }, "AWS::MSK::Cluster.ProvisionedThroughput": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Provisioned throughput is enabled or not.", "title": "Enabled", "type": "boolean" }, "VolumeThroughput": { "markdownDescription": "Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second.", "title": "VolumeThroughput", "type": "number" } }, "type": "object" }, "AWS::MSK::Cluster.PublicAccess": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::MSK::Cluster.S3": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket that is the destination for broker logs.", "title": "Bucket", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether broker logs get sent to the specified Amazon S3 destination.", "title": "Enabled", "type": "boolean" }, "Prefix": { "markdownDescription": "The S3 prefix that is the destination for broker logs.", "title": "Prefix", "type": "string" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.Sasl": { "additionalProperties": false, "properties": { "Iam": { "$ref": "#/definitions/AWS::MSK::Cluster.Iam", "markdownDescription": "Details for ClientAuthentication using IAM.", "title": "Iam" }, "Scram": { "$ref": "#/definitions/AWS::MSK::Cluster.Scram", "markdownDescription": "Details for SASL/SCRAM client authentication.", "title": "Scram" } }, "type": "object" }, "AWS::MSK::Cluster.Scram": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "SASL/SCRAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.StorageInfo": { "additionalProperties": false, "properties": { "EBSStorageInfo": { "$ref": "#/definitions/AWS::MSK::Cluster.EBSStorageInfo", "markdownDescription": "EBS volume information.", "title": "EBSStorageInfo" } }, "type": "object" }, "AWS::MSK::Cluster.Tls": { "additionalProperties": false, "properties": { "CertificateAuthorityArnList": { "items": { "type": "string" }, "markdownDescription": "List of AWS Private CA Amazon Resource Name (ARN)s.", "title": "CertificateAuthorityArnList", "type": "array" }, "Enabled": { "markdownDescription": "TLS authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::MSK::Cluster.Unauthenticated": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Unauthenticated is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.VpcConnectivity": { "additionalProperties": false, "properties": { "ClientAuthentication": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityClientAuthentication", "markdownDescription": "VPC connection control settings for brokers.", "title": "ClientAuthentication" } }, "type": "object" }, "AWS::MSK::Cluster.VpcConnectivityClientAuthentication": { "additionalProperties": false, "properties": { "Sasl": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivitySasl", "markdownDescription": "Details for VpcConnectivity ClientAuthentication using SASL.", "title": "Sasl" }, "Tls": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityTls", "markdownDescription": "Details for VpcConnectivity ClientAuthentication using TLS.", "title": "Tls" } }, "type": "object" }, "AWS::MSK::Cluster.VpcConnectivityIam": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "SASL/IAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.VpcConnectivitySasl": { "additionalProperties": false, "properties": { "Iam": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityIam", "markdownDescription": "Details for ClientAuthentication using IAM for VpcConnectivity.", "title": "Iam" }, "Scram": { "$ref": "#/definitions/AWS::MSK::Cluster.VpcConnectivityScram", "markdownDescription": "Details for SASL/SCRAM client authentication for VpcConnectivity.", "title": "Scram" } }, "type": "object" }, "AWS::MSK::Cluster.VpcConnectivityScram": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "SASL/SCRAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::Cluster.VpcConnectivityTls": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "TLS authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::ClusterPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) that uniquely identifies the cluster.", "title": "ClusterArn", "type": "string" }, "Policy": { "markdownDescription": "Resource policy for the cluster.", "title": "Policy", "type": "object" } }, "required": [ "ClusterArn", "Policy" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::ClusterPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::Configuration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the configuration.", "title": "Description", "type": "string" }, "KafkaVersionsList": { "items": { "type": "string" }, "markdownDescription": "", "title": "KafkaVersionsList", "type": "array" }, "LatestRevision": { "$ref": "#/definitions/AWS::MSK::Configuration.LatestRevision", "markdownDescription": "Latest revision of the configuration.", "title": "LatestRevision" }, "Name": { "markdownDescription": "The name of the configuration. Configuration names are strings that match the regex \"^[0-9A-Za-z][0-9A-Za-z-]{0,}$\".", "title": "Name", "type": "string" }, "ServerProperties": { "markdownDescription": "Contents of the server.properties file. When using the API, you must ensure that the contents of the file are base64 encoded. When using the console, the SDK, or the CLI, the contents of server.properties can be in plaintext.", "title": "ServerProperties", "type": "string" } }, "required": [ "Name", "ServerProperties" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::Configuration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::Configuration.LatestRevision": { "additionalProperties": false, "properties": { "CreationTime": { "markdownDescription": "", "title": "CreationTime", "type": "string" }, "Description": { "markdownDescription": "", "title": "Description", "type": "string" }, "Revision": { "markdownDescription": "", "title": "Revision", "type": "number" } }, "type": "object" }, "AWS::MSK::Replicator": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CurrentVersion": { "markdownDescription": "", "title": "CurrentVersion", "type": "string" }, "Description": { "markdownDescription": "", "title": "Description", "type": "string" }, "KafkaClusters": { "items": { "$ref": "#/definitions/AWS::MSK::Replicator.KafkaCluster" }, "markdownDescription": "", "title": "KafkaClusters", "type": "array" }, "ReplicationInfoList": { "items": { "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationInfo" }, "markdownDescription": "", "title": "ReplicationInfoList", "type": "array" }, "ReplicatorName": { "markdownDescription": "", "title": "ReplicatorName", "type": "string" }, "ServiceExecutionRoleArn": { "markdownDescription": "", "title": "ServiceExecutionRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "KafkaClusters", "ReplicationInfoList", "ReplicatorName", "ServiceExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::Replicator" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::Replicator.AmazonMskCluster": { "additionalProperties": false, "properties": { "MskClusterArn": { "markdownDescription": "", "title": "MskClusterArn", "type": "string" } }, "required": [ "MskClusterArn" ], "type": "object" }, "AWS::MSK::Replicator.ConsumerGroupReplication": { "additionalProperties": false, "properties": { "ConsumerGroupsToExclude": { "items": { "type": "string" }, "markdownDescription": "", "title": "ConsumerGroupsToExclude", "type": "array" }, "ConsumerGroupsToReplicate": { "items": { "type": "string" }, "markdownDescription": "", "title": "ConsumerGroupsToReplicate", "type": "array" }, "DetectAndCopyNewConsumerGroups": { "markdownDescription": "", "title": "DetectAndCopyNewConsumerGroups", "type": "boolean" }, "SynchroniseConsumerGroupOffsets": { "markdownDescription": "", "title": "SynchroniseConsumerGroupOffsets", "type": "boolean" } }, "required": [ "ConsumerGroupsToReplicate" ], "type": "object" }, "AWS::MSK::Replicator.KafkaCluster": { "additionalProperties": false, "properties": { "AmazonMskCluster": { "$ref": "#/definitions/AWS::MSK::Replicator.AmazonMskCluster", "markdownDescription": "", "title": "AmazonMskCluster" }, "VpcConfig": { "$ref": "#/definitions/AWS::MSK::Replicator.KafkaClusterClientVpcConfig", "markdownDescription": "", "title": "VpcConfig" } }, "required": [ "AmazonMskCluster", "VpcConfig" ], "type": "object" }, "AWS::MSK::Replicator.KafkaClusterClientVpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "", "title": "SubnetIds", "type": "array" } }, "required": [ "SubnetIds" ], "type": "object" }, "AWS::MSK::Replicator.ReplicationInfo": { "additionalProperties": false, "properties": { "ConsumerGroupReplication": { "$ref": "#/definitions/AWS::MSK::Replicator.ConsumerGroupReplication", "markdownDescription": "", "title": "ConsumerGroupReplication" }, "SourceKafkaClusterArn": { "markdownDescription": "", "title": "SourceKafkaClusterArn", "type": "string" }, "TargetCompressionType": { "markdownDescription": "", "title": "TargetCompressionType", "type": "string" }, "TargetKafkaClusterArn": { "markdownDescription": "", "title": "TargetKafkaClusterArn", "type": "string" }, "TopicReplication": { "$ref": "#/definitions/AWS::MSK::Replicator.TopicReplication", "markdownDescription": "", "title": "TopicReplication" } }, "required": [ "ConsumerGroupReplication", "SourceKafkaClusterArn", "TargetCompressionType", "TargetKafkaClusterArn", "TopicReplication" ], "type": "object" }, "AWS::MSK::Replicator.ReplicationStartingPosition": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::MSK::Replicator.TopicReplication": { "additionalProperties": false, "properties": { "CopyAccessControlListsForTopics": { "markdownDescription": "", "title": "CopyAccessControlListsForTopics", "type": "boolean" }, "CopyTopicConfigurations": { "markdownDescription": "", "title": "CopyTopicConfigurations", "type": "boolean" }, "DetectAndCopyNewTopics": { "markdownDescription": "", "title": "DetectAndCopyNewTopics", "type": "boolean" }, "StartingPosition": { "$ref": "#/definitions/AWS::MSK::Replicator.ReplicationStartingPosition", "markdownDescription": "", "title": "StartingPosition" }, "TopicsToExclude": { "items": { "type": "string" }, "markdownDescription": "", "title": "TopicsToExclude", "type": "array" }, "TopicsToReplicate": { "items": { "type": "string" }, "markdownDescription": "", "title": "TopicsToReplicate", "type": "array" } }, "required": [ "TopicsToReplicate" ], "type": "object" }, "AWS::MSK::ServerlessCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientAuthentication": { "$ref": "#/definitions/AWS::MSK::ServerlessCluster.ClientAuthentication", "markdownDescription": "Includes all client authentication information.", "title": "ClientAuthentication" }, "ClusterName": { "markdownDescription": "", "title": "ClusterName", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "VpcConfigs": { "items": { "$ref": "#/definitions/AWS::MSK::ServerlessCluster.VpcConfig" }, "markdownDescription": "", "title": "VpcConfigs", "type": "array" } }, "required": [ "ClientAuthentication", "ClusterName", "VpcConfigs" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::ServerlessCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MSK::ServerlessCluster.ClientAuthentication": { "additionalProperties": false, "properties": { "Sasl": { "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Sasl", "markdownDescription": "Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true.", "title": "Sasl" } }, "required": [ "Sasl" ], "type": "object" }, "AWS::MSK::ServerlessCluster.Iam": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "SASL/IAM authentication is enabled or not.", "title": "Enabled", "type": "boolean" } }, "required": [ "Enabled" ], "type": "object" }, "AWS::MSK::ServerlessCluster.Sasl": { "additionalProperties": false, "properties": { "Iam": { "$ref": "#/definitions/AWS::MSK::ServerlessCluster.Iam", "markdownDescription": "Details for ClientAuthentication using IAM.", "title": "Iam" } }, "required": [ "Iam" ], "type": "object" }, "AWS::MSK::ServerlessCluster.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "", "title": "SecurityGroups", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "", "title": "SubnetIds", "type": "array" } }, "required": [ "SubnetIds" ], "type": "object" }, "AWS::MSK::VpcConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Authentication": { "markdownDescription": "The type of private link authentication.", "title": "Authentication", "type": "string" }, "ClientSubnets": { "items": { "type": "string" }, "markdownDescription": "The list of subnets in the client VPC to connect to.", "title": "ClientSubnets", "type": "array" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups to attach to the ENIs for the broker nodes.", "title": "SecurityGroups", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "Create tags when creating the VPC connection.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "TargetClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the cluster.", "title": "TargetClusterArn", "type": "string" }, "VpcId": { "markdownDescription": "The VPC id of the remote client.", "title": "VpcId", "type": "string" } }, "required": [ "Authentication", "ClientSubnets", "SecurityGroups", "TargetClusterArn", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::MSK::VpcConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MWAA::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AirflowConfigurationOptions": { "markdownDescription": "A list of key-value pairs containing the Airflow configuration options for your environment. For example, `core.default_timezone: utc` . To learn more, see [Apache Airflow configuration options](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-env-variables.html) .", "title": "AirflowConfigurationOptions", "type": "object" }, "AirflowVersion": { "markdownDescription": "The version of Apache Airflow to use for the environment. If no value is specified, defaults to the latest version.\n\nIf you specify a newer version number for an existing environment, the version update requires some service interruption before taking effect.\n\n*Allowed Values* : `1.10.12` | `2.0.2` | `2.2.2` | `2.4.3` | `2.5.1` | `2.6.3` | `2.7.2` (latest)", "title": "AirflowVersion", "type": "string" }, "DagS3Path": { "markdownDescription": "The relative path to the DAGs folder on your Amazon S3 bucket. For example, `dags` . To learn more, see [Adding or updating DAGs](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-folder.html) .", "title": "DagS3Path", "type": "string" }, "EndpointManagement": { "markdownDescription": "Defines whether the VPC endpoints configured for the environment are created, and managed, by the customer or by Amazon MWAA. If set to `SERVICE` , Amazon MWAA will create and manage the required VPC endpoints in your VPC. If set to `CUSTOMER` , you must create, and manage, the VPC endpoints in your VPC.", "title": "EndpointManagement", "type": "string" }, "EnvironmentClass": { "markdownDescription": "The environment class type. Valid values: `mw1.small` , `mw1.medium` , `mw1.large` . To learn more, see [Amazon MWAA environment class](https://docs.aws.amazon.com/mwaa/latest/userguide/environment-class.html) .", "title": "EnvironmentClass", "type": "string" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the execution role in IAM that allows MWAA to access AWS resources in your environment. For example, `arn:aws:iam::123456789:role/my-execution-role` . To learn more, see [Amazon MWAA Execution role](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-create-role.html) .", "title": "ExecutionRoleArn", "type": "string" }, "KmsKey": { "markdownDescription": "The AWS Key Management Service (KMS) key to encrypt and decrypt the data in your environment. You can use an AWS KMS key managed by MWAA, or a customer-managed KMS key (advanced).", "title": "KmsKey", "type": "string" }, "LoggingConfiguration": { "$ref": "#/definitions/AWS::MWAA::Environment.LoggingConfiguration", "markdownDescription": "The Apache Airflow logs being sent to CloudWatch Logs: `DagProcessingLogs` , `SchedulerLogs` , `TaskLogs` , `WebserverLogs` , `WorkerLogs` .", "title": "LoggingConfiguration" }, "MaxWorkers": { "markdownDescription": "The maximum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. For example, `20` . When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the one worker that is included with your environment, or the number you specify in `MinWorkers` .", "title": "MaxWorkers", "type": "number" }, "MinWorkers": { "markdownDescription": "The minimum number of workers that you want to run in your environment. MWAA scales the number of Apache Airflow workers up to the number you specify in the `MaxWorkers` field. When there are no more tasks running, and no more in the queue, MWAA disposes of the extra workers leaving the worker count you specify in the `MinWorkers` field. For example, `2` .", "title": "MinWorkers", "type": "number" }, "Name": { "markdownDescription": "The name of your Amazon MWAA environment.", "title": "Name", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::MWAA::Environment.NetworkConfiguration", "markdownDescription": "The VPC networking components used to secure and enable network traffic between the AWS resources for your environment. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", "title": "NetworkConfiguration" }, "PluginsS3ObjectVersion": { "markdownDescription": "The version of the plugins.zip file on your Amazon S3 bucket. To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", "title": "PluginsS3ObjectVersion", "type": "string" }, "PluginsS3Path": { "markdownDescription": "The relative path to the `plugins.zip` file on your Amazon S3 bucket. For example, `plugins.zip` . To learn more, see [Installing custom plugins](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-dag-import-plugins.html) .", "title": "PluginsS3Path", "type": "string" }, "RequirementsS3ObjectVersion": { "markdownDescription": "The version of the requirements.txt file on your Amazon S3 bucket. To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", "title": "RequirementsS3ObjectVersion", "type": "string" }, "RequirementsS3Path": { "markdownDescription": "The relative path to the `requirements.txt` file on your Amazon S3 bucket. For example, `requirements.txt` . To learn more, see [Installing Python dependencies](https://docs.aws.amazon.com/mwaa/latest/userguide/working-dags-dependencies.html) .", "title": "RequirementsS3Path", "type": "string" }, "Schedulers": { "markdownDescription": "The number of schedulers that you want to run in your environment. Valid values:\n\n- *v2* - Accepts between 2 to 5. Defaults to 2.\n- *v1* - Accepts 1.", "title": "Schedulers", "type": "number" }, "SourceBucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 bucket where your DAG code and supporting files are stored. For example, `arn:aws:s3:::my-airflow-bucket-unique-name` . To learn more, see [Create an Amazon S3 bucket for Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/mwaa-s3-bucket.html) .", "title": "SourceBucketArn", "type": "string" }, "StartupScriptS3ObjectVersion": { "markdownDescription": "The version of the startup shell script in your Amazon S3 bucket. You must specify the [version ID](https://docs.aws.amazon.com/AmazonS3/latest/userguide/versioning-workflows.html) that Amazon S3 assigns to the file every time you update the script.\n\nVersion IDs are Unicode, UTF-8 encoded, URL-ready, opaque strings that are no more than 1,024 bytes long. The following is an example:\n\n`3sL4kqtJlcpXroDTDmJ+rmSpXd3dIbrHY+MTRCxf3vjVBH40Nr8X8gdRQBpUMLUo`\n\nFor more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", "title": "StartupScriptS3ObjectVersion", "type": "string" }, "StartupScriptS3Path": { "markdownDescription": "The relative path to the startup shell script in your Amazon S3 bucket. For example, `s3://mwaa-environment/startup.sh` .\n\nAmazon MWAA runs the script as your environment starts, and before running the Apache Airflow process. You can use this script to install dependencies, modify Apache Airflow configuration options, and set environment variables. For more information, see [Using a startup script](https://docs.aws.amazon.com/mwaa/latest/userguide/using-startup-script.html) .", "title": "StartupScriptS3Path", "type": "string" }, "Tags": { "markdownDescription": "The key-value tag pairs associated to your environment. For example, `\"Environment\": \"Staging\"` . To learn more, see [Tagging](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .\n\nIf you specify new tags for an existing environment, the update requires service interruption before taking effect.", "title": "Tags", "type": "object" }, "WebserverAccessMode": { "markdownDescription": "The Apache Airflow *Web server* access mode. To learn more, see [Apache Airflow access modes](https://docs.aws.amazon.com/mwaa/latest/userguide/configuring-networking.html) . Valid values: `PRIVATE_ONLY` or `PUBLIC_ONLY` .", "title": "WebserverAccessMode", "type": "string" }, "WeeklyMaintenanceWindowStart": { "markdownDescription": "The day and time of the week to start weekly maintenance updates of your environment in the following format: `DAY:HH:MM` . For example: `TUE:03:30` . You can specify a start time in 30 minute increments only. Supported input includes the following:\n\n- MON|TUE|WED|THU|FRI|SAT|SUN:([01]\\\\d|2[0-3]):(00|30)", "title": "WeeklyMaintenanceWindowStart", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::MWAA::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MWAA::Environment.LoggingConfiguration": { "additionalProperties": false, "properties": { "DagProcessingLogs": { "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", "markdownDescription": "Defines the processing logs sent to CloudWatch Logs and the logging level to send.", "title": "DagProcessingLogs" }, "SchedulerLogs": { "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", "markdownDescription": "Defines the scheduler logs sent to CloudWatch Logs and the logging level to send.", "title": "SchedulerLogs" }, "TaskLogs": { "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", "markdownDescription": "Defines the task logs sent to CloudWatch Logs and the logging level to send.", "title": "TaskLogs" }, "WebserverLogs": { "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", "markdownDescription": "Defines the web server logs sent to CloudWatch Logs and the logging level to send.", "title": "WebserverLogs" }, "WorkerLogs": { "$ref": "#/definitions/AWS::MWAA::Environment.ModuleLoggingConfiguration", "markdownDescription": "Defines the worker logs sent to CloudWatch Logs and the logging level to send.", "title": "WorkerLogs" } }, "type": "object" }, "AWS::MWAA::Environment.ModuleLoggingConfiguration": { "additionalProperties": false, "properties": { "CloudWatchLogGroupArn": { "markdownDescription": "The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled.\n\n> `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA.", "title": "CloudWatchLogGroupArn", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs.", "title": "Enabled", "type": "boolean" }, "LogLevel": { "markdownDescription": "Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. Valid values: `CRITICAL` , `ERROR` , `WARNING` , `INFO` .", "title": "LogLevel", "type": "string" } }, "type": "object" }, "AWS::MWAA::Environment.NetworkConfiguration": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of one or more security group IDs. Accepts up to 5 security group IDs. A security group must be attached to the same VPC as the subnets. To learn more, see [Security in your VPC on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/vpc-security.html) .", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs. *Required* to create an environment. Must be private subnets in two different availability zones. A subnet must be attached to the same VPC as the security group. To learn more, see [About networking on Amazon MWAA](https://docs.aws.amazon.com/mwaa/latest/userguide/networking-about.html) .", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::Macie::AllowList": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Criteria": { "$ref": "#/definitions/AWS::Macie::AllowList.Criteria", "markdownDescription": "The criteria that specify the text or text pattern to ignore. The criteria can be the location and name of an Amazon S3 object that lists specific text to ignore ( `S3WordsList` ), or a regular expression ( `Regex` ) that defines a text pattern to ignore.", "title": "Criteria" }, "Description": { "markdownDescription": "A custom description of the allow list. The description can contain 1-512 characters.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A custom name for the allow list. The name can contain 1-128 characters.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the allow list.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Criteria", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Macie::AllowList" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Macie::AllowList.Criteria": { "additionalProperties": false, "properties": { "Regex": { "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to ignore. The expression can contain 1-512 characters.", "title": "Regex", "type": "string" }, "S3WordsList": { "$ref": "#/definitions/AWS::Macie::AllowList.S3WordsList", "markdownDescription": "The location and name of an Amazon S3 object that lists specific text to ignore.", "title": "S3WordsList" } }, "type": "object" }, "AWS::Macie::AllowList.S3WordsList": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The full name of the S3 bucket that contains the object. This value correlates to the `Name` field of a bucket's properties in Amazon S3 .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", "title": "BucketName", "type": "string" }, "ObjectKey": { "markdownDescription": "The full name of the S3 object. This value correlates to the `Key` field of an object's properties in Amazon S3 . If the name includes a path, include the complete path. For example, `AllowLists/Macie/MyList.txt` .\n\nThis value is case sensitive. In addition, don't use wildcard characters or specify partial values for the name.", "title": "ObjectKey", "type": "string" } }, "required": [ "BucketName", "ObjectKey" ], "type": "object" }, "AWS::Macie::CustomDataIdentifier": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A custom description of the custom data identifier. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Description", "type": "string" }, "IgnoreWords": { "items": { "type": "string" }, "markdownDescription": "An array of character sequences ( *ignore words* ) to exclude from the results. If text matches the regular expression ( `Regex` ) but it contains a string in this array, Amazon Macie ignores the text and doesn't include it in the results.\n\nThe array can contain 1-10 ignore words. Each ignore word can contain 4-90 UTF-8 characters. Ignore words are case sensitive.", "title": "IgnoreWords", "type": "array" }, "Keywords": { "items": { "type": "string" }, "markdownDescription": "An array of character sequences ( *keywords* ), one of which must precede and be in proximity ( `MaximumMatchDistance` ) of the regular expression ( `Regex` ) to match.\n\nThe array can contain 1-50 keywords. Each keyword can contain 3-90 UTF-8 characters. Keywords aren't case sensitive.", "title": "Keywords", "type": "array" }, "MaximumMatchDistance": { "markdownDescription": "The maximum number of characters that can exist between the end of at least one complete character sequence specified by the `Keywords` array and the end of text that matches the regular expression ( `Regex` ). If a complete keyword precedes all the text that matches the regular expression and the keyword is within the specified distance, Amazon Macie includes the result.\n\nThe distance can be 1-300 characters. The default value is 50.", "title": "MaximumMatchDistance", "type": "number" }, "Name": { "markdownDescription": "A custom name for the custom data identifier. The name can contain 1-128 characters.\n\nAvoid including sensitive data in the name of a custom data identifier. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, "Regex": { "markdownDescription": "The regular expression ( *regex* ) that defines the text pattern to match. The expression can contain 1-512 characters.", "title": "Regex", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the custom data identifier.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Name", "Regex" ], "type": "object" }, "Type": { "enum": [ "AWS::Macie::CustomDataIdentifier" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Macie::FindingsFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to perform on findings that match the filter criteria ( `FindingCriteria` ). Valid values are:\n\n- `ARCHIVE` - Suppress (automatically archive) the findings.\n- `NOOP` - Don't perform any action on the findings.", "title": "Action", "type": "string" }, "Description": { "markdownDescription": "A custom description of the findings filter. The description can contain 1-512 characters.\n\nAvoid including sensitive data in the description. Users of the account might be able to see the description, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Description", "type": "string" }, "FindingCriteria": { "$ref": "#/definitions/AWS::Macie::FindingsFilter.FindingCriteria", "markdownDescription": "The criteria to use to filter findings.", "title": "FindingCriteria" }, "Name": { "markdownDescription": "A custom name for the findings filter. The name can contain 3-64 characters.\n\nAvoid including sensitive data in the name. Users of the account might be able to see the name, depending on the actions that they're allowed to perform in Amazon Macie .", "title": "Name", "type": "string" }, "Position": { "markdownDescription": "The position of the findings filter in the list of saved filter rules on the Amazon Macie console. This value also determines the order in which the filter is applied to findings, relative to other filters that are also applied to findings.", "title": "Position", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to the findings filter.\n\nFor more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "FindingCriteria", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Macie::FindingsFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Macie::FindingsFilter.CriterionAdditionalProperties": { "additionalProperties": false, "properties": { "eq": { "items": { "type": "string" }, "markdownDescription": "The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", "title": "eq", "type": "array" }, "gt": { "markdownDescription": "The value for the specified property is greater than the specified value.", "title": "gt", "type": "number" }, "gte": { "markdownDescription": "The value for the specified property is greater than or equal to the specified value.", "title": "gte", "type": "number" }, "lt": { "markdownDescription": "The value for the specified property is less than the specified value.", "title": "lt", "type": "number" }, "lte": { "markdownDescription": "The value for the specified property is less than or equal to the specified value.", "title": "lte", "type": "number" }, "neq": { "items": { "type": "string" }, "markdownDescription": "The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values.", "title": "neq", "type": "array" } }, "type": "object" }, "AWS::Macie::FindingsFilter.FindingCriteria": { "additionalProperties": false, "properties": { "Criterion": { "additionalProperties": false, "markdownDescription": "Specifies a condition that defines the property, operator, and one or more values to use to filter the results.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Macie::FindingsFilter.CriterionAdditionalProperties" } }, "title": "Criterion", "type": "object" } }, "type": "object" }, "AWS::Macie::Session": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FindingPublishingFrequency": { "markdownDescription": "Specifies how often Amazon Macie publishes updates to policy findings for the account. This includes publishing updates to AWS Security Hub and Amazon EventBridge (formerly Amazon CloudWatch Events ). Valid values are:\n\n- FIFTEEN_MINUTES\n- ONE_HOUR\n- SIX_HOURS", "title": "FindingPublishingFrequency", "type": "string" }, "Status": { "markdownDescription": "The status of Amazon Macie for the account. Valid values are: `ENABLED` , start or resume all Macie activities for the account; and, `PAUSED` , suspend all Macie activities for the account.", "title": "Status", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Macie::Session" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ManagedBlockchain::Accessor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessorType": { "markdownDescription": "The type of the accessor.\n\n> Currently, accessor type is restricted to `BILLING_TOKEN` .", "title": "AccessorType", "type": "string" }, "NetworkType": { "markdownDescription": "The blockchain network that the `Accessor` token is created for.\n\n> We recommend using the appropriate `networkType` value for the blockchain network that you are creating the `Accessor` token for. You cannot use the value `ETHEREUM_MAINNET_AND_GOERLI` to specify a `networkType` for your Accessor token.\n> \n> The default value of `ETHEREUM_MAINNET_AND_GOERLI` is only applied:\n> \n> - when the `CreateAccessor` action does not set a `networkType` .\n> - to all existing `Accessor` tokens that were created before the `networkType` property was introduced.", "title": "NetworkType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the Accessor.\n\nFor more information about tags, see [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/ethereum-dev/tagging-resources.html) in the *Amazon Managed Blockchain Ethereum Developer Guide* , or [Tagging Resources](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/tagging-resources.html) in the *Amazon Managed Blockchain Hyperledger Fabric Developer Guide* .", "title": "Tags", "type": "array" } }, "required": [ "AccessorType" ], "type": "object" }, "Type": { "enum": [ "AWS::ManagedBlockchain::Accessor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ManagedBlockchain::Member": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InvitationId": { "markdownDescription": "The unique identifier of the invitation to join the network sent to the account that creates the member.", "title": "InvitationId", "type": "string" }, "MemberConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberConfiguration", "markdownDescription": "Configuration properties of the member.", "title": "MemberConfiguration" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkConfiguration", "markdownDescription": "Configuration properties of the network to which the member belongs.", "title": "NetworkConfiguration" }, "NetworkId": { "markdownDescription": "The unique identifier of the network to which the member belongs.", "title": "NetworkId", "type": "string" } }, "required": [ "MemberConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::ManagedBlockchain::Member" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy": { "additionalProperties": false, "properties": { "ProposalDurationInHours": { "markdownDescription": "The duration from the time that a proposal is created until it expires. If members cast neither the required number of `YES` votes to approve the proposal nor the number of `NO` votes required to reject it before the duration expires, the proposal is `EXPIRED` and `ProposalActions` aren't carried out.", "title": "ProposalDurationInHours", "type": "number" }, "ThresholdComparator": { "markdownDescription": "Determines whether the vote percentage must be greater than the `ThresholdPercentage` or must be greater than or equal to the `ThresholdPercentage` to be approved.", "title": "ThresholdComparator", "type": "string" }, "ThresholdPercentage": { "markdownDescription": "The percentage of votes among all members that must be `YES` for a proposal to be approved. For example, a `ThresholdPercentage` value of `50` indicates 50%. The `ThresholdComparator` determines the precise comparison. If a `ThresholdPercentage` value of `50` is specified on a network with 10 members, along with a `ThresholdComparator` value of `GREATER_THAN` , this indicates that 6 `YES` votes are required for the proposal to be approved.", "title": "ThresholdPercentage", "type": "number" } }, "type": "object" }, "AWS::ManagedBlockchain::Member.MemberConfiguration": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description of the member.", "title": "Description", "type": "string" }, "MemberFrameworkConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration", "markdownDescription": "Configuration properties of the blockchain framework relevant to the member.", "title": "MemberFrameworkConfiguration" }, "Name": { "markdownDescription": "The name of the member.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::ManagedBlockchain::Member.MemberFabricConfiguration": { "additionalProperties": false, "properties": { "AdminPassword": { "markdownDescription": "The password for the member's initial administrative user. The `AdminPassword` must be at least 8 characters long and no more than 32 characters. It must contain at least one uppercase letter, one lowercase letter, and one digit. It cannot have a single quotation mark (\u2018), a double quotation marks (\u201c), a forward slash(/), a backward slash(\\), @, or a space.", "title": "AdminPassword", "type": "string" }, "AdminUsername": { "markdownDescription": "The user name for the member's initial administrative user.", "title": "AdminUsername", "type": "string" } }, "required": [ "AdminPassword", "AdminUsername" ], "type": "object" }, "AWS::ManagedBlockchain::Member.MemberFrameworkConfiguration": { "additionalProperties": false, "properties": { "MemberFabricConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.MemberFabricConfiguration", "markdownDescription": "Configuration properties for Hyperledger Fabric.", "title": "MemberFabricConfiguration" } }, "type": "object" }, "AWS::ManagedBlockchain::Member.NetworkConfiguration": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Attributes of the blockchain framework for the network.", "title": "Description", "type": "string" }, "Framework": { "markdownDescription": "The blockchain framework that the network uses.", "title": "Framework", "type": "string" }, "FrameworkVersion": { "markdownDescription": "The version of the blockchain framework that the network uses.", "title": "FrameworkVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the network.", "title": "Name", "type": "string" }, "NetworkFrameworkConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration", "markdownDescription": "Configuration properties relevant to the network for the blockchain framework that the network uses.", "title": "NetworkFrameworkConfiguration" }, "VotingPolicy": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.VotingPolicy", "markdownDescription": "The voting rules that the network uses to decide if a proposal is accepted.", "title": "VotingPolicy" } }, "required": [ "Framework", "FrameworkVersion", "Name", "VotingPolicy" ], "type": "object" }, "AWS::ManagedBlockchain::Member.NetworkFabricConfiguration": { "additionalProperties": false, "properties": { "Edition": { "markdownDescription": "The edition of Amazon Managed Blockchain that the network uses. Valid values are `standard` and `starter` . For more information, see [Amazon Managed Blockchain Pricing](https://docs.aws.amazon.com/managed-blockchain/pricing/)", "title": "Edition", "type": "string" } }, "required": [ "Edition" ], "type": "object" }, "AWS::ManagedBlockchain::Member.NetworkFrameworkConfiguration": { "additionalProperties": false, "properties": { "NetworkFabricConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.NetworkFabricConfiguration", "markdownDescription": "Configuration properties for Hyperledger Fabric for a member in a Managed Blockchain network that is using the Hyperledger Fabric framework.", "title": "NetworkFabricConfiguration" } }, "type": "object" }, "AWS::ManagedBlockchain::Member.VotingPolicy": { "additionalProperties": false, "properties": { "ApprovalThresholdPolicy": { "$ref": "#/definitions/AWS::ManagedBlockchain::Member.ApprovalThresholdPolicy", "markdownDescription": "Defines the rules for the network for voting on proposals, such as the percentage of `YES` votes required for the proposal to be approved and the duration of the proposal. The policy applies to all proposals and is specified when the network is created.", "title": "ApprovalThresholdPolicy" } }, "type": "object" }, "AWS::ManagedBlockchain::Node": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MemberId": { "markdownDescription": "The unique identifier of the member to which the node belongs. Applies only to Hyperledger Fabric.", "title": "MemberId", "type": "string" }, "NetworkId": { "markdownDescription": "The unique identifier of the network for the node.\n\nEthereum public networks have the following `NetworkId` s:\n\n- `n-ethereum-mainnet`", "title": "NetworkId", "type": "string" }, "NodeConfiguration": { "$ref": "#/definitions/AWS::ManagedBlockchain::Node.NodeConfiguration", "markdownDescription": "Configuration properties of a peer node.", "title": "NodeConfiguration" } }, "required": [ "NetworkId", "NodeConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::ManagedBlockchain::Node" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ManagedBlockchain::Node.NodeConfiguration": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone in which the node exists. Required for Ethereum nodes.", "title": "AvailabilityZone", "type": "string" }, "InstanceType": { "markdownDescription": "The Amazon Managed Blockchain instance type for the node.", "title": "InstanceType", "type": "string" } }, "required": [ "AvailabilityZone", "InstanceType" ], "type": "object" }, "AWS::MediaConnect::Bridge": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EgressGatewayBridge": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.EgressGatewayBridge", "markdownDescription": "Create a bridge with the egress bridge type. An egress bridge is a cloud-to-ground bridge. The content comes from an existing MediaConnect flow and is delivered to your premises.", "title": "EgressGatewayBridge" }, "IngressGatewayBridge": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.IngressGatewayBridge", "markdownDescription": "Create a bridge with the ingress bridge type. An ingress bridge is a ground-to-cloud bridge. The content originates at your premises and is delivered to the cloud.", "title": "IngressGatewayBridge" }, "Name": { "markdownDescription": "The name of the bridge. This name can not be modified after the bridge is created.", "title": "Name", "type": "string" }, "Outputs": { "items": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeOutput" }, "markdownDescription": "The outputs that you want to add to this bridge.", "title": "Outputs", "type": "array" }, "PlacementArn": { "markdownDescription": "The bridge placement Amazon Resource Number (ARN).", "title": "PlacementArn", "type": "string" }, "SourceFailoverConfig": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.FailoverConfig", "markdownDescription": "The settings for source failover.", "title": "SourceFailoverConfig" }, "Sources": { "items": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeSource" }, "markdownDescription": "The sources that you want to add to this bridge.", "title": "Sources", "type": "array" } }, "required": [ "Name", "PlacementArn", "Sources" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::Bridge" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::Bridge.BridgeFlowSource": { "additionalProperties": false, "properties": { "FlowArn": { "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", "title": "FlowArn", "type": "string" }, "FlowVpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this source.", "title": "FlowVpcInterfaceAttachment" }, "Name": { "markdownDescription": "The name of the flow source.", "title": "Name", "type": "string" } }, "required": [ "FlowArn", "Name" ], "type": "object" }, "AWS::MediaConnect::Bridge.BridgeNetworkOutput": { "additionalProperties": false, "properties": { "IpAddress": { "markdownDescription": "The network output IP Address.", "title": "IpAddress", "type": "string" }, "Name": { "markdownDescription": "The network output name.", "title": "Name", "type": "string" }, "NetworkName": { "markdownDescription": "The network output's gateway network name.", "title": "NetworkName", "type": "string" }, "Port": { "markdownDescription": "The network output port.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The network output protocol.", "title": "Protocol", "type": "string" }, "Ttl": { "markdownDescription": "The network output TTL.", "title": "Ttl", "type": "number" } }, "required": [ "IpAddress", "Name", "NetworkName", "Port", "Protocol", "Ttl" ], "type": "object" }, "AWS::MediaConnect::Bridge.BridgeNetworkSource": { "additionalProperties": false, "properties": { "MulticastIp": { "markdownDescription": "The network source multicast IP.", "title": "MulticastIp", "type": "string" }, "Name": { "markdownDescription": "The name of the network source. This name is used to reference the source and must be unique among sources in this bridge.", "title": "Name", "type": "string" }, "NetworkName": { "markdownDescription": "The network source's gateway network name.", "title": "NetworkName", "type": "string" }, "Port": { "markdownDescription": "The network source port.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The network source protocol.", "title": "Protocol", "type": "string" } }, "required": [ "MulticastIp", "Name", "NetworkName", "Port", "Protocol" ], "type": "object" }, "AWS::MediaConnect::Bridge.BridgeOutput": { "additionalProperties": false, "properties": { "NetworkOutput": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkOutput", "markdownDescription": "The output of the bridge. A network output is delivered to your premises.", "title": "NetworkOutput" } }, "type": "object" }, "AWS::MediaConnect::Bridge.BridgeSource": { "additionalProperties": false, "properties": { "FlowSource": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeFlowSource", "markdownDescription": "The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow.", "title": "FlowSource" }, "NetworkSource": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.BridgeNetworkSource", "markdownDescription": "The source of the bridge. A network source originates at your premises.", "title": "NetworkSource" } }, "type": "object" }, "AWS::MediaConnect::Bridge.EgressGatewayBridge": { "additionalProperties": false, "properties": { "MaxBitrate": { "markdownDescription": "The maximum expected bitrate (in bps) of the egress bridge.", "title": "MaxBitrate", "type": "number" } }, "required": [ "MaxBitrate" ], "type": "object" }, "AWS::MediaConnect::Bridge.FailoverConfig": { "additionalProperties": false, "properties": { "FailoverMode": { "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams.", "title": "FailoverMode", "type": "string" }, "SourcePriority": { "$ref": "#/definitions/AWS::MediaConnect::Bridge.SourcePriority", "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. This setting only applies when Failover Mode is set to FAILOVER.", "title": "SourcePriority" }, "State": { "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", "title": "State", "type": "string" } }, "required": [ "FailoverMode" ], "type": "object" }, "AWS::MediaConnect::Bridge.IngressGatewayBridge": { "additionalProperties": false, "properties": { "MaxBitrate": { "markdownDescription": "The maximum expected bitrate (in bps) of the ingress bridge.", "title": "MaxBitrate", "type": "number" }, "MaxOutputs": { "markdownDescription": "The maximum number of outputs on the ingress bridge.", "title": "MaxOutputs", "type": "number" } }, "required": [ "MaxBitrate", "MaxOutputs" ], "type": "object" }, "AWS::MediaConnect::Bridge.SourcePriority": { "additionalProperties": false, "properties": { "PrimarySource": { "markdownDescription": "The name of the source you choose as the primary source for this flow.", "title": "PrimarySource", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::Bridge.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::BridgeOutput": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BridgeArn": { "markdownDescription": "The ARN of the bridge that you want to describe.", "title": "BridgeArn", "type": "string" }, "Name": { "markdownDescription": "The network output name. This name is used to reference the output and must be unique among outputs in this bridge.", "title": "Name", "type": "string" }, "NetworkOutput": { "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput", "markdownDescription": "Add a network output to an existing bridge.", "title": "NetworkOutput" } }, "required": [ "BridgeArn", "Name", "NetworkOutput" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::BridgeOutput" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::BridgeOutput.BridgeNetworkOutput": { "additionalProperties": false, "properties": { "IpAddress": { "markdownDescription": "The network output IP Address.", "title": "IpAddress", "type": "string" }, "NetworkName": { "markdownDescription": "The network output's gateway network name.", "title": "NetworkName", "type": "string" }, "Port": { "markdownDescription": "The network output port.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The network output protocol.", "title": "Protocol", "type": "string" }, "Ttl": { "markdownDescription": "The network output TTL.", "title": "Ttl", "type": "number" } }, "required": [ "IpAddress", "NetworkName", "Port", "Protocol", "Ttl" ], "type": "object" }, "AWS::MediaConnect::BridgeSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BridgeArn": { "markdownDescription": "The ARN of the bridge that you want to describe.", "title": "BridgeArn", "type": "string" }, "FlowSource": { "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeFlowSource", "markdownDescription": "Add a flow source to an existing bridge.", "title": "FlowSource" }, "Name": { "markdownDescription": "The name of the flow source. This name is used to reference the source and must be unique among sources in this bridge.", "title": "Name", "type": "string" }, "NetworkSource": { "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.BridgeNetworkSource", "markdownDescription": "Add a network source to an existing bridge.", "title": "NetworkSource" } }, "required": [ "BridgeArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::BridgeSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::BridgeSource.BridgeFlowSource": { "additionalProperties": false, "properties": { "FlowArn": { "markdownDescription": "The ARN of the cloud flow used as a source of this bridge.", "title": "FlowArn", "type": "string" }, "FlowVpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this source.", "title": "FlowVpcInterfaceAttachment" } }, "required": [ "FlowArn" ], "type": "object" }, "AWS::MediaConnect::BridgeSource.BridgeNetworkSource": { "additionalProperties": false, "properties": { "MulticastIp": { "markdownDescription": "The network source multicast IP.", "title": "MulticastIp", "type": "string" }, "NetworkName": { "markdownDescription": "The network source's gateway network name.", "title": "NetworkName", "type": "string" }, "Port": { "markdownDescription": "The network source port.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The network source protocol.", "title": "Protocol", "type": "string" } }, "required": [ "MulticastIp", "NetworkName", "Port", "Protocol" ], "type": "object" }, "AWS::MediaConnect::BridgeSource.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::Flow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS Region.", "title": "AvailabilityZone", "type": "string" }, "Name": { "markdownDescription": "The name of the flow.", "title": "Name", "type": "string" }, "Source": { "$ref": "#/definitions/AWS::MediaConnect::Flow.Source", "markdownDescription": "The settings for the source that you want to use for the new flow.", "title": "Source" }, "SourceFailoverConfig": { "$ref": "#/definitions/AWS::MediaConnect::Flow.FailoverConfig", "markdownDescription": "The settings for source failover.", "title": "SourceFailoverConfig" } }, "required": [ "Name", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::Flow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::Flow.Encryption": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", "title": "Algorithm", "type": "string" }, "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", "title": "ConstantInitializationVector", "type": "string" }, "DeviceId": { "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "DeviceId", "type": "string" }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, "Region": { "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Region", "type": "string" }, "ResourceId": { "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "ResourceId", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", "type": "string" }, "SecretArn": { "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key.", "title": "SecretArn", "type": "string" }, "Url": { "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Url", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::MediaConnect::Flow.FailoverConfig": { "additionalProperties": false, "properties": { "FailoverMode": { "markdownDescription": "The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. The string for this property must be entered as MERGE or FAILOVER. No other string entry is valid.", "title": "FailoverMode", "type": "string" }, "RecoveryWindow": { "markdownDescription": "The size of the buffer (delay) that the service maintains. A larger buffer means a longer delay in transmitting the stream, but more room for error correction. A smaller buffer means a shorter delay, but less room for error correction. You can choose a value from 100-500 ms. If you keep this field blank, the service uses the default value of 200 ms. This setting only applies when Failover Mode is set to MERGE.", "title": "RecoveryWindow", "type": "number" }, "SourcePriority": { "$ref": "#/definitions/AWS::MediaConnect::Flow.SourcePriority", "markdownDescription": "The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. This setting only applies when Failover Mode is set to FAILOVER.", "title": "SourcePriority" }, "State": { "markdownDescription": "The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources.", "title": "State", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::Flow.GatewayBridgeSource": { "additionalProperties": false, "properties": { "BridgeArn": { "markdownDescription": "The ARN of the bridge feeding this flow.", "title": "BridgeArn", "type": "string" }, "VpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::Flow.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", "title": "VpcInterfaceAttachment" } }, "required": [ "BridgeArn" ], "type": "object" }, "AWS::MediaConnect::Flow.Source": { "additionalProperties": false, "properties": { "Decryption": { "$ref": "#/definitions/AWS::MediaConnect::Flow.Encryption", "markdownDescription": "The type of encryption that is used on the content ingested from the source.", "title": "Decryption" }, "Description": { "markdownDescription": "A description of the source. This description is not visible outside of the current AWS account.", "title": "Description", "type": "string" }, "EntitlementArn": { "markdownDescription": "The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator\u2019s flow.", "title": "EntitlementArn", "type": "string" }, "GatewayBridgeSource": { "$ref": "#/definitions/AWS::MediaConnect::Flow.GatewayBridgeSource", "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", "title": "GatewayBridgeSource" }, "IngestIp": { "markdownDescription": "The IP address that the flow listens on for incoming content.", "title": "IngestIp", "type": "string" }, "IngestPort": { "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", "title": "IngestPort", "type": "number" }, "MaxBitrate": { "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", "title": "MaxBitrate", "type": "number" }, "MaxLatency": { "markdownDescription": "The maximum latency in milliseconds for a RIST or Zixi-based source.", "title": "MaxLatency", "type": "number" }, "MinLatency": { "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", "title": "MinLatency", "type": "number" }, "Name": { "markdownDescription": "The name of the source.", "title": "Name", "type": "string" }, "Protocol": { "markdownDescription": "The protocol that is used by the source. AWS CloudFormation does not currently support CDI or ST 2110 JPEG XS source protocols.", "title": "Protocol", "type": "string" }, "SenderControlPort": { "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", "title": "SenderControlPort", "type": "number" }, "SenderIpAddress": { "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", "title": "SenderIpAddress", "type": "string" }, "SourceArn": { "markdownDescription": "The ARN of the source.", "title": "SourceArn", "type": "string" }, "SourceIngestPort": { "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", "title": "SourceIngestPort", "type": "string" }, "SourceListenerAddress": { "markdownDescription": "Source IP or domain name for SRT-caller protocol.", "title": "SourceListenerAddress", "type": "string" }, "SourceListenerPort": { "markdownDescription": "Source port for SRT-caller protocol.", "title": "SourceListenerPort", "type": "number" }, "StreamId": { "markdownDescription": "The stream ID that you want to use for the transport. This parameter applies only to Zixi-based streams.", "title": "StreamId", "type": "string" }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that the source content comes from.", "title": "VpcInterfaceName", "type": "string" }, "WhitelistCidr": { "markdownDescription": "The range of IP addresses that are allowed to contribute content to your source. Format the IP addresses as a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", "title": "WhitelistCidr", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::Flow.SourcePriority": { "additionalProperties": false, "properties": { "PrimarySource": { "markdownDescription": "The name of the source you choose as the primary source for this flow.", "title": "PrimarySource", "type": "string" } }, "required": [ "PrimarySource" ], "type": "object" }, "AWS::MediaConnect::Flow.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::FlowEntitlement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataTransferSubscriberFeePercent": { "markdownDescription": "The percentage of the entitlement data transfer fee that you want the subscriber to be responsible for.", "title": "DataTransferSubscriberFeePercent", "type": "number" }, "Description": { "markdownDescription": "A description of the entitlement. This description appears only on the MediaConnect console and is not visible outside of the current AWS account.", "title": "Description", "type": "string" }, "Encryption": { "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement.Encryption", "markdownDescription": "The type of encryption that MediaConnect will use on the output that is associated with the entitlement.", "title": "Encryption" }, "EntitlementStatus": { "markdownDescription": "An indication of whether the new entitlement should be enabled or disabled as soon as it is created. If you don\u2019t specify the entitlementStatus field in your request, MediaConnect sets it to ENABLED.", "title": "EntitlementStatus", "type": "string" }, "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "FlowArn", "type": "string" }, "Name": { "markdownDescription": "The name of the entitlement. This value must be unique within the current flow.", "title": "Name", "type": "string" }, "Subscribers": { "items": { "type": "string" }, "markdownDescription": "The AWS account IDs that you want to share your content with. The receiving accounts (subscribers) will be allowed to create their own flows using your content as the source.", "title": "Subscribers", "type": "array" } }, "required": [ "Description", "FlowArn", "Name", "Subscribers" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::FlowEntitlement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::FlowEntitlement.Encryption": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", "title": "Algorithm", "type": "string" }, "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", "title": "ConstantInitializationVector", "type": "string" }, "DeviceId": { "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "DeviceId", "type": "string" }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, "Region": { "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Region", "type": "string" }, "ResourceId": { "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "ResourceId", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", "type": "string" }, "SecretArn": { "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key.", "title": "SecretArn", "type": "string" }, "Url": { "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Url", "type": "string" } }, "required": [ "Algorithm", "RoleArn" ], "type": "object" }, "AWS::MediaConnect::FlowOutput": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CidrAllowList": { "items": { "type": "string" }, "markdownDescription": "The range of IP addresses that are allowed to initiate output requests to this flow. Format the IP addresses as a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", "title": "CidrAllowList", "type": "array" }, "Description": { "markdownDescription": "A description of the output. This description is not visible outside of the current AWS account even if the account grants entitlements to other accounts.", "title": "Description", "type": "string" }, "Destination": { "markdownDescription": "The IP address where you want to send the output.", "title": "Destination", "type": "string" }, "Encryption": { "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.Encryption", "markdownDescription": "The encryption credentials that you want to use for the output.", "title": "Encryption" }, "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow this output is attached to.", "title": "FlowArn", "type": "string" }, "MaxLatency": { "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based, Zixi-based, and Fujitsu-based streams.", "title": "MaxLatency", "type": "number" }, "MinLatency": { "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", "title": "MinLatency", "type": "number" }, "Name": { "markdownDescription": "The name of the output. This value must be unique within the current flow.", "title": "Name", "type": "string" }, "Port": { "markdownDescription": "The port to use when MediaConnect distributes content to the output.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol to use for the output.", "title": "Protocol", "type": "string" }, "RemoteId": { "markdownDescription": "The identifier that is assigned to the Zixi receiver. This parameter applies only to outputs that use Zixi pull.", "title": "RemoteId", "type": "string" }, "SmoothingLatency": { "markdownDescription": "The smoothing latency in milliseconds for RIST, RTP, and RTP-FEC streams.", "title": "SmoothingLatency", "type": "number" }, "StreamId": { "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", "title": "StreamId", "type": "string" }, "VpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment", "markdownDescription": "The VPC interface that you want to send your output to.", "title": "VpcInterfaceAttachment" } }, "required": [ "FlowArn", "Protocol" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::FlowOutput" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::FlowOutput.Encryption": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", "title": "Algorithm", "type": "string" }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", "type": "string" }, "SecretArn": { "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key.", "title": "SecretArn", "type": "string" } }, "required": [ "RoleArn", "SecretArn" ], "type": "object" }, "AWS::MediaConnect::FlowOutput.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::FlowSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Decryption": { "$ref": "#/definitions/AWS::MediaConnect::FlowSource.Encryption", "markdownDescription": "The type of encryption that is used on the content ingested from the source.", "title": "Decryption" }, "Description": { "markdownDescription": "A description of the source. This description is not visible outside of the current AWS account.", "title": "Description", "type": "string" }, "EntitlementArn": { "markdownDescription": "The ARN of the entitlement that allows you to subscribe to the flow. The entitlement is set by the content originator, and the ARN is generated as part of the originator's flow.", "title": "EntitlementArn", "type": "string" }, "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow this source is connected to. The flow must have Failover enabled to add an additional source.", "title": "FlowArn", "type": "string" }, "GatewayBridgeSource": { "$ref": "#/definitions/AWS::MediaConnect::FlowSource.GatewayBridgeSource", "markdownDescription": "The source configuration for cloud flows receiving a stream from a bridge.", "title": "GatewayBridgeSource" }, "IngestPort": { "markdownDescription": "The port that the flow listens on for incoming content. If the protocol of the source is Zixi, the port must be set to 2088.", "title": "IngestPort", "type": "number" }, "MaxBitrate": { "markdownDescription": "The maximum bitrate for RIST, RTP, and RTP-FEC streams.", "title": "MaxBitrate", "type": "number" }, "MaxLatency": { "markdownDescription": "The maximum latency in milliseconds. This parameter applies only to RIST-based, Zixi-based, and Fujitsu-based streams.", "title": "MaxLatency", "type": "number" }, "MinLatency": { "markdownDescription": "The minimum latency in milliseconds for SRT-based streams. In streams that use the SRT protocol, this value that you set on your MediaConnect source or output represents the minimal potential latency of that connection. The latency of the stream is set to the highest number between the sender\u2019s minimum latency and the receiver\u2019s minimum latency.", "title": "MinLatency", "type": "number" }, "Name": { "markdownDescription": "The name of the source.", "title": "Name", "type": "string" }, "Protocol": { "markdownDescription": "The protocol that the source uses to deliver the content to MediaConnect. Adding additional sources to an existing flow requires Failover to be enabled. When you enable Failover, the additional source must use the same protocol as the existing source. Only the following protocols support failover: Zixi-push, RTP-FEC, RTP, RIST and SRT protocols.\n\nIf you use failover with SRT caller or listener, the `FailoverMode` property must be set to `FAILOVER` . The `FailoverMode` property\u00a0is found in\u00a0the `FailoverConfig` resource\u00a0of the same flow ARN you used for the source's `FlowArn` property. SRT caller/listener does not support\u00a0merge\u00a0mode failover.", "title": "Protocol", "type": "string" }, "SenderControlPort": { "markdownDescription": "The port that the flow uses to send outbound requests to initiate connection with the sender.", "title": "SenderControlPort", "type": "number" }, "SenderIpAddress": { "markdownDescription": "The IP address that the flow communicates with to initiate connection with the sender.", "title": "SenderIpAddress", "type": "string" }, "SourceListenerAddress": { "markdownDescription": "Source IP or domain name for SRT-caller protocol.", "title": "SourceListenerAddress", "type": "string" }, "SourceListenerPort": { "markdownDescription": "Source port for SRT-caller protocol.", "title": "SourceListenerPort", "type": "number" }, "StreamId": { "markdownDescription": "The stream ID that you want to use for this transport. This parameter applies only to Zixi and SRT caller-based streams.", "title": "StreamId", "type": "string" }, "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" }, "WhitelistCidr": { "markdownDescription": "The range of IP addresses that are allowed to contribute content to your source. Format the IP addresses as a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", "title": "WhitelistCidr", "type": "string" } }, "required": [ "Description", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::FlowSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::FlowSource.Encryption": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "The type of algorithm that is used for static key encryption (such as aes128, aes192, or aes256). If you are using SPEKE or SRT-password encryption, this property must be left blank.", "title": "Algorithm", "type": "string" }, "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption.", "title": "ConstantInitializationVector", "type": "string" }, "DeviceId": { "markdownDescription": "The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "DeviceId", "type": "string" }, "KeyType": { "markdownDescription": "The type of key that is used for the encryption. If you don't specify a `keyType` value, the service uses the default setting ( `static-key` ). Valid key types are: `static-key` , `speke` , and `srt-password` .", "title": "KeyType", "type": "string" }, "Region": { "markdownDescription": "The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Region", "type": "string" }, "ResourceId": { "markdownDescription": "An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "ResourceId", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created during setup (when you set up MediaConnect as a trusted entity).", "title": "RoleArn", "type": "string" }, "SecretArn": { "markdownDescription": "The ARN of the secret that you created in AWS Secrets Manager to store the encryption key.", "title": "SecretArn", "type": "string" }, "Url": { "markdownDescription": "The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption.", "title": "Url", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::MediaConnect::FlowSource.GatewayBridgeSource": { "additionalProperties": false, "properties": { "BridgeArn": { "markdownDescription": "The ARN of the bridge feeding this flow.", "title": "BridgeArn", "type": "string" }, "VpcInterfaceAttachment": { "$ref": "#/definitions/AWS::MediaConnect::FlowSource.VpcInterfaceAttachment", "markdownDescription": "The name of the VPC interface attachment to use for this bridge source.", "title": "VpcInterfaceAttachment" } }, "required": [ "BridgeArn" ], "type": "object" }, "AWS::MediaConnect::FlowSource.VpcInterfaceAttachment": { "additionalProperties": false, "properties": { "VpcInterfaceName": { "markdownDescription": "The name of the VPC interface that you want to send your output to.", "title": "VpcInterfaceName", "type": "string" } }, "type": "object" }, "AWS::MediaConnect::FlowVpcInterface": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FlowArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the flow.", "title": "FlowArn", "type": "string" }, "Name": { "markdownDescription": "The name of the VPC Interface. This value must be unique within the current flow.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that you created when you set up MediaConnect as a trusted service.", "title": "RoleArn", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security groups that you want MediaConnect to use for your VPC configuration. You must include at least one security group in the request.", "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { "markdownDescription": "The subnet IDs that you want to use for your VPC interface.\n\nA range of IP addresses in your VPC. When you create your VPC, you specify a range of IPv4 addresses for the VPC in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. This is the primary CIDR block for your VPC. When you create a subnet for your VPC, you specify the CIDR block for the subnet, which is a subset of the VPC CIDR block.\n\nThe subnets that you use across all VPC interfaces on the flow must be in the same Availability Zone as the flow.", "title": "SubnetId", "type": "string" } }, "required": [ "FlowArn", "Name", "RoleArn", "SecurityGroupIds", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::FlowVpcInterface" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::Gateway": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EgressCidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The range of IP addresses that are allowed to contribute content or initiate output requests for flows communicating with this gateway. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", "title": "EgressCidrBlocks", "type": "array" }, "Name": { "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", "title": "Name", "type": "string" }, "Networks": { "items": { "$ref": "#/definitions/AWS::MediaConnect::Gateway.GatewayNetwork" }, "markdownDescription": "The list of networks that you want to add.", "title": "Networks", "type": "array" } }, "required": [ "EgressCidrBlocks", "Name", "Networks" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConnect::Gateway" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConnect::Gateway.GatewayNetwork": { "additionalProperties": false, "properties": { "CidrBlock": { "markdownDescription": "A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16.", "title": "CidrBlock", "type": "string" }, "Name": { "markdownDescription": "The name of the network. This name is used to reference the network and must be unique among networks in this gateway.", "title": "Name", "type": "string" } }, "required": [ "CidrBlock", "Name" ], "type": "object" }, "AWS::MediaConvert::JobTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccelerationSettings": { "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.AccelerationSettings", "markdownDescription": "Accelerated transcoding can significantly speed up jobs with long, visually complex content. Outputs that use this feature incur pro-tier pricing. For information about feature limitations, For more information, see [Job Limitations for Accelerated Transcoding in AWS Elemental MediaConvert](https://docs.aws.amazon.com/mediaconvert/latest/ug/job-requirements.html) in the *AWS Elemental MediaConvert User Guide* .", "title": "AccelerationSettings" }, "Category": { "markdownDescription": "Optional. A category for the job template you are creating", "title": "Category", "type": "string" }, "Description": { "markdownDescription": "Optional. A description of the job template you are creating.", "title": "Description", "type": "string" }, "HopDestinations": { "items": { "$ref": "#/definitions/AWS::MediaConvert::JobTemplate.HopDestination" }, "markdownDescription": "Optional. Configuration for a destination queue to which the job can hop once a customer-defined minimum wait time has passed. For more information, see [Setting Up Queue Hopping to Avoid Long Waits](https://docs.aws.amazon.com/mediaconvert/latest/ug/setting-up-queue-hopping-to-avoid-long-waits.html) in the *AWS Elemental MediaConvert User Guide* .", "title": "HopDestinations", "type": "array" }, "Name": { "markdownDescription": "Name of the output group", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "Specify the relative priority for this job. In any given queue, the service begins processing the job with the highest value first. When more than one job has the same priority, the service begins processing the job that you submitted first. If you don't specify a priority, the service uses the default value 0. Minimum: -50 Maximum: 50", "title": "Priority", "type": "number" }, "Queue": { "markdownDescription": "Optional. The queue that jobs created from this template are assigned to. Specify the Amazon Resource Name (ARN) of the queue. For example, arn:aws:mediaconvert:us-west-2:505474453218:queues/Default. If you don't specify this, jobs will go to the default queue.", "title": "Queue", "type": "string" }, "SettingsJson": { "markdownDescription": "Specify, in JSON format, the transcoding job settings for this job template. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert job templates, see [Working with AWS Elemental MediaConvert Job Templates](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-job-templates.html) in the ** .", "title": "SettingsJson", "type": "object" }, "StatusUpdateInterval": { "markdownDescription": "Specify how often MediaConvert sends STATUS_UPDATE events to Amazon CloudWatch Events. Set the interval, in seconds, between status updates. MediaConvert sends an update at this interval from the time the service begins processing your job to the time it completes the transcode or encounters an error.\n\nSpecify one of the following enums:\n\nSECONDS_10\n\nSECONDS_12\n\nSECONDS_15\n\nSECONDS_20\n\nSECONDS_30\n\nSECONDS_60\n\nSECONDS_120\n\nSECONDS_180\n\nSECONDS_240\n\nSECONDS_300\n\nSECONDS_360\n\nSECONDS_420\n\nSECONDS_480\n\nSECONDS_540\n\nSECONDS_600", "title": "StatusUpdateInterval", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, "required": [ "SettingsJson" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConvert::JobTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConvert::JobTemplate.AccelerationSettings": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "Specify the conditions when the service will run your job with accelerated transcoding.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::MediaConvert::JobTemplate.HopDestination": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "Optional. When you set up a job to use queue hopping, you can specify a different relative priority for the job in the destination queue. If you don't specify, the relative priority will remain the same as in the previous queue.", "title": "Priority", "type": "number" }, "Queue": { "markdownDescription": "Optional unless the job is submitted on the default queue. When you set up a job to use queue hopping, you can specify a destination queue. This queue cannot be the original queue to which the job is submitted. If the original queue isn't the default queue and you don't specify the destination queue, the job will move to the default queue.", "title": "Queue", "type": "string" }, "WaitMinutes": { "markdownDescription": "Required for setting up a job to use queue hopping. Minimum wait time in minutes until the job can hop to the destination queue. Valid range is 1 to 4320 minutes, inclusive.", "title": "WaitMinutes", "type": "number" } }, "type": "object" }, "AWS::MediaConvert::Preset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Category": { "markdownDescription": "The new category for the preset, if you are changing it.", "title": "Category", "type": "string" }, "Description": { "markdownDescription": "The new description for the preset, if you are changing it.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the preset that you are modifying.", "title": "Name", "type": "string" }, "SettingsJson": { "markdownDescription": "Specify, in JSON format, the transcoding job settings for this output preset. This specification must conform to the AWS Elemental MediaConvert job validation. For information about forming this specification, see the Remarks section later in this topic.\n\nFor more information about MediaConvert output presets, see [Working with AWS Elemental MediaConvert Output Presets](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-presets.html) in the ** .", "title": "SettingsJson", "type": "object" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, "required": [ "SettingsJson" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaConvert::Preset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaConvert::Queue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Optional. A description of the queue that you are creating.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the queue that you are creating.", "title": "Name", "type": "string" }, "PricingPlan": { "markdownDescription": "When you use AWS CloudFormation , you can create only on-demand queues. Therefore, always set `PricingPlan` to the value \"ON_DEMAND\" when declaring an AWS::MediaConvert::Queue in your AWS CloudFormation template.\n\nTo create a reserved queue, use the AWS Elemental MediaConvert console at https://console.aws.amazon.com/mediaconvert to set up a contract. For more information, see [Working with AWS Elemental MediaConvert Queues](https://docs.aws.amazon.com/mediaconvert/latest/ug/working-with-queues.html) in the ** .", "title": "PricingPlan", "type": "string" }, "Status": { "markdownDescription": "Initial state of the queue. Queues can be either ACTIVE or PAUSED. If you create a paused queue, then jobs that you send to that queue won't begin.", "title": "Status", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::MediaConvert::Queue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::MediaLive::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CdiInputSpecification": { "$ref": "#/definitions/AWS::MediaLive::Channel.CdiInputSpecification", "markdownDescription": "Specification of CDI inputs for this channel.", "title": "CdiInputSpecification" }, "ChannelClass": { "markdownDescription": "The class for this channel. For a channel with two pipelines, the class is STANDARD. For a channel with one pipeline, the class is SINGLE_PIPELINE.", "title": "ChannelClass", "type": "string" }, "Destinations": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestination" }, "markdownDescription": "The settings that identify the destination for the outputs in this MediaLive output package.", "title": "Destinations", "type": "array" }, "EncoderSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EncoderSettings", "markdownDescription": "The encoding configuration for the output content.", "title": "EncoderSettings" }, "InputAttachments": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputAttachment" }, "markdownDescription": "The list of input attachments for the channel.", "title": "InputAttachments", "type": "array" }, "InputSpecification": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputSpecification", "markdownDescription": "The input specification for this channel. It specifies the key characteristics of the inputs for this channel: the maximum bitrate, the resolution, and the codec.", "title": "InputSpecification" }, "LogLevel": { "markdownDescription": "The verbosity for logging activity for this channel. Charges for logging (which are generated through Amazon CloudWatch Logging) are higher for higher verbosities.", "title": "LogLevel", "type": "string" }, "Maintenance": { "$ref": "#/definitions/AWS::MediaLive::Channel.MaintenanceCreateSettings", "markdownDescription": "Maintenance settings for this channel.", "title": "Maintenance" }, "Name": { "markdownDescription": "A name for this audio selector. The AudioDescription (in an output) references this name in order to identify a specific input audio to include in that output.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role for MediaLive to assume when running this channel. The role is identified by its ARN.", "title": "RoleArn", "type": "string" }, "Tags": { "markdownDescription": "A collection of tags for this channel. Each tag is a key-value pair.", "title": "Tags", "type": "object" }, "Vpc": { "$ref": "#/definitions/AWS::MediaLive::Channel.VpcOutputSettings", "markdownDescription": "Settings to enable VPC mode in the channel, so that the endpoints for all outputs are in your VPC.", "title": "Vpc" } }, "type": "object" }, "Type": { "enum": [ "AWS::MediaLive::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::MediaLive::Channel.AacSettings": { "additionalProperties": false, "properties": { "Bitrate": { "markdownDescription": "The average bitrate in bits/second. Valid values depend on the rate control mode and profile.", "title": "Bitrate", "type": "number" }, "CodingMode": { "markdownDescription": "Mono, stereo, or 5.1 channel layout. Valid values depend on the rate control mode and profile. The adReceiverMix setting receives a stereo description plus control track, and emits a mono AAC encode of the description track, with control data emitted in the PES header as per ETSI TS 101 154 Annex E.", "title": "CodingMode", "type": "string" }, "InputType": { "markdownDescription": "Set to broadcasterMixedAd when the input contains pre-mixed main audio + AD (narration) as a stereo pair. The Audio Type field (audioType) will be set to 3, which signals to downstream systems that this stream contains broadcaster mixed AD. Note that the input received by the encoder must contain pre-mixed audio; MediaLive does not perform the mixing. The values in audioTypeControl and audioType (in AudioDescription) are ignored when set to broadcasterMixedAd. Leave this set to normal when the input does not contain pre-mixed audio + AD.", "title": "InputType", "type": "string" }, "Profile": { "markdownDescription": "The AAC profile.", "title": "Profile", "type": "string" }, "RateControlMode": { "markdownDescription": "The rate control mode.", "title": "RateControlMode", "type": "string" }, "RawFormat": { "markdownDescription": "Sets the LATM/LOAS AAC output for raw containers.", "title": "RawFormat", "type": "string" }, "SampleRate": { "markdownDescription": "The sample rate in Hz. Valid values depend on the rate control mode and profile.", "title": "SampleRate", "type": "number" }, "Spec": { "markdownDescription": "Uses MPEG-2 AAC audio instead of MPEG-4 AAC audio for raw or MPEG-2 Transport Stream containers.", "title": "Spec", "type": "string" }, "VbrQuality": { "markdownDescription": "The VBR quality level. This is used only if rateControlMode is VBR.", "title": "VbrQuality", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.Ac3Settings": { "additionalProperties": false, "properties": { "AttenuationControl": { "markdownDescription": "", "title": "AttenuationControl", "type": "string" }, "Bitrate": { "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", "title": "Bitrate", "type": "number" }, "BitstreamMode": { "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted AC-3 stream. For more information about these values, see ATSC A/52-2012.", "title": "BitstreamMode", "type": "string" }, "CodingMode": { "markdownDescription": "The Dolby Digital coding mode. This determines the number of channels.", "title": "CodingMode", "type": "string" }, "Dialnorm": { "markdownDescription": "Sets the dialnorm for the output. If excluded and the input audio is Dolby Digital, dialnorm is passed through.", "title": "Dialnorm", "type": "number" }, "DrcProfile": { "markdownDescription": "If set to filmStandard, adds dynamic range compression signaling to the output bitstream as defined in the Dolby Digital specification.", "title": "DrcProfile", "type": "string" }, "LfeFilter": { "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. This is valid only in codingMode32Lfe mode.", "title": "LfeFilter", "type": "string" }, "MetadataControl": { "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is supplied from one of these streams, the static metadata settings are used.", "title": "MetadataControl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AncillarySourceSettings": { "additionalProperties": false, "properties": { "SourceAncillaryChannelNumber": { "markdownDescription": "Specifies the number (1 to 4) of the captions channel you want to extract from the ancillary captions. If you plan to convert the ancillary captions to another format, complete this field. If you plan to choose Embedded as the captions destination in the output (to pass through all the channels in the ancillary captions), leave this field blank because MediaLive ignores the field.", "title": "SourceAncillaryChannelNumber", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.ArchiveCdnSettings": { "additionalProperties": false, "properties": { "ArchiveS3Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveS3Settings", "markdownDescription": "Sets up Amazon S3 as the destination for this Archive output.", "title": "ArchiveS3Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.ArchiveContainerSettings": { "additionalProperties": false, "properties": { "M2tsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", "markdownDescription": "The settings for the M2TS in the archive output.", "title": "M2tsSettings" }, "RawSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.RawSettings", "markdownDescription": "The settings for Raw archive output type.", "title": "RawSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.ArchiveGroupSettings": { "additionalProperties": false, "properties": { "ArchiveCdnSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveCdnSettings", "markdownDescription": "Settings to configure the destination of an Archive output.", "title": "ArchiveCdnSettings" }, "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "A directory and base file name where archive files should be written.", "title": "Destination" }, "RolloverInterval": { "markdownDescription": "The number of seconds to write to an archive file before closing and starting a new one.", "title": "RolloverInterval", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.ArchiveOutputSettings": { "additionalProperties": false, "properties": { "ContainerSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveContainerSettings", "markdownDescription": "The settings that are specific to the container type of the file.", "title": "ContainerSettings" }, "Extension": { "markdownDescription": "The output file extension. If excluded, this is auto-selected from the container type.", "title": "Extension", "type": "string" }, "NameModifier": { "markdownDescription": "A string that is concatenated to the end of the destination file name. The string is required for multiple outputs of the same type.", "title": "NameModifier", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.ArchiveS3Settings": { "additionalProperties": false, "properties": { "CannedAcl": { "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", "title": "CannedAcl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AribDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.AribSourceSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.AudioChannelMapping": { "additionalProperties": false, "properties": { "InputChannelLevels": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputChannelLevel" }, "markdownDescription": "The indices and gain values for each input channel that should be remixed into this output channel.", "title": "InputChannelLevels", "type": "array" }, "OutputChannel": { "markdownDescription": "The index of the output channel that is being produced.", "title": "OutputChannel", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioCodecSettings": { "additionalProperties": false, "properties": { "AacSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AacSettings", "markdownDescription": "The setup of the AAC audio codec in the output.", "title": "AacSettings" }, "Ac3Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Ac3Settings", "markdownDescription": "The setup of an AC3 audio codec in the output.", "title": "Ac3Settings" }, "Eac3AtmosSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3AtmosSettings", "markdownDescription": "", "title": "Eac3AtmosSettings" }, "Eac3Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Eac3Settings", "markdownDescription": "The setup of an EAC3 audio codec in the output.", "title": "Eac3Settings" }, "Mp2Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Mp2Settings", "markdownDescription": "The setup of an MP2 audio codec in the output.", "title": "Mp2Settings" }, "PassThroughSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.PassThroughSettings", "markdownDescription": "The setup to pass through the Dolby audio codec to the output.", "title": "PassThroughSettings" }, "WavSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.WavSettings", "markdownDescription": "Settings for audio encoded with the WAV codec.", "title": "WavSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioDescription": { "additionalProperties": false, "properties": { "AudioDashRoles": { "items": { "type": "string" }, "markdownDescription": "", "title": "AudioDashRoles", "type": "array" }, "AudioNormalizationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioNormalizationSettings", "markdownDescription": "The advanced audio normalization settings.", "title": "AudioNormalizationSettings" }, "AudioSelectorName": { "markdownDescription": "The name of the AudioSelector that is used as the source for this AudioDescription.", "title": "AudioSelectorName", "type": "string" }, "AudioType": { "markdownDescription": "Applies only if audioTypeControl is useConfigured. The values for audioType are defined in ISO-IEC 13818-1.", "title": "AudioType", "type": "string" }, "AudioTypeControl": { "markdownDescription": "Determines how audio type is determined. followInput: If the input contains an ISO 639 audioType, then that value is passed through to the output. If the input contains no ISO 639 audioType, the value in Audio Type is included in the output. useConfigured: The value in Audio Type is included in the output. Note that this field and audioType are both ignored if inputType is broadcasterMixedAd.", "title": "AudioTypeControl", "type": "string" }, "AudioWatermarkingSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioWatermarkSettings", "markdownDescription": "Settings to configure one or more solutions that insert audio watermarks in the audio encode", "title": "AudioWatermarkingSettings" }, "CodecSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioCodecSettings", "markdownDescription": "The audio codec settings.", "title": "CodecSettings" }, "DvbDashAccessibility": { "markdownDescription": "", "title": "DvbDashAccessibility", "type": "string" }, "LanguageCode": { "markdownDescription": "Indicates the language of the audio output track. Used only if languageControlMode is useConfigured, or there is no ISO 639 language code specified in the input.", "title": "LanguageCode", "type": "string" }, "LanguageCodeControl": { "markdownDescription": "Choosing followInput causes the ISO 639 language code of the output to follow the ISO 639 language code of the input. The languageCode setting is used when useConfigured is set, or when followInput is selected but there is no ISO 639 language code specified by the input.", "title": "LanguageCodeControl", "type": "string" }, "Name": { "markdownDescription": "The name of this AudioDescription. Outputs use this name to uniquely identify this AudioDescription. Description names should be unique within this channel.", "title": "Name", "type": "string" }, "RemixSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.RemixSettings", "markdownDescription": "The settings that control how input audio channels are remixed into the output audio channels.", "title": "RemixSettings" }, "StreamName": { "markdownDescription": "Used for Microsoft Smooth and Apple HLS outputs. Indicates the name displayed by the player (for example, English or Director Commentary).", "title": "StreamName", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioDolbyEDecode": { "additionalProperties": false, "properties": { "ProgramSelection": { "markdownDescription": "", "title": "ProgramSelection", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioHlsRenditionSelection": { "additionalProperties": false, "properties": { "GroupId": { "markdownDescription": "Specifies the GROUP-ID in the #EXT-X-MEDIA tag of the target HLS audio rendition.", "title": "GroupId", "type": "string" }, "Name": { "markdownDescription": "Specifies the NAME in the #EXT-X-MEDIA tag of the target HLS audio rendition.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioLanguageSelection": { "additionalProperties": false, "properties": { "LanguageCode": { "markdownDescription": "Selects a specific three-letter language code from within an audio source.", "title": "LanguageCode", "type": "string" }, "LanguageSelectionPolicy": { "markdownDescription": "When set to \"strict,\" the transport stream demux strictly identifies audio streams by their language descriptor. If a PMT update occurs such that an audio stream matching the initially selected language is no longer present, then mute is encoded until the language returns. If set to \"loose,\" then on a PMT update the demux chooses another audio stream in the program with the same stream type if it can't find one with the same language.", "title": "LanguageSelectionPolicy", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioNormalizationSettings": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "The audio normalization algorithm to use. itu17701 conforms to the CALM Act specification. itu17702 conforms to the EBU R-128 specification.", "title": "Algorithm", "type": "string" }, "AlgorithmControl": { "markdownDescription": "When set to correctAudio, the output audio is corrected using the chosen algorithm. If set to measureOnly, the audio is measured but not adjusted.", "title": "AlgorithmControl", "type": "string" }, "TargetLkfs": { "markdownDescription": "The Target LKFS(loudness) to adjust volume to. If no value is entered, a default value is used according to the chosen algorithm. The CALM Act (1770-1) recommends a target of -24 LKFS. The EBU R-128 specification (1770-2) recommends a target of -23 LKFS.", "title": "TargetLkfs", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioOnlyHlsSettings": { "additionalProperties": false, "properties": { "AudioGroupId": { "markdownDescription": "Specifies the group that the audio rendition belongs to.", "title": "AudioGroupId", "type": "string" }, "AudioOnlyImage": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "Used with an audio-only stream. It must be a .jpg or .png file. If given, this image is used as the cover art for the audio-only output. Ideally, it should be formatted for an iPhone screen for two reasons. The iPhone does not resize the image; instead, it crops a centered image on the top/bottom and left/right. Additionally, this image file gets saved bit-for-bit into every 10-second segment file, so it increases bandwidth by {image file size} * {segment count} * {user count.}.", "title": "AudioOnlyImage" }, "AudioTrackType": { "markdownDescription": "Four types of audio-only tracks are supported: Audio-Only Variant Stream The client can play back this audio-only stream instead of video in low-bandwidth scenarios. Represented as an EXT-X-STREAM-INF in the HLS manifest. Alternate Audio, Auto Select, Default Alternate rendition that the client should try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=YES, AUTOSELECT=YES Alternate Audio, Auto Select, Not Default Alternate rendition that the client might try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=YES Alternate Audio, not Auto Select Alternate rendition that the client will not try to play back by default. Represented as an EXT-X-MEDIA in the HLS manifest with DEFAULT=NO, AUTOSELECT=NO.", "title": "AudioTrackType", "type": "string" }, "SegmentType": { "markdownDescription": "Specifies the segment type.", "title": "SegmentType", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioPidSelection": { "additionalProperties": false, "properties": { "Pid": { "markdownDescription": "Select the audio by this PID.", "title": "Pid", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioSelector": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A name for this AudioSelector.", "title": "Name", "type": "string" }, "SelectorSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelectorSettings", "markdownDescription": "Information about the specific audio to extract from the input.", "title": "SelectorSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioSelectorSettings": { "additionalProperties": false, "properties": { "AudioHlsRenditionSelection": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioHlsRenditionSelection", "markdownDescription": "Selector for HLS audio rendition.", "title": "AudioHlsRenditionSelection" }, "AudioLanguageSelection": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioLanguageSelection", "markdownDescription": "The language code of the audio to select.", "title": "AudioLanguageSelection" }, "AudioPidSelection": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioPidSelection", "markdownDescription": "The PID of the audio to select.", "title": "AudioPidSelection" }, "AudioTrackSelection": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrackSelection", "markdownDescription": "Information about the audio track to extract.", "title": "AudioTrackSelection" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioSilenceFailoverSettings": { "additionalProperties": false, "properties": { "AudioSelectorName": { "markdownDescription": "The name of the audio selector in the input that MediaLive should monitor to detect silence. Select your most important rendition. If you didn't create an audio selector in this input, leave blank.", "title": "AudioSelectorName", "type": "string" }, "AudioSilenceThresholdMsec": { "markdownDescription": "The amount of time (in milliseconds) that the active input must be silent before automatic input failover occurs. Silence is defined as audio loss or audio quieter than -50 dBFS.", "title": "AudioSilenceThresholdMsec", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioTrack": { "additionalProperties": false, "properties": { "Track": { "markdownDescription": "1-based integer value that maps to a specific audio track", "title": "Track", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioTrackSelection": { "additionalProperties": false, "properties": { "DolbyEDecode": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDolbyEDecode", "markdownDescription": "", "title": "DolbyEDecode" }, "Tracks": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioTrack" }, "markdownDescription": "Selects one or more unique audio tracks from within a source.", "title": "Tracks", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.AudioWatermarkSettings": { "additionalProperties": false, "properties": { "NielsenWatermarksSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenWatermarksSettings", "markdownDescription": "Settings to configure Nielsen Watermarks in the audio encode", "title": "NielsenWatermarksSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.AutomaticInputFailoverSettings": { "additionalProperties": false, "properties": { "ErrorClearTimeMsec": { "markdownDescription": "This clear time defines the requirement a recovered input must meet to be considered healthy. The input must have no failover conditions for this length of time. Enter a time in milliseconds. This value is particularly important if the input_preference for the failover pair is set to PRIMARY_INPUT_PREFERRED, because after this time, MediaLive will switch back to the primary input.", "title": "ErrorClearTimeMsec", "type": "number" }, "FailoverConditions": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverCondition" }, "markdownDescription": "A list of failover conditions. If any of these conditions occur, MediaLive will perform a failover to the other input.", "title": "FailoverConditions", "type": "array" }, "InputPreference": { "markdownDescription": "Input preference when deciding which input to make active when a previously failed input has recovered.", "title": "InputPreference", "type": "string" }, "SecondaryInputId": { "markdownDescription": "The input ID of the secondary input in the automatic input failover pair.", "title": "SecondaryInputId", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AvailBlanking": { "additionalProperties": false, "properties": { "AvailBlankingImage": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The blanking image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", "title": "AvailBlankingImage" }, "State": { "markdownDescription": "When set to enabled, the video, audio, and captions are blanked when insertion metadata is added.", "title": "State", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.AvailConfiguration": { "additionalProperties": false, "properties": { "AvailSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AvailSettings", "markdownDescription": "The setup of ad avail handling in the output.", "title": "AvailSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.AvailSettings": { "additionalProperties": false, "properties": { "Esam": { "$ref": "#/definitions/AWS::MediaLive::Channel.Esam", "markdownDescription": "", "title": "Esam" }, "Scte35SpliceInsert": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35SpliceInsert", "markdownDescription": "The setup for SCTE-35 splice insert handling.", "title": "Scte35SpliceInsert" }, "Scte35TimeSignalApos": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte35TimeSignalApos", "markdownDescription": "The setup for SCTE-35 time signal APOS handling.", "title": "Scte35TimeSignalApos" } }, "type": "object" }, "AWS::MediaLive::Channel.BlackoutSlate": { "additionalProperties": false, "properties": { "BlackoutSlateImage": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The blackout slate image to be used. Keep empty for solid black. Only .bmp and .png images are supported.", "title": "BlackoutSlateImage" }, "NetworkEndBlackout": { "markdownDescription": "Setting to enabled causes MediaLive to blackout the video, audio, and captions, and raise the \"Network Blackout Image\" slate when an SCTE104/35 Network End Segmentation Descriptor is encountered. The blackout is lifted when the Network Start Segmentation Descriptor is encountered. The Network End and Network Start descriptors must contain a network ID that matches the value entered in Network ID.", "title": "NetworkEndBlackout", "type": "string" }, "NetworkEndBlackoutImage": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The path to the local file to use as the Network End Blackout image. The image is scaled to fill the entire output raster.", "title": "NetworkEndBlackoutImage" }, "NetworkId": { "markdownDescription": "Provides a Network ID that matches EIDR ID format (for example, \"10.XXXX/XXXX-XXXX-XXXX-XXXX-XXXX-C\").", "title": "NetworkId", "type": "string" }, "State": { "markdownDescription": "When set to enabled, this causes video, audio, and captions to be blanked when indicated by program metadata.", "title": "State", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.BurnInDestinationSettings": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "If no explicit xPosition or yPosition is provided, setting alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. All burn-in and DVB-Sub font settings must match.", "title": "Alignment", "type": "string" }, "BackgroundColor": { "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", "title": "BackgroundColor", "type": "string" }, "BackgroundOpacity": { "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", "title": "BackgroundOpacity", "type": "number" }, "Font": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", "title": "Font" }, "FontColor": { "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "FontColor", "type": "string" }, "FontOpacity": { "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", "title": "FontOpacity", "type": "number" }, "FontResolution": { "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", "title": "FontResolution", "type": "number" }, "FontSize": { "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", "title": "FontSize", "type": "string" }, "OutlineColor": { "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "OutlineColor", "type": "string" }, "OutlineSize": { "markdownDescription": "Specifies font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "OutlineSize", "type": "number" }, "ShadowColor": { "markdownDescription": "Specifies the color of the shadow cast by the captions. All burn-in and DVB-Sub font settings must match.", "title": "ShadowColor", "type": "string" }, "ShadowOpacity": { "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", "title": "ShadowOpacity", "type": "number" }, "ShadowXOffset": { "markdownDescription": "Specifies the horizontal offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", "title": "ShadowXOffset", "type": "number" }, "ShadowYOffset": { "markdownDescription": "Specifies the vertical offset of the shadow that is relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", "title": "ShadowYOffset", "type": "number" }, "TeletextGridControl": { "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies only to Teletext inputs and DVB-Sub/Burn-in outputs.", "title": "TeletextGridControl", "type": "string" }, "XPosition": { "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. All burn-in and DVB-Sub font settings must match.", "title": "XPosition", "type": "number" }, "YPosition": { "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. All burn-in and DVB-Sub font settings must match.", "title": "YPosition", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionDescription": { "additionalProperties": false, "properties": { "Accessibility": { "markdownDescription": "", "title": "Accessibility", "type": "string" }, "CaptionDashRoles": { "items": { "type": "string" }, "markdownDescription": "", "title": "CaptionDashRoles", "type": "array" }, "CaptionSelectorName": { "markdownDescription": "Specifies which input captions selector to use as a captions source when generating output captions. This field should match a captionSelector name.", "title": "CaptionSelectorName", "type": "string" }, "DestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDestinationSettings", "markdownDescription": "Additional settings for a captions destination that depend on the destination type.", "title": "DestinationSettings" }, "DvbDashAccessibility": { "markdownDescription": "", "title": "DvbDashAccessibility", "type": "string" }, "LanguageCode": { "markdownDescription": "An ISO 639-2 three-digit code. For more information, see http://www.loc.gov/standards/iso639-2/.", "title": "LanguageCode", "type": "string" }, "LanguageDescription": { "markdownDescription": "Human-readable information to indicate the captions that are available for players (for example, English or Spanish).", "title": "LanguageDescription", "type": "string" }, "Name": { "markdownDescription": "The name of the captions description. The name is used to associate a captions description with an output. Names must be unique within a channel.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionDestinationSettings": { "additionalProperties": false, "properties": { "AribDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AribDestinationSettings", "markdownDescription": "The configuration of one ARIB captions encode in the output.", "title": "AribDestinationSettings" }, "BurnInDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.BurnInDestinationSettings", "markdownDescription": "The configuration of one burn-in captions encode in the output.", "title": "BurnInDestinationSettings" }, "DvbSubDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubDestinationSettings", "markdownDescription": "The configuration of one DVB Sub captions encode in the output.", "title": "DvbSubDestinationSettings" }, "EbuTtDDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EbuTtDDestinationSettings", "markdownDescription": "Settings for EBU-TT captions in the output.", "title": "EbuTtDDestinationSettings" }, "EmbeddedDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedDestinationSettings", "markdownDescription": "The configuration of one embedded captions encode in the output.", "title": "EmbeddedDestinationSettings" }, "EmbeddedPlusScte20DestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings", "markdownDescription": "The configuration of one embedded plus SCTE-20 captions encode in the output.", "title": "EmbeddedPlusScte20DestinationSettings" }, "RtmpCaptionInfoDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings", "markdownDescription": "The configuration of one RTMPCaptionInfo captions encode in the output.", "title": "RtmpCaptionInfoDestinationSettings" }, "Scte20PlusEmbeddedDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings", "markdownDescription": "The configuration of one SCTE20 plus embedded captions encode in the output.", "title": "Scte20PlusEmbeddedDestinationSettings" }, "Scte27DestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27DestinationSettings", "markdownDescription": "The configuration of one SCTE-27 captions encode in the output.", "title": "Scte27DestinationSettings" }, "SmpteTtDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.SmpteTtDestinationSettings", "markdownDescription": "The configuration of one SMPTE-TT captions encode in the output.", "title": "SmpteTtDestinationSettings" }, "TeletextDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextDestinationSettings", "markdownDescription": "The configuration of one Teletext captions encode in the output.", "title": "TeletextDestinationSettings" }, "TtmlDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TtmlDestinationSettings", "markdownDescription": "The configuration of one TTML captions encode in the output.", "title": "TtmlDestinationSettings" }, "WebvttDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.WebvttDestinationSettings", "markdownDescription": "The configuration of one WebVTT captions encode in the output.", "title": "WebvttDestinationSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionLanguageMapping": { "additionalProperties": false, "properties": { "CaptionChannel": { "markdownDescription": "The closed caption channel being described by this CaptionLanguageMapping. Each channel mapping must have a unique channel number (maximum of 4).", "title": "CaptionChannel", "type": "number" }, "LanguageCode": { "markdownDescription": "A three-character ISO 639-2 language code (see http://www.loc.gov/standards/iso639-2).", "title": "LanguageCode", "type": "string" }, "LanguageDescription": { "markdownDescription": "The textual description of language.", "title": "LanguageDescription", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionRectangle": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "See the description in leftOffset.\n\nFor height, specify the entire height of the rectangle as a percentage of the underlying frame height. For example, \\\"80\\\" means the rectangle height is 80% of the underlying frame height. The topOffset and rectangleHeight must add up to 100% or less. This field corresponds to tts:extent - Y in the TTML standard.", "title": "Height", "type": "number" }, "LeftOffset": { "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. (Make sure to leave the default if you don't have either of these formats in the output.) You can define a display rectangle for the captions that is smaller than the underlying video frame. You define the rectangle by specifying the position of the left edge, top edge, bottom edge, and right edge of the rectangle, all within the underlying video frame. The units for the measurements are percentages. If you specify a value for one of these fields, you must specify a value for all of them.\n\nFor leftOffset, specify the position of the left edge of the rectangle, as a percentage of the underlying frame width, and relative to the left edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame width. The rectangle left edge starts at that position from the left edge of the frame. This field corresponds to tts:origin - X in the TTML standard.", "title": "LeftOffset", "type": "number" }, "TopOffset": { "markdownDescription": "See the description in leftOffset.\n\nFor topOffset, specify the position of the top edge of the rectangle, as a percentage of the underlying frame height, and relative to the top edge of the frame. For example, \\\"10\\\" means the measurement is 10% of the underlying frame height. The rectangle top edge starts at that position from the top edge of the frame. This field corresponds to tts:origin - Y in the TTML standard.", "title": "TopOffset", "type": "number" }, "Width": { "markdownDescription": "See the description in leftOffset.\n\nFor width, specify the entire width of the rectangle as a percentage of the underlying frame width. For example, \\\"80\\\" means the rectangle width is 80% of the underlying frame width. The leftOffset and rectangleWidth must add up to 100% or less. This field corresponds to tts:extent - X in the TTML standard.", "title": "Width", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionSelector": { "additionalProperties": false, "properties": { "LanguageCode": { "markdownDescription": "When specified, this field indicates the three-letter language code of the captions track to extract from the source.", "title": "LanguageCode", "type": "string" }, "Name": { "markdownDescription": "The name identifier for a captions selector. This name is used to associate this captions selector with one or more captions descriptions. Names must be unique within a channel.", "title": "Name", "type": "string" }, "SelectorSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelectorSettings", "markdownDescription": "Information about the specific audio to extract from the input.", "title": "SelectorSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.CaptionSelectorSettings": { "additionalProperties": false, "properties": { "AncillarySourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AncillarySourceSettings", "markdownDescription": "Information about the ancillary captions to extract from the input.", "title": "AncillarySourceSettings" }, "AribSourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AribSourceSettings", "markdownDescription": "Information about the ARIB captions to extract from the input.", "title": "AribSourceSettings" }, "DvbSubSourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSubSourceSettings", "markdownDescription": "Information about the DVB Sub captions to extract from the input.", "title": "DvbSubSourceSettings" }, "EmbeddedSourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EmbeddedSourceSettings", "markdownDescription": "Information about the embedded captions to extract from the input.", "title": "EmbeddedSourceSettings" }, "Scte20SourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte20SourceSettings", "markdownDescription": "Information about the SCTE-20 captions to extract from the input.", "title": "Scte20SourceSettings" }, "Scte27SourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Scte27SourceSettings", "markdownDescription": "Information about the SCTE-27 captions to extract from the input.", "title": "Scte27SourceSettings" }, "TeletextSourceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TeletextSourceSettings", "markdownDescription": "Information about the Teletext captions to extract from the input.", "title": "TeletextSourceSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.CdiInputSpecification": { "additionalProperties": false, "properties": { "Resolution": { "markdownDescription": "Maximum CDI input resolution", "title": "Resolution", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.CmafIngestGroupSettings": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "", "title": "Destination" }, "NielsenId3Behavior": { "markdownDescription": "", "title": "NielsenId3Behavior", "type": "string" }, "Scte35Type": { "markdownDescription": "", "title": "Scte35Type", "type": "string" }, "SegmentLength": { "markdownDescription": "", "title": "SegmentLength", "type": "number" }, "SegmentLengthUnits": { "markdownDescription": "", "title": "SegmentLengthUnits", "type": "string" }, "SendDelayMs": { "markdownDescription": "", "title": "SendDelayMs", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.CmafIngestOutputSettings": { "additionalProperties": false, "properties": { "NameModifier": { "markdownDescription": "", "title": "NameModifier", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.ColorCorrection": { "additionalProperties": false, "properties": { "InputColorSpace": { "markdownDescription": "", "title": "InputColorSpace", "type": "string" }, "OutputColorSpace": { "markdownDescription": "", "title": "OutputColorSpace", "type": "string" }, "Uri": { "markdownDescription": "", "title": "Uri", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.ColorCorrectionSettings": { "additionalProperties": false, "properties": { "GlobalColorCorrections": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrection" }, "markdownDescription": "", "title": "GlobalColorCorrections", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.ColorSpacePassthroughSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.DolbyVision81Settings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.DvbNitSettings": { "additionalProperties": false, "properties": { "NetworkId": { "markdownDescription": "The numeric value placed in the Network Information Table (NIT).", "title": "NetworkId", "type": "number" }, "NetworkName": { "markdownDescription": "The network name text placed in the networkNameDescriptor inside the Network Information Table (NIT). The maximum length is 256 characters.", "title": "NetworkName", "type": "string" }, "RepInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", "title": "RepInterval", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.DvbSdtSettings": { "additionalProperties": false, "properties": { "OutputSdt": { "markdownDescription": "Selects a method of inserting SDT information into an output stream. The sdtFollow setting copies SDT information from input stream to output stream. The sdtFollowIfPresent setting copies SDT information from input stream to output stream if SDT information is present in the input. Otherwise, it falls back on the user-defined values. The sdtManual setting means that the user will enter the SDT information. The sdtNone setting means that the output stream will not contain SDT information.", "title": "OutputSdt", "type": "string" }, "RepInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", "title": "RepInterval", "type": "number" }, "ServiceName": { "markdownDescription": "The service name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", "title": "ServiceName", "type": "string" }, "ServiceProviderName": { "markdownDescription": "The service provider name placed in the serviceDescriptor in the Service Description Table (SDT). The maximum length is 256 characters.", "title": "ServiceProviderName", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.DvbSubDestinationSettings": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "If no explicit xPosition or yPosition is provided, setting the alignment to centered places the captions at the bottom center of the output. Similarly, setting a left alignment aligns captions to the bottom left of the output. If x and y positions are specified in conjunction with the alignment parameter, the font is justified (either left or centered) relative to those coordinates. Selecting \"smart\" justification left-justifies live subtitles and center-justifies pre-recorded subtitles. This option is not valid for source captions that are STL or 608/embedded. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "Alignment", "type": "string" }, "BackgroundColor": { "markdownDescription": "Specifies the color of the rectangle behind the captions. All burn-in and DVB-Sub font settings must match.", "title": "BackgroundColor", "type": "string" }, "BackgroundOpacity": { "markdownDescription": "Specifies the opacity of the background rectangle. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", "title": "BackgroundOpacity", "type": "number" }, "Font": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The external font file that is used for captions burn-in. The file extension must be .ttf or .tte. Although you can select output fonts for many different types of input captions, embedded, STL, and Teletext sources use a strict grid system. Using external fonts with these captions sources could cause an unexpected display of proportional fonts. All burn-in and DVB-Sub font settings must match.", "title": "Font" }, "FontColor": { "markdownDescription": "Specifies the color of the burned-in captions. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "FontColor", "type": "string" }, "FontOpacity": { "markdownDescription": "Specifies the opacity of the burned-in captions. 255 is opaque; 0 is transparent. All burn-in and DVB-Sub font settings must match.", "title": "FontOpacity", "type": "number" }, "FontResolution": { "markdownDescription": "The font resolution in DPI (dots per inch). The default is 96 dpi. All burn-in and DVB-Sub font settings must match.", "title": "FontResolution", "type": "number" }, "FontSize": { "markdownDescription": "When set to auto, fontSize scales depending on the size of the output. Providing a positive integer specifies the exact font size in points. All burn-in and DVB-Sub font settings must match.", "title": "FontSize", "type": "string" }, "OutlineColor": { "markdownDescription": "Specifies the font outline color. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "OutlineColor", "type": "string" }, "OutlineSize": { "markdownDescription": "Specifies the font outline size in pixels. This option is not valid for source captions that are either 608/embedded or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "OutlineSize", "type": "number" }, "ShadowColor": { "markdownDescription": "Specifies the color of the shadow that is cast by the captions. All burn-in and DVB-Sub font settings must match.", "title": "ShadowColor", "type": "string" }, "ShadowOpacity": { "markdownDescription": "Specifies the opacity of the shadow. 255 is opaque; 0 is transparent. Keeping this parameter blank is equivalent to setting it to 0 (transparent). All burn-in and DVB-Sub font settings must match.", "title": "ShadowOpacity", "type": "number" }, "ShadowXOffset": { "markdownDescription": "Specifies the horizontal offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels to the left. All burn-in and DVB-Sub font settings must match.", "title": "ShadowXOffset", "type": "number" }, "ShadowYOffset": { "markdownDescription": "Specifies the vertical offset of the shadow relative to the captions in pixels. A value of -2 would result in a shadow offset 2 pixels above the text. All burn-in and DVB-Sub font settings must match.", "title": "ShadowYOffset", "type": "number" }, "TeletextGridControl": { "markdownDescription": "Controls whether a fixed grid size is used to generate the output subtitles bitmap. This applies to only Teletext inputs and DVB-Sub/Burn-in outputs.", "title": "TeletextGridControl", "type": "string" }, "XPosition": { "markdownDescription": "Specifies the horizontal position of the captions relative to the left side of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the left of the output. If no explicit xPosition is provided, the horizontal captions position is determined by the alignment parameter. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "XPosition", "type": "number" }, "YPosition": { "markdownDescription": "Specifies the vertical position of the captions relative to the top of the output in pixels. A value of 10 would result in the captions starting 10 pixels from the top of the output. If no explicit yPosition is provided, the captions are positioned towards the bottom of the output. This option is not valid for source captions that are STL, 608/embedded, or Teletext. These source settings are already pre-defined by the captions stream. All burn-in and DVB-Sub font settings must match.", "title": "YPosition", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.DvbSubSourceSettings": { "additionalProperties": false, "properties": { "OcrLanguage": { "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", "title": "OcrLanguage", "type": "string" }, "Pid": { "markdownDescription": "When using DVB-Sub with burn-in or SMPTE-TT, use this PID for the source content. It is unused for DVB-Sub passthrough. All DVB-Sub content is passed through, regardless of selectors.", "title": "Pid", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.DvbTdtSettings": { "additionalProperties": false, "properties": { "RepInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream.", "title": "RepInterval", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Eac3AtmosSettings": { "additionalProperties": false, "properties": { "Bitrate": { "markdownDescription": "", "title": "Bitrate", "type": "number" }, "CodingMode": { "markdownDescription": "", "title": "CodingMode", "type": "string" }, "Dialnorm": { "markdownDescription": "", "title": "Dialnorm", "type": "number" }, "DrcLine": { "markdownDescription": "", "title": "DrcLine", "type": "string" }, "DrcRf": { "markdownDescription": "", "title": "DrcRf", "type": "string" }, "HeightTrim": { "markdownDescription": "", "title": "HeightTrim", "type": "number" }, "SurroundTrim": { "markdownDescription": "", "title": "SurroundTrim", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Eac3Settings": { "additionalProperties": false, "properties": { "AttenuationControl": { "markdownDescription": "When set to attenuate3Db, applies a 3 dB attenuation to the surround channels. Used only for the 3/2 coding mode.", "title": "AttenuationControl", "type": "string" }, "Bitrate": { "markdownDescription": "The average bitrate in bits/second. Valid bitrates depend on the coding mode.", "title": "Bitrate", "type": "number" }, "BitstreamMode": { "markdownDescription": "Specifies the bitstream mode (bsmod) for the emitted E-AC-3 stream. For more information, see ATSC A/52-2012 (Annex E).", "title": "BitstreamMode", "type": "string" }, "CodingMode": { "markdownDescription": "The Dolby Digital Plus coding mode. This mode determines the number of channels.", "title": "CodingMode", "type": "string" }, "DcFilter": { "markdownDescription": "When set to enabled, activates a DC highpass filter for all input channels.", "title": "DcFilter", "type": "string" }, "Dialnorm": { "markdownDescription": "Sets the dialnorm for the output. If blank and the input audio is Dolby Digital Plus, dialnorm will be passed through.", "title": "Dialnorm", "type": "number" }, "DrcLine": { "markdownDescription": "Sets the Dolby dynamic range compression profile.", "title": "DrcLine", "type": "string" }, "DrcRf": { "markdownDescription": "Sets the profile for heavy Dolby dynamic range compression, ensuring that the instantaneous signal peaks do not exceed specified levels.", "title": "DrcRf", "type": "string" }, "LfeControl": { "markdownDescription": "When encoding 3/2 audio, setting to lfe enables the LFE channel.", "title": "LfeControl", "type": "string" }, "LfeFilter": { "markdownDescription": "When set to enabled, applies a 120Hz lowpass filter to the LFE channel prior to encoding. Valid only with a codingMode32 coding mode.", "title": "LfeFilter", "type": "string" }, "LoRoCenterMixLevel": { "markdownDescription": "The Left only/Right only center mix level. Used only for the 3/2 coding mode.", "title": "LoRoCenterMixLevel", "type": "number" }, "LoRoSurroundMixLevel": { "markdownDescription": "The Left only/Right only surround mix level. Used only for a 3/2 coding mode.", "title": "LoRoSurroundMixLevel", "type": "number" }, "LtRtCenterMixLevel": { "markdownDescription": "The Left total/Right total center mix level. Used only for a 3/2 coding mode.", "title": "LtRtCenterMixLevel", "type": "number" }, "LtRtSurroundMixLevel": { "markdownDescription": "The Left total/Right total surround mix level. Used only for the 3/2 coding mode.", "title": "LtRtSurroundMixLevel", "type": "number" }, "MetadataControl": { "markdownDescription": "When set to followInput, encoder metadata is sourced from the DD, DD+, or DolbyE decoder that supplies this audio data. If the audio is not supplied from one of these streams, then the static metadata settings are used.", "title": "MetadataControl", "type": "string" }, "PassthroughControl": { "markdownDescription": "When set to whenPossible, input DD+ audio will be passed through if it is present on the input. This detection is dynamic over the life of the transcode. Inputs that alternate between DD+ and non-DD+ content will have a consistent DD+ output as the system alternates between passthrough and encoding.", "title": "PassthroughControl", "type": "string" }, "PhaseControl": { "markdownDescription": "When set to shift90Degrees, applies a 90-degree phase shift to the surround channels. Used only for a 3/2 coding mode.", "title": "PhaseControl", "type": "string" }, "StereoDownmix": { "markdownDescription": "A stereo downmix preference. Used only for the 3/2 coding mode.", "title": "StereoDownmix", "type": "string" }, "SurroundExMode": { "markdownDescription": "When encoding 3/2 audio, sets whether an extra center back surround channel is matrix encoded into the left and right surround channels.", "title": "SurroundExMode", "type": "string" }, "SurroundMode": { "markdownDescription": "When encoding 2/0 audio, sets whether Dolby Surround is matrix-encoded into the two channels.", "title": "SurroundMode", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.EbuTtDDestinationSettings": { "additionalProperties": false, "properties": { "CopyrightHolder": { "markdownDescription": "Applies only if you plan to convert these source captions to EBU-TT-D or TTML in an output. Complete this field if you want to include the name of the copyright holder in the copyright metadata tag in the TTML", "title": "CopyrightHolder", "type": "string" }, "FillLineGap": { "markdownDescription": "Specifies how to handle the gap between the lines (in multi-line captions). - enabled: Fill with the captions background color (as specified in the input captions).\n- disabled: Leave the gap unfilled.", "title": "FillLineGap", "type": "string" }, "FontFamily": { "markdownDescription": "Specifies the font family to include in the font data attached to the EBU-TT captions. Valid only if styleControl is set to include. If you leave this field empty, the font family is set to \"monospaced\". (If styleControl is set to exclude, the font family is always set to \"monospaced\".) You specify only the font family. All other style information (color, bold, position and so on) is copied from the input captions. The size is always set to 100% to allow the downstream player to choose the size. - Enter a list of font families, as a comma-separated list of font names, in order of preference. The name can be a font family (such as \u201cArial\u201d), or a generic font family (such as \u201cserif\u201d), or \u201cdefault\u201d (to let the downstream player choose the font).\n- Leave blank to set the family to \u201cmonospace\u201d.", "title": "FontFamily", "type": "string" }, "StyleControl": { "markdownDescription": "Specifies the style information (font color, font position, and so on) to include in the font data that is attached to the EBU-TT captions. - include: Take the style information (font color, font position, and so on) from the source captions and include that information in the font data attached to the EBU-TT captions. This option is valid only if the source captions are Embedded or Teletext.\n- exclude: In the font data attached to the EBU-TT captions, set the font family to \"monospaced\". Do not include any other style information.", "title": "StyleControl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.EmbeddedDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.EmbeddedPlusScte20DestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.EmbeddedSourceSettings": { "additionalProperties": false, "properties": { "Convert608To708": { "markdownDescription": "If this is upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. If 708 data is present in the source content, it is discarded.", "title": "Convert608To708", "type": "string" }, "Scte20Detection": { "markdownDescription": "Set to \"auto\" to handle streams with intermittent or non-aligned SCTE-20 and embedded captions.", "title": "Scte20Detection", "type": "string" }, "Source608ChannelNumber": { "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions. This is unused for passthrough.", "title": "Source608ChannelNumber", "type": "number" }, "Source608TrackNumber": { "markdownDescription": "This field is unused and deprecated.", "title": "Source608TrackNumber", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.EncoderSettings": { "additionalProperties": false, "properties": { "AudioDescriptions": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioDescription" }, "markdownDescription": "The encoding information for output audio.", "title": "AudioDescriptions", "type": "array" }, "AvailBlanking": { "$ref": "#/definitions/AWS::MediaLive::Channel.AvailBlanking", "markdownDescription": "The settings for ad avail blanking.", "title": "AvailBlanking" }, "AvailConfiguration": { "$ref": "#/definitions/AWS::MediaLive::Channel.AvailConfiguration", "markdownDescription": "The configuration settings for the ad avail handling.", "title": "AvailConfiguration" }, "BlackoutSlate": { "$ref": "#/definitions/AWS::MediaLive::Channel.BlackoutSlate", "markdownDescription": "The settings for the blackout slate.", "title": "BlackoutSlate" }, "CaptionDescriptions": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionDescription" }, "markdownDescription": "The encoding information for output captions.", "title": "CaptionDescriptions", "type": "array" }, "ColorCorrectionSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ColorCorrectionSettings", "markdownDescription": "", "title": "ColorCorrectionSettings" }, "FeatureActivations": { "$ref": "#/definitions/AWS::MediaLive::Channel.FeatureActivations", "markdownDescription": "Settings to enable specific features.", "title": "FeatureActivations" }, "GlobalConfiguration": { "$ref": "#/definitions/AWS::MediaLive::Channel.GlobalConfiguration", "markdownDescription": "The configuration settings that apply to the entire channel.", "title": "GlobalConfiguration" }, "MotionGraphicsConfiguration": { "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsConfiguration", "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", "title": "MotionGraphicsConfiguration" }, "NielsenConfiguration": { "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenConfiguration", "markdownDescription": "The settings to configure Nielsen watermarks.", "title": "NielsenConfiguration" }, "OutputGroups": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroup" }, "markdownDescription": "The settings for the output groups in the channel.", "title": "OutputGroups", "type": "array" }, "ThumbnailConfiguration": { "$ref": "#/definitions/AWS::MediaLive::Channel.ThumbnailConfiguration", "markdownDescription": "", "title": "ThumbnailConfiguration" }, "TimecodeConfig": { "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeConfig", "markdownDescription": "Contains settings used to acquire and adjust timecode information from the inputs.", "title": "TimecodeConfig" }, "VideoDescriptions": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoDescription" }, "markdownDescription": "The encoding information for output videos.", "title": "VideoDescriptions", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.EpochLockingSettings": { "additionalProperties": false, "properties": { "CustomEpoch": { "markdownDescription": "", "title": "CustomEpoch", "type": "string" }, "JamSyncTime": { "markdownDescription": "", "title": "JamSyncTime", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.Esam": { "additionalProperties": false, "properties": { "AcquisitionPointId": { "markdownDescription": "", "title": "AcquisitionPointId", "type": "string" }, "AdAvailOffset": { "markdownDescription": "", "title": "AdAvailOffset", "type": "number" }, "PasswordParam": { "markdownDescription": "", "title": "PasswordParam", "type": "string" }, "PoisEndpoint": { "markdownDescription": "", "title": "PoisEndpoint", "type": "string" }, "Username": { "markdownDescription": "", "title": "Username", "type": "string" }, "ZoneIdentity": { "markdownDescription": "", "title": "ZoneIdentity", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.FailoverCondition": { "additionalProperties": false, "properties": { "FailoverConditionSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FailoverConditionSettings", "markdownDescription": "Settings for a specific failover condition.", "title": "FailoverConditionSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.FailoverConditionSettings": { "additionalProperties": false, "properties": { "AudioSilenceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSilenceFailoverSettings", "markdownDescription": "MediaLive will perform a failover if the specified audio selector is silent for the specified period.", "title": "AudioSilenceSettings" }, "InputLossSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossFailoverSettings", "markdownDescription": "MediaLive will perform a failover if content is not detected in this input for the specified period.", "title": "InputLossSettings" }, "VideoBlackSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoBlackFailoverSettings", "markdownDescription": "MediaLive will perform a failover if content is considered black for the specified period.", "title": "VideoBlackSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.FeatureActivations": { "additionalProperties": false, "properties": { "InputPrepareScheduleActions": { "markdownDescription": "Enables the Input Prepare feature. You can create Input Prepare actions in the schedule only if this feature is enabled.\nIf you disable the feature on an existing schedule, make sure that you first delete all input prepare actions from the schedule.", "title": "InputPrepareScheduleActions", "type": "string" }, "OutputStaticImageOverlayScheduleActions": { "markdownDescription": "", "title": "OutputStaticImageOverlayScheduleActions", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.FecOutputSettings": { "additionalProperties": false, "properties": { "ColumnDepth": { "markdownDescription": "The parameter D from SMPTE 2022-1. The height of the FEC protection matrix. The number of transport stream packets per column error correction packet. The number must be between 4 and 20, inclusive.", "title": "ColumnDepth", "type": "number" }, "IncludeFec": { "markdownDescription": "Enables column only or column and row-based FEC.", "title": "IncludeFec", "type": "string" }, "RowLength": { "markdownDescription": "The parameter L from SMPTE 2022-1. The width of the FEC protection matrix. Must be between 1 and 20, inclusive. If only Column FEC is used, then larger values increase robustness. If Row FEC is used, then this is the number of transport stream packets per row error correction packet, and the value must be between 4 and 20, inclusive, if includeFec is columnAndRow. If includeFec is column, this value must be 1 to 20, inclusive.", "title": "RowLength", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Fmp4HlsSettings": { "additionalProperties": false, "properties": { "AudioRenditionSets": { "markdownDescription": "List all the audio groups that are used with the video output stream. Input all the audio GROUP-IDs that are associated to the video, separate by ','.", "title": "AudioRenditionSets", "type": "string" }, "NielsenId3Behavior": { "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", "title": "NielsenId3Behavior", "type": "string" }, "TimedMetadataBehavior": { "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", "title": "TimedMetadataBehavior", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureCdnSettings": { "additionalProperties": false, "properties": { "FrameCaptureS3Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureS3Settings", "markdownDescription": "Sets up Amazon S3 as the destination for this Frame Capture output.", "title": "FrameCaptureS3Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureGroupSettings": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "The destination for the frame capture files. The destination is either the URI for an Amazon S3 bucket and object, plus a file name prefix (for example, s3ssl://sportsDelivery/highlights/20180820/curling_) or the URI for a MediaStore container, plus a file name prefix (for example, mediastoressl://sportsDelivery/20180820/curling_). The final file names consist of the prefix from the destination field (for example, \"curling_\") + name modifier + the counter (5 digits, starting from 00001) + extension (which is always .jpg). For example, curlingLow.00001.jpg.", "title": "Destination" }, "FrameCaptureCdnSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureCdnSettings", "markdownDescription": "Settings to configure the destination of a Frame Capture output.", "title": "FrameCaptureCdnSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureHlsSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureOutputSettings": { "additionalProperties": false, "properties": { "NameModifier": { "markdownDescription": "Required if the output group contains more than one output. This modifier forms part of the output file name.", "title": "NameModifier", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureS3Settings": { "additionalProperties": false, "properties": { "CannedAcl": { "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", "title": "CannedAcl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.FrameCaptureSettings": { "additionalProperties": false, "properties": { "CaptureInterval": { "markdownDescription": "The frequency, in seconds, for capturing frames for inclusion in the output. For example, \"10\" means capture a frame every 10 seconds.", "title": "CaptureInterval", "type": "number" }, "CaptureIntervalUnits": { "markdownDescription": "Unit for the frame capture interval.", "title": "CaptureIntervalUnits", "type": "string" }, "TimecodeBurninSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", "markdownDescription": "", "title": "TimecodeBurninSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.GlobalConfiguration": { "additionalProperties": false, "properties": { "InitialAudioGain": { "markdownDescription": "The value to set the initial audio gain for the channel.", "title": "InitialAudioGain", "type": "number" }, "InputEndAction": { "markdownDescription": "Indicates the action to take when the current input completes (for example, end-of-file). When switchAndLoopInputs is configured, MediaLive restarts at the beginning of the first input. When \"none\" is configured, MediaLive transcodes either black, a solid color, or a user-specified slate images per the \"Input Loss Behavior\" configuration until the next input switch occurs (which is controlled through the Channel Schedule API).", "title": "InputEndAction", "type": "string" }, "InputLossBehavior": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLossBehavior", "markdownDescription": "The settings for system actions when the input is lost.", "title": "InputLossBehavior" }, "OutputLockingMode": { "markdownDescription": "Indicates how MediaLive pipelines are synchronized. PIPELINELOCKING - MediaLive attempts to synchronize the output of each pipeline to the other. EPOCHLOCKING - MediaLive attempts to synchronize the output of each pipeline to the Unix epoch.", "title": "OutputLockingMode", "type": "string" }, "OutputLockingSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLockingSettings", "markdownDescription": "", "title": "OutputLockingSettings" }, "OutputTimingSource": { "markdownDescription": "Indicates whether the rate of frames emitted by the Live encoder should be paced by its system clock (which optionally might be locked to another source through NTP) or should be locked to the clock of the source that is providing the input stream.", "title": "OutputTimingSource", "type": "string" }, "SupportLowFramerateInputs": { "markdownDescription": "Adjusts the video input buffer for streams with very low video frame rates. This is commonly set to enabled for music channels with less than one video frame per second.", "title": "SupportLowFramerateInputs", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.H264ColorSpaceSettings": { "additionalProperties": false, "properties": { "ColorSpacePassthroughSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", "markdownDescription": "Passthrough applies no color space conversion to the output.", "title": "ColorSpacePassthroughSettings" }, "Rec601Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", "markdownDescription": "Settings to configure the handling of Rec601 color space.", "title": "Rec601Settings" }, "Rec709Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", "markdownDescription": "Settings to configure the handling of Rec709 color space.", "title": "Rec709Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.H264FilterSettings": { "additionalProperties": false, "properties": { "TemporalFilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", "markdownDescription": "Settings for applying the temporal filter to the video.", "title": "TemporalFilterSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.H264Settings": { "additionalProperties": false, "properties": { "AdaptiveQuantization": { "markdownDescription": "The adaptive quantization. This allows intra-frame quantizers to vary to improve visual quality.", "title": "AdaptiveQuantization", "type": "string" }, "AfdSignaling": { "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is auto, the system tries to preserve the input AFD value (in cases where multiple AFD values are valid). If set to fixed, the AFD value is the value configured in the fixedAfd parameter.", "title": "AfdSignaling", "type": "string" }, "Bitrate": { "markdownDescription": "The average bitrate in bits/second. This is required when the rate control mode is VBR or CBR. It isn't used for QVBR. In a Microsoft Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", "title": "Bitrate", "type": "number" }, "BufFillPct": { "markdownDescription": "The percentage of the buffer that should initially be filled (HRD buffer model).", "title": "BufFillPct", "type": "number" }, "BufSize": { "markdownDescription": "The size of the buffer (HRD buffer model) in bits/second.", "title": "BufSize", "type": "number" }, "ColorMetadata": { "markdownDescription": "Includes color space metadata in the output.", "title": "ColorMetadata", "type": "string" }, "ColorSpaceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H264ColorSpaceSettings", "markdownDescription": "Settings to configure the color space handling for the video.", "title": "ColorSpaceSettings" }, "EntropyEncoding": { "markdownDescription": "The entropy encoding mode. Use cabac (must be in Main or High profile) or cavlc.", "title": "EntropyEncoding", "type": "string" }, "FilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H264FilterSettings", "markdownDescription": "Optional filters that you can apply to an encode.", "title": "FilterSettings" }, "FixedAfd": { "markdownDescription": "A four-bit AFD value to write on all frames of video in the output stream. Valid only when afdSignaling is set to Fixed.", "title": "FixedAfd", "type": "string" }, "FlickerAq": { "markdownDescription": "If set to enabled, adjusts the quantization within each frame to reduce flicker or pop on I-frames.", "title": "FlickerAq", "type": "string" }, "ForceFieldPictures": { "markdownDescription": "This setting applies only when scan type is \"interlaced.\" It controls whether coding is performed on a field basis or on a frame basis. (When the video is progressive, the coding is always performed on a frame basis.)\nenabled: Force MediaLive to code on a field basis, so that odd and even sets of fields are coded separately.\ndisabled: Code the two sets of fields separately (on a field basis) or together (on a frame basis using PAFF), depending on what is most appropriate for the content.", "title": "ForceFieldPictures", "type": "string" }, "FramerateControl": { "markdownDescription": "Indicates how the output video frame rate is specified. If you select \"specified,\" the output video frame rate is determined by framerateNumerator and framerateDenominator. If you select \"initializeFromSource,\" the output video frame rate is set equal to the input video frame rate of the first input.", "title": "FramerateControl", "type": "string" }, "FramerateDenominator": { "markdownDescription": "The frame rate denominator.", "title": "FramerateDenominator", "type": "number" }, "FramerateNumerator": { "markdownDescription": "The frame rate numerator. The frame rate is a fraction, for example, 24000/1001 = 23.976 fps.", "title": "FramerateNumerator", "type": "number" }, "GopBReference": { "markdownDescription": "If enabled, uses reference B frames for GOP structures that have B frames > 1.", "title": "GopBReference", "type": "string" }, "GopClosedCadence": { "markdownDescription": "The frequency of closed GOPs. In streaming applications, we recommend that you set this to 1 so that a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", "title": "GopClosedCadence", "type": "number" }, "GopNumBFrames": { "markdownDescription": "The number of B-frames between reference frames.", "title": "GopNumBFrames", "type": "number" }, "GopSize": { "markdownDescription": "The GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits. The value must be greater than zero.", "title": "GopSize", "type": "number" }, "GopSizeUnits": { "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds, the system converts the gopSize into a frame count at runtime.", "title": "GopSizeUnits", "type": "string" }, "Level": { "markdownDescription": "The H.264 level.", "title": "Level", "type": "string" }, "LookAheadRateControl": { "markdownDescription": "The amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", "title": "LookAheadRateControl", "type": "string" }, "MaxBitrate": { "markdownDescription": "For QVBR: See the tooltip for Quality level. For VBR: Set the maximum bitrate in order to accommodate expected spikes in the complexity of the video.", "title": "MaxBitrate", "type": "number" }, "MinIInterval": { "markdownDescription": "Meaningful only if sceneChangeDetect is set to enabled. This setting enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting the I-interval. The normal cadence resumes for the next GOP. Note that the maximum GOP stretch = GOP size + Min-I-interval - 1.", "title": "MinIInterval", "type": "number" }, "NumRefFrames": { "markdownDescription": "The number of reference frames to use. The encoder might use more than requested if you use B-frames or interlaced encoding.", "title": "NumRefFrames", "type": "number" }, "ParControl": { "markdownDescription": "Indicates how the output pixel aspect ratio is specified. If \"specified\" is selected, the output video pixel aspect ratio is determined by parNumerator and parDenominator. If \"initializeFromSource\" is selected, the output pixels aspect ratio will be set equal to the input video pixel aspect ratio of the first input.", "title": "ParControl", "type": "string" }, "ParDenominator": { "markdownDescription": "The Pixel Aspect Ratio denominator.", "title": "ParDenominator", "type": "number" }, "ParNumerator": { "markdownDescription": "The Pixel Aspect Ratio numerator.", "title": "ParNumerator", "type": "number" }, "Profile": { "markdownDescription": "An H.264 profile.", "title": "Profile", "type": "string" }, "QualityLevel": { "markdownDescription": "Leave as STANDARD_QUALITY or choose a different value (which might result in additional costs to run the channel).\n- ENHANCED_QUALITY: Produces a slightly better video quality without an increase in the bitrate. Has an effect only when the Rate control mode is QVBR or CBR. If this channel is in a MediaLive multiplex, the value must be ENHANCED_QUALITY.\n- STANDARD_QUALITY: Valid for any Rate control mode.", "title": "QualityLevel", "type": "string" }, "QvbrQualityLevel": { "markdownDescription": "Controls the target quality for the video encode. This applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are: - Primary screen: Quality level: 8 to 10. Max bitrate: 4M - PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M - Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M.", "title": "QvbrQualityLevel", "type": "number" }, "RateControlMode": { "markdownDescription": "The rate control mode. QVBR: The quality will match the specified quality level except when it is constrained by the maximum bitrate. We recommend this if you or your viewers pay for bandwidth. VBR: The quality and bitrate vary, depending on the video complexity. We recommend this instead of QVBR if you want to maintain a specific average bitrate over the duration of the channel. CBR: The quality varies, depending on the video complexity. We recommend this only if you distribute your assets to devices that can't handle variable bitrates.", "title": "RateControlMode", "type": "string" }, "ScanType": { "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", "title": "ScanType", "type": "string" }, "SceneChangeDetect": { "markdownDescription": "The scene change detection. On: inserts I-frames when the scene change is detected. Off: does not force an I-frame when the scene change is detected.", "title": "SceneChangeDetect", "type": "string" }, "Slices": { "markdownDescription": "The number of slices per picture. The number must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures. This field is optional. If you don't specify a value, MediaLive chooses the number of slices based on the encode resolution.", "title": "Slices", "type": "number" }, "Softness": { "markdownDescription": "Softness. Selects a quantizer matrix. Larger values reduce high-frequency content in the encoded image.", "title": "Softness", "type": "number" }, "SpatialAq": { "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the spatial variation of content complexity.", "title": "SpatialAq", "type": "string" }, "SubgopLength": { "markdownDescription": "If set to fixed, uses gopNumBFrames B-frames per sub-GOP. If set to dynamic, optimizes the number of B-frames used for each sub-GOP to improve visual quality.", "title": "SubgopLength", "type": "string" }, "Syntax": { "markdownDescription": "Produces a bitstream that is compliant with SMPTE RP-2027.", "title": "Syntax", "type": "string" }, "TemporalAq": { "markdownDescription": "If set to enabled, adjusts quantization within each frame based on the temporal variation of content complexity.", "title": "TemporalAq", "type": "string" }, "TimecodeBurninSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", "markdownDescription": "", "title": "TimecodeBurninSettings" }, "TimecodeInsertion": { "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream. disabled: don't include timecodes. picTimingSei: pass through picture timing SEI messages from the source specified in Timecode Config.", "title": "TimecodeInsertion", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.H265ColorSpaceSettings": { "additionalProperties": false, "properties": { "ColorSpacePassthroughSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ColorSpacePassthroughSettings", "markdownDescription": "Passthrough applies no color space conversion to the output.", "title": "ColorSpacePassthroughSettings" }, "DolbyVision81Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DolbyVision81Settings", "markdownDescription": "", "title": "DolbyVision81Settings" }, "Hdr10Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", "markdownDescription": "Settings to configure the handling of HDR10 color space.", "title": "Hdr10Settings" }, "Rec601Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Rec601Settings", "markdownDescription": "Settings to configure the handling of Rec601 color space.", "title": "Rec601Settings" }, "Rec709Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Rec709Settings", "markdownDescription": "Settings to configure the handling of Rec709 color space.", "title": "Rec709Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.H265FilterSettings": { "additionalProperties": false, "properties": { "TemporalFilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", "markdownDescription": "Settings for applying the temporal filter to the video.", "title": "TemporalFilterSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.H265Settings": { "additionalProperties": false, "properties": { "AdaptiveQuantization": { "markdownDescription": "Adaptive quantization. Allows intra-frame quantizers to vary to improve visual quality.", "title": "AdaptiveQuantization", "type": "string" }, "AfdSignaling": { "markdownDescription": "Indicates that AFD values will be written into the output stream. If afdSignaling is \"auto\", the system will try to preserve the input AFD value (in cases where multiple AFD values are valid). If set to \"fixed\", the AFD value will be the value configured in the fixedAfd parameter.", "title": "AfdSignaling", "type": "string" }, "AlternativeTransferFunction": { "markdownDescription": "Whether or not EML should insert an Alternative Transfer Function SEI message to support backwards compatibility with non-HDR decoders and displays.", "title": "AlternativeTransferFunction", "type": "string" }, "Bitrate": { "markdownDescription": "Average bitrate in bits/second. Required when the rate control mode is VBR or CBR. Not used for QVBR. In an MS Smooth output group, each output must have a unique value when its bitrate is rounded down to the nearest multiple of 1000.", "title": "Bitrate", "type": "number" }, "BufSize": { "markdownDescription": "Size of buffer (HRD buffer model) in bits.", "title": "BufSize", "type": "number" }, "ColorMetadata": { "markdownDescription": "Includes colorspace metadata in the output.", "title": "ColorMetadata", "type": "string" }, "ColorSpaceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H265ColorSpaceSettings", "markdownDescription": "Color Space settings", "title": "ColorSpaceSettings" }, "FilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H265FilterSettings", "markdownDescription": "Optional filters that you can apply to an encode.", "title": "FilterSettings" }, "FixedAfd": { "markdownDescription": "Four bit AFD value to write on all frames of video in the output stream. Only valid when afdSignaling is set to 'Fixed'.", "title": "FixedAfd", "type": "string" }, "FlickerAq": { "markdownDescription": "If set to enabled, adjust quantization within each frame to reduce flicker or 'pop' on I-frames.", "title": "FlickerAq", "type": "string" }, "FramerateDenominator": { "markdownDescription": "Framerate denominator.", "title": "FramerateDenominator", "type": "number" }, "FramerateNumerator": { "markdownDescription": "Framerate numerator - framerate is a fraction, e.g. 24000 / 1001 = 23.976 fps.", "title": "FramerateNumerator", "type": "number" }, "GopClosedCadence": { "markdownDescription": "Frequency of closed GOPs. In streaming applications, it is recommended that this be set to 1 so a decoder joining mid-stream will receive an IDR frame as quickly as possible. Setting this value to 0 will break output segmenting.", "title": "GopClosedCadence", "type": "number" }, "GopSize": { "markdownDescription": "GOP size (keyframe interval) in units of either frames or seconds per gopSizeUnits.\nIf gopSizeUnits is frames, gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, gopSize must be greater than 0, but need not be an integer.", "title": "GopSize", "type": "number" }, "GopSizeUnits": { "markdownDescription": "Indicates if the gopSize is specified in frames or seconds. If seconds the system will convert the gopSize into a frame count at run time.", "title": "GopSizeUnits", "type": "string" }, "Level": { "markdownDescription": "H.265 Level.", "title": "Level", "type": "string" }, "LookAheadRateControl": { "markdownDescription": "Amount of lookahead. A value of low can decrease latency and memory usage, while high can produce better quality for certain content.", "title": "LookAheadRateControl", "type": "string" }, "MaxBitrate": { "markdownDescription": "For QVBR: See the tooltip for Quality level", "title": "MaxBitrate", "type": "number" }, "MinIInterval": { "markdownDescription": "Only meaningful if sceneChangeDetect is set to enabled. Defaults to 5 if multiplex rate control is used. Enforces separation between repeated (cadence) I-frames and I-frames inserted by Scene Change Detection. If a scene change I-frame is within I-interval frames of a cadence I-frame, the GOP is shrunk and/or stretched to the scene change I-frame. GOP stretch requires enabling lookahead as well as setting I-interval. The normal cadence resumes for the next GOP. Note: Maximum GOP stretch = GOP size + Min-I-interval - 1", "title": "MinIInterval", "type": "number" }, "MvOverPictureBoundaries": { "markdownDescription": "", "title": "MvOverPictureBoundaries", "type": "string" }, "MvTemporalPredictor": { "markdownDescription": "", "title": "MvTemporalPredictor", "type": "string" }, "ParDenominator": { "markdownDescription": "Pixel Aspect Ratio denominator.", "title": "ParDenominator", "type": "number" }, "ParNumerator": { "markdownDescription": "Pixel Aspect Ratio numerator.", "title": "ParNumerator", "type": "number" }, "Profile": { "markdownDescription": "H.265 Profile.", "title": "Profile", "type": "string" }, "QvbrQualityLevel": { "markdownDescription": "Controls the target quality for the video encode. Applies only when the rate control mode is QVBR. Set values for the QVBR quality level field and Max bitrate field that suit your most important viewing devices. Recommended values are:\n- Primary screen: Quality level: 8 to 10. Max bitrate: 4M\n- PC or tablet: Quality level: 7. Max bitrate: 1.5M to 3M\n- Smartphone: Quality level: 6. Max bitrate: 1M to 1.5M", "title": "QvbrQualityLevel", "type": "number" }, "RateControlMode": { "markdownDescription": "Rate control mode. QVBR: Quality will match the specified quality level except when it is constrained by the\nmaximum bitrate. Recommended if you or your viewers pay for bandwidth. CBR: Quality varies, depending on the video complexity. Recommended only if you distribute\nyour assets to devices that cannot handle variable bitrates. Multiplex: This rate control mode is only supported (and is required) when the video is being\ndelivered to a MediaLive Multiplex in which case the rate control configuration is controlled\nby the properties within the Multiplex Program.", "title": "RateControlMode", "type": "string" }, "ScanType": { "markdownDescription": "Sets the scan type of the output to progressive or top-field-first interlaced.", "title": "ScanType", "type": "string" }, "SceneChangeDetect": { "markdownDescription": "Scene change detection.", "title": "SceneChangeDetect", "type": "string" }, "Slices": { "markdownDescription": "Number of slices per picture. Must be less than or equal to the number of macroblock rows for progressive pictures, and less than or equal to half the number of macroblock rows for interlaced pictures.\nThis field is optional; when no value is specified the encoder will choose the number of slices based on encode resolution.", "title": "Slices", "type": "number" }, "Tier": { "markdownDescription": "H.265 Tier.", "title": "Tier", "type": "string" }, "TileHeight": { "markdownDescription": "", "title": "TileHeight", "type": "number" }, "TilePadding": { "markdownDescription": "", "title": "TilePadding", "type": "string" }, "TileWidth": { "markdownDescription": "", "title": "TileWidth", "type": "number" }, "TimecodeBurninSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", "markdownDescription": "", "title": "TimecodeBurninSettings" }, "TimecodeInsertion": { "markdownDescription": "Determines how timecodes should be inserted into the video elementary stream.\n- 'disabled': Do not include timecodes\n- 'picTimingSei': Pass through picture timing SEI messages from the source specified in Timecode Config", "title": "TimecodeInsertion", "type": "string" }, "TreeblockSize": { "markdownDescription": "", "title": "TreeblockSize", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.Hdr10Settings": { "additionalProperties": false, "properties": { "MaxCll": { "markdownDescription": "Maximum Content Light Level\nAn integer metadata value defining the maximum light level, in nits,\nof any single pixel within an encoded HDR video stream or file.", "title": "MaxCll", "type": "number" }, "MaxFall": { "markdownDescription": "Maximum Frame Average Light Level\nAn integer metadata value defining the maximum average light level, in nits,\nfor any single frame within an encoded HDR video stream or file.", "title": "MaxFall", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsAkamaiSettings": { "additionalProperties": false, "properties": { "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", "title": "ConnectionRetryInterval", "type": "number" }, "FilecacheDuration": { "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", "title": "FilecacheDuration", "type": "number" }, "HttpTransferMode": { "markdownDescription": "Specifies whether to use chunked transfer encoding to Akamai. To enable this feature, contact Akamai.", "title": "HttpTransferMode", "type": "string" }, "NumRetries": { "markdownDescription": "The number of retry attempts that will be made before the channel is put into an error state.", "title": "NumRetries", "type": "number" }, "RestartDelay": { "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", "title": "RestartDelay", "type": "number" }, "Salt": { "markdownDescription": "The salt for authenticated Akamai.", "title": "Salt", "type": "string" }, "Token": { "markdownDescription": "The token parameter for authenticated Akamai. If this is not specified, _gda_ is used.", "title": "Token", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsBasicPutSettings": { "additionalProperties": false, "properties": { "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", "title": "ConnectionRetryInterval", "type": "number" }, "FilecacheDuration": { "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", "title": "FilecacheDuration", "type": "number" }, "NumRetries": { "markdownDescription": "The number of retry attempts that MediaLive makes before the channel is put into an error state.", "title": "NumRetries", "type": "number" }, "RestartDelay": { "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", "title": "RestartDelay", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsCdnSettings": { "additionalProperties": false, "properties": { "HlsAkamaiSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsAkamaiSettings", "markdownDescription": "Sets up Akamai as the downstream system for the HLS output group.", "title": "HlsAkamaiSettings" }, "HlsBasicPutSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsBasicPutSettings", "markdownDescription": "The settings for Basic Put for the HLS output.", "title": "HlsBasicPutSettings" }, "HlsMediaStoreSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsMediaStoreSettings", "markdownDescription": "Sets up MediaStore as the destination for the HLS output.", "title": "HlsMediaStoreSettings" }, "HlsS3Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsS3Settings", "markdownDescription": "Sets up Amazon S3 as the destination for this HLS output.", "title": "HlsS3Settings" }, "HlsWebdavSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsWebdavSettings", "markdownDescription": "The settings for Web VTT captions in the HLS output group.\n\nThe parent of this entity is HlsGroupSettings.", "title": "HlsWebdavSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsGroupSettings": { "additionalProperties": false, "properties": { "AdMarkers": { "items": { "type": "string" }, "markdownDescription": "Chooses one or more ad marker types to pass SCTE35 signals through to this group of Apple HLS outputs.", "title": "AdMarkers", "type": "array" }, "BaseUrlContent": { "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", "title": "BaseUrlContent", "type": "string" }, "BaseUrlContent1": { "markdownDescription": "Optional. One value per output group. This field is required only if you are completing Base URL content A, and the downstream system has notified you that the media files for pipeline 1 of all outputs are in a location different from the media files for pipeline 0.", "title": "BaseUrlContent1", "type": "string" }, "BaseUrlManifest": { "markdownDescription": "A partial URI prefix that will be prepended to each output in the media .m3u8 file. The partial URI prefix can be used if the base manifest is delivered from a different URL than the main .m3u8 file.", "title": "BaseUrlManifest", "type": "string" }, "BaseUrlManifest1": { "markdownDescription": "Optional. One value per output group. Complete this field only if you are completing Base URL manifest A, and the downstream system has notified you that the child manifest files for pipeline 1 of all outputs are in a location different from the child manifest files for pipeline 0.", "title": "BaseUrlManifest1", "type": "string" }, "CaptionLanguageMappings": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionLanguageMapping" }, "markdownDescription": "A mapping of up to 4 captions channels to captions languages. This is meaningful only if captionLanguageSetting is set to \"insert.\"", "title": "CaptionLanguageMappings", "type": "array" }, "CaptionLanguageSetting": { "markdownDescription": "Applies only to 608 embedded output captions. Insert: Include CLOSED-CAPTIONS lines in the manifest. Specify at least one language in the CC1 Language Code field. One CLOSED-CAPTION line is added for each Language Code that you specify. Make sure to specify the languages in the order in which they appear in the original source (if the source is embedded format) or the order of the captions selectors (if the source is other than embedded). Otherwise, languages in the manifest will not match properly with the output captions. None: Include the CLOSED-CAPTIONS=NONE line in the manifest. Omit: Omit any CLOSED-CAPTIONS line from the manifest.", "title": "CaptionLanguageSetting", "type": "string" }, "ClientCache": { "markdownDescription": "When set to \"disabled,\" sets the #EXT-X-ALLOW-CACHE:no tag in the manifest, which prevents clients from saving media segments for later replay.", "title": "ClientCache", "type": "string" }, "CodecSpecification": { "markdownDescription": "The specification to use (RFC-6381 or the default RFC-4281) during m3u8 playlist generation.", "title": "CodecSpecification", "type": "string" }, "ConstantIv": { "markdownDescription": "Used with encryptionType. This is a 128-bit, 16-byte hex value that is represented by a 32-character text string. If ivSource is set to \"explicit,\" this parameter is required and is used as the IV for encryption.", "title": "ConstantIv", "type": "string" }, "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "A directory or HTTP destination for the HLS segments, manifest files, and encryption keys (if enabled).", "title": "Destination" }, "DirectoryStructure": { "markdownDescription": "Places segments in subdirectories.", "title": "DirectoryStructure", "type": "string" }, "DiscontinuityTags": { "markdownDescription": "Specifies whether to insert EXT-X-DISCONTINUITY tags in the HLS child manifests for this output group.\nTypically, choose Insert because these tags are required in the manifest (according to the HLS specification) and serve an important purpose.\nChoose Never Insert only if the downstream system is doing real-time failover (without using the MediaLive automatic failover feature) and only if that downstream system has advised you to exclude the tags.", "title": "DiscontinuityTags", "type": "string" }, "EncryptionType": { "markdownDescription": "Encrypts the segments with the specified encryption scheme. Exclude this parameter if you don't want encryption.", "title": "EncryptionType", "type": "string" }, "HlsCdnSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsCdnSettings", "markdownDescription": "The parameters that control interactions with the CDN.", "title": "HlsCdnSettings" }, "HlsId3SegmentTagging": { "markdownDescription": "State of HLS ID3 Segment Tagging", "title": "HlsId3SegmentTagging", "type": "string" }, "IFrameOnlyPlaylists": { "markdownDescription": "DISABLED: Don't create an I-frame-only manifest, but do create the master and media manifests (according to the Output Selection field). STANDARD: Create an I-frame-only manifest for each output that contains video, as well as the other manifests (according to the Output Selection field). The I-frame manifest contains a #EXT-X-I-FRAMES-ONLY tag to indicate it is I-frame only, and one or more #EXT-X-BYTERANGE entries identifying the I-frame position. For example, #EXT-X-BYTERANGE:160364@1461888\".", "title": "IFrameOnlyPlaylists", "type": "string" }, "IncompleteSegmentBehavior": { "markdownDescription": "Specifies whether to include the final (incomplete) segment in the media output when the pipeline stops producing output because of a channel stop, a channel pause or a loss of input to the pipeline.\nAuto means that MediaLive decides whether to include the final segment, depending on the channel class and the types of output groups.\nSuppress means to never include the incomplete segment. We recommend you choose Auto and let MediaLive control the behavior.", "title": "IncompleteSegmentBehavior", "type": "string" }, "IndexNSegments": { "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the maximum number of segments in the media manifest file. After this maximum, older segments are removed from the media manifest. This number must be less than or equal to the Keep Segments field.", "title": "IndexNSegments", "type": "number" }, "InputLossAction": { "markdownDescription": "A parameter that controls output group behavior on an input loss.", "title": "InputLossAction", "type": "string" }, "IvInManifest": { "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If set to \"include,\" the IV is listed in the manifest. Otherwise, the IV is not in the manifest.", "title": "IvInManifest", "type": "string" }, "IvSource": { "markdownDescription": "Used with encryptionType. The IV (initialization vector) is a 128-bit number used in conjunction with the key for encrypting blocks. If this setting is \"followsSegmentNumber,\" it causes the IV to change every segment (to match the segment number). If this is set to \"explicit,\" you must enter a constantIv value.", "title": "IvSource", "type": "string" }, "KeepSegments": { "markdownDescription": "Applies only if the Mode field is LIVE. Specifies the number of media segments (.ts files) to retain in the destination directory.", "title": "KeepSegments", "type": "number" }, "KeyFormat": { "markdownDescription": "Specifies how the key is represented in the resource identified by the URI. If the parameter is absent, an implicit value of \"identity\" is used. A reverse DNS string can also be specified.", "title": "KeyFormat", "type": "string" }, "KeyFormatVersions": { "markdownDescription": "Either a single positive integer version value or a slash-delimited list of version values (1/2/3).", "title": "KeyFormatVersions", "type": "string" }, "KeyProviderSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.KeyProviderSettings", "markdownDescription": "The key provider settings.", "title": "KeyProviderSettings" }, "ManifestCompression": { "markdownDescription": "When set to gzip, compresses HLS playlist.", "title": "ManifestCompression", "type": "string" }, "ManifestDurationFormat": { "markdownDescription": "Indicates whether the output manifest should use a floating point or integer values for segment duration.", "title": "ManifestDurationFormat", "type": "string" }, "MinSegmentLength": { "markdownDescription": "When set, minimumSegmentLength is enforced by looking ahead and back within the specified range for a nearby avail and extending the segment size if needed.", "title": "MinSegmentLength", "type": "number" }, "Mode": { "markdownDescription": "If \"vod,\" all segments are indexed and kept permanently in the destination and manifest. If \"live,\" only the number segments specified in keepSegments and indexNSegments are kept. Newer segments replace older segments, which might prevent players from rewinding all the way to the beginning of the channel. VOD mode uses HLS EXT-X-PLAYLIST-TYPE of EVENT while the channel is running, converting it to a \"VOD\" type manifest on completion of the stream.", "title": "Mode", "type": "string" }, "OutputSelection": { "markdownDescription": "MANIFESTSANDSEGMENTS: Generates manifests (the master manifest, if applicable, and media manifests) for this output group. SEGMENTSONLY: Doesn't generate any manifests for this output group.", "title": "OutputSelection", "type": "string" }, "ProgramDateTime": { "markdownDescription": "Includes or excludes the EXT-X-PROGRAM-DATE-TIME tag in .m3u8 manifest files. The value is calculated as follows: Either the program date and time are initialized using the input timecode source, or the time is initialized using the input timecode source and the date is initialized using the timestampOffset.", "title": "ProgramDateTime", "type": "string" }, "ProgramDateTimeClock": { "markdownDescription": "Specifies the algorithm used to drive the HLS EXT-X-PROGRAM-DATE-TIME clock. Options include: INITIALIZE_FROM_OUTPUT_TIMECODE: The PDT clock is initialized as a function of the first output timecode, then incremented by the EXTINF duration of each encoded segment. SYSTEM_CLOCK: The PDT clock is initialized as a function of the UTC wall clock, then incremented by the EXTINF duration of each encoded segment. If the PDT clock diverges from the wall clock by more than 500ms, it is resynchronized to the wall clock.", "title": "ProgramDateTimeClock", "type": "string" }, "ProgramDateTimePeriod": { "markdownDescription": "The period of insertion of the EXT-X-PROGRAM-DATE-TIME entry, in seconds.", "title": "ProgramDateTimePeriod", "type": "number" }, "RedundantManifest": { "markdownDescription": "ENABLED: The master manifest (.m3u8 file) for each pipeline includes information about both pipelines: first its own media files, then the media files of the other pipeline. This feature allows a playout device that supports stale manifest detection to switch from one manifest to the other, when the current manifest seems to be stale. There are still two destinations and two master manifests, but both master manifests reference the media files from both pipelines. DISABLED: The master manifest (.m3u8 file) for each pipeline includes information about its own pipeline only. For an HLS output group with MediaPackage as the destination, the DISABLED behavior is always followed. MediaPackage regenerates the manifests it serves to players, so a redundant manifest from MediaLive is irrelevant.", "title": "RedundantManifest", "type": "string" }, "SegmentLength": { "markdownDescription": "The length of the MPEG-2 Transport Stream segments to create, in seconds. Note that segments will end on the next keyframe after this number of seconds, so the actual segment length might be longer.", "title": "SegmentLength", "type": "number" }, "SegmentationMode": { "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", "title": "SegmentationMode", "type": "string" }, "SegmentsPerSubdirectory": { "markdownDescription": "The number of segments to write to a subdirectory before starting a new one. For this setting to have an effect, directoryStructure must be subdirectoryPerStream.", "title": "SegmentsPerSubdirectory", "type": "number" }, "StreamInfResolution": { "markdownDescription": "The include or exclude RESOLUTION attribute for a video in the EXT-X-STREAM-INF tag of a variant manifest.", "title": "StreamInfResolution", "type": "string" }, "TimedMetadataId3Frame": { "markdownDescription": "Indicates the ID3 frame that has the timecode.", "title": "TimedMetadataId3Frame", "type": "string" }, "TimedMetadataId3Period": { "markdownDescription": "The timed metadata interval, in seconds.", "title": "TimedMetadataId3Period", "type": "number" }, "TimestampDeltaMilliseconds": { "markdownDescription": "Provides an extra millisecond delta offset to fine tune the timestamps.", "title": "TimestampDeltaMilliseconds", "type": "number" }, "TsFileMode": { "markdownDescription": "SEGMENTEDFILES: Emits the program as segments -multiple .ts media files. SINGLEFILE: Applies only if the Mode field is VOD. Emits the program as a single .ts media file. The media manifest includes #EXT-X-BYTERANGE tags to index segments for playback. A typical use for this value is when sending the output to AWS Elemental MediaConvert, which can accept only a single media file. Playback while the channel is running is not guaranteed due to HTTP server caching.", "title": "TsFileMode", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsInputSettings": { "additionalProperties": false, "properties": { "Bandwidth": { "markdownDescription": "When specified, the HLS stream with the m3u8 bandwidth that most closely matches this value is chosen. Otherwise, the highest bandwidth stream in the m3u8 is chosen. The bitrate is specified in bits per second, as in an HLS manifest.", "title": "Bandwidth", "type": "number" }, "BufferSegments": { "markdownDescription": "When specified, reading of the HLS input begins this many buffer segments from the end (most recently written segment). When not specified, the HLS input begins with the first segment specified in the m3u8.", "title": "BufferSegments", "type": "number" }, "Retries": { "markdownDescription": "The number of consecutive times that attempts to read a manifest or segment must fail before the input is considered unavailable.", "title": "Retries", "type": "number" }, "RetryInterval": { "markdownDescription": "The number of seconds between retries when an attempt to read a manifest or segment fails.", "title": "RetryInterval", "type": "number" }, "Scte35Source": { "markdownDescription": "Identifies the source for the SCTE-35 messages that MediaLive will ingest. Messages can be ingested from the content segments (in the stream) or from tags in the playlist (the HLS manifest). MediaLive ignores SCTE-35 information in the source that is not selected.", "title": "Scte35Source", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsMediaStoreSettings": { "additionalProperties": false, "properties": { "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", "title": "ConnectionRetryInterval", "type": "number" }, "FilecacheDuration": { "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", "title": "FilecacheDuration", "type": "number" }, "MediaStoreStorageClass": { "markdownDescription": "When set to temporal, output files are stored in non-persistent memory for faster reading and writing.", "title": "MediaStoreStorageClass", "type": "string" }, "NumRetries": { "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", "title": "NumRetries", "type": "number" }, "RestartDelay": { "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", "title": "RestartDelay", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsOutputSettings": { "additionalProperties": false, "properties": { "H265PackagingType": { "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", "title": "H265PackagingType", "type": "string" }, "HlsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsSettings", "markdownDescription": "The settings regarding the underlying stream. These settings are different for audio-only outputs.", "title": "HlsSettings" }, "NameModifier": { "markdownDescription": "A string that is concatenated to the end of the destination file name. Accepts \\\"Format Identifiers\\\":#formatIdentifierParameters.", "title": "NameModifier", "type": "string" }, "SegmentModifier": { "markdownDescription": "A string that is concatenated to the end of segment file names.", "title": "SegmentModifier", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsS3Settings": { "additionalProperties": false, "properties": { "CannedAcl": { "markdownDescription": "Specify the canned ACL to apply to each S3 request. Defaults to none.", "title": "CannedAcl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsSettings": { "additionalProperties": false, "properties": { "AudioOnlyHlsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioOnlyHlsSettings", "markdownDescription": "The settings for an audio-only output.", "title": "AudioOnlyHlsSettings" }, "Fmp4HlsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Fmp4HlsSettings", "markdownDescription": "The settings for an fMP4 container.", "title": "Fmp4HlsSettings" }, "FrameCaptureHlsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureHlsSettings", "markdownDescription": "Settings for a frame capture output in an HLS output group.", "title": "FrameCaptureHlsSettings" }, "StandardHlsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.StandardHlsSettings", "markdownDescription": "The settings for a standard output (an output that is not audio-only).", "title": "StandardHlsSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.HlsWebdavSettings": { "additionalProperties": false, "properties": { "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying a connection to the CDN if the connection is lost.", "title": "ConnectionRetryInterval", "type": "number" }, "FilecacheDuration": { "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", "title": "FilecacheDuration", "type": "number" }, "HttpTransferMode": { "markdownDescription": "Specifies whether to use chunked transfer encoding to WebDAV.", "title": "HttpTransferMode", "type": "string" }, "NumRetries": { "markdownDescription": "The number of retry attempts that are made before the channel is put into an error state.", "title": "NumRetries", "type": "number" }, "RestartDelay": { "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", "title": "RestartDelay", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.HtmlMotionGraphicsSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.InputAttachment": { "additionalProperties": false, "properties": { "AutomaticInputFailoverSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.AutomaticInputFailoverSettings", "markdownDescription": "Settings to implement automatic input failover in this input.", "title": "AutomaticInputFailoverSettings" }, "InputAttachmentName": { "markdownDescription": "A name for the attachment. This is required if you want to use this input in an input switch action.", "title": "InputAttachmentName", "type": "string" }, "InputId": { "markdownDescription": "The ID of the input to attach.", "title": "InputId", "type": "string" }, "InputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputSettings", "markdownDescription": "Information about the content to extract from the input and about the general handling of the content.", "title": "InputSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.InputChannelLevel": { "additionalProperties": false, "properties": { "Gain": { "markdownDescription": "The remixing value. Units are in dB, and acceptable values are within the range from -60 (mute) to 6 dB.", "title": "Gain", "type": "number" }, "InputChannel": { "markdownDescription": "The index of the input channel that is used as a source.", "title": "InputChannel", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.InputLocation": { "additionalProperties": false, "properties": { "PasswordParam": { "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This applies only if the downstream system requires credentials.", "title": "PasswordParam", "type": "string" }, "Uri": { "markdownDescription": "The URI should be a path to a file that is accessible to the Live system (for example, an http:// URI) depending on the output type. For example, an RTMP destination should have a URI similar to rtmp://fmsserver/live.", "title": "Uri", "type": "string" }, "Username": { "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.InputLossBehavior": { "additionalProperties": false, "properties": { "BlackFrameMsec": { "markdownDescription": "On input loss, the number of milliseconds to substitute black into the output before switching to the frame specified by inputLossImageType. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", "title": "BlackFrameMsec", "type": "number" }, "InputLossImageColor": { "markdownDescription": "When the input loss image type is \"color,\" this field specifies the color to use. Value: 6 hex characters that represent the values of RGB.", "title": "InputLossImageColor", "type": "string" }, "InputLossImageSlate": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "When the input loss image type is \"slate,\" these fields specify the parameters for accessing the slate.", "title": "InputLossImageSlate" }, "InputLossImageType": { "markdownDescription": "Indicates whether to substitute a solid color or a slate into the output after the input loss exceeds blackFrameMsec.", "title": "InputLossImageType", "type": "string" }, "RepeatFrameMsec": { "markdownDescription": "On input loss, the number of milliseconds to repeat the previous picture before substituting black into the output. A value x, where 0 <= x <= 1,000,000 and a value of 1,000,000, is interpreted as infinite.", "title": "RepeatFrameMsec", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.InputLossFailoverSettings": { "additionalProperties": false, "properties": { "InputLossThresholdMsec": { "markdownDescription": "The amount of time (in milliseconds) that no input is detected. After that time, an input failover will occur.", "title": "InputLossThresholdMsec", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.InputSettings": { "additionalProperties": false, "properties": { "AudioSelectors": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioSelector" }, "markdownDescription": "Information about the specific audio to extract from the input.\n\nThe parent of this entity is InputSettings.", "title": "AudioSelectors", "type": "array" }, "CaptionSelectors": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionSelector" }, "markdownDescription": "Information about the specific captions to extract from the input.", "title": "CaptionSelectors", "type": "array" }, "DeblockFilter": { "markdownDescription": "Enables or disables the deblock filter when filtering.", "title": "DeblockFilter", "type": "string" }, "DenoiseFilter": { "markdownDescription": "Enables or disables the denoise filter when filtering.", "title": "DenoiseFilter", "type": "string" }, "FilterStrength": { "markdownDescription": "Adjusts the magnitude of filtering from 1 (minimal) to 5 (strongest).", "title": "FilterStrength", "type": "number" }, "InputFilter": { "markdownDescription": "Turns on the filter for this input. MPEG-2 inputs have the deblocking filter enabled by default. 1) auto - filtering is applied depending on input type/quality 2) disabled - no filtering is applied to the input 3) forced - filtering is applied regardless of the input type.", "title": "InputFilter", "type": "string" }, "NetworkInputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.NetworkInputSettings", "markdownDescription": "Information about how to connect to the upstream system.", "title": "NetworkInputSettings" }, "Scte35Pid": { "markdownDescription": "", "title": "Scte35Pid", "type": "number" }, "Smpte2038DataPreference": { "markdownDescription": "Specifies whether to extract applicable ancillary data from a SMPTE-2038 source in this input. Applicable data types are captions, timecode, AFD, and SCTE-104 messages.\n- PREFER: Extract from SMPTE-2038 if present in this input, otherwise extract from another source (if any).\n- IGNORE: Never extract any ancillary data from SMPTE-2038.", "title": "Smpte2038DataPreference", "type": "string" }, "SourceEndBehavior": { "markdownDescription": "The loop input if it is a file.", "title": "SourceEndBehavior", "type": "string" }, "VideoSelector": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelector", "markdownDescription": "Information about one video to extract from the input.", "title": "VideoSelector" } }, "type": "object" }, "AWS::MediaLive::Channel.InputSpecification": { "additionalProperties": false, "properties": { "Codec": { "markdownDescription": "The codec to include in the input specification for this channel.", "title": "Codec", "type": "string" }, "MaximumBitrate": { "markdownDescription": "The maximum input bitrate for any input attached to this channel.", "title": "MaximumBitrate", "type": "string" }, "Resolution": { "markdownDescription": "The resolution for any input attached to this channel.", "title": "Resolution", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.KeyProviderSettings": { "additionalProperties": false, "properties": { "StaticKeySettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.StaticKeySettings", "markdownDescription": "The configuration of static key settings.", "title": "StaticKeySettings" } }, "type": "object" }, "AWS::MediaLive::Channel.M2tsSettings": { "additionalProperties": false, "properties": { "AbsentInputAudioBehavior": { "markdownDescription": "When set to drop, the output audio streams are removed from the program if the selected input audio stream is removed from the input. This allows the output audio configuration to dynamically change based on the input configuration. If this is set to encodeSilence, all output audio streams will output encoded silence when not connected to an active input stream.", "title": "AbsentInputAudioBehavior", "type": "string" }, "Arib": { "markdownDescription": "When set to enabled, uses ARIB-compliant field muxing and removes video descriptor.", "title": "Arib", "type": "string" }, "AribCaptionsPid": { "markdownDescription": "The PID for ARIB Captions in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "AribCaptionsPid", "type": "string" }, "AribCaptionsPidControl": { "markdownDescription": "If set to auto, The PID number used for ARIB Captions will be auto-selected from unused PIDs. If set to useConfigured, ARIB captions will be on the configured PID number.", "title": "AribCaptionsPidControl", "type": "string" }, "AudioBufferModel": { "markdownDescription": "When set to dvb, uses the DVB buffer model for Dolby Digital audio. When set to atsc, the ATSC model is used.", "title": "AudioBufferModel", "type": "string" }, "AudioFramesPerPes": { "markdownDescription": "The number of audio frames to insert for each PES packet.", "title": "AudioFramesPerPes", "type": "number" }, "AudioPids": { "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", "title": "AudioPids", "type": "string" }, "AudioStreamType": { "markdownDescription": "When set to atsc, uses stream type = 0x81 for AC3 and stream type = 0x87 for EAC3. When set to dvb, uses stream type = 0x06.", "title": "AudioStreamType", "type": "string" }, "Bitrate": { "markdownDescription": "The output bitrate of the transport stream in bits per second. Setting to 0 lets the muxer automatically determine the appropriate bitrate.", "title": "Bitrate", "type": "number" }, "BufferModel": { "markdownDescription": "If set to multiplex, uses the multiplex buffer model for accurate interleaving. Setting to bufferModel to none can lead to lower latency, but low-memory devices might not be able to play back the stream without interruptions.", "title": "BufferModel", "type": "string" }, "CcDescriptor": { "markdownDescription": "When set to enabled, generates captionServiceDescriptor in PMT.", "title": "CcDescriptor", "type": "string" }, "DvbNitSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DvbNitSettings", "markdownDescription": "Inserts a DVB Network Information Table (NIT) at the specified table repetition interval.", "title": "DvbNitSettings" }, "DvbSdtSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DvbSdtSettings", "markdownDescription": "Inserts a DVB Service Description Table (SDT) at the specified table repetition interval.", "title": "DvbSdtSettings" }, "DvbSubPids": { "markdownDescription": "The PID for the input source DVB Subtitle data to this output. Multiple values are accepted, and can be entered in ranges and/or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", "title": "DvbSubPids", "type": "string" }, "DvbTdtSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.DvbTdtSettings", "markdownDescription": "Inserts DVB Time and Date Table (TDT) at the specified table repetition interval.", "title": "DvbTdtSettings" }, "DvbTeletextPid": { "markdownDescription": "The PID for the input source DVB Teletext data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "DvbTeletextPid", "type": "string" }, "Ebif": { "markdownDescription": "If set to passthrough, passes any EBIF data from the input source to this output.", "title": "Ebif", "type": "string" }, "EbpAudioInterval": { "markdownDescription": "When videoAndFixedIntervals is selected, audio EBP markers are added to partitions 3 and 4. The interval between these additional markers is fixed, and is slightly shorter than the video EBP marker interval. This is only available when EBP Cablelabs segmentation markers are selected. Partitions 1 and 2 always follow the video interval.", "title": "EbpAudioInterval", "type": "string" }, "EbpLookaheadMs": { "markdownDescription": "When set, enforces that Encoder Boundary Points do not come within the specified time interval of each other by looking ahead at input video. If another EBP is going to come in within the specified time interval, the current EBP is not emitted, and the segment is \"stretched\" to the next marker. The lookahead value does not add latency to the system. The channel must be configured elsewhere to create sufficient latency to make the lookahead accurate.", "title": "EbpLookaheadMs", "type": "number" }, "EbpPlacement": { "markdownDescription": "Controls placement of EBP on audio PIDs. If set to videoAndAudioPids, EBP markers are placed on the video PID and all audio PIDs. If set to videoPid, EBP markers are placed on only the video PID.", "title": "EbpPlacement", "type": "string" }, "EcmPid": { "markdownDescription": "This field is unused and deprecated.", "title": "EcmPid", "type": "string" }, "EsRateInPes": { "markdownDescription": "Includes or excludes the ES Rate field in the PES header.", "title": "EsRateInPes", "type": "string" }, "EtvPlatformPid": { "markdownDescription": "The PID for the input source ETV Platform data to this output. You can enter it as a decimal or hexadecimal value. Valid values are 32 (or 0x20) to 8182 (or 0x1ff6).", "title": "EtvPlatformPid", "type": "string" }, "EtvSignalPid": { "markdownDescription": "The PID for input source ETV Signal data to this output. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "EtvSignalPid", "type": "string" }, "FragmentTime": { "markdownDescription": "The length in seconds of each fragment. This is used only with EBP markers.", "title": "FragmentTime", "type": "number" }, "Klv": { "markdownDescription": "If set to passthrough, passes any KLV data from the input source to this output.", "title": "Klv", "type": "string" }, "KlvDataPids": { "markdownDescription": "The PID for the input source KLV data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", "title": "KlvDataPids", "type": "string" }, "NielsenId3Behavior": { "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", "title": "NielsenId3Behavior", "type": "string" }, "NullPacketBitrate": { "markdownDescription": "The value, in bits per second, of extra null packets to insert into the transport stream. This can be used if a downstream encryption system requires periodic null packets.", "title": "NullPacketBitrate", "type": "number" }, "PatInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", "title": "PatInterval", "type": "number" }, "PcrControl": { "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", "title": "PcrControl", "type": "string" }, "PcrPeriod": { "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", "title": "PcrPeriod", "type": "number" }, "PcrPid": { "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "PcrPid", "type": "string" }, "PmtInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. Valid values are 0, 10..1000.", "title": "PmtInterval", "type": "number" }, "PmtPid": { "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "PmtPid", "type": "string" }, "ProgramNum": { "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", "title": "ProgramNum", "type": "number" }, "RateMode": { "markdownDescription": "When VBR, does not insert null packets into the transport stream to fill the specified bitrate. The bitrate setting acts as the maximum bitrate when VBR is set.", "title": "RateMode", "type": "string" }, "Scte27Pids": { "markdownDescription": "The PID for the input source SCTE-27 data to this output. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value. Each PID specified must be in the range of 32 (or 0x20)..8182 (or 0x1ff6).", "title": "Scte27Pids", "type": "string" }, "Scte35Control": { "markdownDescription": "Optionally passes SCTE-35 signals from the input source to this output.", "title": "Scte35Control", "type": "string" }, "Scte35Pid": { "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "Scte35Pid", "type": "string" }, "Scte35PrerollPullupMilliseconds": { "markdownDescription": "", "title": "Scte35PrerollPullupMilliseconds", "type": "number" }, "SegmentationMarkers": { "markdownDescription": "Inserts segmentation markers at each segmentationTime period. raiSegstart sets the Random Access Indicator bit in the adaptation field. raiAdapt sets the RAI bit and adds the current timecode in the private data bytes. psiSegstart inserts PAT and PMT tables at the start of segments. ebp adds Encoder Boundary Point information to the adaptation field as per OpenCable specification OC-SP-EBP-I01-130118. ebpLegacy adds Encoder Boundary Point information to the adaptation field using a legacy proprietary format.", "title": "SegmentationMarkers", "type": "string" }, "SegmentationStyle": { "markdownDescription": "The segmentation style parameter controls how segmentation markers are inserted into the transport stream. With avails, it is possible that segments might be truncated, which can influence where future segmentation markers are inserted. When a segmentation style of resetCadence is selected and a segment is truncated due to an avail, we will reset the segmentation cadence. This means the subsequent segment will have a duration of $segmentationTime seconds. When a segmentation style of maintainCadence is selected and a segment is truncated due to an avail, we will not reset the segmentation cadence. This means the subsequent segment will likely be truncated as well. However, all segments after that will have a duration of $segmentationTime seconds. Note that EBP lookahead is a slight exception to this rule.", "title": "SegmentationStyle", "type": "string" }, "SegmentationTime": { "markdownDescription": "The length, in seconds, of each segment. This is required unless markers is set to None_.", "title": "SegmentationTime", "type": "number" }, "TimedMetadataBehavior": { "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", "title": "TimedMetadataBehavior", "type": "string" }, "TimedMetadataPid": { "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "TimedMetadataPid", "type": "string" }, "TransportStreamId": { "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", "title": "TransportStreamId", "type": "number" }, "VideoPid": { "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "VideoPid", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.M3u8Settings": { "additionalProperties": false, "properties": { "AudioFramesPerPes": { "markdownDescription": "The number of audio frames to insert for each PES packet.", "title": "AudioFramesPerPes", "type": "number" }, "AudioPids": { "markdownDescription": "The PID of the elementary audio streams in the transport stream. Multiple values are accepted, and can be entered in ranges or by comma separation. You can enter the value as a decimal or hexadecimal value.", "title": "AudioPids", "type": "string" }, "EcmPid": { "markdownDescription": "This parameter is unused and deprecated.", "title": "EcmPid", "type": "string" }, "KlvBehavior": { "markdownDescription": "", "title": "KlvBehavior", "type": "string" }, "KlvDataPids": { "markdownDescription": "", "title": "KlvDataPids", "type": "string" }, "NielsenId3Behavior": { "markdownDescription": "If set to passthrough, Nielsen inaudible tones for media tracking will be detected in the input audio and an equivalent ID3 tag will be inserted in the output.", "title": "NielsenId3Behavior", "type": "string" }, "PatInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", "title": "PatInterval", "type": "number" }, "PcrControl": { "markdownDescription": "When set to pcrEveryPesPacket, a Program Clock Reference value is inserted for every Packetized Elementary Stream (PES) header. This parameter is effective only when the PCR PID is the same as the video or audio elementary stream.", "title": "PcrControl", "type": "string" }, "PcrPeriod": { "markdownDescription": "The maximum time, in milliseconds, between Program Clock References (PCRs) inserted into the transport stream.", "title": "PcrPeriod", "type": "number" }, "PcrPid": { "markdownDescription": "The PID of the Program Clock Reference (PCR) in the transport stream. When no value is given, MediaLive assigns the same value as the video PID. You can enter the value as a decimal or hexadecimal value.", "title": "PcrPid", "type": "string" }, "PmtInterval": { "markdownDescription": "The number of milliseconds between instances of this table in the output transport stream. A value of \\\"0\\\" writes out the PMT once per segment file.", "title": "PmtInterval", "type": "number" }, "PmtPid": { "markdownDescription": "The PID for the Program Map Table (PMT) in the transport stream. You can enter the value as a decimal or hexadecimal value.", "title": "PmtPid", "type": "string" }, "ProgramNum": { "markdownDescription": "The value of the program number field in the Program Map Table (PMT).", "title": "ProgramNum", "type": "number" }, "Scte35Behavior": { "markdownDescription": "If set to passthrough, passes any SCTE-35 signals from the input source to this output.", "title": "Scte35Behavior", "type": "string" }, "Scte35Pid": { "markdownDescription": "The PID of the SCTE-35 stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", "title": "Scte35Pid", "type": "string" }, "TimedMetadataBehavior": { "markdownDescription": "When set to passthrough, timed metadata is passed through from input to output.", "title": "TimedMetadataBehavior", "type": "string" }, "TimedMetadataPid": { "markdownDescription": "The PID of the timed metadata stream in the transport stream. You can enter the value as a decimal or hexadecimal value. Valid values are 32 (or 0x20)..8182 (or 0x1ff6).", "title": "TimedMetadataPid", "type": "string" }, "TransportStreamId": { "markdownDescription": "The value of the transport stream ID field in the Program Map Table (PMT).", "title": "TransportStreamId", "type": "number" }, "VideoPid": { "markdownDescription": "The PID of the elementary video stream in the transport stream. You can enter the value as a decimal or hexadecimal value.", "title": "VideoPid", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MaintenanceCreateSettings": { "additionalProperties": false, "properties": { "MaintenanceDay": { "markdownDescription": "Choose one day of the week for maintenance. The chosen day is used for all future maintenance windows.", "title": "MaintenanceDay", "type": "string" }, "MaintenanceStartTime": { "markdownDescription": "Choose the hour that maintenance will start. The chosen time is used for all future maintenance windows.", "title": "MaintenanceStartTime", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MaintenanceUpdateSettings": { "additionalProperties": false, "properties": { "MaintenanceDay": { "type": "string" }, "MaintenanceScheduledDate": { "type": "string" }, "MaintenanceStartTime": { "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MediaPackageGroupSettings": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "The MediaPackage channel destination.", "title": "Destination" } }, "type": "object" }, "AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings": { "additionalProperties": false, "properties": { "ChannelId": { "markdownDescription": "The ID of the channel in MediaPackage that is the destination for this output group. You don't need to specify the individual inputs in MediaPackage; MediaLive handles the connection of the two MediaLive pipelines to the two MediaPackage inputs. The MediaPackage channel and MediaLive channel must be in the same Region.", "title": "ChannelId", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MediaPackageOutputSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.MotionGraphicsConfiguration": { "additionalProperties": false, "properties": { "MotionGraphicsInsertion": { "markdownDescription": "Enables or disables the motion graphics overlay feature in the channel.", "title": "MotionGraphicsInsertion", "type": "string" }, "MotionGraphicsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MotionGraphicsSettings", "markdownDescription": "Settings to enable and configure the motion graphics overlay feature in the channel.", "title": "MotionGraphicsSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.MotionGraphicsSettings": { "additionalProperties": false, "properties": { "HtmlMotionGraphicsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HtmlMotionGraphicsSettings", "markdownDescription": "Settings to configure the motion graphics overlay to use an HTML asset.", "title": "HtmlMotionGraphicsSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.Mp2Settings": { "additionalProperties": false, "properties": { "Bitrate": { "markdownDescription": "The average bitrate in bits/second.", "title": "Bitrate", "type": "number" }, "CodingMode": { "markdownDescription": "The MPEG2 Audio coding mode. Valid values are codingMode10 (for mono) or codingMode20 (for stereo).", "title": "CodingMode", "type": "string" }, "SampleRate": { "markdownDescription": "The sample rate in Hz.", "title": "SampleRate", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Mpeg2FilterSettings": { "additionalProperties": false, "properties": { "TemporalFilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TemporalFilterSettings", "markdownDescription": "Settings for applying the temporal filter to the video.", "title": "TemporalFilterSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.Mpeg2Settings": { "additionalProperties": false, "properties": { "AdaptiveQuantization": { "markdownDescription": "Choose Off to disable adaptive quantization. Or choose another value to enable the quantizer and set its strength. The strengths are: Auto, Off, Low, Medium, High. When you enable this field, MediaLive allows intra-frame quantizers to vary, which might improve visual quality.", "title": "AdaptiveQuantization", "type": "string" }, "AfdSignaling": { "markdownDescription": "Indicates the AFD values that MediaLive will write into the video encode. If you do not know what AFD signaling is, or if your downstream system has not given you guidance, choose AUTO.\nAUTO: MediaLive will try to preserve the input AFD value (in cases where multiple AFD values are valid).\nFIXED: MediaLive will use the value you specify in fixedAFD.", "title": "AfdSignaling", "type": "string" }, "ColorMetadata": { "markdownDescription": "Specifies whether to include the color space metadata. The metadata describes the color space that applies to the video (the colorSpace field). We recommend that you insert the metadata.", "title": "ColorMetadata", "type": "string" }, "ColorSpace": { "markdownDescription": "Choose the type of color space conversion to apply to the output. For detailed information on setting up both the input and the output to obtain the desired color space in the output, see the section on \\\"MediaLive Features - Video - color space\\\" in the MediaLive User Guide.\nPASSTHROUGH: Keep the color space of the input content - do not convert it.\nAUTO:Convert all content that is SD to rec 601, and convert all content that is HD to rec 709.", "title": "ColorSpace", "type": "string" }, "DisplayAspectRatio": { "markdownDescription": "Sets the pixel aspect ratio for the encode.", "title": "DisplayAspectRatio", "type": "string" }, "FilterSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2FilterSettings", "markdownDescription": "Optionally specify a noise reduction filter, which can improve quality of compressed content. If you do not choose a filter, no filter will be applied.\nTEMPORAL: This filter is useful for both source content that is noisy (when it has excessive digital artifacts) and source content that is clean.\nWhen the content is noisy, the filter cleans up the source content before the encoding phase, with these two effects: First, it improves the output video quality because the content has been cleaned up. Secondly, it decreases the bandwidth because MediaLive does not waste bits on encoding noise.\nWhen the content is reasonably clean, the filter tends to decrease the bitrate.", "title": "FilterSettings" }, "FixedAfd": { "markdownDescription": "Complete this field only when afdSignaling is set to FIXED. Enter the AFD value (4 bits) to write on all frames of the video encode.", "title": "FixedAfd", "type": "string" }, "FramerateDenominator": { "markdownDescription": "description\": \"The framerate denominator. For example, 1001. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", "title": "FramerateDenominator", "type": "number" }, "FramerateNumerator": { "markdownDescription": "The framerate numerator. For example, 24000. The framerate is the numerator divided by the denominator. For example, 24000 / 1001 = 23.976 FPS.", "title": "FramerateNumerator", "type": "number" }, "GopClosedCadence": { "markdownDescription": "MPEG2: default is open GOP.", "title": "GopClosedCadence", "type": "number" }, "GopNumBFrames": { "markdownDescription": "Relates to the GOP structure. The number of B-frames between reference frames. If you do not know what a B-frame is, use the default.", "title": "GopNumBFrames", "type": "number" }, "GopSize": { "markdownDescription": "Relates to the GOP structure. The GOP size (keyframe interval) in the units specified in gopSizeUnits. If you do not know what GOP is, use the default.\nIf gopSizeUnits is frames, then the gopSize must be an integer and must be greater than or equal to 1.\nIf gopSizeUnits is seconds, the gopSize must be greater than 0, but does not need to be an integer.", "title": "GopSize", "type": "number" }, "GopSizeUnits": { "markdownDescription": "Relates to the GOP structure. Specifies whether the gopSize is specified in frames or seconds. If you do not plan to change the default gopSize, leave the default. If you specify SECONDS, MediaLive will internally convert the gop size to a frame count.", "title": "GopSizeUnits", "type": "string" }, "ScanType": { "markdownDescription": "Set the scan type of the output to PROGRESSIVE or INTERLACED (top field first).", "title": "ScanType", "type": "string" }, "SubgopLength": { "markdownDescription": "Relates to the GOP structure. If you do not know what GOP is, use the default.\nFIXED: Set the number of B-frames in each sub-GOP to the value in gopNumBFrames.\nDYNAMIC: Let MediaLive optimize the number of B-frames in each sub-GOP, to improve visual quality.", "title": "SubgopLength", "type": "string" }, "TimecodeBurninSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.TimecodeBurninSettings", "markdownDescription": "", "title": "TimecodeBurninSettings" }, "TimecodeInsertion": { "markdownDescription": "Determines how MediaLive inserts timecodes in the output video. For detailed information about setting up the input and the output for a timecode, see the section on \\\"MediaLive Features - Timecode configuration\\\" in the MediaLive User Guide.\nDISABLED: do not include timecodes.\nGOP_TIMECODE: Include timecode metadata in the GOP header.", "title": "TimecodeInsertion", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MsSmoothGroupSettings": { "additionalProperties": false, "properties": { "AcquisitionPointId": { "markdownDescription": "The value of the Acquisition Point Identity element that is used in each message placed in the sparse track. Enabled only if sparseTrackType is not \"none.\"", "title": "AcquisitionPointId", "type": "string" }, "AudioOnlyTimecodeControl": { "markdownDescription": "If set to passthrough for an audio-only Microsoft Smooth output, the fragment absolute time is set to the current timecode. This option does not write timecodes to the audio elementary stream.", "title": "AudioOnlyTimecodeControl", "type": "string" }, "CertificateMode": { "markdownDescription": "If set to verifyAuthenticity, verifies the HTTPS certificate chain to a trusted certificate authority (CA). This causes HTTPS outputs to self-signed certificates to fail.", "title": "CertificateMode", "type": "string" }, "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying the connection to the IIS server if the connection is lost. Content is cached during this time, and the cache is delivered to the IIS server after the connection is re-established.", "title": "ConnectionRetryInterval", "type": "number" }, "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "The Smooth Streaming publish point on an IIS server. MediaLive acts as a \"Push\" encoder to IIS.", "title": "Destination" }, "EventId": { "markdownDescription": "The Microsoft Smooth channel ID that is sent to the IIS server. Specify the ID only if eventIdMode is set to useConfigured.", "title": "EventId", "type": "string" }, "EventIdMode": { "markdownDescription": "Specifies whether to send a channel ID to the IIS server. If no channel ID is sent and the same channel is used without changing the publishing point, clients might see cached video from the previous run. Options: - \"useConfigured\" - use the value provided in eventId - \"useTimestamp\" - generate and send a channel ID based on the current timestamp - \"noEventId\" - do not send a channel ID to the IIS server.", "title": "EventIdMode", "type": "string" }, "EventStopBehavior": { "markdownDescription": "When set to sendEos, sends an EOS signal to an IIS server when stopping the channel.", "title": "EventStopBehavior", "type": "string" }, "FilecacheDuration": { "markdownDescription": "The size, in seconds, of the file cache for streaming outputs.", "title": "FilecacheDuration", "type": "number" }, "FragmentLength": { "markdownDescription": "The length, in seconds, of mp4 fragments to generate. The fragment length must be compatible with GOP size and frame rate.", "title": "FragmentLength", "type": "number" }, "InputLossAction": { "markdownDescription": "A parameter that controls output group behavior on an input loss.", "title": "InputLossAction", "type": "string" }, "NumRetries": { "markdownDescription": "The number of retry attempts.", "title": "NumRetries", "type": "number" }, "RestartDelay": { "markdownDescription": "The number of seconds before initiating a restart due to output failure, due to exhausting the numRetries on one segment, or exceeding filecacheDuration.", "title": "RestartDelay", "type": "number" }, "SegmentationMode": { "markdownDescription": "useInputSegmentation has been deprecated. The configured segment size is always used.", "title": "SegmentationMode", "type": "string" }, "SendDelayMs": { "markdownDescription": "The number of milliseconds to delay the output from the second pipeline.", "title": "SendDelayMs", "type": "number" }, "SparseTrackType": { "markdownDescription": "If set to scte35, uses incoming SCTE-35 messages to generate a sparse track in this group of Microsoft Smooth outputs.", "title": "SparseTrackType", "type": "string" }, "StreamManifestBehavior": { "markdownDescription": "When set to send, sends a stream manifest so that the publishing point doesn't start until all streams start.", "title": "StreamManifestBehavior", "type": "string" }, "TimestampOffset": { "markdownDescription": "The timestamp offset for the channel. Used only if timestampOffsetMode is set to useConfiguredOffset.", "title": "TimestampOffset", "type": "string" }, "TimestampOffsetMode": { "markdownDescription": "The type of timestamp date offset to use. - useEventStartDate: Use the date the channel was started as the offset - useConfiguredOffset: Use an explicitly configured date as the offset.", "title": "TimestampOffsetMode", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MsSmoothOutputSettings": { "additionalProperties": false, "properties": { "H265PackagingType": { "markdownDescription": "Only applicable when this output is referencing an H.265 video description.\nSpecifies whether MP4 segments should be packaged as HEV1 or HVC1.", "title": "H265PackagingType", "type": "string" }, "NameModifier": { "markdownDescription": "A string that is concatenated to the end of the destination file name. This is required for multiple outputs of the same type.", "title": "NameModifier", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.MultiplexGroupSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.MultiplexOutputSettings": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "Destination is a Multiplex.", "title": "Destination" } }, "type": "object" }, "AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings": { "additionalProperties": false, "properties": { "MultiplexId": { "markdownDescription": "The ID of the Multiplex that the encoder is providing output to. You do not need to specify the individual inputs to the Multiplex; MediaLive will handle the connection of the two MediaLive pipelines to the two Multiplex instances.\nThe Multiplex must be in the same region as the Channel.", "title": "MultiplexId", "type": "string" }, "ProgramName": { "markdownDescription": "The program name of the Multiplex program that the encoder is providing output to.", "title": "ProgramName", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.NetworkInputSettings": { "additionalProperties": false, "properties": { "HlsInputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsInputSettings", "markdownDescription": "Information about how to connect to the upstream system.", "title": "HlsInputSettings" }, "ServerValidation": { "markdownDescription": "Checks HTTPS server certificates. When set to checkCryptographyOnly, cryptography in the certificate is checked, but not the server's name. Certain subdomains (notably S3 buckets that use dots in the bucket name) don't strictly match the corresponding certificate's wildcard pattern and would otherwise cause the channel to error. This setting is ignored for protocols that do not use HTTPS.", "title": "ServerValidation", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.NielsenCBET": { "additionalProperties": false, "properties": { "CbetCheckDigitString": { "markdownDescription": "Enter the CBET check digits to use in the watermark.", "title": "CbetCheckDigitString", "type": "string" }, "CbetStepaside": { "markdownDescription": "Determines the method of CBET insertion mode when prior encoding is detected on the same layer.", "title": "CbetStepaside", "type": "string" }, "Csid": { "markdownDescription": "Enter the CBET Source ID (CSID) to use in the watermark", "title": "Csid", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.NielsenConfiguration": { "additionalProperties": false, "properties": { "DistributorId": { "markdownDescription": "Enter the Distributor ID assigned to your organization by Nielsen.", "title": "DistributorId", "type": "string" }, "NielsenPcmToId3Tagging": { "markdownDescription": "Enables Nielsen PCM to ID3 tagging", "title": "NielsenPcmToId3Tagging", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.NielsenNaesIiNw": { "additionalProperties": false, "properties": { "CheckDigitString": { "markdownDescription": "Enter the check digit string for the watermark", "title": "CheckDigitString", "type": "string" }, "Sid": { "markdownDescription": "Enter the Nielsen Source ID (SID) to include in the watermark", "title": "Sid", "type": "number" }, "Timezone": { "markdownDescription": "", "title": "Timezone", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.NielsenWatermarksSettings": { "additionalProperties": false, "properties": { "NielsenCbetSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenCBET", "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen CBET", "title": "NielsenCbetSettings" }, "NielsenDistributionType": { "markdownDescription": "Choose the distribution types that you want to assign to the watermarks:\n- PROGRAM_CONTENT\n- FINAL_DISTRIBUTOR", "title": "NielsenDistributionType", "type": "string" }, "NielsenNaesIiNwSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.NielsenNaesIiNw", "markdownDescription": "Complete these fields only if you want to insert watermarks of type Nielsen NAES II (N2) and Nielsen NAES VI (NW).", "title": "NielsenNaesIiNwSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.Output": { "additionalProperties": false, "properties": { "AudioDescriptionNames": { "items": { "type": "string" }, "markdownDescription": "The names of the audio descriptions that are used as audio sources for this output.", "title": "AudioDescriptionNames", "type": "array" }, "CaptionDescriptionNames": { "items": { "type": "string" }, "markdownDescription": "The names of the caption descriptions that are used as captions sources for this output.", "title": "CaptionDescriptionNames", "type": "array" }, "OutputName": { "markdownDescription": "The name that is used to identify an output.", "title": "OutputName", "type": "string" }, "OutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputSettings", "markdownDescription": "The output type-specific settings.", "title": "OutputSettings" }, "VideoDescriptionName": { "markdownDescription": "The name of the VideoDescription that is used as the source for this output.", "title": "VideoDescriptionName", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputDestination": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID for this destination.", "title": "Id", "type": "string" }, "MediaPackageSettings": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputDestinationSettings" }, "markdownDescription": "The destination settings for a MediaPackage output.", "title": "MediaPackageSettings", "type": "array" }, "MultiplexSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexProgramChannelDestinationSettings", "markdownDescription": "Destination settings for a Multiplex output; one destination for both encoders.", "title": "MultiplexSettings" }, "Settings": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputDestinationSettings" }, "markdownDescription": "The destination settings for an output.", "title": "Settings", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputDestinationSettings": { "additionalProperties": false, "properties": { "PasswordParam": { "markdownDescription": "The password parameter that holds the password for accessing the downstream system. This password parameter applies only if the downstream system requires credentials.", "title": "PasswordParam", "type": "string" }, "StreamName": { "markdownDescription": "The stream name for the content. This applies only to RTMP outputs.", "title": "StreamName", "type": "string" }, "Url": { "markdownDescription": "The URL for the destination.", "title": "Url", "type": "string" }, "Username": { "markdownDescription": "The user name to connect to the downstream system. This applies only if the downstream system requires credentials.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputGroup": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A custom output group name that you can optionally define. Only letters, numbers, and the underscore character are allowed. The maximum length is 32 characters.", "title": "Name", "type": "string" }, "OutputGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputGroupSettings", "markdownDescription": "The settings associated with the output group.", "title": "OutputGroupSettings" }, "Outputs": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.Output" }, "markdownDescription": "The settings for the outputs in the output group.", "title": "Outputs", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputGroupSettings": { "additionalProperties": false, "properties": { "ArchiveGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveGroupSettings", "markdownDescription": "The configuration of an archive output group.\n\nThe parent of this entity is OutputGroupSettings.", "title": "ArchiveGroupSettings" }, "CmafIngestGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestGroupSettings", "markdownDescription": "", "title": "CmafIngestGroupSettings" }, "FrameCaptureGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureGroupSettings", "markdownDescription": "The configuration of a frame capture output group.", "title": "FrameCaptureGroupSettings" }, "HlsGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsGroupSettings", "markdownDescription": "The configuration of an HLS output group.", "title": "HlsGroupSettings" }, "MediaPackageGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageGroupSettings", "markdownDescription": "The configuration of a MediaPackage output group.", "title": "MediaPackageGroupSettings" }, "MsSmoothGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothGroupSettings", "markdownDescription": "The configuration of a Microsoft Smooth output group.", "title": "MsSmoothGroupSettings" }, "MultiplexGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexGroupSettings", "markdownDescription": "The settings for a Multiplex output group.", "title": "MultiplexGroupSettings" }, "RtmpGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpGroupSettings", "markdownDescription": "The configuration of an RTMP output group.", "title": "RtmpGroupSettings" }, "UdpGroupSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.UdpGroupSettings", "markdownDescription": "The configuration of a UDP output group.", "title": "UdpGroupSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputLocationRef": { "additionalProperties": false, "properties": { "DestinationRefId": { "markdownDescription": "A reference ID for this destination.", "title": "DestinationRefId", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputLockingSettings": { "additionalProperties": false, "properties": { "EpochLockingSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.EpochLockingSettings", "markdownDescription": "", "title": "EpochLockingSettings" }, "PipelineLockingSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.PipelineLockingSettings", "markdownDescription": "", "title": "PipelineLockingSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.OutputSettings": { "additionalProperties": false, "properties": { "ArchiveOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.ArchiveOutputSettings", "markdownDescription": "The settings for an archive output.", "title": "ArchiveOutputSettings" }, "CmafIngestOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.CmafIngestOutputSettings", "markdownDescription": "", "title": "CmafIngestOutputSettings" }, "FrameCaptureOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureOutputSettings", "markdownDescription": "The settings for a frame capture output.\n\nThe parent of this entity is OutputGroupSettings.", "title": "FrameCaptureOutputSettings" }, "HlsOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.HlsOutputSettings", "markdownDescription": "The settings for an HLS output.\n\nThe parent of this entity is OutputGroupSettings.", "title": "HlsOutputSettings" }, "MediaPackageOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MediaPackageOutputSettings", "markdownDescription": "The settings for a MediaPackage output.\n\nThe parent of this entity is OutputGroupSettings.", "title": "MediaPackageOutputSettings" }, "MsSmoothOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MsSmoothOutputSettings", "markdownDescription": "The settings for a Microsoft Smooth output.", "title": "MsSmoothOutputSettings" }, "MultiplexOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.MultiplexOutputSettings", "markdownDescription": "Configuration of a Multiplex output.", "title": "MultiplexOutputSettings" }, "RtmpOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.RtmpOutputSettings", "markdownDescription": "The settings for an RTMP output.\n\nThe parent of this entity is OutputGroupSettings.", "title": "RtmpOutputSettings" }, "UdpOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.UdpOutputSettings", "markdownDescription": "The settings for a UDP output.\n\nThe parent of this entity is OutputGroupSettings.", "title": "UdpOutputSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.PassThroughSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.PipelineLockingSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.RawSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.Rec601Settings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.Rec709Settings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.RemixSettings": { "additionalProperties": false, "properties": { "ChannelMappings": { "items": { "$ref": "#/definitions/AWS::MediaLive::Channel.AudioChannelMapping" }, "markdownDescription": "A mapping of input channels to output channels, with appropriate gain adjustments.", "title": "ChannelMappings", "type": "array" }, "ChannelsIn": { "markdownDescription": "The number of input channels to be used.", "title": "ChannelsIn", "type": "number" }, "ChannelsOut": { "markdownDescription": "The number of output channels to be produced. Valid values: 1, 2, 4, 6, 8.", "title": "ChannelsOut", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.RtmpCaptionInfoDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.RtmpGroupSettings": { "additionalProperties": false, "properties": { "AdMarkers": { "items": { "type": "string" }, "markdownDescription": "Choose the ad marker type for this output group. MediaLive will create a message based on the content of each SCTE-35 message, format it for that marker type, and insert it in the datastream.", "title": "AdMarkers", "type": "array" }, "AuthenticationScheme": { "markdownDescription": "An authentication scheme to use when connecting with a CDN.", "title": "AuthenticationScheme", "type": "string" }, "CacheFullBehavior": { "markdownDescription": "Controls behavior when the content cache fills up. If a remote origin server stalls the RTMP connection and doesn't accept content fast enough, the media cache fills up. When the cache reaches the duration specified by cacheLength, the cache stops accepting new content. If set to disconnectImmediately, the RTMP output forces a disconnect. Clear the media cache, and reconnect after restartDelay seconds. If set to waitForServer, the RTMP output waits up to 5 minutes to allow the origin server to begin accepting data again.", "title": "CacheFullBehavior", "type": "string" }, "CacheLength": { "markdownDescription": "The cache length, in seconds, that is used to calculate buffer size.", "title": "CacheLength", "type": "number" }, "CaptionData": { "markdownDescription": "Controls the types of data that pass to onCaptionInfo outputs. If set to all, 608 and 708 carried DTVCC data is passed. If set to field1AndField2608, DTVCC data is stripped out, but 608 data from both fields is passed. If set to field1608, only the data carried in 608 from field 1 video is passed.", "title": "CaptionData", "type": "string" }, "IncludeFillerNalUnits": { "markdownDescription": "", "title": "IncludeFillerNalUnits", "type": "string" }, "InputLossAction": { "markdownDescription": "Controls the behavior of this RTMP group if the input becomes unavailable. emitOutput: Emit a slate until the input returns. pauseOutput: Stop transmitting data until the input returns. This does not close the underlying RTMP connection.", "title": "InputLossAction", "type": "string" }, "RestartDelay": { "markdownDescription": "If a streaming output fails, the number of seconds to wait until a restart is initiated. A value of 0 means never restart.", "title": "RestartDelay", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.RtmpOutputSettings": { "additionalProperties": false, "properties": { "CertificateMode": { "markdownDescription": "If set to verifyAuthenticity, verifies the TLS certificate chain to a trusted certificate authority (CA). This causes RTMPS outputs with self-signed certificates to fail.", "title": "CertificateMode", "type": "string" }, "ConnectionRetryInterval": { "markdownDescription": "The number of seconds to wait before retrying a connection to the Flash Media server if the connection is lost.", "title": "ConnectionRetryInterval", "type": "number" }, "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "The RTMP endpoint excluding the stream name (for example, rtmp://host/appname).", "title": "Destination" }, "NumRetries": { "markdownDescription": "The number of retry attempts.", "title": "NumRetries", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Scte20PlusEmbeddedDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.Scte20SourceSettings": { "additionalProperties": false, "properties": { "Convert608To708": { "markdownDescription": "If upconvert, 608 data is both passed through the \"608 compatibility bytes\" fields of the 708 wrapper as well as translated into 708. Any 708 data present in the source content is discarded.", "title": "Convert608To708", "type": "string" }, "Source608ChannelNumber": { "markdownDescription": "Specifies the 608/708 channel number within the video track from which to extract captions.", "title": "Source608ChannelNumber", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Scte27DestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.Scte27SourceSettings": { "additionalProperties": false, "properties": { "OcrLanguage": { "markdownDescription": "If you will configure a WebVTT caption description that references this caption selector, use this field to\nprovide the language to consider when translating the image-based source to text.", "title": "OcrLanguage", "type": "string" }, "Pid": { "markdownDescription": "The PID field is used in conjunction with the captions selector languageCode field as follows: Specify PID and Language: Extracts captions from that PID; the language is \"informational.\" Specify PID and omit Language: Extracts the specified PID. Omit PID and specify Language: Extracts the specified language, whichever PID that happens to be. Omit PID and omit Language: Valid only if source is DVB-Sub that is being passed through; all languages are passed through.", "title": "Pid", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.Scte35SpliceInsert": { "additionalProperties": false, "properties": { "AdAvailOffset": { "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", "title": "AdAvailOffset", "type": "number" }, "NoRegionalBlackoutFlag": { "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", "title": "NoRegionalBlackoutFlag", "type": "string" }, "WebDeliveryAllowedFlag": { "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", "title": "WebDeliveryAllowedFlag", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.Scte35TimeSignalApos": { "additionalProperties": false, "properties": { "AdAvailOffset": { "markdownDescription": "When specified, this offset (in milliseconds) is added to the input ad avail PTS time. This applies only to embedded SCTE 104/35 messages. It doesn't apply to OOB messages.", "title": "AdAvailOffset", "type": "number" }, "NoRegionalBlackoutFlag": { "markdownDescription": "When set to ignore, segment descriptors with noRegionalBlackoutFlag set to 0 no longer trigger blackouts or ad avail slates.", "title": "NoRegionalBlackoutFlag", "type": "string" }, "WebDeliveryAllowedFlag": { "markdownDescription": "When set to ignore, segment descriptors with webDeliveryAllowedFlag set to 0 no longer trigger blackouts or ad avail slates.", "title": "WebDeliveryAllowedFlag", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.SmpteTtDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.StandardHlsSettings": { "additionalProperties": false, "properties": { "AudioRenditionSets": { "markdownDescription": "Lists all the audio groups that are used with the video output stream. This inputs all the audio GROUP-IDs that are associated with the video, separated by a comma (,).", "title": "AudioRenditionSets", "type": "string" }, "M3u8Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.M3u8Settings", "markdownDescription": "Settings for the M3U8 container.", "title": "M3u8Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.StaticKeySettings": { "additionalProperties": false, "properties": { "KeyProviderServer": { "$ref": "#/definitions/AWS::MediaLive::Channel.InputLocation", "markdownDescription": "The URL of the license server that is used for protecting content.", "title": "KeyProviderServer" }, "StaticKeyValue": { "markdownDescription": "The static key value as a 32 character hexadecimal string.", "title": "StaticKeyValue", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.TeletextDestinationSettings": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaLive::Channel.TeletextSourceSettings": { "additionalProperties": false, "properties": { "OutputRectangle": { "$ref": "#/definitions/AWS::MediaLive::Channel.CaptionRectangle", "markdownDescription": "Settings to configure the caption rectangle for an output captions that will be created using this Teletext source captions.", "title": "OutputRectangle" }, "PageNumber": { "markdownDescription": "Specifies the Teletext page number within the data stream from which to extract captions. The range is 0x100 (256) to 0x8FF (2303). This is unused for passthrough. It should be specified as a hexadecimal string with no \"0x\" prefix.", "title": "PageNumber", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.TemporalFilterSettings": { "additionalProperties": false, "properties": { "PostFilterSharpening": { "markdownDescription": "If you enable this filter, the results are the following:\n- If the source content is noisy (it contains excessive digital artifacts), the filter cleans up the source.\n- If the source content is already clean, the filter tends to decrease the bitrate, especially when the rate control mode is QVBR.", "title": "PostFilterSharpening", "type": "string" }, "Strength": { "markdownDescription": "Choose a filter strength. We recommend a strength of 1 or 2. A higher strength might take out good information, resulting in an image that is overly soft.", "title": "Strength", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.ThumbnailConfiguration": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "", "title": "State", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.TimecodeBurninSettings": { "additionalProperties": false, "properties": { "FontSize": { "markdownDescription": "", "title": "FontSize", "type": "string" }, "Position": { "markdownDescription": "", "title": "Position", "type": "string" }, "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.TimecodeConfig": { "additionalProperties": false, "properties": { "Source": { "markdownDescription": "Identifies the source for the timecode that will be associated with the channel outputs. Embedded (embedded): Initialize the output timecode with timecode from the source. If no embedded timecode is detected in the source, the system falls back to using \"Start at 0\" (zerobased). System Clock (systemclock): Use the UTC time. Start at 0 (zerobased): The time of the first frame of the channel will be 00:00:00:00.", "title": "Source", "type": "string" }, "SyncThreshold": { "markdownDescription": "The threshold in frames beyond which output timecode is resynchronized to the input timecode. Discrepancies below this threshold are permitted to avoid unnecessary discontinuities in the output timecode. There is no timecode sync when this is not specified.", "title": "SyncThreshold", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.TtmlDestinationSettings": { "additionalProperties": false, "properties": { "StyleControl": { "markdownDescription": "When set to passthrough, passes through style and position information from a TTML-like input source (TTML, SMPTE-TT, CFF-TT) to the CFF-TT output or TTML output.", "title": "StyleControl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Channel.UdpContainerSettings": { "additionalProperties": false, "properties": { "M2tsSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.M2tsSettings", "markdownDescription": "The M2TS configuration for this UDP output.", "title": "M2tsSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.UdpGroupSettings": { "additionalProperties": false, "properties": { "InputLossAction": { "markdownDescription": "Specifies the behavior of the last resort when the input video is lost, and no more backup inputs are available. When dropTs is selected, the entire transport stream stops emitting. When dropProgram is selected, the program can be dropped from the transport stream (and replaced with null packets to meet the TS bitrate requirement). Or when emitProgram is selected, the transport stream continues to be produced normally with repeat frames, black frames, or slate frames substituted for the absent input video.", "title": "InputLossAction", "type": "string" }, "TimedMetadataId3Frame": { "markdownDescription": "Indicates the ID3 frame that has the timecode.", "title": "TimedMetadataId3Frame", "type": "string" }, "TimedMetadataId3Period": { "markdownDescription": "The timed metadata interval in seconds.", "title": "TimedMetadataId3Period", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.UdpOutputSettings": { "additionalProperties": false, "properties": { "BufferMsec": { "markdownDescription": "The UDP output buffering in milliseconds. Larger values increase latency through the transcoder but simultaneously assist the transcoder in maintaining a constant, low-jitter UDP/RTP output while accommodating clock recovery, input switching, input disruptions, picture reordering, and so on.", "title": "BufferMsec", "type": "number" }, "ContainerSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.UdpContainerSettings", "markdownDescription": "The settings for the UDP output.", "title": "ContainerSettings" }, "Destination": { "$ref": "#/definitions/AWS::MediaLive::Channel.OutputLocationRef", "markdownDescription": "The destination address and port number for RTP or UDP packets. These can be unicast or multicast RTP or UDP (for example, rtp://239.10.10.10:5001 or udp://10.100.100.100:5002).", "title": "Destination" }, "FecOutputSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FecOutputSettings", "markdownDescription": "The settings for enabling and adjusting Forward Error Correction on UDP outputs.", "title": "FecOutputSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoBlackFailoverSettings": { "additionalProperties": false, "properties": { "BlackDetectThreshold": { "markdownDescription": "A value used in calculating the threshold below which MediaLive considers a pixel to be 'black'. For the input to be considered black, every pixel in a frame must be below this threshold. The threshold is calculated as a percentage (expressed as a decimal) of white. Therefore .1 means 10% white (or 90% black). Note how the formula works for any color depth. For example, if you set this field to 0.1 in 10-bit color depth: (1023*0.1=102.3), which means a pixel value of 102 or less is 'black'. If you set this field to .1 in an 8-bit color depth: (255*0.1=25.5), which means a pixel value of 25 or less is 'black'. The range is 0.0 to 1.0, with any number of decimal places.", "title": "BlackDetectThreshold", "type": "number" }, "VideoBlackThresholdMsec": { "markdownDescription": "The amount of time (in milliseconds) that the active input must be black before automatic input failover occurs.", "title": "VideoBlackThresholdMsec", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoCodecSettings": { "additionalProperties": false, "properties": { "FrameCaptureSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.FrameCaptureSettings", "markdownDescription": "The settings for the video codec in a frame capture output.", "title": "FrameCaptureSettings" }, "H264Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H264Settings", "markdownDescription": "The settings for the H.264 codec in the output.", "title": "H264Settings" }, "H265Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.H265Settings", "markdownDescription": "Settings for video encoded with the H265 codec.", "title": "H265Settings" }, "Mpeg2Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Mpeg2Settings", "markdownDescription": "Settings for video encoded with the MPEG-2 codec.", "title": "Mpeg2Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoDescription": { "additionalProperties": false, "properties": { "CodecSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoCodecSettings", "markdownDescription": "The video codec settings.", "title": "CodecSettings" }, "Height": { "markdownDescription": "The output video height, in pixels. This must be an even number. For most codecs, you can keep this field and width blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", "title": "Height", "type": "number" }, "Name": { "markdownDescription": "The name of this VideoDescription. Outputs use this name to uniquely identify this description. Description names should be unique within this channel.", "title": "Name", "type": "string" }, "RespondToAfd": { "markdownDescription": "Indicates how to respond to the AFD values in the input stream. RESPOND causes input video to be clipped, depending on the AFD value, input display aspect ratio, and output display aspect ratio, and (except for the FRAMECAPTURE codec) includes the values in the output. PASSTHROUGH (does not apply to FRAMECAPTURE codec) ignores the AFD values and includes the values in the output, so input video is not clipped. NONE ignores the AFD values and does not include the values through to the output, so input video is not clipped.", "title": "RespondToAfd", "type": "string" }, "ScalingBehavior": { "markdownDescription": "STRETCHTOOUTPUT configures the output position to stretch the video to the specified output resolution (height and width). This option overrides any position value. DEFAULT might insert black boxes (pillar boxes or letter boxes) around the video to provide the specified output resolution.", "title": "ScalingBehavior", "type": "string" }, "Sharpness": { "markdownDescription": "Changes the strength of the anti-alias filter used for scaling. 0 is the softest setting, and 100 is the sharpest. We recommend a setting of 50 for most content.", "title": "Sharpness", "type": "number" }, "Width": { "markdownDescription": "The output video width, in pixels. It must be an even number. For most codecs, you can keep this field and height blank in order to use the height and width (resolution) from the source. Note that we don't recommend keeping the field blank. For the Frame Capture codec, height and width are required.", "title": "Width", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoSelector": { "additionalProperties": false, "properties": { "ColorSpace": { "markdownDescription": "Specifies the color space of an input. This setting works in tandem with colorSpaceConversion to determine if MediaLive will perform any conversion.", "title": "ColorSpace", "type": "string" }, "ColorSpaceSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings", "markdownDescription": "Settings to configure color space settings in the incoming video.", "title": "ColorSpaceSettings" }, "ColorSpaceUsage": { "markdownDescription": "Applies only if colorSpace is a value other than Follow. This field controls how the value in the colorSpace field is used. Fallback means that when the input does include color space data, that data is used, but when the input has no color space data, the value in colorSpace is used. Choose fallback if your input is sometimes missing color space data, but when it does have color space data, that data is correct. Force means to always use the value in colorSpace. Choose force if your input usually has no color space data or might have unreliable color space data.", "title": "ColorSpaceUsage", "type": "string" }, "SelectorSettings": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorSettings", "markdownDescription": "Information about the video to select from the content.", "title": "SelectorSettings" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoSelectorColorSpaceSettings": { "additionalProperties": false, "properties": { "Hdr10Settings": { "$ref": "#/definitions/AWS::MediaLive::Channel.Hdr10Settings", "markdownDescription": "Settings to configure color space settings in the incoming video.", "title": "Hdr10Settings" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoSelectorPid": { "additionalProperties": false, "properties": { "Pid": { "markdownDescription": "Selects a specific PID from within a video source.", "title": "Pid", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoSelectorProgramId": { "additionalProperties": false, "properties": { "ProgramId": { "markdownDescription": "Selects a specific program from within a multi-program transport stream. If the program doesn't exist, MediaLive selects the first program within the transport stream by default.", "title": "ProgramId", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.VideoSelectorSettings": { "additionalProperties": false, "properties": { "VideoSelectorPid": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorPid", "markdownDescription": "Used to extract video by PID.", "title": "VideoSelectorPid" }, "VideoSelectorProgramId": { "$ref": "#/definitions/AWS::MediaLive::Channel.VideoSelectorProgramId", "markdownDescription": "Used to extract video by program ID.", "title": "VideoSelectorProgramId" } }, "type": "object" }, "AWS::MediaLive::Channel.VpcOutputSettings": { "additionalProperties": false, "properties": { "PublicAddressAllocationIds": { "items": { "type": "string" }, "markdownDescription": "List of public address allocation IDs to associate with ENIs that will be created in Output VPC. Must specify one for SINGLE_PIPELINE, two for STANDARD channels", "title": "PublicAddressAllocationIds", "type": "array" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of up to 5 EC2 VPC security group IDs to attach to the Output VPC network interfaces.\nIf none are specified then the VPC default security group will be used", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC subnet IDs from the same VPC.\nIf STANDARD channel, subnet IDs must be mapped to two unique availability zones (AZ).", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Channel.WavSettings": { "additionalProperties": false, "properties": { "BitDepth": { "markdownDescription": "Bits per sample.", "title": "BitDepth", "type": "number" }, "CodingMode": { "markdownDescription": "The audio coding mode for the WAV audio. The mode determines the number of channels in the audio.", "title": "CodingMode", "type": "string" }, "SampleRate": { "markdownDescription": "Sample rate in Hz.", "title": "SampleRate", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Channel.WebvttDestinationSettings": { "additionalProperties": false, "properties": { "StyleControl": { "markdownDescription": "Controls whether the color and position of the source captions is passed through to the WebVTT output captions. PASSTHROUGH - Valid only if the source captions are EMBEDDED or TELETEXT. NO_STYLE_DATA - Don't pass through the style. The output captions will not contain any font styling information.", "title": "StyleControl", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Input": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Destinations": { "items": { "$ref": "#/definitions/AWS::MediaLive::Input.InputDestinationRequest" }, "markdownDescription": "Settings that apply only if the input is a push type of input.", "title": "Destinations", "type": "array" }, "InputDevices": { "items": { "$ref": "#/definitions/AWS::MediaLive::Input.InputDeviceSettings" }, "markdownDescription": "Settings that apply only if the input is an Elemental Link input.", "title": "InputDevices", "type": "array" }, "InputSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The list of input security groups (referenced by IDs) to attach to the input if the input is a push type.", "title": "InputSecurityGroups", "type": "array" }, "MediaConnectFlows": { "items": { "$ref": "#/definitions/AWS::MediaLive::Input.MediaConnectFlowRequest" }, "markdownDescription": "Settings that apply only if the input is a MediaConnect input.", "title": "MediaConnectFlows", "type": "array" }, "Name": { "markdownDescription": "A name for the input.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM role for MediaLive to assume when creating a MediaConnect input or Amazon VPC input. This doesn't apply to other types of inputs. The role is identified by its ARN.", "title": "RoleArn", "type": "string" }, "Sources": { "items": { "$ref": "#/definitions/AWS::MediaLive::Input.InputSourceRequest" }, "markdownDescription": "Settings that apply only if the input is a pull type of input.", "title": "Sources", "type": "array" }, "Tags": { "markdownDescription": "A collection of tags for this input. Each tag is a key-value pair.", "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The type for this input.", "title": "Type", "type": "string" }, "Vpc": { "$ref": "#/definitions/AWS::MediaLive::Input.InputVpcRequest", "markdownDescription": "Settings that apply only if the input is an push input where the source is on Amazon VPC.", "title": "Vpc" } }, "type": "object" }, "Type": { "enum": [ "AWS::MediaLive::Input" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::MediaLive::Input.InputDestinationRequest": { "additionalProperties": false, "properties": { "StreamName": { "markdownDescription": "The stream name (application name/application instance) for the location the RTMP source content will be pushed to in MediaLive.", "title": "StreamName", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Input.InputDeviceRequest": { "additionalProperties": false, "properties": { "Id": { "type": "string" } }, "type": "object" }, "AWS::MediaLive::Input.InputDeviceSettings": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The unique ID for the device.", "title": "Id", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Input.InputSourceRequest": { "additionalProperties": false, "properties": { "PasswordParam": { "markdownDescription": "The password parameter that holds the password for accessing the upstream system. The password parameter applies only if the upstream system requires credentials.", "title": "PasswordParam", "type": "string" }, "Url": { "markdownDescription": "For a pull input, the URL where MediaLive pulls the source content from.", "title": "Url", "type": "string" }, "Username": { "markdownDescription": "The user name to connect to the upstream system. The user name applies only if the upstream system requires credentials.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Input.InputVpcRequest": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The list of up to five VPC security group IDs to attach to the input VPC network interfaces. The security groups require subnet IDs. If none are specified, MediaLive uses the VPC default security group.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The list of two VPC subnet IDs from the same VPC. You must associate subnet IDs to two unique Availability Zones.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::MediaLive::Input.MediaConnectFlowRequest": { "additionalProperties": false, "properties": { "FlowArn": { "markdownDescription": "The ARN of one or two MediaConnect flows that are the sources for this MediaConnect input.", "title": "FlowArn", "type": "string" } }, "type": "object" }, "AWS::MediaLive::InputSecurityGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "markdownDescription": "A collection of tags for this input security group. Each tag is a key-value pair.", "title": "Tags", "type": "object" }, "WhitelistRules": { "items": { "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr" }, "markdownDescription": "The list of IPv4 CIDR addresses to include in the input security group as \"allowed\" addresses.", "title": "WhitelistRules", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::MediaLive::InputSecurityGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::MediaLive::InputSecurityGroup.InputWhitelistRuleCidr": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "An IPv4 CIDR range to include in this input security group.", "title": "Cidr", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Multiplex": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of availability zones for the multiplex.", "title": "AvailabilityZones", "type": "array" }, "Destinations": { "items": { "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexOutputDestination" }, "markdownDescription": "A list of the multiplex output destinations.", "title": "Destinations", "type": "array" }, "MultiplexSettings": { "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexSettings", "markdownDescription": "Configuration for a multiplex event.", "title": "MultiplexSettings" }, "Name": { "markdownDescription": "The name of the multiplex.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::MediaLive::Multiplex.Tags" }, "markdownDescription": "A collection of key-value pairs.", "title": "Tags", "type": "array" } }, "required": [ "AvailabilityZones", "MultiplexSettings", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaLive::Multiplex" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings": { "additionalProperties": false, "properties": { "EntitlementArn": { "markdownDescription": "The MediaConnect entitlement ARN available as a Flow source.", "title": "EntitlementArn", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Multiplex.MultiplexOutputDestination": { "additionalProperties": false, "properties": { "MultiplexMediaConnectOutputDestinationSettings": { "$ref": "#/definitions/AWS::MediaLive::Multiplex.MultiplexMediaConnectOutputDestinationSettings", "markdownDescription": "", "title": "MultiplexMediaConnectOutputDestinationSettings" } }, "type": "object" }, "AWS::MediaLive::Multiplex.MultiplexSettings": { "additionalProperties": false, "properties": { "MaximumVideoBufferDelayMilliseconds": { "markdownDescription": "Maximum video buffer delay in milliseconds.", "title": "MaximumVideoBufferDelayMilliseconds", "type": "number" }, "TransportStreamBitrate": { "markdownDescription": "Transport stream bit rate.", "title": "TransportStreamBitrate", "type": "number" }, "TransportStreamId": { "markdownDescription": "Transport stream ID.", "title": "TransportStreamId", "type": "number" }, "TransportStreamReservedBitrate": { "markdownDescription": "Transport stream reserved bit rate.", "title": "TransportStreamReservedBitrate", "type": "number" } }, "required": [ "TransportStreamBitrate", "TransportStreamId" ], "type": "object" }, "AWS::MediaLive::Multiplex.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Multiplexprogram": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelId": { "markdownDescription": "The unique ID of the channel.", "title": "ChannelId", "type": "string" }, "MultiplexId": { "markdownDescription": "The unique id of the multiplex.", "title": "MultiplexId", "type": "string" }, "MultiplexProgramSettings": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings", "markdownDescription": "Multiplex Program settings configuration.", "title": "MultiplexProgramSettings" }, "PacketIdentifiersMap": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap", "markdownDescription": "", "title": "PacketIdentifiersMap" }, "PipelineDetails": { "items": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail" }, "markdownDescription": "", "title": "PipelineDetails", "type": "array" }, "PreferredChannelPipeline": { "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.\nIf set to \\\"PIPELINE_0\\\" or \\\"PIPELINE_1\\\" and an unhealthy ingest causes the multiplex to switch to the non-preferred pipeline,\nit will switch back once that ingest is healthy again. If set to \\\"CURRENTLY_ACTIVE\\\",\nit will not switch back to the other pipeline based on it recovering to a healthy state,\nit will only switch if the active pipeline becomes unhealthy.", "title": "PreferredChannelPipeline", "type": "string" }, "ProgramName": { "markdownDescription": "", "title": "ProgramName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::MediaLive::Multiplexprogram" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexProgramPacketIdentifiersMap": { "additionalProperties": false, "properties": { "AudioPids": { "items": { "type": "number" }, "markdownDescription": "", "title": "AudioPids", "type": "array" }, "DvbSubPids": { "items": { "type": "number" }, "markdownDescription": "", "title": "DvbSubPids", "type": "array" }, "DvbTeletextPid": { "markdownDescription": "", "title": "DvbTeletextPid", "type": "number" }, "EtvPlatformPid": { "markdownDescription": "", "title": "EtvPlatformPid", "type": "number" }, "EtvSignalPid": { "markdownDescription": "", "title": "EtvSignalPid", "type": "number" }, "KlvDataPids": { "items": { "type": "number" }, "markdownDescription": "", "title": "KlvDataPids", "type": "array" }, "PcrPid": { "markdownDescription": "", "title": "PcrPid", "type": "number" }, "PmtPid": { "markdownDescription": "", "title": "PmtPid", "type": "number" }, "PrivateMetadataPid": { "markdownDescription": "", "title": "PrivateMetadataPid", "type": "number" }, "Scte27Pids": { "items": { "type": "number" }, "markdownDescription": "", "title": "Scte27Pids", "type": "array" }, "Scte35Pid": { "markdownDescription": "", "title": "Scte35Pid", "type": "number" }, "TimedMetadataPid": { "markdownDescription": "", "title": "TimedMetadataPid", "type": "number" }, "VideoPid": { "markdownDescription": "", "title": "VideoPid", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexProgramPipelineDetail": { "additionalProperties": false, "properties": { "ActiveChannelPipeline": { "markdownDescription": "Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex.", "title": "ActiveChannelPipeline", "type": "string" }, "PipelineId": { "markdownDescription": "Identifies a specific pipeline in the multiplex.", "title": "PipelineId", "type": "string" } }, "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor": { "additionalProperties": false, "properties": { "ProviderName": { "markdownDescription": "Name of the provider.", "title": "ProviderName", "type": "string" }, "ServiceName": { "markdownDescription": "Name of the service.", "title": "ServiceName", "type": "string" } }, "required": [ "ProviderName", "ServiceName" ], "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexProgramSettings": { "additionalProperties": false, "properties": { "PreferredChannelPipeline": { "markdownDescription": "Indicates which pipeline is preferred by the multiplex for program ingest.", "title": "PreferredChannelPipeline", "type": "string" }, "ProgramNumber": { "markdownDescription": "Unique program number.", "title": "ProgramNumber", "type": "number" }, "ServiceDescriptor": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexProgramServiceDescriptor", "markdownDescription": "Transport stream service descriptor configuration for the Multiplex program.", "title": "ServiceDescriptor" }, "VideoSettings": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings", "markdownDescription": "Program video settings configuration.", "title": "VideoSettings" } }, "required": [ "ProgramNumber" ], "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings": { "additionalProperties": false, "properties": { "MaximumBitrate": { "markdownDescription": "Maximum statmux bitrate.", "title": "MaximumBitrate", "type": "number" }, "MinimumBitrate": { "markdownDescription": "Minimum statmux bitrate.", "title": "MinimumBitrate", "type": "number" }, "Priority": { "markdownDescription": "The purpose of the priority is to use a combination of the\\nmultiplex rate control algorithm and the QVBR capability of the\\nencoder to prioritize the video quality of some channels in a\\nmultiplex over others. Channels that have a higher priority will\\nget higher video quality at the expense of the video quality of\\nother channels in the multiplex with lower priority.", "title": "Priority", "type": "number" } }, "type": "object" }, "AWS::MediaLive::Multiplexprogram.MultiplexVideoSettings": { "additionalProperties": false, "properties": { "ConstantBitrate": { "markdownDescription": "The constant bitrate configuration for the video encode.\nWhen this field is defined, StatmuxSettings must be undefined.", "title": "ConstantBitrate", "type": "number" }, "StatmuxSettings": { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram.MultiplexStatmuxVideoSettings", "markdownDescription": "Statmux rate control settings.\nWhen this field is defined, ConstantBitrate must be undefined.", "title": "StatmuxSettings" } }, "type": "object" }, "AWS::MediaPackage::Asset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EgressEndpoints": { "items": { "$ref": "#/definitions/AWS::MediaPackage::Asset.EgressEndpoint" }, "markdownDescription": "List of playback endpoints that are available for this asset.", "title": "EgressEndpoints", "type": "array" }, "Id": { "markdownDescription": "Unique identifier that you assign to the asset.", "title": "Id", "type": "string" }, "PackagingGroupId": { "markdownDescription": "The ID of the packaging group associated with this asset.", "title": "PackagingGroupId", "type": "string" }, "ResourceId": { "markdownDescription": "Unique identifier for this asset, as it's configured in the key provider service.", "title": "ResourceId", "type": "string" }, "SourceArn": { "markdownDescription": "The ARN for the source content in Amazon S3.", "title": "SourceArn", "type": "string" }, "SourceRoleArn": { "markdownDescription": "The ARN for the IAM role that provides AWS Elemental MediaPackage access to the Amazon S3 bucket where the source content is stored. Valid format: arn:aws:iam::{accountID}:role/{name}", "title": "SourceRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the asset.", "title": "Tags", "type": "array" } }, "required": [ "Id", "PackagingGroupId", "SourceArn", "SourceRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackage::Asset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackage::Asset.EgressEndpoint": { "additionalProperties": false, "properties": { "PackagingConfigurationId": { "markdownDescription": "The ID of a packaging configuration that's applied to this asset.", "title": "PackagingConfigurationId", "type": "string" }, "Url": { "markdownDescription": "The URL that's used to request content from this endpoint.", "title": "Url", "type": "string" } }, "required": [ "PackagingConfigurationId", "Url" ], "type": "object" }, "AWS::MediaPackage::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Any descriptive information that you want to add to the channel for future identification purposes.", "title": "Description", "type": "string" }, "EgressAccessLogs": { "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", "markdownDescription": "Configures egress access logs.", "title": "EgressAccessLogs" }, "HlsIngest": { "$ref": "#/definitions/AWS::MediaPackage::Channel.HlsIngest", "markdownDescription": "The input URL where the source stream should be sent.", "title": "HlsIngest" }, "Id": { "markdownDescription": "Unique identifier that you assign to the channel.", "title": "Id", "type": "string" }, "IngressAccessLogs": { "$ref": "#/definitions/AWS::MediaPackage::Channel.LogConfiguration", "markdownDescription": "Configures ingress access logs.", "title": "IngressAccessLogs" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the channel.", "title": "Tags", "type": "array" } }, "required": [ "Id" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackage::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackage::Channel.HlsIngest": { "additionalProperties": false, "properties": { "ingestEndpoints": { "items": { "$ref": "#/definitions/AWS::MediaPackage::Channel.IngestEndpoint" }, "markdownDescription": "The input URL where the source stream should be sent.", "title": "ingestEndpoints", "type": "array" } }, "type": "object" }, "AWS::MediaPackage::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The endpoint identifier.", "title": "Id", "type": "string" }, "Password": { "markdownDescription": "The system-generated password for WebDAV input authentication.", "title": "Password", "type": "string" }, "Url": { "markdownDescription": "The input URL where the source stream should be sent.", "title": "Url", "type": "string" }, "Username": { "markdownDescription": "The system-generated username for WebDAV input authentication.", "title": "Username", "type": "string" } }, "required": [ "Id", "Password", "Url", "Username" ], "type": "object" }, "AWS::MediaPackage::Channel.LogConfiguration": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "Sets a custom Amazon CloudWatch log group name.", "title": "LogGroupName", "type": "string" } }, "type": "object" }, "AWS::MediaPackage::OriginEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Authorization": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.Authorization", "markdownDescription": "Parameters for CDN authorization.", "title": "Authorization" }, "ChannelId": { "markdownDescription": "The ID of the channel associated with this endpoint.", "title": "ChannelId", "type": "string" }, "CmafPackage": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafPackage", "markdownDescription": "Parameters for Common Media Application Format (CMAF) packaging.", "title": "CmafPackage" }, "DashPackage": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashPackage", "markdownDescription": "Parameters for DASH packaging.", "title": "DashPackage" }, "Description": { "markdownDescription": "Any descriptive information that you want to add to the endpoint for future identification purposes.", "title": "Description", "type": "string" }, "HlsPackage": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsPackage", "markdownDescription": "Parameters for Apple HLS packaging.", "title": "HlsPackage" }, "Id": { "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", "title": "Id", "type": "string" }, "ManifestName": { "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint.", "title": "ManifestName", "type": "string" }, "MssPackage": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssPackage", "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", "title": "MssPackage" }, "Origination": { "markdownDescription": "Controls video origination from this endpoint.\n\nValid values:\n\n- `ALLOW` - enables this endpoint to serve content to requesting devices.\n- `DENY` - prevents this endpoint from serving content. Denying origination is helpful for harvesting live-to-VOD assets. For more information about harvesting and origination, see [Live-to-VOD Requirements](https://docs.aws.amazon.com/mediapackage/latest/ug/ltov-reqmts.html) .", "title": "Origination", "type": "string" }, "StartoverWindowSeconds": { "markdownDescription": "Maximum duration (seconds) of content to retain for startover playback. Omit this attribute or enter `0` to indicate that startover playback is disabled for this endpoint.", "title": "StartoverWindowSeconds", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the endpoint.", "title": "Tags", "type": "array" }, "TimeDelaySeconds": { "markdownDescription": "Minimum duration (seconds) of delay to enforce on the playback of live content. Omit this attribute or enter `0` to indicate that there is no time delay in effect for this endpoint.", "title": "TimeDelaySeconds", "type": "number" }, "Whitelist": { "items": { "type": "string" }, "markdownDescription": "The IP addresses that can access this endpoint.", "title": "Whitelist", "type": "array" } }, "required": [ "ChannelId", "Id" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackage::OriginEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.Authorization": { "additionalProperties": false, "properties": { "CdnIdentifierSecret": { "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that your Content Delivery Network (CDN) uses for authorization to access your endpoint.", "title": "CdnIdentifierSecret", "type": "string" }, "SecretsRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", "title": "SecretsRoleArn", "type": "string" } }, "required": [ "CdnIdentifierSecret", "SecretsRoleArn" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.CmafEncryption": { "additionalProperties": false, "properties": { "ConstantInitializationVector": { "markdownDescription": "An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then AWS Elemental MediaPackage creates the constant initialization vector (IV).", "title": "ConstantInitializationVector", "type": "string" }, "EncryptionMethod": { "markdownDescription": "The encryption method to use.", "title": "EncryptionMethod", "type": "string" }, "KeyRotationIntervalSeconds": { "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", "title": "KeyRotationIntervalSeconds", "type": "number" }, "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.CmafPackage": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.CmafEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "HlsManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsManifest" }, "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", "title": "HlsManifests", "type": "array" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source segment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "SegmentPrefix": { "markdownDescription": "An optional custom string that is prepended to the name of each segment. If not specified, the segment prefix defaults to the ChannelId.", "title": "SegmentPrefix", "type": "string" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", "title": "StreamSelection" } }, "type": "object" }, "AWS::MediaPackage::OriginEndpoint.DashEncryption": { "additionalProperties": false, "properties": { "KeyRotationIntervalSeconds": { "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", "title": "KeyRotationIntervalSeconds", "type": "number" }, "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.DashPackage": { "additionalProperties": false, "properties": { "AdTriggers": { "items": { "type": "string" }, "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_ADVERTISEMENT` .\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY` .\n- `PROVIDER_PLACEMENT_OPPORTUNITY` .\n- `SPLICE_INSERT` .", "title": "AdTriggers", "type": "array" }, "AdsOnDeliveryRestrictions": { "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", "title": "AdsOnDeliveryRestrictions", "type": "string" }, "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.DashEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "IncludeIframeOnlyStream": { "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", "title": "IncludeIframeOnlyStream", "type": "boolean" }, "ManifestLayout": { "markdownDescription": "Determines the position of some tags in the manifest.\n\nValid values:\n\n- `FULL` - Elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` .\n- `COMPACT` - Duplicate elements are combined and presented at the `AdaptationSet` level.", "title": "ManifestLayout", "type": "string" }, "ManifestWindowSeconds": { "markdownDescription": "Time window (in seconds) contained in each manifest.", "title": "ManifestWindowSeconds", "type": "number" }, "MinBufferTimeSeconds": { "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", "title": "MinBufferTimeSeconds", "type": "number" }, "MinUpdatePeriodSeconds": { "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.", "title": "MinUpdatePeriodSeconds", "type": "number" }, "PeriodTriggers": { "items": { "type": "string" }, "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", "title": "PeriodTriggers", "type": "array" }, "Profile": { "markdownDescription": "The DASH profile for the output.\n\nValid values:\n\n- `NONE` - The output doesn't use a DASH profile.\n- `HBBTV_1_5` - The output is compliant with HbbTV v1.5.\n- `DVB_DASH_2014` - The output is compliant with DVB-DASH 2014.", "title": "Profile", "type": "string" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "SegmentTemplateFormat": { "markdownDescription": "Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` .\n\nValid values:\n\n- `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .\n- `NUMBER_WITH_DURATION` - The `$Number$` variable is used in the `media` URL and a `duration` attribute is added to the segment template. The `SegmentTimeline` object is removed from the representation.\n- `TIME_WITH_TIMELINE` - The `$Time$` variable is used in the `media` URL. The value of this variable is the timestamp of when the segment starts. A full `SegmentTimeline` object is presented in each `SegmentTemplate` .", "title": "SegmentTemplateFormat", "type": "string" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", "title": "StreamSelection" }, "SuggestedPresentationDelaySeconds": { "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest.", "title": "SuggestedPresentationDelaySeconds", "type": "number" }, "UtcTiming": { "markdownDescription": "Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).", "title": "UtcTiming", "type": "string" }, "UtcTimingUri": { "markdownDescription": "Specifies the value attribute of the UTC timing field when utcTiming is set to HTTP-ISO or HTTP-HEAD.", "title": "UtcTimingUri", "type": "string" } }, "type": "object" }, "AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::MediaPackage::OriginEndpoint.HlsEncryption": { "additionalProperties": false, "properties": { "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks.", "title": "ConstantInitializationVector", "type": "string" }, "EncryptionMethod": { "markdownDescription": "HLS encryption type.", "title": "EncryptionMethod", "type": "string" }, "KeyRotationIntervalSeconds": { "markdownDescription": "Number of seconds before AWS Elemental MediaPackage rotates to a new key. By default, rotation is set to 60 seconds. Set to `0` to disable key rotation.", "title": "KeyRotationIntervalSeconds", "type": "number" }, "RepeatExtXKey": { "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", "title": "RepeatExtXKey", "type": "boolean" }, "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.HlsManifest": { "additionalProperties": false, "properties": { "AdMarkers": { "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", "title": "AdMarkers", "type": "string" }, "AdTriggers": { "items": { "type": "string" }, "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", "title": "AdTriggers", "type": "array" }, "AdsOnDeliveryRestrictions": { "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", "title": "AdsOnDeliveryRestrictions", "type": "string" }, "Id": { "markdownDescription": "The manifest ID is required and must be unique within the OriginEndpoint. The ID can't be changed after the endpoint is created.", "title": "Id", "type": "string" }, "IncludeIframeOnlyStream": { "markdownDescription": "Applies to stream sets with a single video track only. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", "title": "IncludeIframeOnlyStream", "type": "boolean" }, "ManifestName": { "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this endpoint. The manifestName on the HLSManifest object overrides the manifestName that you provided on the originEndpoint object.", "title": "ManifestName", "type": "string" }, "PlaylistType": { "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", "title": "PlaylistType", "type": "string" }, "PlaylistWindowSeconds": { "markdownDescription": "Time window (in seconds) contained in each parent manifest.", "title": "PlaylistWindowSeconds", "type": "number" }, "ProgramDateTimeIntervalSeconds": { "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. Additionally, ID3Timed metadata messages are generated every 5 seconds starting when the content was ingested.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, "Url": { "markdownDescription": "The URL that's used to request this manifest from this endpoint.", "title": "Url", "type": "string" } }, "required": [ "Id" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.HlsPackage": { "additionalProperties": false, "properties": { "AdMarkers": { "markdownDescription": "Controls how ad markers are included in the packaged endpoint.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", "title": "AdMarkers", "type": "string" }, "AdTriggers": { "items": { "type": "string" }, "markdownDescription": "Specifies the SCTE-35 message types that AWS Elemental MediaPackage treats as ad markers in the output manifest.\n\nValid values:\n\n- `BREAK`\n- `DISTRIBUTOR_ADVERTISEMENT`\n- `DISTRIBUTOR_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `DISTRIBUTOR_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_ADVERTISEMENT`\n- `PROVIDER_OVERLAY_PLACEMENT_OPPORTUNITY`\n- `PROVIDER_PLACEMENT_OPPORTUNITY`\n- `SPLICE_INSERT`", "title": "AdTriggers", "type": "array" }, "AdsOnDeliveryRestrictions": { "markdownDescription": "The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) .", "title": "AdsOnDeliveryRestrictions", "type": "string" }, "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.HlsEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "IncludeDvbSubtitles": { "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", "title": "IncludeDvbSubtitles", "type": "boolean" }, "IncludeIframeOnlyStream": { "markdownDescription": "Only applies to stream sets with a single video track. When true, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included.", "title": "IncludeIframeOnlyStream", "type": "boolean" }, "PlaylistType": { "markdownDescription": "When specified as either `event` or `vod` , a corresponding `EXT-X-PLAYLIST-TYPE` entry is included in the media playlist. Indicates if the playlist is live-to-VOD content.", "title": "PlaylistType", "type": "string" }, "PlaylistWindowSeconds": { "markdownDescription": "Time window (in seconds) contained in each parent manifest.", "title": "PlaylistWindowSeconds", "type": "number" }, "ProgramDateTimeIntervalSeconds": { "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. Additionally, ID3Timed metadata messages are generated every 5 seconds starting when the content was ingested.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", "title": "StreamSelection" }, "UseAudioRenditionGroup": { "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", "title": "UseAudioRenditionGroup", "type": "boolean" } }, "type": "object" }, "AWS::MediaPackage::OriginEndpoint.MssEncryption": { "additionalProperties": false, "properties": { "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.MssPackage": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.MssEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "ManifestWindowSeconds": { "markdownDescription": "Time window (in seconds) contained in each manifest.", "title": "ManifestWindowSeconds", "type": "number" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.StreamSelection", "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", "title": "StreamSelection" } }, "type": "object" }, "AWS::MediaPackage::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.", "title": "CertificateArn", "type": "string" }, "EncryptionContractConfiguration": { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint.EncryptionContractConfiguration", "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", "title": "EncryptionContractConfiguration" }, "ResourceId": { "markdownDescription": "Unique identifier for this endpoint, as it is configured in the key provider service.", "title": "ResourceId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. This role must have a trust policy that allows AWS Elemental MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Valid format: arn:aws:iam::{accountID}:role/{name}", "title": "RoleArn", "type": "string" }, "SystemIds": { "items": { "type": "string" }, "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", "title": "SystemIds", "type": "array" }, "Url": { "markdownDescription": "URL for the key provider\u2019s key retrieval API endpoint. Must start with https://.", "title": "Url", "type": "string" } }, "required": [ "ResourceId", "RoleArn", "SystemIds", "Url" ], "type": "object" }, "AWS::MediaPackage::OriginEndpoint.StreamSelection": { "additionalProperties": false, "properties": { "MaxVideoBitsPerSecond": { "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", "title": "MaxVideoBitsPerSecond", "type": "number" }, "MinVideoBitsPerSecond": { "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", "title": "MinVideoBitsPerSecond", "type": "number" }, "StreamOrder": { "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", "title": "StreamOrder", "type": "string" } }, "type": "object" }, "AWS::MediaPackage::PackagingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CmafPackage": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafPackage", "markdownDescription": "Parameters for CMAF packaging.", "title": "CmafPackage" }, "DashPackage": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashPackage", "markdownDescription": "Parameters for DASH-ISO packaging.", "title": "DashPackage" }, "HlsPackage": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsPackage", "markdownDescription": "Parameters for Apple HLS packaging.", "title": "HlsPackage" }, "Id": { "markdownDescription": "Unique identifier that you assign to the packaging configuration.", "title": "Id", "type": "string" }, "MssPackage": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssPackage", "markdownDescription": "Parameters for Microsoft Smooth Streaming packaging.", "title": "MssPackage" }, "PackagingGroupId": { "markdownDescription": "The ID of the packaging group associated with this packaging configuration.", "title": "PackagingGroupId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the packaging configuration.", "title": "Tags", "type": "array" } }, "required": [ "Id", "PackagingGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackage::PackagingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.CmafEncryption": { "additionalProperties": false, "properties": { "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.CmafPackage": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.CmafEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "HlsManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", "title": "HlsManifests", "type": "array" }, "IncludeEncoderConfigurationInSegments": { "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", "title": "IncludeEncoderConfigurationInSegments", "type": "boolean" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" } }, "required": [ "HlsManifests" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.DashEncryption": { "additionalProperties": false, "properties": { "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.DashManifest": { "additionalProperties": false, "properties": { "ManifestLayout": { "markdownDescription": "Determines the position of some tags in the Media Presentation Description (MPD). When set to `FULL` , elements like `SegmentTemplate` and `ContentProtection` are included in each `Representation` . When set to `COMPACT` , duplicate elements are combined and presented at the AdaptationSet level.", "title": "ManifestLayout", "type": "string" }, "ManifestName": { "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", "title": "ManifestName", "type": "string" }, "MinBufferTimeSeconds": { "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer.", "title": "MinBufferTimeSeconds", "type": "number" }, "Profile": { "markdownDescription": "The DASH profile type. When set to `HBBTV_1_5` , the content is compliant with HbbTV 1.5.", "title": "Profile", "type": "string" }, "ScteMarkersSource": { "markdownDescription": "The source of scte markers used.\n\nValue description:\n\n- `SEGMENTS` - The scte markers are sourced from the segments of the ingested content.\n- `MANIFEST` - the scte markers are sourced from the manifest of the ingested content. The MANIFEST value is compatible with source HLS playlists using the SCTE-35 Enhanced syntax ( `EXT-OATCLS-SCTE35` tags). SCTE-35 Elemental and SCTE-35 Daterange syntaxes are not supported with this option.", "title": "ScteMarkersSource", "type": "string" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", "markdownDescription": "Limitations for outputs from the endpoint, based on the video bitrate.", "title": "StreamSelection" } }, "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.DashPackage": { "additionalProperties": false, "properties": { "DashManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashManifest" }, "markdownDescription": "A list of DASH manifest configurations that are available from this endpoint.", "title": "DashManifests", "type": "array" }, "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.DashEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "IncludeEncoderConfigurationInSegments": { "markdownDescription": "When includeEncoderConfigurationInSegments is set to true, AWS Elemental MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback.", "title": "IncludeEncoderConfigurationInSegments", "type": "boolean" }, "IncludeIframeOnlyStream": { "markdownDescription": "This applies only to stream sets with a single video track. When true, the stream set includes an additional I-frame trick-play only stream, along with the other tracks. If false, this extra stream is not included.", "title": "IncludeIframeOnlyStream", "type": "boolean" }, "PeriodTriggers": { "items": { "type": "string" }, "markdownDescription": "Controls whether AWS Elemental MediaPackage produces single-period or multi-period DASH manifests. For more information about periods, see [Multi-period DASH in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/multi-period.html) .\n\nValid values:\n\n- `ADS` - AWS Elemental MediaPackage will produce multi-period DASH manifests. Periods are created based on the SCTE-35 ad markers present in the input manifest.\n- *No value* - AWS Elemental MediaPackage will produce single-period DASH manifests. This is the default setting.", "title": "PeriodTriggers", "type": "array" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "SegmentTemplateFormat": { "markdownDescription": "Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to `NUMBER_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to `TIME_WITH_TIMELINE` , a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to `NUMBER_WITH_DURATION` , only a duration is included in each SegmentTemplate, with $Number$ media URLs.", "title": "SegmentTemplateFormat", "type": "string" } }, "required": [ "DashManifests" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { "PresetSpeke20Audio": { "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", "title": "PresetSpeke20Audio", "type": "string" }, "PresetSpeke20Video": { "markdownDescription": "A collection of video encryption presets.\n\nValue description:\n\n- `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream.\n- `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks.\n- `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks.\n- `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks.\n- `SHARED` - Use the same content key for all of the video and audio tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream.", "title": "PresetSpeke20Video", "type": "string" } }, "required": [ "PresetSpeke20Audio", "PresetSpeke20Video" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.HlsEncryption": { "additionalProperties": false, "properties": { "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used with the key for encrypting blocks. If you don't specify a constant initialization vector (IV), AWS Elemental MediaPackage periodically rotates the IV.", "title": "ConstantInitializationVector", "type": "string" }, "EncryptionMethod": { "markdownDescription": "HLS encryption type.", "title": "EncryptionMethod", "type": "string" }, "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.HlsManifest": { "additionalProperties": false, "properties": { "AdMarkers": { "markdownDescription": "This setting controls ad markers in the packaged content.\n\nValid values:\n\n- `NONE` - Omits all SCTE-35 ad markers from the output.\n- `PASSTHROUGH` - Creates a copy in the output of the SCTE-35 ad markers (comments) taken directly from the input manifest.\n- `SCTE35_ENHANCED` - Generates ad markers and blackout tags in the output based on the SCTE-35 messages from the input manifest.", "title": "AdMarkers", "type": "string" }, "IncludeIframeOnlyStream": { "markdownDescription": "Applies to stream sets with a single video track only. When enabled, the output includes an additional I-frame only stream, along with the other tracks.", "title": "IncludeIframeOnlyStream", "type": "boolean" }, "ManifestName": { "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", "title": "ManifestName", "type": "string" }, "ProgramDateTimeIntervalSeconds": { "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. Additionally, ID3Timed metadata messages are generated every 5 seconds starting when the content was ingested.\n\nIrrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.\n\nOmit this attribute or enter `0` to indicate that the `EXT-X-PROGRAM-DATE-TIME` tags are not included in the manifest.", "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, "RepeatExtXKey": { "markdownDescription": "Repeat the `EXT-X-KEY` directive for every media segment. This might result in an increase in client requests to the DRM server.", "title": "RepeatExtXKey", "type": "boolean" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", "title": "StreamSelection" } }, "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.HlsPackage": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "HlsManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.HlsManifest" }, "markdownDescription": "A list of HLS manifest configurations that are available from this endpoint.", "title": "HlsManifests", "type": "array" }, "IncludeDvbSubtitles": { "markdownDescription": "When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output.", "title": "IncludeDvbSubtitles", "type": "boolean" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" }, "UseAudioRenditionGroup": { "markdownDescription": "When true, AWS Elemental MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.", "title": "UseAudioRenditionGroup", "type": "boolean" } }, "required": [ "HlsManifests" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.MssEncryption": { "additionalProperties": false, "properties": { "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider", "markdownDescription": "Parameters for the SPEKE key provider.", "title": "SpekeKeyProvider" } }, "required": [ "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.MssManifest": { "additionalProperties": false, "properties": { "ManifestName": { "markdownDescription": "A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration.", "title": "ManifestName", "type": "string" }, "StreamSelection": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.StreamSelection", "markdownDescription": "Video bitrate limitations for outputs from this packaging configuration.", "title": "StreamSelection" } }, "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.MssPackage": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssEncryption", "markdownDescription": "Parameters for encrypting content.", "title": "Encryption" }, "MssManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.MssManifest" }, "markdownDescription": "A list of Microsoft Smooth manifest configurations that are available from this endpoint.", "title": "MssManifests", "type": "array" }, "SegmentDurationSeconds": { "markdownDescription": "Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration.", "title": "SegmentDurationSeconds", "type": "number" } }, "required": [ "MssManifests" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.SpekeKeyProvider": { "additionalProperties": false, "properties": { "EncryptionContractConfiguration": { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration.EncryptionContractConfiguration", "markdownDescription": "Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.", "title": "EncryptionContractConfiguration" }, "RoleArn": { "markdownDescription": "The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name}", "title": "RoleArn", "type": "string" }, "SystemIds": { "items": { "type": "string" }, "markdownDescription": "List of unique identifiers for the DRM systems to use, as defined in the CPIX specification.", "title": "SystemIds", "type": "array" }, "Url": { "markdownDescription": "URL for the key provider's key retrieval API endpoint. Must start with https://.", "title": "Url", "type": "string" } }, "required": [ "RoleArn", "SystemIds", "Url" ], "type": "object" }, "AWS::MediaPackage::PackagingConfiguration.StreamSelection": { "additionalProperties": false, "properties": { "MaxVideoBitsPerSecond": { "markdownDescription": "The upper limit of the bitrates that this endpoint serves. If the video track exceeds this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 2147483647 bits per second.", "title": "MaxVideoBitsPerSecond", "type": "number" }, "MinVideoBitsPerSecond": { "markdownDescription": "The lower limit of the bitrates that this endpoint serves. If the video track is below this threshold, then AWS Elemental MediaPackage excludes it from output. If you don't specify a value, it defaults to 0 bits per second.", "title": "MinVideoBitsPerSecond", "type": "number" }, "StreamOrder": { "markdownDescription": "Order in which the different video bitrates are presented to the player.\n\nValid values: `ORIGINAL` , `VIDEO_BITRATE_ASCENDING` , `VIDEO_BITRATE_DESCENDING` .", "title": "StreamOrder", "type": "string" } }, "type": "object" }, "AWS::MediaPackage::PackagingGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Authorization": { "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.Authorization", "markdownDescription": "Parameters for CDN authorization.", "title": "Authorization" }, "EgressAccessLogs": { "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup.LogConfiguration", "markdownDescription": "The configuration parameters for egress access logging.", "title": "EgressAccessLogs" }, "Id": { "markdownDescription": "Unique identifier that you assign to the packaging group.", "title": "Id", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the packaging group.", "title": "Tags", "type": "array" } }, "required": [ "Id" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackage::PackagingGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackage::PackagingGroup.Authorization": { "additionalProperties": false, "properties": { "CdnIdentifierSecret": { "markdownDescription": "The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization.", "title": "CdnIdentifierSecret", "type": "string" }, "SecretsRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that allows AWS Elemental MediaPackage to communicate with AWS Secrets Manager .", "title": "SecretsRoleArn", "type": "string" } }, "required": [ "CdnIdentifierSecret", "SecretsRoleArn" ], "type": "object" }, "AWS::MediaPackage::PackagingGroup.LogConfiguration": { "additionalProperties": false, "properties": { "LogGroupName": { "markdownDescription": "Sets a custom Amazon CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/EgressAccessLogs.", "title": "LogGroupName", "type": "string" } }, "type": "object" }, "AWS::MediaPackageV2::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelGroupName": { "markdownDescription": "The name of the channel group associated with the channel configuration.", "title": "ChannelGroupName", "type": "string" }, "ChannelName": { "markdownDescription": "The name of the channel.", "title": "ChannelName", "type": "string" }, "Description": { "markdownDescription": "The description of the channel.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the channel.", "title": "Tags", "type": "array" } }, "required": [ "ChannelGroupName", "ChannelName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackageV2::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackageV2::Channel.IngestEndpoint": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The identifier associated with the ingest endpoint of the channel.", "title": "Id", "type": "string" }, "Url": { "markdownDescription": "The URL associated with the ingest endpoint of the channel.", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::MediaPackageV2::ChannelGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelGroupName": { "markdownDescription": "The name of the channel group.", "title": "ChannelGroupName", "type": "string" }, "Description": { "markdownDescription": "The configuration for a MediaPackage V2 channel group.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the channel group.", "title": "Tags", "type": "array" } }, "required": [ "ChannelGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackageV2::ChannelGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackageV2::ChannelPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelGroupName": { "markdownDescription": "The name of the channel group associated with the channel policy.", "title": "ChannelGroupName", "type": "string" }, "ChannelName": { "markdownDescription": "The name of the channel associated with the channel policy.", "title": "ChannelName", "type": "string" }, "Policy": { "markdownDescription": "The policy associated with the channel.", "title": "Policy", "type": "object" } }, "required": [ "ChannelGroupName", "ChannelName", "Policy" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackageV2::ChannelPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelGroupName": { "markdownDescription": "The name of the channel group associated with the origin endpoint configuration.", "title": "ChannelGroupName", "type": "string" }, "ChannelName": { "markdownDescription": "The channel name associated with the origin endpoint.", "title": "ChannelName", "type": "string" }, "ContainerType": { "markdownDescription": "The container type associated with the origin endpoint configuration.", "title": "ContainerType", "type": "string" }, "Description": { "markdownDescription": "The description associated with the origin endpoint.", "title": "Description", "type": "string" }, "HlsManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration" }, "markdownDescription": "The HLS manfiests associated with the origin endpoint configuration.", "title": "HlsManifests", "type": "array" }, "LowLatencyHlsManifests": { "items": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration" }, "markdownDescription": "The low-latency HLS (LL-HLS) manifests associated with the origin endpoint.", "title": "LowLatencyHlsManifests", "type": "array" }, "OriginEndpointName": { "markdownDescription": "The name of the origin endpoint associated with the origin endpoint configuration.", "title": "OriginEndpointName", "type": "string" }, "Segment": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Segment", "markdownDescription": "The segment associated with the origin endpoint.", "title": "Segment" }, "StartoverWindowSeconds": { "markdownDescription": "The size of the window (in seconds) to specify a window of the live stream that's available for on-demand viewing. Viewers can start-over or catch-up on content that falls within the window.", "title": "StartoverWindowSeconds", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the origin endpoint.", "title": "Tags", "type": "array" } }, "required": [ "ChannelGroupName", "ChannelName", "OriginEndpointName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackageV2::OriginEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.Encryption": { "additionalProperties": false, "properties": { "ConstantInitializationVector": { "markdownDescription": "A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).", "title": "ConstantInitializationVector", "type": "string" }, "EncryptionMethod": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod", "markdownDescription": "The encryption method to use.", "title": "EncryptionMethod" }, "KeyRotationIntervalSeconds": { "markdownDescription": "The interval, in seconds, to rotate encryption keys for the origin endpoint.", "title": "KeyRotationIntervalSeconds", "type": "number" }, "SpekeKeyProvider": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider", "markdownDescription": "The SPEKE key provider to use for encryption.", "title": "SpekeKeyProvider" } }, "required": [ "EncryptionMethod", "SpekeKeyProvider" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration": { "additionalProperties": false, "properties": { "PresetSpeke20Audio": { "markdownDescription": "A collection of audio encryption presets.\n\nValue description:\n\n- `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream.\n- `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks.\n- `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels.\n- `SHARED` - Use the same content key for all of the audio and video tracks in your stream.\n- `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream.", "title": "PresetSpeke20Audio", "type": "string" }, "PresetSpeke20Video": { "markdownDescription": "The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint.", "title": "PresetSpeke20Video", "type": "string" } }, "required": [ "PresetSpeke20Audio", "PresetSpeke20Video" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.EncryptionMethod": { "additionalProperties": false, "properties": { "CmafEncryptionMethod": { "markdownDescription": "The encryption method to use.", "title": "CmafEncryptionMethod", "type": "string" }, "TsEncryptionMethod": { "markdownDescription": "The encryption method to use.", "title": "TsEncryptionMethod", "type": "string" } }, "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.", "title": "End", "type": "string" }, "ManifestFilter": { "markdownDescription": "Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.", "title": "ManifestFilter", "type": "string" }, "Start": { "markdownDescription": "Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.", "title": "Start", "type": "string" }, "TimeDelaySeconds": { "markdownDescription": "Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.", "title": "TimeDelaySeconds", "type": "number" } }, "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.HlsManifestConfiguration": { "additionalProperties": false, "properties": { "ChildManifestName": { "markdownDescription": "The name of the child manifest associated with the HLS manifest configuration.", "title": "ChildManifestName", "type": "string" }, "FilterConfiguration": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", "markdownDescription": "", "title": "FilterConfiguration" }, "ManifestName": { "markdownDescription": "The name of the manifest associated with the HLS manifest configuration.", "title": "ManifestName", "type": "string" }, "ManifestWindowSeconds": { "markdownDescription": "The duration of the manifest window, in seconds, for the HLS manifest configuration.", "title": "ManifestWindowSeconds", "type": "number" }, "ProgramDateTimeIntervalSeconds": { "markdownDescription": "The `EXT-X-PROGRAM-DATE-TIME` interval, in seconds, associated with the HLS manifest configuration.", "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, "ScteHls": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", "markdownDescription": "THE SCTE-35 HLS configuration associated with the HLS manifest configuration.", "title": "ScteHls" }, "Url": { "markdownDescription": "The URL of the HLS manifest configuration.", "title": "Url", "type": "string" } }, "required": [ "ManifestName" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.LowLatencyHlsManifestConfiguration": { "additionalProperties": false, "properties": { "ChildManifestName": { "markdownDescription": "The name of the child manifest associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", "title": "ChildManifestName", "type": "string" }, "FilterConfiguration": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.FilterConfiguration", "markdownDescription": "", "title": "FilterConfiguration" }, "ManifestName": { "markdownDescription": "A short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, `index` . MediaPackage automatically inserts the format extension, such as `.m3u8` . You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The `manifestName` on the `HLSManifest` object overrides the `manifestName` you provided on the `originEndpoint` object.", "title": "ManifestName", "type": "string" }, "ManifestWindowSeconds": { "markdownDescription": "The total duration (in seconds) of the manifest's content.", "title": "ManifestWindowSeconds", "type": "number" }, "ProgramDateTimeIntervalSeconds": { "markdownDescription": "Inserts `EXT-X-PROGRAM-DATE-TIME` tags in the output manifest at the interval that you specify. If you don't enter an interval, `EXT-X-PROGRAM-DATE-TIME` tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. `ID3Timed` metadata messages generate every 5 seconds whenever MediaPackage ingests the content.\n\nIrrespective of this parameter, if any `ID3Timed` metadata is in the HLS input, MediaPackage passes through that metadata to the HLS output.", "title": "ProgramDateTimeIntervalSeconds", "type": "number" }, "ScteHls": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.ScteHls", "markdownDescription": "The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", "title": "ScteHls" }, "Url": { "markdownDescription": "The URL of the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint.", "title": "Url", "type": "string" } }, "required": [ "ManifestName" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.Scte": { "additionalProperties": false, "properties": { "ScteFilter": { "items": { "type": "string" }, "markdownDescription": "The filter associated with the SCTE-35 configuration.", "title": "ScteFilter", "type": "array" } }, "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.ScteHls": { "additionalProperties": false, "properties": { "AdMarkerHls": { "markdownDescription": "The SCTE-35 HLS ad-marker configuration.", "title": "AdMarkerHls", "type": "string" } }, "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.Segment": { "additionalProperties": false, "properties": { "Encryption": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Encryption", "markdownDescription": "Whether to use encryption for the segment.", "title": "Encryption" }, "IncludeIframeOnlyStreams": { "markdownDescription": "Whether the segment includes I-frame-only streams.", "title": "IncludeIframeOnlyStreams", "type": "boolean" }, "Scte": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.Scte", "markdownDescription": "The SCTE-35 configuration associated with the segment.", "title": "Scte" }, "SegmentDurationSeconds": { "markdownDescription": "The duration of the segment, in seconds.", "title": "SegmentDurationSeconds", "type": "number" }, "SegmentName": { "markdownDescription": "The name of the segment associated with the origin endpoint.", "title": "SegmentName", "type": "string" }, "TsIncludeDvbSubtitles": { "markdownDescription": "Whether the segment includes DVB subtitles.", "title": "TsIncludeDvbSubtitles", "type": "boolean" }, "TsUseAudioRenditionGroup": { "markdownDescription": "Whether the segment is an audio rendition group.", "title": "TsUseAudioRenditionGroup", "type": "boolean" } }, "type": "object" }, "AWS::MediaPackageV2::OriginEndpoint.SpekeKeyProvider": { "additionalProperties": false, "properties": { "DrmSystems": { "items": { "type": "string" }, "markdownDescription": "The DRM solution provider you're using to protect your content during distribution.", "title": "DrmSystems", "type": "array" }, "EncryptionContractConfiguration": { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint.EncryptionContractConfiguration", "markdownDescription": "The encryption contract configuration associated with the SPEKE key provider.", "title": "EncryptionContractConfiguration" }, "ResourceId": { "markdownDescription": "The unique identifier for the content. The service sends this identifier to the key server to identify the current endpoint. How unique you make this identifier depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.\n\nThe following example shows a resource ID: `MovieNight20171126093045`", "title": "ResourceId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.\n\nValid format: `arn:aws:iam::{accountID}:role/{name}` . The following example shows a role ARN: `arn:aws:iam::444455556666:role/SpekeAccess`", "title": "RoleArn", "type": "string" }, "Url": { "markdownDescription": "The URL of the SPEKE key provider.", "title": "Url", "type": "string" } }, "required": [ "DrmSystems", "EncryptionContractConfiguration", "ResourceId", "RoleArn", "Url" ], "type": "object" }, "AWS::MediaPackageV2::OriginEndpointPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelGroupName": { "markdownDescription": "The name of the channel group associated with the origin endpoint policy.", "title": "ChannelGroupName", "type": "string" }, "ChannelName": { "markdownDescription": "The channel name associated with the origin endpoint policy.", "title": "ChannelName", "type": "string" }, "OriginEndpointName": { "markdownDescription": "The name of the origin endpoint associated with the origin endpoint policy.", "title": "OriginEndpointName", "type": "string" }, "Policy": { "markdownDescription": "The policy associated with the origin endpoint.", "title": "Policy", "type": "object" } }, "required": [ "ChannelGroupName", "ChannelName", "OriginEndpointName", "Policy" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaPackageV2::OriginEndpointPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaStore::Container": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessLoggingEnabled": { "markdownDescription": "The state of access logging on the container. This value is `false` by default, indicating that AWS Elemental MediaStore does not send access logs to Amazon CloudWatch Logs. When you enable access logging on the container, MediaStore changes this value to `true` , indicating that the service delivers access logs for objects stored in that container to CloudWatch Logs.", "title": "AccessLoggingEnabled", "type": "boolean" }, "ContainerName": { "markdownDescription": "The name for the container. The name must be from 1 to 255 characters. Container names must be unique to your AWS account within a specific region. As an example, you could create a container named `movies` in every region, as long as you don\u2019t have an existing container with that name.", "title": "ContainerName", "type": "string" }, "CorsPolicy": { "items": { "$ref": "#/definitions/AWS::MediaStore::Container.CorsRule" }, "markdownDescription": "Sets the cross-origin resource sharing (CORS) configuration on a container so that the container can service cross-origin requests. For example, you might want to enable a request whose origin is http://www.example.com to access your AWS Elemental MediaStore container at my.example.container.com by using the browser's XMLHttpRequest capability.\n\nTo enable CORS on a container, you attach a CORS policy to the container. In the CORS policy, you configure rules that identify origins and the HTTP methods that can be executed on your container. The policy can contain up to 398,000 characters. You can add up to 100 rules to a CORS policy. If more than one rule applies, the service uses the first applicable rule listed.\n\nTo learn more about CORS, see [Cross-Origin Resource Sharing (CORS) in AWS Elemental MediaStore](https://docs.aws.amazon.com/mediastore/latest/ug/cors-policy.html) .", "title": "CorsPolicy", "type": "array" }, "LifecyclePolicy": { "markdownDescription": "Writes an object lifecycle policy to a container. If the container already has an object lifecycle policy, the service replaces the existing policy with the new policy. It takes up to 20 minutes for the change to take effect.\n\nFor information about how to construct an object lifecycle policy, see [Components of an Object Lifecycle Policy](https://docs.aws.amazon.com/mediastore/latest/ug/policies-object-lifecycle-components.html) .", "title": "LifecyclePolicy", "type": "string" }, "MetricPolicy": { "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicy", "markdownDescription": "The metric policy that is associated with the container. A metric policy allows AWS Elemental MediaStore to send metrics to Amazon CloudWatch. In the policy, you must indicate whether you want MediaStore to send container-level metrics. You can also include rules to define groups of objects that you want MediaStore to send object-level metrics for.\n\nTo view examples of how to construct a metric policy for your use case, see [Example Metric Policies](https://docs.aws.amazon.com/mediastore/latest/ug/policies-metric-examples.html) .", "title": "MetricPolicy" }, "Policy": { "markdownDescription": "Creates an access policy for the specified container to restrict the users and clients that can access it. For information about the data that is included in an access policy, see the [AWS Identity and Access Management User Guide](https://docs.aws.amazon.com/iam/) .\n\nFor this release of the REST API, you can create only one policy for a container. If you enter `PutContainerPolicy` twice, the second command modifies the existing policy.", "title": "Policy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "ContainerName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaStore::Container" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaStore::Container.CorsRule": { "additionalProperties": false, "properties": { "AllowedHeaders": { "items": { "type": "string" }, "markdownDescription": "Specifies which headers are allowed in a preflight `OPTIONS` request through the `Access-Control-Request-Headers` header. Each header name that is specified in `Access-Control-Request-Headers` must have a corresponding entry in the rule. Only the headers that were requested are sent back.\n\nThis element can contain only one wildcard character (*).", "title": "AllowedHeaders", "type": "array" }, "AllowedMethods": { "items": { "type": "string" }, "markdownDescription": "Identifies an HTTP method that the origin that is specified in the rule is allowed to execute.\n\nEach CORS rule must contain at least one `AllowedMethods` and one `AllowedOrigins` element.", "title": "AllowedMethods", "type": "array" }, "AllowedOrigins": { "items": { "type": "string" }, "markdownDescription": "One or more response headers that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nEach CORS rule must have at least one `AllowedOrigins` element. The string value can include only one wildcard character (*), for example, http://*.example.com. Additionally, you can specify only one wildcard character to allow cross-origin access for all origins.", "title": "AllowedOrigins", "type": "array" }, "ExposeHeaders": { "items": { "type": "string" }, "markdownDescription": "One or more headers in the response that you want users to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).\n\nThis element is optional for each rule.", "title": "ExposeHeaders", "type": "array" }, "MaxAgeSeconds": { "markdownDescription": "The time in seconds that your browser caches the preflight response for the specified resource.\n\nA CORS rule can have only one `MaxAgeSeconds` element.", "title": "MaxAgeSeconds", "type": "number" } }, "type": "object" }, "AWS::MediaStore::Container.MetricPolicy": { "additionalProperties": false, "properties": { "ContainerLevelMetrics": { "markdownDescription": "A setting to enable or disable metrics at the container level.", "title": "ContainerLevelMetrics", "type": "string" }, "MetricPolicyRules": { "items": { "$ref": "#/definitions/AWS::MediaStore::Container.MetricPolicyRule" }, "markdownDescription": "A parameter that holds an array of rules that enable metrics at the object level. This parameter is optional, but if you choose to include it, you must also include at least one rule. By default, you can include up to five rules. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/home?region=us-east-1#!/services/mediastore/quotas) to allow up to 300 rules per policy.", "title": "MetricPolicyRules", "type": "array" } }, "required": [ "ContainerLevelMetrics" ], "type": "object" }, "AWS::MediaStore::Container.MetricPolicyRule": { "additionalProperties": false, "properties": { "ObjectGroup": { "markdownDescription": "A path or file name that defines which objects to include in the group. Wildcards (*) are acceptable.", "title": "ObjectGroup", "type": "string" }, "ObjectGroupName": { "markdownDescription": "A name that allows you to refer to the object group.", "title": "ObjectGroupName", "type": "string" } }, "required": [ "ObjectGroup", "ObjectGroupName" ], "type": "object" }, "AWS::MediaTailor::Channel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Audiences": { "items": { "type": "string" }, "markdownDescription": "The list of audiences defined in channel.", "title": "Audiences", "type": "array" }, "ChannelName": { "markdownDescription": "The name of the channel.", "title": "ChannelName", "type": "string" }, "FillerSlate": { "$ref": "#/definitions/AWS::MediaTailor::Channel.SlateSource", "markdownDescription": "The slate used to fill gaps between programs in the schedule. You must configure filler slate if your channel uses the `LINEAR` `PlaybackMode` . MediaTailor doesn't support filler slate for channels using the `LOOP` `PlaybackMode` .", "title": "FillerSlate" }, "LogConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::Channel.LogConfigurationForChannel", "markdownDescription": "The log configuration.", "title": "LogConfiguration" }, "Outputs": { "items": { "$ref": "#/definitions/AWS::MediaTailor::Channel.RequestOutputItem" }, "markdownDescription": "The channel's output properties.", "title": "Outputs", "type": "array" }, "PlaybackMode": { "markdownDescription": "The type of playback mode for this channel.\n\n`LINEAR` - Programs play back-to-back only once.\n\n`LOOP` - Programs play back-to-back in an endless loop. When the last program in the schedule plays, playback loops back to the first program in the schedule.", "title": "PlaybackMode", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the channel. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", "title": "Tags", "type": "array" }, "Tier": { "markdownDescription": "The tier for this channel. STANDARD tier channels can contain live programs.", "title": "Tier", "type": "string" }, "TimeShiftConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::Channel.TimeShiftConfiguration", "markdownDescription": "The configuration for time-shifted viewing.", "title": "TimeShiftConfiguration" } }, "required": [ "ChannelName", "Outputs", "PlaybackMode" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::Channel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::Channel.DashPlaylistSettings": { "additionalProperties": false, "properties": { "ManifestWindowSeconds": { "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", "title": "ManifestWindowSeconds", "type": "number" }, "MinBufferTimeSeconds": { "markdownDescription": "Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: `2` seconds. Maximum value: `60` seconds.", "title": "MinBufferTimeSeconds", "type": "number" }, "MinUpdatePeriodSeconds": { "markdownDescription": "Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", "title": "MinUpdatePeriodSeconds", "type": "number" }, "SuggestedPresentationDelaySeconds": { "markdownDescription": "Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: `2` seconds. Maximum value: `60` seconds.", "title": "SuggestedPresentationDelaySeconds", "type": "number" } }, "type": "object" }, "AWS::MediaTailor::Channel.HlsPlaylistSettings": { "additionalProperties": false, "properties": { "AdMarkupType": { "items": { "type": "string" }, "markdownDescription": "Determines the type of SCTE 35 tags to use in ad markup. Specify `DATERANGE` to use `DATERANGE` tags (for live or VOD content). Specify `SCTE35_ENHANCED` to use `EXT-X-CUE-OUT` and `EXT-X-CUE-IN` tags (for VOD content only).", "title": "AdMarkupType", "type": "array" }, "ManifestWindowSeconds": { "markdownDescription": "The total duration (in seconds) of each manifest. Minimum value: `30` seconds. Maximum value: `3600` seconds.", "title": "ManifestWindowSeconds", "type": "number" } }, "type": "object" }, "AWS::MediaTailor::Channel.LogConfigurationForChannel": { "additionalProperties": false, "properties": { "LogTypes": { "items": { "type": "string" }, "markdownDescription": "The log types.", "title": "LogTypes", "type": "array" } }, "type": "object" }, "AWS::MediaTailor::Channel.RequestOutputItem": { "additionalProperties": false, "properties": { "DashPlaylistSettings": { "$ref": "#/definitions/AWS::MediaTailor::Channel.DashPlaylistSettings", "markdownDescription": "DASH manifest configuration parameters.", "title": "DashPlaylistSettings" }, "HlsPlaylistSettings": { "$ref": "#/definitions/AWS::MediaTailor::Channel.HlsPlaylistSettings", "markdownDescription": "HLS playlist configuration parameters.", "title": "HlsPlaylistSettings" }, "ManifestName": { "markdownDescription": "The name of the manifest for the channel. The name appears in the `PlaybackUrl` .", "title": "ManifestName", "type": "string" }, "SourceGroup": { "markdownDescription": "A string used to match which `HttpPackageConfiguration` is used for each `VodSource` .", "title": "SourceGroup", "type": "string" } }, "required": [ "ManifestName", "SourceGroup" ], "type": "object" }, "AWS::MediaTailor::Channel.SlateSource": { "additionalProperties": false, "properties": { "SourceLocationName": { "markdownDescription": "The name of the source location where the slate VOD source is stored.", "title": "SourceLocationName", "type": "string" }, "VodSourceName": { "markdownDescription": "The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.", "title": "VodSourceName", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::Channel.TimeShiftConfiguration": { "additionalProperties": false, "properties": { "MaxTimeDelaySeconds": { "markdownDescription": "The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).", "title": "MaxTimeDelaySeconds", "type": "number" } }, "required": [ "MaxTimeDelaySeconds" ], "type": "object" }, "AWS::MediaTailor::ChannelPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelName": { "markdownDescription": "The name of the channel associated with this Channel Policy.", "title": "ChannelName", "type": "string" }, "Policy": { "markdownDescription": "The IAM policy for the channel. IAM policies are used to control access to your channel.", "title": "Policy", "type": "object" } }, "required": [ "ChannelName", "Policy" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::ChannelPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::LiveSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HttpPackageConfigurations": { "items": { "$ref": "#/definitions/AWS::MediaTailor::LiveSource.HttpPackageConfiguration" }, "markdownDescription": "The HTTP package configurations for the live source.", "title": "HttpPackageConfigurations", "type": "array" }, "LiveSourceName": { "markdownDescription": "The name that's used to refer to a live source.", "title": "LiveSourceName", "type": "string" }, "SourceLocationName": { "markdownDescription": "The name of the source location.", "title": "SourceLocationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the live source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "HttpPackageConfigurations", "LiveSourceName", "SourceLocationName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::LiveSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::LiveSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", "title": "Path", "type": "string" }, "SourceGroup": { "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", "title": "SourceGroup", "type": "string" }, "Type": { "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", "title": "Type", "type": "string" } }, "required": [ "Path", "SourceGroup", "Type" ], "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdDecisionServerUrl": { "markdownDescription": "The URL for the ad decision server (ADS). This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing you can provide a static VAST URL. The maximum length is 25,000 characters.", "title": "AdDecisionServerUrl", "type": "string" }, "AvailSuppression": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AvailSuppression", "markdownDescription": "The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see [Ad Suppression](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", "title": "AvailSuppression" }, "Bumper": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.Bumper", "markdownDescription": "The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see [Bumpers](https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html) .", "title": "Bumper" }, "CdnConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration", "markdownDescription": "The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management.", "title": "CdnConfiguration" }, "ConfigurationAliases": { "additionalProperties": true, "markdownDescription": "The player parameters and aliases used as dynamic variables during session initialization. For more information, see [Domain Variables](https://docs.aws.amazon.com/mediatailor/latest/ug/variables-domain.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "object" } }, "title": "ConfigurationAliases", "type": "object" }, "DashConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.DashConfiguration", "markdownDescription": "The configuration for a DASH source.", "title": "DashConfiguration" }, "HlsConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration", "markdownDescription": "The configuration for HLS content.", "title": "HlsConfiguration" }, "LivePreRollConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration", "markdownDescription": "The configuration for pre-roll ad insertion.", "title": "LivePreRollConfiguration" }, "ManifestProcessingRules": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules", "markdownDescription": "The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor.", "title": "ManifestProcessingRules" }, "Name": { "markdownDescription": "The identifier for the playback configuration.", "title": "Name", "type": "string" }, "PersonalizationThresholdSeconds": { "markdownDescription": "Defines the maximum duration of underfilled ad time (in seconds) allowed in an ad break. If the duration of underfilled ad time exceeds the personalization threshold, then the personalization of the ad break is abandoned and the underlying content is shown. This feature applies to *ad replacement* in live and VOD streams, rather than ad insertion, because it relies on an underlying content stream. For more information about ad break behavior, including ad replacement and insertion, see [Ad Behavior in AWS Elemental MediaTailor](https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html) .", "title": "PersonalizationThresholdSeconds", "type": "number" }, "SlateAdUrl": { "markdownDescription": "The URL for a video asset to transcode and use to fill in time that's not used by ads. AWS Elemental MediaTailor shows the slate to fill in gaps in media content. Configuring the slate is optional for non-VPAID playback configurations. For VPAID, the slate is required because MediaTailor provides it in the slots designated for dynamic ad content. The slate must be a high-quality asset that contains both audio and video.", "title": "SlateAdUrl", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to assign to the playback configuration. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", "title": "Tags", "type": "array" }, "TranscodeProfileName": { "markdownDescription": "The name that is used to associate this playback configuration with a custom transcode profile. This overrides the dynamic transcoding defaults of MediaTailor. Use this only if you have already set up custom profiles with the help of AWS Support.", "title": "TranscodeProfileName", "type": "string" }, "VideoContentSourceUrl": { "markdownDescription": "The URL prefix for the parent manifest for the stream, minus the asset ID. The maximum length is 512 characters.", "title": "VideoContentSourceUrl", "type": "string" } }, "required": [ "AdDecisionServerUrl", "Name", "VideoContentSourceUrl" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::PlaybackConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Enables ad marker passthrough for your configuration.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.AvailSuppression": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to `BEHIND_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to `AFTER_LIVE_EDGE` , ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value.", "title": "Mode", "type": "string" }, "Value": { "markdownDescription": "A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.Bumper": { "additionalProperties": false, "properties": { "EndUrl": { "markdownDescription": "The URL for the end bumper asset.", "title": "EndUrl", "type": "string" }, "StartUrl": { "markdownDescription": "The URL for the start bumper asset.", "title": "StartUrl", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.CdnConfiguration": { "additionalProperties": false, "properties": { "AdSegmentUrlPrefix": { "markdownDescription": "A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor. ** .amazonaws.com. Then specify the rule's name in this `AdSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments.", "title": "AdSegmentUrlPrefix", "type": "string" }, "ContentSegmentUrlPrefix": { "markdownDescription": "A content delivery network (CDN) to cache content segments, so that content requests don\u2019t always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this `ContentSegmentUrlPrefix` . When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments.", "title": "ContentSegmentUrlPrefix", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.DashConfiguration": { "additionalProperties": false, "properties": { "ManifestEndpointPrefix": { "markdownDescription": "The URL generated by MediaTailor to initiate a playback session. The session uses server-side reporting. This setting is ignored in PUT operations.", "title": "ManifestEndpointPrefix", "type": "string" }, "MpdLocation": { "markdownDescription": "The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are `DISABLED` and `EMT_DEFAULT` . The `EMT_DEFAULT` setting enables the inclusion of the tag and is the default value.", "title": "MpdLocation", "type": "string" }, "OriginManifestType": { "markdownDescription": "The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to `SINGLE_PERIOD` . The default setting is `MULTI_PERIOD` . For multi-period manifests, omit this setting or set it to `MULTI_PERIOD` .", "title": "OriginManifestType", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.HlsConfiguration": { "additionalProperties": false, "properties": { "ManifestEndpointPrefix": { "markdownDescription": "The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting.", "title": "ManifestEndpointPrefix", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.LivePreRollConfiguration": { "additionalProperties": false, "properties": { "AdDecisionServerUrl": { "markdownDescription": "The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters.", "title": "AdDecisionServerUrl", "type": "string" }, "MaxDurationSeconds": { "markdownDescription": "The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns.", "title": "MaxDurationSeconds", "type": "number" } }, "type": "object" }, "AWS::MediaTailor::PlaybackConfiguration.ManifestProcessingRules": { "additionalProperties": false, "properties": { "AdMarkerPassthrough": { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration.AdMarkerPassthrough", "markdownDescription": "For HLS, when set to `true` , MediaTailor passes through `EXT-X-CUE-IN` , `EXT-X-CUE-OUT` , and `EXT-X-SPLICEPOINT-SCTE35` ad markers from the origin manifest to the MediaTailor personalized manifest.\n\nNo logic is applied to these ad markers. For example, if `EXT-X-CUE-OUT` has a value of `60` , but no ads are filled for that ad break, MediaTailor will not set the value to `0` .", "title": "AdMarkerPassthrough" } }, "type": "object" }, "AWS::MediaTailor::SourceLocation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.AccessConfiguration", "markdownDescription": "The access configuration for the source location.", "title": "AccessConfiguration" }, "DefaultSegmentDeliveryConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration", "markdownDescription": "The default segment delivery configuration.", "title": "DefaultSegmentDeliveryConfiguration" }, "HttpConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.HttpConfiguration", "markdownDescription": "The HTTP configuration for the source location.", "title": "HttpConfiguration" }, "SegmentDeliveryConfigurations": { "items": { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration" }, "markdownDescription": "The segment delivery configurations for the source location.", "title": "SegmentDeliveryConfigurations", "type": "array" }, "SourceLocationName": { "markdownDescription": "The name of the source location.", "title": "SourceLocationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the source location. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "HttpConfiguration", "SourceLocationName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::SourceLocation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::SourceLocation.AccessConfiguration": { "additionalProperties": false, "properties": { "AccessType": { "markdownDescription": "The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` .\n\n`S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name.\n\nBefore you can use `S3_SIGV4` , you must meet these requirements:\n\n\u2022 You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide.\n\n\u2022 The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations.\n\n\u2022 The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations.", "title": "AccessType", "type": "string" }, "SecretsManagerAccessTokenConfiguration": { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration", "markdownDescription": "AWS Secrets Manager access token configuration parameters.", "title": "SecretsManagerAccessTokenConfiguration" } }, "type": "object" }, "AWS::MediaTailor::SourceLocation.DefaultSegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { "BaseUrl": { "markdownDescription": "The hostname of the server that will be used to serve segments. This string must include the protocol, such as *https://* .", "title": "BaseUrl", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::SourceLocation.HttpConfiguration": { "additionalProperties": false, "properties": { "BaseUrl": { "markdownDescription": "The base URL for the source location host server. This string must include the protocol, such as *https://* .", "title": "BaseUrl", "type": "string" } }, "required": [ "BaseUrl" ], "type": "object" }, "AWS::MediaTailor::SourceLocation.SecretsManagerAccessTokenConfiguration": { "additionalProperties": false, "properties": { "HeaderName": { "markdownDescription": "The name of the HTTP header used to supply the access token in requests to the source location.", "title": "HeaderName", "type": "string" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.", "title": "SecretArn", "type": "string" }, "SecretStringKey": { "markdownDescription": "The AWS Secrets Manager [SecretString](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html#SecretsManager-CreateSecret-request-SecretString.html) key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.", "title": "SecretStringKey", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::SourceLocation.SegmentDeliveryConfiguration": { "additionalProperties": false, "properties": { "BaseUrl": { "markdownDescription": "The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as `https://example.com/some/path` . To use a relative URL specify the relative path, such as `/some/path*` .", "title": "BaseUrl", "type": "string" }, "Name": { "markdownDescription": "A unique identifier used to distinguish between multiple segment delivery configurations in a source location.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::MediaTailor::VodSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HttpPackageConfigurations": { "items": { "$ref": "#/definitions/AWS::MediaTailor::VodSource.HttpPackageConfiguration" }, "markdownDescription": "The HTTP package configurations for the VOD source.", "title": "HttpPackageConfigurations", "type": "array" }, "SourceLocationName": { "markdownDescription": "The name of the source location that the VOD source is associated with.", "title": "SourceLocationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the VOD source. Tags are key-value pairs that you can associate with Amazon resources to help with organization, access control, and cost tracking. For more information, see [Tagging AWS Elemental MediaTailor Resources](https://docs.aws.amazon.com/mediatailor/latest/ug/tagging.html) .", "title": "Tags", "type": "array" }, "VodSourceName": { "markdownDescription": "The name of the VOD source.", "title": "VodSourceName", "type": "string" } }, "required": [ "HttpPackageConfigurations", "SourceLocationName", "VodSourceName" ], "type": "object" }, "Type": { "enum": [ "AWS::MediaTailor::VodSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MediaTailor::VodSource.HttpPackageConfiguration": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The relative path to the URL for this VOD source. This is combined with `SourceLocation::HttpConfiguration::BaseUrl` to form a valid URL.", "title": "Path", "type": "string" }, "SourceGroup": { "markdownDescription": "The name of the source group. This has to match one of the `Channel::Outputs::SourceGroup` .", "title": "SourceGroup", "type": "string" }, "Type": { "markdownDescription": "The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` .", "title": "Type", "type": "string" } }, "required": [ "Path", "SourceGroup", "Type" ], "type": "object" }, "AWS::MemoryDB::ACL": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ACLName": { "markdownDescription": "The name of the Access Control List.", "title": "ACLName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "UserNames": { "items": { "type": "string" }, "markdownDescription": "The list of users that belong to the Access Control List.", "title": "UserNames", "type": "array" } }, "required": [ "ACLName" ], "type": "object" }, "Type": { "enum": [ "AWS::MemoryDB::ACL" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MemoryDB::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ACLName": { "markdownDescription": "The name of the Access Control List to associate with the cluster .", "title": "ACLName", "type": "string" }, "AutoMinorVersionUpgrade": { "markdownDescription": "When set to true, the cluster will automatically receive minor engine version upgrades after launch.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "ClusterEndpoint": { "$ref": "#/definitions/AWS::MemoryDB::Cluster.Endpoint", "markdownDescription": "The cluster 's configuration endpoint.", "title": "ClusterEndpoint" }, "ClusterName": { "markdownDescription": "The name of the cluster .", "title": "ClusterName", "type": "string" }, "DataTiering": { "markdownDescription": "Enables data tiering. Data tiering is only supported for replication groups using the r6gd node type. This parameter must be set to true when using r6gd nodes. For more information, see [Data tiering](https://docs.aws.amazon.com/memorydb/latest/devguide/data-tiering.html) .", "title": "DataTiering", "type": "string" }, "Description": { "markdownDescription": "A description of the cluster .", "title": "Description", "type": "string" }, "EngineVersion": { "markdownDescription": "The Redis engine version used by the cluster .", "title": "EngineVersion", "type": "string" }, "FinalSnapshotName": { "markdownDescription": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.", "title": "FinalSnapshotName", "type": "string" }, "KmsKeyId": { "markdownDescription": "The ID of the KMS key used to encrypt the cluster .", "title": "KmsKeyId", "type": "string" }, "MaintenanceWindow": { "markdownDescription": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` (24H Clock UTC). The minimum maintenance window is a 60 minute period.\n\n*Pattern* : `ddd:hh24:mi-ddd:hh24:mi`", "title": "MaintenanceWindow", "type": "string" }, "NodeType": { "markdownDescription": "The cluster 's node type.", "title": "NodeType", "type": "string" }, "NumReplicasPerShard": { "markdownDescription": "The number of replicas to apply to each shard.\n\n*Default value* : `1`\n\n*Maximum value* : `5`", "title": "NumReplicasPerShard", "type": "number" }, "NumShards": { "markdownDescription": "The number of shards in the cluster .", "title": "NumShards", "type": "number" }, "ParameterGroupName": { "markdownDescription": "The name of the parameter group used by the cluster .", "title": "ParameterGroupName", "type": "string" }, "Port": { "markdownDescription": "The port used by the cluster .", "title": "Port", "type": "number" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group names to associate with this cluster .", "title": "SecurityGroupIds", "type": "array" }, "SnapshotArns": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Resource Names (ARN) that uniquely identify the RDB snapshot files stored in Amazon S3. The snapshot files are used to populate the new cluster . The Amazon S3 object name in the ARN cannot contain any commas.", "title": "SnapshotArns", "type": "array" }, "SnapshotName": { "markdownDescription": "The name of a snapshot from which to restore data into the new cluster . The snapshot status changes to restoring while the new cluster is being created.", "title": "SnapshotName", "type": "string" }, "SnapshotRetentionLimit": { "markdownDescription": "The number of days for which MemoryDB retains automatic snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, a snapshot that was taken today is retained for 5 days before being deleted.", "title": "SnapshotRetentionLimit", "type": "number" }, "SnapshotWindow": { "markdownDescription": "The daily time range (in UTC) during which MemoryDB begins taking a daily snapshot of your shard. Example: 05:00-09:00 If you do not specify this parameter, MemoryDB automatically chooses an appropriate time range.", "title": "SnapshotWindow", "type": "string" }, "SnsTopicArn": { "markdownDescription": "When you pass the logical ID of this resource to the intrinsic `Ref` function, Ref returns the ARN of the SNS topic, such as `arn:aws:memorydb:us-east-1:123456789012:mySNSTopic`", "title": "SnsTopicArn", "type": "string" }, "SnsTopicStatus": { "markdownDescription": "The SNS topic must be in Active status to receive notifications.", "title": "SnsTopicStatus", "type": "string" }, "SubnetGroupName": { "markdownDescription": "The name of the subnet group used by the cluster .", "title": "SubnetGroupName", "type": "string" }, "TLSEnabled": { "markdownDescription": "A flag to indicate if In-transit encryption is enabled.", "title": "TLSEnabled", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "ACLName", "ClusterName", "NodeType" ], "type": "object" }, "Type": { "enum": [ "AWS::MemoryDB::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MemoryDB::Cluster.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The DNS hostname of the node.", "title": "Address", "type": "string" }, "Port": { "markdownDescription": "The port number that the engine is listening on.", "title": "Port", "type": "number" } }, "type": "object" }, "AWS::MemoryDB::ParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "The name of the parameter group family that this parameter group is compatible with.", "title": "Family", "type": "string" }, "ParameterGroupName": { "markdownDescription": "The name of the parameter group.", "title": "ParameterGroupName", "type": "string" }, "Parameters": { "markdownDescription": "Returns the detailed parameter list for the parameter group.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "Family", "ParameterGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::MemoryDB::ParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MemoryDB::SubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the subnet group.", "title": "Description", "type": "string" }, "SubnetGroupName": { "markdownDescription": "The name of the subnet group to be used for the cluster .", "title": "SubnetGroupName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon VPC subnet IDs for the subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "SubnetGroupName", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::MemoryDB::SubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MemoryDB::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessString": { "markdownDescription": "Access permissions string used for this user.", "title": "AccessString", "type": "string" }, "AuthenticationMode": { "$ref": "#/definitions/AWS::MemoryDB::User.AuthenticationMode", "markdownDescription": "Denotes whether the user requires a password to authenticate.\n\n*Example:*\n\n`mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { \"Passwords\": [\"1234567890123456\"], \"Type\": \"Password\" }`", "title": "AuthenticationMode" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "UserName": { "markdownDescription": "The name of the user.", "title": "UserName", "type": "string" } }, "required": [ "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::MemoryDB::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::MemoryDB::User.AuthenticationMode": { "additionalProperties": false, "properties": { "Passwords": { "items": { "type": "string" }, "markdownDescription": "The password(s) used for authentication", "title": "Passwords", "type": "array" }, "Type": { "markdownDescription": "Indicates whether the user requires a password to authenticate. All newly-created users require a password.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Neptune::DBCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociatedRoles": { "items": { "$ref": "#/definitions/AWS::Neptune::DBCluster.DBClusterRole" }, "markdownDescription": "Provides a list of the Amazon Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon services on your behalf.", "title": "AssociatedRoles", "type": "array" }, "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "Provides the list of EC2 Availability Zones that instances in the DB cluster can be created in.", "title": "AvailabilityZones", "type": "array" }, "BackupRetentionPeriod": { "markdownDescription": "Specifies the number of days for which automatic DB snapshots are retained.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", "title": "BackupRetentionPeriod", "type": "number" }, "CopyTagsToSnapshot": { "markdownDescription": "*If set to `true` , tags are copied to any snapshot of the DB cluster that is created.*", "title": "CopyTagsToSnapshot", "type": "boolean" }, "DBClusterIdentifier": { "markdownDescription": "Contains a user-supplied DB cluster identifier. This identifier is the unique key that identifies a DB cluster.", "title": "DBClusterIdentifier", "type": "string" }, "DBClusterParameterGroupName": { "markdownDescription": "Provides the name of the DB cluster parameter group.\n\nAn update may require some interruption. See [ModifyDBInstance](https://docs.aws.amazon.com/neptune/latest/userguide/api-instances.html#ModifyDBInstance) in the Amazon Neptune User Guide for more information.", "title": "DBClusterParameterGroupName", "type": "string" }, "DBInstanceParameterGroupName": { "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster. Used only in case of a major engine version upgrade request\n\nNote that when you apply a parameter group using `DBInstanceParameterGroupName` , parameter changes are applied immediately, not during the next maintenance window.\n\n**Constraints** - The DB parameter group must be in the same DB parameter group family as the target DB cluster version.\n- The `DBInstanceParameterGroupName` parameter is only valid for major engine version upgrades.", "title": "DBInstanceParameterGroupName", "type": "string" }, "DBPort": { "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nIf not specified, the default port used is `8182` .\n\n> The `Port` property will soon be deprecated. Please update existing templates to use the new `DBPort` property that has the same functionality.", "title": "DBPort", "type": "number" }, "DBSubnetGroupName": { "markdownDescription": "Specifies information on the subnet group associated with the DB cluster, including the name, description, and subnets in the subnet group.", "title": "DBSubnetGroupName", "type": "string" }, "DeletionProtection": { "markdownDescription": "Indicates whether or not the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled.", "title": "DeletionProtection", "type": "boolean" }, "EnableCloudwatchLogsExports": { "items": { "type": "string" }, "markdownDescription": "Specifies a list of log types that are enabled for export to CloudWatch Logs.", "title": "EnableCloudwatchLogsExports", "type": "array" }, "EngineVersion": { "markdownDescription": "Indicates the database engine version.", "title": "EngineVersion", "type": "string" }, "IamAuthEnabled": { "markdownDescription": "True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.", "title": "IamAuthEnabled", "type": "boolean" }, "KmsKeyId": { "markdownDescription": "If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster.", "title": "KmsKeyId", "type": "string" }, "PreferredBackupWindow": { "markdownDescription": "Specifies the daily time range during which automated backups are created if automated backups are enabled, as determined by the `BackupRetentionPeriod` .\n\nAn update may require some interruption.", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", "title": "PreferredMaintenanceWindow", "type": "string" }, "RestoreToTime": { "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", "title": "RestoreToTime", "type": "string" }, "RestoreType": { "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", "title": "RestoreType", "type": "string" }, "ServerlessScalingConfiguration": { "$ref": "#/definitions/AWS::Neptune::DBCluster.ServerlessScalingConfiguration", "markdownDescription": "", "title": "ServerlessScalingConfiguration" }, "SnapshotIdentifier": { "markdownDescription": "Specifies the identifier for a DB cluster snapshot. Must match the identifier of an existing snapshot.\n\nAfter you restore a DB cluster using a `SnapshotIdentifier` , you must specify the same `SnapshotIdentifier` for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed.\n\nHowever, if you don't specify the `SnapshotIdentifier` , an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, the DB cluster is restored from the snapshot specified by the `SnapshotIdentifier` , and the original DB cluster is deleted.", "title": "SnapshotIdentifier", "type": "string" }, "SourceDBClusterIdentifier": { "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", "title": "SourceDBClusterIdentifier", "type": "string" }, "StorageEncrypted": { "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `DBClusterIdentifier` , `DBSnapshotIdentifier` , or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the `KmsKeyId` property, you must enable encryption.\n\nIf you specify the `KmsKeyId` , you must enable encryption by setting `StorageEncrypted` to true.", "title": "StorageEncrypted", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to this cluster.", "title": "Tags", "type": "array" }, "UseLatestRestorableTime": { "markdownDescription": "Creates a new DB cluster from a DB snapshot or DB cluster snapshot.\n\nIf a DB snapshot is specified, the target DB cluster is created from the source DB snapshot with a default configuration and default security group.\n\nIf a DB cluster snapshot is specified, the target DB cluster is created from the source DB cluster restore point with the same configuration as the original source DB cluster, except that the new DB cluster is created with the default security group.", "title": "UseLatestRestorableTime", "type": "boolean" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "Provides a list of VPC security groups that the DB cluster belongs to.", "title": "VpcSecurityGroupIds", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Neptune::DBCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Neptune::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { "FeatureName": { "markdownDescription": "The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see [DescribeDBEngineVersions](https://docs.aws.amazon.com/neptune/latest/userguide/api-other-apis.html#DescribeDBEngineVersions) .", "title": "FeatureName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::Neptune::DBCluster.ServerlessScalingConfiguration": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The maximum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum number of Neptune capacity units (NCUs) for a DB instance in a Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on.", "title": "MinCapacity", "type": "number" } }, "required": [ "MaxCapacity", "MinCapacity" ], "type": "object" }, "AWS::Neptune::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Provides the customer-specified description for this DB cluster parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", "title": "Family", "type": "string" }, "Name": { "markdownDescription": "Provides the name of the DB cluster parameter group.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "The parameters to set for this DB cluster parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nIf you update the parameters, some interruption may occur depending on which parameters you update.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that you want to attach to this parameter group.", "title": "Tags", "type": "array" } }, "required": [ "Description", "Family", "Parameters" ], "type": "object" }, "Type": { "enum": [ "AWS::Neptune::DBClusterParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Neptune::DBInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowMajorVersionUpgrade": { "markdownDescription": "Indicates that major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible. This parameter must be set to true when specifying a value for the EngineVersion parameter that is a different major version than the DB instance's current version.\n\nWhen you change this parameter for an existing DB cluster, CloudFormation will replace your existing DB cluster with a new, empty one that uses the engine version you specified.", "title": "AllowMajorVersionUpgrade", "type": "boolean" }, "AutoMinorVersionUpgrade": { "markdownDescription": "Indicates that minor version patches are applied automatically.\n\nWhen updating this property, some interruptions may occur.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AvailabilityZone": { "markdownDescription": "Specifies the name of the Availability Zone the DB instance is located in.", "title": "AvailabilityZone", "type": "string" }, "DBClusterIdentifier": { "markdownDescription": "If the DB instance is a member of a DB cluster, contains the name of the DB cluster that the DB instance is a member of.", "title": "DBClusterIdentifier", "type": "string" }, "DBInstanceClass": { "markdownDescription": "Contains the name of the compute and memory capacity class of the DB instance.\n\nIf you update this property, some interruptions may occur.", "title": "DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { "markdownDescription": "Contains a user-supplied database identifier. This identifier is the unique key that identifies a DB instance.", "title": "DBInstanceIdentifier", "type": "string" }, "DBParameterGroupName": { "markdownDescription": "The name of an existing DB parameter group or a reference to an AWS::Neptune::DBParameterGroup resource created in the template. If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot.", "title": "DBParameterGroupName", "type": "string" }, "DBSnapshotIdentifier": { "markdownDescription": "This parameter is not supported.\n\n`AWS::Neptune::DBInstance` does not support restoring from snapshots.\n\n`AWS::Neptune::DBCluster` does support restoring from snapshots.", "title": "DBSnapshotIdentifier", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new virtual private cloud (VPC).", "title": "DBSubnetGroupName", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "Specifies the weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).", "title": "PreferredMaintenanceWindow", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key-value pairs) for this DB instance.", "title": "Tags", "type": "array" } }, "required": [ "DBInstanceClass" ], "type": "object" }, "Type": { "enum": [ "AWS::Neptune::DBInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Neptune::DBParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Provides the customer-specified description for this DB parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "Must be `neptune1` for engine versions prior to [1.2.0.0](https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.2.0.0.html) , or `neptune1.2` for engine version `1.2.0.0` and higher.", "title": "Family", "type": "string" }, "Name": { "markdownDescription": "Provides the name of the DB parameter group.", "title": "Name", "type": "string" }, "Parameters": { "markdownDescription": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that you want to attach to this parameter group.", "title": "Tags", "type": "array" } }, "required": [ "Description", "Family", "Parameters" ], "type": "object" }, "Type": { "enum": [ "AWS::Neptune::DBParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Neptune::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBSubnetGroupDescription": { "markdownDescription": "Provides the description of the DB subnet group.", "title": "DBSubnetGroupDescription", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "The name of the DB subnet group.", "title": "DBSubnetGroupName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 subnet IDs for the DB subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that you want to attach to the DB subnet group.", "title": "Tags", "type": "array" } }, "required": [ "DBSubnetGroupDescription", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::Neptune::DBSubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NeptuneGraph::Graph": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeletionProtection": { "markdownDescription": "A value that indicates whether the graph has deletion protection enabled. The graph can't be deleted when deletion protection is enabled.", "title": "DeletionProtection", "type": "boolean" }, "GraphName": { "markdownDescription": "The graph name. For example: `my-graph-1` .\n\nThe name must contain from 1 to 63 letters, numbers, or hyphens, and its first character must be a letter. It cannot end with a hyphen or contain two consecutive hyphens.\n\nIf you don't specify a graph name, a unique graph name is generated for you using the prefix `graph-for` , followed by a combination of `Stack Name` and a `UUID` .", "title": "GraphName", "type": "string" }, "ProvisionedMemory": { "markdownDescription": "The provisioned memory-optimized Neptune Capacity Units (m-NCUs) to use for the graph.\n\nMin = 128", "title": "ProvisionedMemory", "type": "number" }, "PublicConnectivity": { "markdownDescription": "Specifies whether or not the graph can be reachable over the internet. All access to graphs is IAM authenticated.\n\nWhen the graph is publicly available, its domain name system (DNS) endpoint resolves to the public IP address from the internet. When the graph isn't publicly available, you need to create a `PrivateGraphEndpoint` in a given VPC to ensure the DNS name resolves to a private IP address that is reachable from the VPC.\n\nDefault: If not specified, the default value is false.\n\n> If enabling public connectivity for the first time, there will be a delay while it is enabled.", "title": "PublicConnectivity", "type": "boolean" }, "ReplicaCount": { "markdownDescription": "The number of replicas in other AZs.\n\nDefault: If not specified, the default value is 1.", "title": "ReplicaCount", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Adds metadata tags to the new graph. These tags can also be used with cost allocation reporting, or used in a Condition statement in an IAM policy.", "title": "Tags", "type": "array" }, "VectorSearchConfiguration": { "$ref": "#/definitions/AWS::NeptuneGraph::Graph.VectorSearchConfiguration", "markdownDescription": "Specifies the number of dimensions for vector embeddings that will be loaded into the graph. The value is specified as `dimension=` value. Max = 65,535", "title": "VectorSearchConfiguration" } }, "required": [ "ProvisionedMemory" ], "type": "object" }, "Type": { "enum": [ "AWS::NeptuneGraph::Graph" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NeptuneGraph::Graph.VectorSearchConfiguration": { "additionalProperties": false, "properties": { "VectorSearchDimension": { "markdownDescription": "The number of dimensions.", "title": "VectorSearchDimension", "type": "number" } }, "required": [ "VectorSearchDimension" ], "type": "object" }, "AWS::NeptuneGraph::PrivateGraphEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GraphIdentifier": { "markdownDescription": "The unique identifier of the Neptune Analytics graph.", "title": "GraphIdentifier", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "Security groups to be attached to the private graph endpoint..", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Subnets in which private graph endpoint ENIs are created.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The VPC in which the private graph endpoint needs to be created.", "title": "VpcId", "type": "string" } }, "required": [ "GraphIdentifier", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::NeptuneGraph::PrivateGraphEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::Firewall": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeleteProtection": { "markdownDescription": "A flag indicating whether it is possible to delete the firewall. A setting of `TRUE` indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to `TRUE` .", "title": "DeleteProtection", "type": "boolean" }, "Description": { "markdownDescription": "A description of the firewall.", "title": "Description", "type": "string" }, "FirewallName": { "markdownDescription": "The descriptive name of the firewall. You can't change the name of a firewall after you create it.", "title": "FirewallName", "type": "string" }, "FirewallPolicyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the firewall policy.\n\nThe relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.", "title": "FirewallPolicyArn", "type": "string" }, "FirewallPolicyChangeProtection": { "markdownDescription": "A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", "title": "FirewallPolicyChangeProtection", "type": "boolean" }, "SubnetChangeProtection": { "markdownDescription": "A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to `TRUE` .", "title": "SubnetChangeProtection", "type": "boolean" }, "SubnetMappings": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::Firewall.SubnetMapping" }, "markdownDescription": "The public subnets that Network Firewall is using for the firewall. Each subnet must belong to a different Availability Zone.", "title": "SubnetMappings", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The unique identifier of the VPC where the firewall is in use. You can't change the VPC of a firewall after you create the firewall.", "title": "VpcId", "type": "string" } }, "required": [ "FirewallName", "FirewallPolicyArn", "SubnetMappings", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkFirewall::Firewall" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::Firewall.SubnetMapping": { "additionalProperties": false, "properties": { "IPAddressType": { "markdownDescription": "The subnet's IP address type. You can't change the IP address type after you create the subnet.", "title": "IPAddressType", "type": "string" }, "SubnetId": { "markdownDescription": "The unique identifier for the subnet.", "title": "SubnetId", "type": "string" } }, "required": [ "SubnetId" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the firewall policy.", "title": "Description", "type": "string" }, "FirewallPolicy": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy", "markdownDescription": "The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.", "title": "FirewallPolicy" }, "FirewallPolicyName": { "markdownDescription": "The descriptive name of the firewall policy. You can't change the name of a firewall policy after you create it.", "title": "FirewallPolicyName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "FirewallPolicy", "FirewallPolicyName" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkFirewall::FirewallPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.ActionDefinition": { "additionalProperties": false, "properties": { "PublishMetricAction": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction", "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", "title": "PublishMetricAction" } }, "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.CustomAction": { "additionalProperties": false, "properties": { "ActionDefinition": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.ActionDefinition", "markdownDescription": "The custom action associated with the action name.", "title": "ActionDefinition" }, "ActionName": { "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", "title": "ActionName", "type": "string" } }, "required": [ "ActionDefinition", "ActionName" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.Dimension": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The value to use in the custom metric dimension.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.FirewallPolicy": { "additionalProperties": false, "properties": { "PolicyVariables": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.PolicyVariables", "markdownDescription": "Contains variables that you can use to override default Suricata settings in your firewall policy.", "title": "PolicyVariables" }, "StatefulDefaultActions": { "items": { "type": "string" }, "markdownDescription": "The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.\n\nValid values of the stateful default action:\n\n- aws:drop_strict\n- aws:drop_established\n- aws:alert_strict\n- aws:alert_established\n\nFor more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", "title": "StatefulDefaultActions", "type": "array" }, "StatefulEngineOptions": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions", "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.", "title": "StatefulEngineOptions" }, "StatefulRuleGroupReferences": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference" }, "markdownDescription": "References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.", "title": "StatefulRuleGroupReferences", "type": "array" }, "StatelessCustomActions": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.CustomAction" }, "markdownDescription": "The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.", "title": "StatelessCustomActions", "type": "array" }, "StatelessDefaultActions": { "items": { "type": "string" }, "markdownDescription": "The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", "title": "StatelessDefaultActions", "type": "array" }, "StatelessFragmentDefaultActions": { "items": { "type": "string" }, "markdownDescription": "The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` .\n\nYou must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice.\n\nFor example, you could specify `[\"aws:pass\"]` or you could specify `[\"aws:pass\", \u201ccustomActionName\u201d]` . For information about compatibility, see the custom action descriptions.", "title": "StatelessFragmentDefaultActions", "type": "array" }, "StatelessRuleGroupReferences": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference" }, "markdownDescription": "References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.", "title": "StatelessRuleGroupReferences", "type": "array" }, "TLSInspectionConfigurationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the TLS inspection configuration.", "title": "TLSInspectionConfigurationArn", "type": "string" } }, "required": [ "StatelessDefaultActions", "StatelessFragmentDefaultActions" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.IPSet": { "additionalProperties": false, "properties": { "Definition": { "items": { "type": "string" }, "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", "title": "Definition", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.PolicyVariables": { "additionalProperties": false, "properties": { "RuleVariables": { "additionalProperties": false, "markdownDescription": "The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata `HOME_NET` variable. If your firewall uses an inspection VPC, you might want to override the `HOME_NET` variable with the CIDRs of your home networks. If you don't override `HOME_NET` with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.IPSet" } }, "title": "RuleVariables", "type": "object" } }, "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.PublishMetricAction": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.Dimension" }, "markdownDescription": "", "title": "Dimensions", "type": "array" } }, "required": [ "Dimensions" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.StatefulEngineOptions": { "additionalProperties": false, "properties": { "RuleOrder": { "markdownDescription": "Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", "title": "RuleOrder", "type": "string" }, "StreamExceptionPolicy": { "markdownDescription": "Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.\n\n- `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.\n- `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent\u2014a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action.\n- `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic.", "title": "StreamExceptionPolicy", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups.", "title": "Action", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupReference": { "additionalProperties": false, "properties": { "Override": { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy.StatefulRuleGroupOverride", "markdownDescription": "The action that allows the policy owner to override the behavior of the rule group within a policy.", "title": "Override" }, "Priority": { "markdownDescription": "An integer setting that indicates the order in which to run the stateful rule groups in a single `FirewallPolicy` . This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings.\n\nNetwork Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.\n\nYou can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.", "title": "Priority", "type": "number" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the stateful rule group.", "title": "ResourceArn", "type": "string" } }, "required": [ "ResourceArn" ], "type": "object" }, "AWS::NetworkFirewall::FirewallPolicy.StatelessRuleGroupReference": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "An integer setting that indicates the order in which to run the stateless rule groups in a single `FirewallPolicy` . Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.", "title": "Priority", "type": "number" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the stateless rule group.", "title": "ResourceArn", "type": "string" } }, "required": [ "Priority", "ResourceArn" ], "type": "object" }, "AWS::NetworkFirewall::LoggingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FirewallArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `Firewall` that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", "title": "FirewallArn", "type": "string" }, "FirewallName": { "markdownDescription": "The name of the firewall that the logging configuration is associated with. You can't change the firewall specification after you create the logging configuration.", "title": "FirewallName", "type": "string" }, "LoggingConfiguration": { "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration", "markdownDescription": "Defines how AWS Network Firewall performs logging for a `Firewall` .", "title": "LoggingConfiguration" } }, "required": [ "FirewallArn", "LoggingConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkFirewall::LoggingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig": { "additionalProperties": false, "properties": { "LogDestination": { "additionalProperties": true, "markdownDescription": "The named location for the logs, provided in a key:value mapping that is specific to the chosen destination type.\n\n- For an Amazon S3 bucket, provide the name of the bucket, with key `bucketName` , and optionally provide a prefix, with key `prefix` . The following example specifies an Amazon S3 bucket named `DOC-EXAMPLE-BUCKET` and the prefix `alerts` :\n\n`\"LogDestination\": { \"bucketName\": \"DOC-EXAMPLE-BUCKET\", \"prefix\": \"alerts\" }`\n- For a CloudWatch log group, provide the name of the CloudWatch log group, with key `logGroup` . The following example specifies a log group named `alert-log-group` :\n\n`\"LogDestination\": { \"logGroup\": \"alert-log-group\" }`\n- For a Firehose delivery stream, provide the name of the delivery stream, with key `deliveryStream` . The following example specifies a delivery stream named `alert-delivery-stream` :\n\n`\"LogDestination\": { \"deliveryStream\": \"alert-delivery-stream\" }`", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "LogDestination", "type": "object" }, "LogDestinationType": { "markdownDescription": "The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream.", "title": "LogDestinationType", "type": "string" }, "LogType": { "markdownDescription": "The type of log to send. Alert logs report traffic that matches a stateful rule with an action setting that sends an alert log message. Flow logs are standard network traffic flow logs.", "title": "LogType", "type": "string" } }, "required": [ "LogDestination", "LogDestinationType", "LogType" ], "type": "object" }, "AWS::NetworkFirewall::LoggingConfiguration.LoggingConfiguration": { "additionalProperties": false, "properties": { "LogDestinationConfigs": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration.LogDestinationConfig" }, "markdownDescription": "Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups.", "title": "LogDestinationConfigs", "type": "array" } }, "required": [ "LogDestinationConfigs" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Capacity": { "markdownDescription": "The maximum operating resources that this rule group can use. You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.", "title": "Capacity", "type": "number" }, "Description": { "markdownDescription": "A description of the rule group.", "title": "Description", "type": "string" }, "RuleGroup": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleGroup", "markdownDescription": "An object that defines the rule group rules.", "title": "RuleGroup" }, "RuleGroupName": { "markdownDescription": "The descriptive name of the rule group. You can't change the name of a rule group after you create it.", "title": "RuleGroupName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains\nstateless rules. If it is stateful, it contains stateful rules.", "title": "Type", "type": "string" } }, "required": [ "Capacity", "RuleGroupName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkFirewall::RuleGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.ActionDefinition": { "additionalProperties": false, "properties": { "PublishMetricAction": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PublishMetricAction", "markdownDescription": "Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published.\n\nYou can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it.", "title": "PublishMetricAction" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.Address": { "additionalProperties": false, "properties": { "AddressDefinition": { "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", "title": "AddressDefinition", "type": "string" } }, "required": [ "AddressDefinition" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.CustomAction": { "additionalProperties": false, "properties": { "ActionDefinition": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ActionDefinition", "markdownDescription": "The custom action associated with the action name.", "title": "ActionDefinition" }, "ActionName": { "markdownDescription": "The descriptive name of the custom action. You can't change the name of a custom action after you create it.", "title": "ActionName", "type": "string" } }, "required": [ "ActionDefinition", "ActionName" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.Dimension": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The value to use in the custom metric dimension.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.Header": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", "title": "Destination", "type": "string" }, "DestinationPort": { "markdownDescription": "The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", "title": "DestinationPort", "type": "string" }, "Direction": { "markdownDescription": "The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination.", "title": "Direction", "type": "string" }, "Protocol": { "markdownDescription": "The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP.", "title": "Protocol", "type": "string" }, "Source": { "markdownDescription": "The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` .\n\nSpecify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", "title": "Source", "type": "string" }, "SourcePort": { "markdownDescription": "The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` .", "title": "SourcePort", "type": "string" } }, "required": [ "Destination", "DestinationPort", "Direction", "Protocol", "Source", "SourcePort" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.IPSet": { "additionalProperties": false, "properties": { "Definition": { "items": { "type": "string" }, "markdownDescription": "The list of IP addresses and address ranges, in CIDR notation.", "title": "Definition", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.IPSetReference": { "additionalProperties": false, "properties": { "ReferenceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource to include in the `RuleGroup.IPSetReference` .", "title": "ReferenceArn", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.MatchAttributes": { "additionalProperties": false, "properties": { "DestinationPorts": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" }, "markdownDescription": "The destination ports to inspect for. If not specified, this matches with any destination port. This setting is only used for protocols 6 (TCP) and 17 (UDP).\n\nYou can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` .", "title": "DestinationPorts", "type": "array" }, "Destinations": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" }, "markdownDescription": "The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address.", "title": "Destinations", "type": "array" }, "Protocols": { "items": { "type": "number" }, "markdownDescription": "The protocols to inspect for, specified using each protocol's assigned internet protocol number (IANA). If not specified, this matches with any protocol.", "title": "Protocols", "type": "array" }, "SourcePorts": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortRange" }, "markdownDescription": "The source ports to inspect for. If not specified, this matches with any source port. This setting is only used for protocols 6 (TCP) and 17 (UDP).\n\nYou can specify individual ports, for example `1994` and you can specify port ranges, for example `1990:1994` .", "title": "SourcePorts", "type": "array" }, "Sources": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Address" }, "markdownDescription": "The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address.", "title": "Sources", "type": "array" }, "TCPFlags": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.TCPFlagField" }, "markdownDescription": "The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP).", "title": "TCPFlags", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.PortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "ToPort" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.PortSet": { "additionalProperties": false, "properties": { "Definition": { "items": { "type": "string" }, "markdownDescription": "The set of port ranges.", "title": "Definition", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.PublishMetricAction": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Dimension" }, "markdownDescription": "", "title": "Dimensions", "type": "array" } }, "required": [ "Dimensions" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.ReferenceSets": { "additionalProperties": false, "properties": { "IPSetReferences": { "additionalProperties": false, "markdownDescription": "The IP set references to use in the stateful rule group.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSetReference" } }, "title": "IPSetReferences", "type": "object" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RuleDefinition": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions.\n\n> Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the `FirewallPolicy` . \n\nFor every rule, you must specify exactly one of the following standard actions.\n\n- *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination.\n- *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination.\n- *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection.\n\nAdditionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting.\n\nTo provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `[\u201caws:pass\u201d, \u201cMyMetricsAction\u201d]` .", "title": "Actions", "type": "array" }, "MatchAttributes": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.MatchAttributes", "markdownDescription": "Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.", "title": "MatchAttributes" } }, "required": [ "Actions", "MatchAttributes" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RuleGroup": { "additionalProperties": false, "properties": { "ReferenceSets": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.ReferenceSets", "markdownDescription": "The reference sets for the stateful rule group.", "title": "ReferenceSets" }, "RuleVariables": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleVariables", "markdownDescription": "Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.", "title": "RuleVariables" }, "RulesSource": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSource", "markdownDescription": "The stateful rules or stateless rules for the rule group.", "title": "RulesSource" }, "StatefulRuleOptions": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions", "markdownDescription": "Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* .", "title": "StatefulRuleOptions" } }, "required": [ "RulesSource" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RuleOption": { "additionalProperties": false, "properties": { "Keyword": { "markdownDescription": "The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", "title": "Keyword", "type": "string" }, "Settings": { "items": { "type": "string" }, "markdownDescription": "The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) .", "title": "Settings", "type": "array" } }, "required": [ "Keyword" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RuleVariables": { "additionalProperties": false, "properties": { "IPSets": { "additionalProperties": false, "markdownDescription": "A list of IP addresses and address ranges, in CIDR notation.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.IPSet" } }, "title": "IPSets", "type": "object" }, "PortSets": { "additionalProperties": false, "markdownDescription": "A list of port ranges.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.PortSet" } }, "title": "PortSets", "type": "object" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RulesSource": { "additionalProperties": false, "properties": { "RulesSourceList": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RulesSourceList", "markdownDescription": "Stateful inspection criteria for a domain list rule group.", "title": "RulesSourceList" }, "RulesString": { "markdownDescription": "Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.\n\nThese rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.\n\n> You can't use the `priority` keyword if the `RuleOrder` option in `StatefulRuleOptions` is set to `STRICT_ORDER` .", "title": "RulesString", "type": "string" }, "StatefulRules": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatefulRule" }, "markdownDescription": "An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html) .", "title": "StatefulRules", "type": "array" }, "StatelessRulesAndCustomActions": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions", "markdownDescription": "Stateless inspection criteria to be used in a stateless rule group.", "title": "StatelessRulesAndCustomActions" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.RulesSourceList": { "additionalProperties": false, "properties": { "GeneratedRulesType": { "markdownDescription": "Whether you want to allow or deny access to the domains in your target list.", "title": "GeneratedRulesType", "type": "string" }, "TargetTypes": { "items": { "type": "string" }, "markdownDescription": "The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` .", "title": "TargetTypes", "type": "array" }, "Targets": { "items": { "type": "string" }, "markdownDescription": "The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:\n\n- Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` .\n- Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` .", "title": "Targets", "type": "array" } }, "required": [ "GeneratedRulesType", "TargetTypes", "Targets" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.StatefulRule": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.\n\nThe actions for a stateful rule are defined as follows:\n\n- *PASS* - Permits the packets to go to the intended destination.\n- *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n- *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic.\n- *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\nYou can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` .\n- *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the `Firewall` `LoggingConfiguration` .\n\n`REJECT` isn't currently available for use with IMAP and FTP protocols.", "title": "Action", "type": "string" }, "Header": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.Header", "markdownDescription": "The stateful inspection criteria for this rule, used to inspect traffic flows.", "title": "Header" }, "RuleOptions": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleOption" }, "markdownDescription": "Additional settings for a stateful rule, provided as keywords and settings.", "title": "RuleOptions", "type": "array" } }, "required": [ "Action", "Header", "RuleOptions" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.StatefulRuleOptions": { "additionalProperties": false, "properties": { "RuleOrder": { "markdownDescription": "Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* .", "title": "RuleOrder", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::RuleGroup.StatelessRule": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.\n\nEach stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object.\n\nYou can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.", "title": "Priority", "type": "number" }, "RuleDefinition": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.RuleDefinition", "markdownDescription": "Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.", "title": "RuleDefinition" } }, "required": [ "Priority", "RuleDefinition" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.StatelessRulesAndCustomActions": { "additionalProperties": false, "properties": { "CustomActions": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.CustomAction" }, "markdownDescription": "Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule `RuleGroup.RuleDefinition` `Actions` specification.", "title": "CustomActions", "type": "array" }, "StatelessRules": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup.StatelessRule" }, "markdownDescription": "Defines the set of stateless rules for use in a stateless rule group.", "title": "StatelessRules", "type": "array" } }, "required": [ "StatelessRules" ], "type": "object" }, "AWS::NetworkFirewall::RuleGroup.TCPFlagField": { "additionalProperties": false, "properties": { "Flags": { "items": { "type": "string" }, "markdownDescription": "Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting.\n\nFor the flags that are specified in the masks setting, the following must be true for the packet to match:\n\n- The ones that are set in this flags setting must be set in the packet.\n- The ones that are not set in this flags setting must also not be set in the packet.", "title": "Flags", "type": "array" }, "Masks": { "items": { "type": "string" }, "markdownDescription": "The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting.", "title": "Masks", "type": "array" } }, "required": [ "Flags" ], "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the TLS inspection configuration.", "title": "Description", "type": "string" }, "TLSInspectionConfiguration": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration", "markdownDescription": "The object that defines a TLS inspection configuration. AWS Network Firewall uses TLS inspection configurations to decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, AWS Network Firewall inspects the traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS inspection with your firewall, you must first import or provision certificates using AWS Certificate Manager , create a TLS inspection configuration, add that configuration to a new firewall policy, and then associate that policy with your firewall. For more information about using TLS inspection configurations, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection.html) in the *AWS Network Firewall Developer Guide* .", "title": "TLSInspectionConfiguration" }, "TLSInspectionConfigurationName": { "markdownDescription": "The descriptive name of the TLS inspection configuration. You can't change the name of a TLS inspection configuration after you create it.", "title": "TLSInspectionConfigurationName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The key:value pairs to associate with the resource.", "title": "Tags", "type": "array" } }, "required": [ "TLSInspectionConfiguration", "TLSInspectionConfigurationName" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkFirewall::TLSInspectionConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.Address": { "additionalProperties": false, "properties": { "AddressDefinition": { "markdownDescription": "Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.\n\nExamples:\n\n- To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .", "title": "AddressDefinition", "type": "string" } }, "required": [ "AddressDefinition" ], "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus": { "additionalProperties": false, "properties": { "RevokedStatusAction": { "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has a revoked status.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", "title": "RevokedStatusAction", "type": "string" }, "UnknownStatusAction": { "markdownDescription": "Configures how Network Firewall processes traffic when it determines that the certificate presented by the server in the SSL/TLS connection has an unknown status, or a status that cannot be determined for any other reason, including when the service is unable to connect to the OCSP and CRL endpoints for the certificate.\n\n- *PASS* - Allow the connection to continue, and pass subsequent packets to the stateful engine for inspection.\n- *DROP* - Network Firewall closes the connection and drops subsequent packets for that connection.\n- *REJECT* - Network Firewall sends a TCP reject packet back to your client. The service closes the connection and drops subsequent packets for that connection. `REJECT` is available only for TCP traffic.", "title": "UnknownStatusAction", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange": { "additionalProperties": false, "properties": { "FromPort": { "markdownDescription": "The lower limit of the port range. This must be less than or equal to the `ToPort` specification.", "title": "FromPort", "type": "number" }, "ToPort": { "markdownDescription": "The upper limit of the port range. This must be greater than or equal to the `FromPort` specification.", "title": "ToPort", "type": "number" } }, "required": [ "FromPort", "ToPort" ], "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate": { "additionalProperties": false, "properties": { "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection.", "title": "ResourceArn", "type": "string" } }, "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration": { "additionalProperties": false, "properties": { "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within AWS Certificate Manager (ACM) to use for outbound SSL/TLS inspection.\n\nThe following limitations apply:\n\n- You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM.\n- You can't use certificates issued by AWS Private Certificate Authority .\n\nFor more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* .\n\nFor information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *AWS Certificate Manager User Guide* .", "title": "CertificateAuthorityArn", "type": "string" }, "CheckCertificateRevocationStatus": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.CheckCertificateRevocationStatus", "markdownDescription": "When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-servercertificateconfiguration.html) .", "title": "CheckCertificateRevocationStatus" }, "Scopes": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope" }, "markdownDescription": "A list of scopes.", "title": "Scopes", "type": "array" }, "ServerCertificates": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificate" }, "markdownDescription": "The list of server certificates to use for inbound SSL/TLS inspection.", "title": "ServerCertificates", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateScope": { "additionalProperties": false, "properties": { "DestinationPorts": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" }, "markdownDescription": "The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", "title": "DestinationPorts", "type": "array" }, "Destinations": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" }, "markdownDescription": "The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any destination address.", "title": "Destinations", "type": "array" }, "Protocols": { "items": { "type": "number" }, "markdownDescription": "The protocols to decrypt for inspection, specified using each protocol's assigned internet protocol number\n(IANA). Network Firewall currently supports only TCP.", "title": "Protocols", "type": "array" }, "SourcePorts": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.PortRange" }, "markdownDescription": "The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port.\n\nYou can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` .", "title": "SourcePorts", "type": "array" }, "Sources": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.Address" }, "markdownDescription": "The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this\nmatches with any source address.", "title": "Sources", "type": "array" } }, "type": "object" }, "AWS::NetworkFirewall::TLSInspectionConfiguration.TLSInspectionConfiguration": { "additionalProperties": false, "properties": { "ServerCertificateConfigurations": { "items": { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration.ServerCertificateConfiguration" }, "markdownDescription": "Lists the server certificate configurations that are associated with the TLS configuration.", "title": "ServerCertificateConfigurations", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::ConnectAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CoreNetworkId": { "markdownDescription": "The ID of the core network where the Connect attachment is located.", "title": "CoreNetworkId", "type": "string" }, "EdgeLocation": { "markdownDescription": "The Region where the edge is located.", "title": "EdgeLocation", "type": "string" }, "Options": { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions", "markdownDescription": "Options for connecting an attachment.", "title": "Options" }, "ProposedSegmentChange": { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange", "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", "title": "ProposedSegmentChange" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the Connect attachment.", "title": "Tags", "type": "array" }, "TransportAttachmentId": { "markdownDescription": "The ID of the transport attachment.", "title": "TransportAttachmentId", "type": "string" } }, "required": [ "CoreNetworkId", "EdgeLocation", "Options", "TransportAttachmentId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::ConnectAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::ConnectAttachment.ConnectAttachmentOptions": { "additionalProperties": false, "properties": { "Protocol": { "markdownDescription": "The protocol used for the attachment connection.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::NetworkManager::ConnectAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { "AttachmentPolicyRuleNumber": { "markdownDescription": "The rule number in the policy document that applies to this change.", "title": "AttachmentPolicyRuleNumber", "type": "number" }, "SegmentName": { "markdownDescription": "The name of the segment to change.", "title": "SegmentName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags that changed for the segment.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::ConnectPeer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BgpOptions": { "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.BgpOptions", "markdownDescription": "Describes the BGP options.", "title": "BgpOptions" }, "ConnectAttachmentId": { "markdownDescription": "The ID of the attachment to connect.", "title": "ConnectAttachmentId", "type": "string" }, "CoreNetworkAddress": { "markdownDescription": "The IP address of a core network.", "title": "CoreNetworkAddress", "type": "string" }, "InsideCidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", "title": "InsideCidrBlocks", "type": "array" }, "PeerAddress": { "markdownDescription": "The IP address of the Connect peer.", "title": "PeerAddress", "type": "string" }, "SubnetArn": { "markdownDescription": "The subnet ARN of the Connect peer.", "title": "SubnetArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags associated with the Connect peer.", "title": "Tags", "type": "array" } }, "required": [ "ConnectAttachmentId", "PeerAddress" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::ConnectPeer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::ConnectPeer.BgpOptions": { "additionalProperties": false, "properties": { "PeerAsn": { "markdownDescription": "The Peer ASN of the BGP.", "title": "PeerAsn", "type": "number" } }, "type": "object" }, "AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration": { "additionalProperties": false, "properties": { "CoreNetworkAddress": { "markdownDescription": "The address of a core network.", "title": "CoreNetworkAddress", "type": "string" }, "CoreNetworkAsn": { "markdownDescription": "The ASN of the Coret Network.", "title": "CoreNetworkAsn", "type": "number" }, "PeerAddress": { "markdownDescription": "The address of a core network Connect peer.", "title": "PeerAddress", "type": "string" }, "PeerAsn": { "markdownDescription": "The ASN of the Connect peer.", "title": "PeerAsn", "type": "number" } }, "type": "object" }, "AWS::NetworkManager::ConnectPeer.ConnectPeerConfiguration": { "additionalProperties": false, "properties": { "BgpConfigurations": { "items": { "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer.ConnectPeerBgpConfiguration" }, "markdownDescription": "The Connect peer BGP configurations.", "title": "BgpConfigurations", "type": "array" }, "CoreNetworkAddress": { "markdownDescription": "The IP address of a core network.", "title": "CoreNetworkAddress", "type": "string" }, "InsideCidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The inside IP addresses used for a Connect peer configuration.", "title": "InsideCidrBlocks", "type": "array" }, "PeerAddress": { "markdownDescription": "The IP address of the Connect peer.", "title": "PeerAddress", "type": "string" }, "Protocol": { "markdownDescription": "The protocol used for a Connect peer configuration.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::NetworkManager::CoreNetwork": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of a core network.", "title": "Description", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network that your core network is a part of.", "title": "GlobalNetworkId", "type": "string" }, "PolicyDocument": { "markdownDescription": "Describes a core network policy. For more information, see [Core network policies](https://docs.aws.amazon.com/network-manager/latest/cloudwan/cloudwan-policy-change-sets.html) .\n\nIf you update the policy document, CloudFormation will apply the core network change set generated from the updated policy document, and then set it as the LIVE policy.", "title": "PolicyDocument", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags associated with a core network.", "title": "Tags", "type": "array" } }, "required": [ "GlobalNetworkId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::CoreNetwork" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::CoreNetwork.CoreNetworkEdge": { "additionalProperties": false, "properties": { "Asn": { "markdownDescription": "The ASN of a core network edge.", "title": "Asn", "type": "number" }, "EdgeLocation": { "markdownDescription": "The Region where a core network edge is located.", "title": "EdgeLocation", "type": "string" }, "InsideCidrBlocks": { "items": { "type": "string" }, "markdownDescription": "The inside IP addresses used for core network edges.", "title": "InsideCidrBlocks", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::CoreNetwork.CoreNetworkSegment": { "additionalProperties": false, "properties": { "EdgeLocations": { "items": { "type": "string" }, "markdownDescription": "The Regions where the edges are located.", "title": "EdgeLocations", "type": "array" }, "Name": { "markdownDescription": "The name of a core network segment.", "title": "Name", "type": "string" }, "SharedSegments": { "items": { "type": "string" }, "markdownDescription": "The shared segments of a core network.", "title": "SharedSegments", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::CustomerGatewayAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomerGatewayArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the customer gateway.", "title": "CustomerGatewayArn", "type": "string" }, "DeviceId": { "markdownDescription": "The ID of the device.", "title": "DeviceId", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "LinkId": { "markdownDescription": "The ID of the link.", "title": "LinkId", "type": "string" } }, "required": [ "CustomerGatewayArn", "DeviceId", "GlobalNetworkId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::CustomerGatewayAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::Device": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AWSLocation": { "$ref": "#/definitions/AWS::NetworkManager::Device.AWSLocation", "markdownDescription": "The AWS location of the device.", "title": "AWSLocation" }, "Description": { "markdownDescription": "A description of the device.\n\nConstraints: Maximum length of 256 characters.", "title": "Description", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "Location": { "$ref": "#/definitions/AWS::NetworkManager::Device.Location", "markdownDescription": "The site location.", "title": "Location" }, "Model": { "markdownDescription": "The model of the device.\n\nConstraints: Maximum length of 128 characters.", "title": "Model", "type": "string" }, "SerialNumber": { "markdownDescription": "The serial number of the device.\n\nConstraints: Maximum length of 128 characters.", "title": "SerialNumber", "type": "string" }, "SiteId": { "markdownDescription": "The site ID.", "title": "SiteId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the device.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The device type.", "title": "Type", "type": "string" }, "Vendor": { "markdownDescription": "The vendor of the device.\n\nConstraints: Maximum length of 128 characters.", "title": "Vendor", "type": "string" } }, "required": [ "GlobalNetworkId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::Device" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::Device.AWSLocation": { "additionalProperties": false, "properties": { "SubnetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the subnet that the device is located in.", "title": "SubnetArn", "type": "string" }, "Zone": { "markdownDescription": "The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost.", "title": "Zone", "type": "string" } }, "type": "object" }, "AWS::NetworkManager::Device.Location": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The physical address.", "title": "Address", "type": "string" }, "Latitude": { "markdownDescription": "The latitude.", "title": "Latitude", "type": "string" }, "Longitude": { "markdownDescription": "The longitude.", "title": "Longitude", "type": "string" } }, "type": "object" }, "AWS::NetworkManager::GlobalNetwork": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CreatedAt": { "markdownDescription": "The date and time that the global network was created.", "title": "CreatedAt", "type": "string" }, "Description": { "markdownDescription": "A description of the global network.\n\nConstraints: Maximum length of 256 characters.", "title": "Description", "type": "string" }, "State": { "markdownDescription": "The state of the global network.", "title": "State", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the global network.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::GlobalNetwork" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::NetworkManager::Link": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bandwidth": { "$ref": "#/definitions/AWS::NetworkManager::Link.Bandwidth", "markdownDescription": "The bandwidth for the link.", "title": "Bandwidth" }, "Description": { "markdownDescription": "A description of the link.\n\nConstraints: Maximum length of 256 characters.", "title": "Description", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "Provider": { "markdownDescription": "The provider of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", "title": "Provider", "type": "string" }, "SiteId": { "markdownDescription": "The ID of the site.", "title": "SiteId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the link.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the link.\n\nConstraints: Maximum length of 128 characters. Cannot include the following characters: | \\ ^", "title": "Type", "type": "string" } }, "required": [ "Bandwidth", "GlobalNetworkId", "SiteId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::Link" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::Link.Bandwidth": { "additionalProperties": false, "properties": { "DownloadSpeed": { "markdownDescription": "Download speed in Mbps.", "title": "DownloadSpeed", "type": "number" }, "UploadSpeed": { "markdownDescription": "Upload speed in Mbps.", "title": "UploadSpeed", "type": "number" } }, "type": "object" }, "AWS::NetworkManager::LinkAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeviceId": { "markdownDescription": "The device ID for the link association.", "title": "DeviceId", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "LinkId": { "markdownDescription": "The ID of the link.", "title": "LinkId", "type": "string" } }, "required": [ "DeviceId", "GlobalNetworkId", "LinkId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::LinkAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::Site": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of your site.\n\nConstraints: Maximum length of 256 characters.", "title": "Description", "type": "string" }, "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "Location": { "$ref": "#/definitions/AWS::NetworkManager::Site.Location", "markdownDescription": "The site location. This information is used for visualization in the Network Manager console. If you specify the address, the latitude and longitude are automatically calculated.\n\n- `Address` : The physical address of the site.\n- `Latitude` : The latitude of the site.\n- `Longitude` : The longitude of the site.", "title": "Location" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the site.", "title": "Tags", "type": "array" } }, "required": [ "GlobalNetworkId" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::Site" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::Site.Location": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The physical address.", "title": "Address", "type": "string" }, "Latitude": { "markdownDescription": "The latitude.", "title": "Latitude", "type": "string" }, "Longitude": { "markdownDescription": "The longitude.", "title": "Longitude", "type": "string" } }, "type": "object" }, "AWS::NetworkManager::SiteToSiteVpnAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CoreNetworkId": { "markdownDescription": "", "title": "CoreNetworkId", "type": "string" }, "ProposedSegmentChange": { "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange", "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", "title": "ProposedSegmentChange" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the Site-to-Site VPN attachment.", "title": "Tags", "type": "array" }, "VpnConnectionArn": { "markdownDescription": "The ARN of the site-to-site VPN attachment.", "title": "VpnConnectionArn", "type": "string" } }, "required": [ "CoreNetworkId", "VpnConnectionArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::SiteToSiteVpnAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::SiteToSiteVpnAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { "AttachmentPolicyRuleNumber": { "markdownDescription": "The rule number in the policy document that applies to this change.", "title": "AttachmentPolicyRuleNumber", "type": "number" }, "SegmentName": { "markdownDescription": "The name of the segment to change.", "title": "SegmentName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags that changed for the segment.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::TransitGatewayPeering": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CoreNetworkId": { "markdownDescription": "The ID of the core network.", "title": "CoreNetworkId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags associated with the peering.", "title": "Tags", "type": "array" }, "TransitGatewayArn": { "markdownDescription": "The ARN of the transit gateway.", "title": "TransitGatewayArn", "type": "string" } }, "required": [ "CoreNetworkId", "TransitGatewayArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::TransitGatewayPeering" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::TransitGatewayRegistration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GlobalNetworkId": { "markdownDescription": "The ID of the global network.", "title": "GlobalNetworkId", "type": "string" }, "TransitGatewayArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the transit gateway.", "title": "TransitGatewayArn", "type": "string" } }, "required": [ "GlobalNetworkId", "TransitGatewayArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::TransitGatewayRegistration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::TransitGatewayRouteTableAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PeeringId": { "markdownDescription": "The ID of the transit gateway peering.", "title": "PeeringId", "type": "string" }, "ProposedSegmentChange": { "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange", "markdownDescription": "This property is read-only. Values can't be assigned to it.", "title": "ProposedSegmentChange" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value pairs associated with the transit gateway route table attachment.", "title": "Tags", "type": "array" }, "TransitGatewayRouteTableArn": { "markdownDescription": "The ARN of the transit gateway attachment route table. For example, `\"TransitGatewayRouteTableArn\": \"arn:aws:ec2:us-west-2:123456789012:transit-gateway-route-table/tgw-rtb-9876543210123456\"` .", "title": "TransitGatewayRouteTableArn", "type": "string" } }, "required": [ "PeeringId", "TransitGatewayRouteTableArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::TransitGatewayRouteTableAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::TransitGatewayRouteTableAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { "AttachmentPolicyRuleNumber": { "markdownDescription": "The rule number in the policy document that applies to this change.", "title": "AttachmentPolicyRuleNumber", "type": "number" }, "SegmentName": { "markdownDescription": "The name of the segment to change.", "title": "SegmentName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags that changed for the segment.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::VpcAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CoreNetworkId": { "markdownDescription": "The core network ID.", "title": "CoreNetworkId", "type": "string" }, "Options": { "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.VpcOptions", "markdownDescription": "Options for creating the VPC attachment.", "title": "Options" }, "ProposedSegmentChange": { "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment.ProposedSegmentChange", "markdownDescription": "Describes a proposed segment change. In some cases, the segment change must first be evaluated and accepted.", "title": "ProposedSegmentChange" }, "SubnetArns": { "items": { "type": "string" }, "markdownDescription": "The subnet ARNs.", "title": "SubnetArns", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the VPC attachment.", "title": "Tags", "type": "array" }, "VpcArn": { "markdownDescription": "The ARN of the VPC attachment.", "title": "VpcArn", "type": "string" } }, "required": [ "CoreNetworkId", "SubnetArns", "VpcArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NetworkManager::VpcAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NetworkManager::VpcAttachment.ProposedSegmentChange": { "additionalProperties": false, "properties": { "AttachmentPolicyRuleNumber": { "markdownDescription": "The rule number in the policy document that applies to this change.", "title": "AttachmentPolicyRuleNumber", "type": "number" }, "SegmentName": { "markdownDescription": "The name of the segment to change.", "title": "SegmentName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value tags that changed for the segment.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::NetworkManager::VpcAttachment.VpcOptions": { "additionalProperties": false, "properties": { "ApplianceModeSupport": { "markdownDescription": "Indicates whether appliance mode is supported. If enabled, traffic flow between a source and destination use the same Availability Zone for the VPC attachment for the lifetime of that flow. The default value is `false` .", "title": "ApplianceModeSupport", "type": "boolean" }, "Ipv6Support": { "markdownDescription": "Indicates whether IPv6 is supported.", "title": "Ipv6Support", "type": "boolean" } }, "type": "object" }, "AWS::NimbleStudio::LaunchProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A human-readable description of the launch profile.", "title": "Description", "type": "string" }, "Ec2SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Unique identifiers for a collection of EC2 subnets.", "title": "Ec2SubnetIds", "type": "array" }, "LaunchProfileProtocolVersions": { "items": { "type": "string" }, "markdownDescription": "The version number of the protocol that is used by the launch profile. The only valid version is \"2021-03-31\".", "title": "LaunchProfileProtocolVersions", "type": "array" }, "Name": { "markdownDescription": "A friendly name for the launch profile.", "title": "Name", "type": "string" }, "StreamConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfiguration", "markdownDescription": "A configuration for a streaming session.", "title": "StreamConfiguration" }, "StudioComponentIds": { "items": { "type": "string" }, "markdownDescription": "Unique identifiers for a collection of studio components that can be used with this launch profile.", "title": "StudioComponentIds", "type": "array" }, "StudioId": { "markdownDescription": "The unique identifier for a studio resource. In Nimble Studio, all other resources are contained in a studio resource.", "title": "StudioId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Ec2SubnetIds", "LaunchProfileProtocolVersions", "Name", "StreamConfiguration", "StudioComponentIds", "StudioId" ], "type": "object" }, "Type": { "enum": [ "AWS::NimbleStudio::LaunchProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NimbleStudio::LaunchProfile.StreamConfiguration": { "additionalProperties": false, "properties": { "AutomaticTerminationMode": { "markdownDescription": "Indicates if a streaming session created from this launch profile should be terminated automatically or retained without termination after being in a `STOPPED` state.\n\n- When `ACTIVATED` , the streaming session is scheduled for termination after being in the `STOPPED` state for the time specified in `maxStoppedSessionLengthInMinutes` .\n- When `DEACTIVATED` , the streaming session can remain in the `STOPPED` state indefinitely.\n\nThis parameter is only allowed when `sessionPersistenceMode` is `ACTIVATED` . When allowed, the default value for this parameter is `DEACTIVATED` .", "title": "AutomaticTerminationMode", "type": "string" }, "ClipboardMode": { "markdownDescription": "Allows or deactivates the use of the system clipboard to copy and paste between the streaming session and streaming client.", "title": "ClipboardMode", "type": "string" }, "Ec2InstanceTypes": { "items": { "type": "string" }, "markdownDescription": "The EC2 instance types that users can select from when launching a streaming session with this launch profile.", "title": "Ec2InstanceTypes", "type": "array" }, "MaxSessionLengthInMinutes": { "markdownDescription": "The length of time, in minutes, that a streaming session can be active before it is stopped or terminated. After this point, Nimble Studio automatically terminates or stops the session. The default length of time is 690 minutes, and the maximum length of time is 30 days.", "title": "MaxSessionLengthInMinutes", "type": "number" }, "MaxStoppedSessionLengthInMinutes": { "markdownDescription": "Integer that determines if you can start and stop your sessions and how long a session can stay in the `STOPPED` state. The default value is 0. The maximum value is 5760.\n\nThis field is allowed only when `sessionPersistenceMode` is `ACTIVATED` and `automaticTerminationMode` is `ACTIVATED` .\n\nIf the value is set to 0, your sessions can\u2019t be `STOPPED` . If you then call `StopStreamingSession` , the session fails. If the time that a session stays in the `READY` state exceeds the `maxSessionLengthInMinutes` value, the session will automatically be terminated (instead of `STOPPED` ).\n\nIf the value is set to a positive number, the session can be stopped. You can call `StopStreamingSession` to stop sessions in the `READY` state. If the time that a session stays in the `READY` state exceeds the `maxSessionLengthInMinutes` value, the session will automatically be stopped (instead of terminated).", "title": "MaxStoppedSessionLengthInMinutes", "type": "number" }, "SessionBackup": { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup", "markdownDescription": "Information about the streaming session backup.", "title": "SessionBackup" }, "SessionPersistenceMode": { "markdownDescription": "Determine if a streaming session created from this launch profile can configure persistent storage. This means that `volumeConfiguration` and `automaticTerminationMode` are configured.", "title": "SessionPersistenceMode", "type": "string" }, "SessionStorage": { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage", "markdownDescription": "The upload storage for a streaming session.", "title": "SessionStorage" }, "StreamingImageIds": { "items": { "type": "string" }, "markdownDescription": "The streaming images that users can select from when launching a streaming session with this launch profile.", "title": "StreamingImageIds", "type": "array" }, "VolumeConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.VolumeConfiguration", "markdownDescription": "Custom volume configuration for the root volumes that are attached to streaming sessions.\n\nThis parameter is only allowed when `sessionPersistenceMode` is `ACTIVATED` .", "title": "VolumeConfiguration" } }, "required": [ "ClipboardMode", "Ec2InstanceTypes", "StreamingImageIds" ], "type": "object" }, "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionBackup": { "additionalProperties": false, "properties": { "MaxBackupsToRetain": { "markdownDescription": "The maximum number of backups that each streaming session created from this launch profile can have.", "title": "MaxBackupsToRetain", "type": "number" }, "Mode": { "markdownDescription": "Specifies how artists sessions are backed up.\n\nConfigures backups for streaming sessions launched with this launch profile. The default value is `DEACTIVATED` , which means that backups are deactivated. To allow backups, set this value to `AUTOMATIC` .", "title": "Mode", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::LaunchProfile.StreamConfigurationSessionStorage": { "additionalProperties": false, "properties": { "Mode": { "items": { "type": "string" }, "markdownDescription": "Allows artists to upload files to their workstations. The only valid option is `UPLOAD` .", "title": "Mode", "type": "array" }, "Root": { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot", "markdownDescription": "The configuration for the upload storage root of the streaming session.", "title": "Root" } }, "required": [ "Mode" ], "type": "object" }, "AWS::NimbleStudio::LaunchProfile.StreamingSessionStorageRoot": { "additionalProperties": false, "properties": { "Linux": { "markdownDescription": "The folder path in Linux workstations where files are uploaded.", "title": "Linux", "type": "string" }, "Windows": { "markdownDescription": "The folder path in Windows workstations where files are uploaded.", "title": "Windows", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::LaunchProfile.VolumeConfiguration": { "additionalProperties": false, "properties": { "Iops": { "markdownDescription": "The number of I/O operations per second for the root volume that is attached to streaming session.", "title": "Iops", "type": "number" }, "Size": { "markdownDescription": "The size of the root volume that is attached to the streaming session. The root volume size is measured in GiBs.", "title": "Size", "type": "number" }, "Throughput": { "markdownDescription": "The throughput to provision for the root volume that is attached to the streaming session. The throughput is measured in MiB/s.", "title": "Throughput", "type": "number" } }, "type": "object" }, "AWS::NimbleStudio::StreamingImage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A human-readable description of the streaming image.", "title": "Description", "type": "string" }, "Ec2ImageId": { "markdownDescription": "The ID of an EC2 machine image with which to create the streaming image.", "title": "Ec2ImageId", "type": "string" }, "Name": { "markdownDescription": "A friendly name for a streaming image resource.", "title": "Name", "type": "string" }, "StudioId": { "markdownDescription": "The unique identifier for a studio resource. In Nimble Studio, all other resources are contained in a studio resource.", "title": "StudioId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Ec2ImageId", "Name", "StudioId" ], "type": "object" }, "Type": { "enum": [ "AWS::NimbleStudio::StreamingImage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NimbleStudio::StreamingImage.StreamingImageEncryptionConfiguration": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "The ARN for a KMS key that is used to encrypt studio data.", "title": "KeyArn", "type": "string" }, "KeyType": { "markdownDescription": "The type of KMS key that is used to encrypt studio data.", "title": "KeyType", "type": "string" } }, "required": [ "KeyType" ], "type": "object" }, "AWS::NimbleStudio::Studio": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdminRoleArn": { "markdownDescription": "The IAM role that studio admins assume when logging in to the Nimble Studio portal.", "title": "AdminRoleArn", "type": "string" }, "DisplayName": { "markdownDescription": "A friendly name for the studio.", "title": "DisplayName", "type": "string" }, "StudioEncryptionConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::Studio.StudioEncryptionConfiguration", "markdownDescription": "Configuration of the encryption method that is used for the studio.", "title": "StudioEncryptionConfiguration" }, "StudioName": { "markdownDescription": "The name of the studio, as included in the URL when accessing it in the Nimble Studio portal.", "title": "StudioName", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "UserRoleArn": { "markdownDescription": "The IAM role that studio users assume when logging in to the Nimble Studio portal.", "title": "UserRoleArn", "type": "string" } }, "required": [ "AdminRoleArn", "DisplayName", "StudioName", "UserRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::NimbleStudio::Studio" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NimbleStudio::Studio.StudioEncryptionConfiguration": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "The ARN for a KMS key that is used to encrypt studio data.", "title": "KeyArn", "type": "string" }, "KeyType": { "markdownDescription": "The type of KMS key that is used to encrypt studio data.", "title": "KeyType", "type": "string" } }, "required": [ "KeyType" ], "type": "object" }, "AWS::NimbleStudio::StudioComponent": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration", "markdownDescription": "The configuration of the studio component, based on component type.", "title": "Configuration" }, "Description": { "markdownDescription": "A human-readable description for the studio component resource.", "title": "Description", "type": "string" }, "Ec2SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The EC2 security groups that control access to the studio component.", "title": "Ec2SecurityGroupIds", "type": "array" }, "InitializationScripts": { "items": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript" }, "markdownDescription": "Initialization scripts for studio components.", "title": "InitializationScripts", "type": "array" }, "Name": { "markdownDescription": "A friendly name for the studio component resource.", "title": "Name", "type": "string" }, "ScriptParameters": { "items": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue" }, "markdownDescription": "Parameters for the studio component scripts.", "title": "ScriptParameters", "type": "array" }, "StudioId": { "markdownDescription": "The unique identifier for a studio resource. In Nimble Studio, all other resources are contained in a studio resource.", "title": "StudioId", "type": "string" }, "Subtype": { "markdownDescription": "The specific subtype of a studio component.", "title": "Subtype", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "The type of the studio component.", "title": "Type", "type": "string" } }, "required": [ "Name", "StudioId", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::NimbleStudio::StudioComponent" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name for the LDAP attribute.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value for the LDAP attribute.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration": { "additionalProperties": false, "properties": { "ComputerAttributes": { "items": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryComputerAttribute" }, "markdownDescription": "A collection of custom attributes for an Active Directory computer.", "title": "ComputerAttributes", "type": "array" }, "DirectoryId": { "markdownDescription": "The directory ID of the AWS Directory Service for Microsoft Active Directory to access using this studio component.", "title": "DirectoryId", "type": "string" }, "OrganizationalUnitDistinguishedName": { "markdownDescription": "The distinguished name (DN) and organizational unit (OU) of an Active Directory computer.", "title": "OrganizationalUnitDistinguishedName", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration": { "additionalProperties": false, "properties": { "ActiveDirectoryUser": { "markdownDescription": "The name of an Active Directory user that is used on ComputeFarm worker instances.", "title": "ActiveDirectoryUser", "type": "string" }, "Endpoint": { "markdownDescription": "The endpoint of the ComputeFarm that is accessed by the studio component resource.", "title": "Endpoint", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "The endpoint of the license service that is accessed by the studio component resource.", "title": "Endpoint", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.ScriptParameterKeyValue": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A script parameter key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "A script parameter value.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "The endpoint of the shared file system that is accessed by the studio component resource.", "title": "Endpoint", "type": "string" }, "FileSystemId": { "markdownDescription": "The unique identifier for a file system.", "title": "FileSystemId", "type": "string" }, "LinuxMountPoint": { "markdownDescription": "The mount location for a shared file system on a Linux virtual workstation.", "title": "LinuxMountPoint", "type": "string" }, "ShareName": { "markdownDescription": "The name of the file share.", "title": "ShareName", "type": "string" }, "WindowsMountDrive": { "markdownDescription": "The mount location for a shared file system on a Windows virtual workstation.", "title": "WindowsMountDrive", "type": "string" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.StudioComponentConfiguration": { "additionalProperties": false, "properties": { "ActiveDirectoryConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ActiveDirectoryConfiguration", "markdownDescription": "The configuration for a AWS Directory Service for Microsoft Active Directory studio resource.", "title": "ActiveDirectoryConfiguration" }, "ComputeFarmConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.ComputeFarmConfiguration", "markdownDescription": "The configuration for a render farm that is associated with a studio resource.", "title": "ComputeFarmConfiguration" }, "LicenseServiceConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.LicenseServiceConfiguration", "markdownDescription": "The configuration for a license service that is associated with a studio resource.", "title": "LicenseServiceConfiguration" }, "SharedFileSystemConfiguration": { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent.SharedFileSystemConfiguration", "markdownDescription": "The configuration for a shared file storage system that is associated with a studio resource.", "title": "SharedFileSystemConfiguration" } }, "type": "object" }, "AWS::NimbleStudio::StudioComponent.StudioComponentInitializationScript": { "additionalProperties": false, "properties": { "LaunchProfileProtocolVersion": { "markdownDescription": "The version number of the protocol that is used by the launch profile. The only valid version is \"2021-03-31\".", "title": "LaunchProfileProtocolVersion", "type": "string" }, "Platform": { "markdownDescription": "The platform of the initialization script, either Windows or Linux.", "title": "Platform", "type": "string" }, "RunContext": { "markdownDescription": "The method to use when running the initialization script.", "title": "RunContext", "type": "string" }, "Script": { "markdownDescription": "The initialization script.", "title": "Script", "type": "string" } }, "type": "object" }, "AWS::OSIS::Pipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BufferOptions": { "$ref": "#/definitions/AWS::OSIS::Pipeline.BufferOptions", "markdownDescription": "Options that specify the configuration of a persistent buffer. To configure how OpenSearch Ingestion encrypts this data, set the `EncryptionAtRestOptions` . For more information, see [Persistent buffering](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/osis-features-overview.html#persistent-buffering) .", "title": "BufferOptions" }, "EncryptionAtRestOptions": { "$ref": "#/definitions/AWS::OSIS::Pipeline.EncryptionAtRestOptions", "markdownDescription": "Options to control how OpenSearch encrypts buffer data.", "title": "EncryptionAtRestOptions" }, "LogPublishingOptions": { "$ref": "#/definitions/AWS::OSIS::Pipeline.LogPublishingOptions", "markdownDescription": "Key-value pairs that represent log publishing settings.", "title": "LogPublishingOptions" }, "MaxUnits": { "markdownDescription": "The maximum pipeline capacity, in Ingestion Compute Units (ICUs).", "title": "MaxUnits", "type": "number" }, "MinUnits": { "markdownDescription": "The minimum pipeline capacity, in Ingestion Compute Units (ICUs).", "title": "MinUnits", "type": "number" }, "PipelineConfigurationBody": { "markdownDescription": "The Data Prepper pipeline configuration in YAML format.", "title": "PipelineConfigurationBody", "type": "string" }, "PipelineName": { "markdownDescription": "The name of the pipeline.", "title": "PipelineName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "List of tags to add to the pipeline upon creation.", "title": "Tags", "type": "array" }, "VpcOptions": { "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", "markdownDescription": "Options that specify the subnets and security groups for an OpenSearch Ingestion VPC endpoint.", "title": "VpcOptions" } }, "required": [ "MaxUnits", "MinUnits", "PipelineConfigurationBody", "PipelineName" ], "type": "object" }, "Type": { "enum": [ "AWS::OSIS::Pipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OSIS::Pipeline.BufferOptions": { "additionalProperties": false, "properties": { "PersistentBufferEnabled": { "markdownDescription": "Whether persistent buffering should be enabled.", "title": "PersistentBufferEnabled", "type": "boolean" } }, "required": [ "PersistentBufferEnabled" ], "type": "object" }, "AWS::OSIS::Pipeline.CloudWatchLogDestination": { "additionalProperties": false, "properties": { "LogGroup": { "markdownDescription": "The name of the CloudWatch Logs group to send pipeline logs to. You can specify an existing log group or create a new one. For example, `/aws/vendedlogs/OpenSearchService/pipelines` .", "title": "LogGroup", "type": "string" } }, "required": [ "LogGroup" ], "type": "object" }, "AWS::OSIS::Pipeline.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key used to encrypt buffer data. By default, data is encrypted using an AWS owned key.", "title": "KmsKeyArn", "type": "string" } }, "required": [ "KmsKeyArn" ], "type": "object" }, "AWS::OSIS::Pipeline.LogPublishingOptions": { "additionalProperties": false, "properties": { "CloudWatchLogDestination": { "$ref": "#/definitions/AWS::OSIS::Pipeline.CloudWatchLogDestination", "markdownDescription": "The destination for OpenSearch Ingestion logs sent to Amazon CloudWatch Logs. This parameter is required if `IsLoggingEnabled` is set to `true` .", "title": "CloudWatchLogDestination" }, "IsLoggingEnabled": { "markdownDescription": "Whether logs should be published.", "title": "IsLoggingEnabled", "type": "boolean" } }, "type": "object" }, "AWS::OSIS::Pipeline.VpcEndpoint": { "additionalProperties": false, "properties": { "VpcEndpointId": { "markdownDescription": "The unique identifier of the endpoint.", "title": "VpcEndpointId", "type": "string" }, "VpcId": { "markdownDescription": "The ID for your VPC. AWS PrivateLink generates this value when you create a VPC.", "title": "VpcId", "type": "string" }, "VpcOptions": { "$ref": "#/definitions/AWS::OSIS::Pipeline.VpcOptions", "markdownDescription": "Information about the VPC, including associated subnets and security groups.", "title": "VpcOptions" } }, "type": "object" }, "AWS::OSIS::Pipeline.VpcOptions": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security groups associated with the VPC endpoint.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs associated with the VPC endpoint.", "title": "SubnetIds", "type": "array" } }, "required": [ "SubnetIds" ], "type": "object" }, "AWS::Oam::Link": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LabelTemplate": { "markdownDescription": "Specify a friendly human-readable name to use to identify this source account when you are viewing data from it in the monitoring account.\n\nYou can include the following variables in your template:\n\n- `$AccountName` is the name of the account\n- `$AccountEmail` is a globally-unique email address, which includes the email domain, such as `mariagarcia@example.com`\n- `$AccountEmailNoDomain` is an email address without the domain name, such as `mariagarcia`", "title": "LabelTemplate", "type": "string" }, "LinkConfiguration": { "$ref": "#/definitions/AWS::Oam::Link.LinkConfiguration", "markdownDescription": "Use this structure to optionally create filters that specify that only some metric namespaces or log groups are to be shared from the source account to the monitoring account.", "title": "LinkConfiguration" }, "ResourceTypes": { "items": { "type": "string" }, "markdownDescription": "An array of strings that define which types of data that the source account shares with the monitoring account. Valid values are `AWS::CloudWatch::Metric | AWS::Logs::LogGroup | AWS::XRay::Trace | AWS::ApplicationInsights::Application | AWS::InternetMonitor::Monitor` .", "title": "ResourceTypes", "type": "array" }, "SinkIdentifier": { "markdownDescription": "The ARN of the sink in the monitoring account that you want to link to. You can use [ListSinks](https://docs.aws.amazon.com/OAM/latest/APIReference/API_ListSinks.html) to find the ARNs of sinks.", "title": "SinkIdentifier", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to the link.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "ResourceTypes", "SinkIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::Oam::Link" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Oam::Link.LinkConfiguration": { "additionalProperties": false, "properties": { "LogGroupConfiguration": { "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", "markdownDescription": "Use this structure to filter which log groups are to share log events from this source account to the monitoring account.", "title": "LogGroupConfiguration" }, "MetricConfiguration": { "$ref": "#/definitions/AWS::Oam::Link.LinkFilter", "markdownDescription": "Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account.", "title": "MetricConfiguration" } }, "type": "object" }, "AWS::Oam::Link.LinkFilter": { "additionalProperties": false, "properties": { "Filter": { "markdownDescription": "When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account\n\nWhen used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands.\n\nUse single quotation marks (') around log group names and metric namespaces.\n\nThe matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` .\n\n- `=` and `!=`\n- `AND`\n- `OR`\n- `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include.\n- `IN` and `NOT IN` , using parentheses `( )`\n\nExamples:\n\n- `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces.\n- `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces.\n- `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces.\n- `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` .\n- `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` .\n- `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` .\n\n> If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account.", "title": "Filter", "type": "string" } }, "required": [ "Filter" ], "type": "object" }, "AWS::Oam::Sink": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A name for the sink.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The IAM policy that grants permissions to source accounts to link to this sink. The policy can grant permission in the following ways:\n\n- Include organization IDs or organization paths to permit all accounts in an organization\n- Include account IDs to permit the specified accounts", "title": "Policy", "type": "object" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to the sink.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Oam::Sink" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Omics::AnnotationStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the store.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the Annotation Store.", "title": "Name", "type": "string" }, "Reference": { "$ref": "#/definitions/AWS::Omics::AnnotationStore.ReferenceItem", "markdownDescription": "The genome reference for the store's annotations.", "title": "Reference" }, "SseConfig": { "$ref": "#/definitions/AWS::Omics::AnnotationStore.SseConfig", "markdownDescription": "The store's server-side encryption (SSE) settings.", "title": "SseConfig" }, "StoreFormat": { "markdownDescription": "The annotation file format of the store.", "title": "StoreFormat", "type": "string" }, "StoreOptions": { "$ref": "#/definitions/AWS::Omics::AnnotationStore.StoreOptions", "markdownDescription": "File parsing options for the annotation store.", "title": "StoreOptions" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name", "StoreFormat" ], "type": "object" }, "Type": { "enum": [ "AWS::Omics::AnnotationStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Omics::AnnotationStore.ReferenceItem": { "additionalProperties": false, "properties": { "ReferenceArn": { "markdownDescription": "The reference's ARN.", "title": "ReferenceArn", "type": "string" } }, "required": [ "ReferenceArn" ], "type": "object" }, "AWS::Omics::AnnotationStore.SseConfig": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "An encryption key ARN.", "title": "KeyArn", "type": "string" }, "Type": { "markdownDescription": "The encryption type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::AnnotationStore.StoreOptions": { "additionalProperties": false, "properties": { "TsvStoreOptions": { "$ref": "#/definitions/AWS::Omics::AnnotationStore.TsvStoreOptions", "markdownDescription": "Formatting options for a TSV file.", "title": "TsvStoreOptions" } }, "required": [ "TsvStoreOptions" ], "type": "object" }, "AWS::Omics::AnnotationStore.TsvStoreOptions": { "additionalProperties": false, "properties": { "AnnotationType": { "markdownDescription": "The store's annotation type.", "title": "AnnotationType", "type": "string" }, "FormatToHeader": { "additionalProperties": true, "markdownDescription": "The store's header key to column name mapping.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "FormatToHeader", "type": "object" }, "Schema": { "markdownDescription": "The schema of an annotation store.", "title": "Schema", "type": "object" } }, "type": "object" }, "AWS::Omics::ReferenceStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the store.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the store.", "title": "Name", "type": "string" }, "SseConfig": { "$ref": "#/definitions/AWS::Omics::ReferenceStore.SseConfig", "markdownDescription": "Server-side encryption (SSE) settings for the store.", "title": "SseConfig" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Omics::ReferenceStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Omics::ReferenceStore.SseConfig": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "An encryption key ARN.", "title": "KeyArn", "type": "string" }, "Type": { "markdownDescription": "The encryption type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::RunGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MaxCpus": { "markdownDescription": "The group's maximum CPU count setting.", "title": "MaxCpus", "type": "number" }, "MaxDuration": { "markdownDescription": "The group's maximum duration setting in minutes.", "title": "MaxDuration", "type": "number" }, "MaxGpus": { "markdownDescription": "The maximum GPUs that can be used by a run group.", "title": "MaxGpus", "type": "number" }, "MaxRuns": { "markdownDescription": "The group's maximum concurrent run setting.", "title": "MaxRuns", "type": "number" }, "Name": { "markdownDescription": "The group's name.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the group.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::Omics::RunGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::SequenceStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the store.", "title": "Description", "type": "string" }, "FallbackLocation": { "markdownDescription": "An S3 location that is used to store files that have failed a direct upload.", "title": "FallbackLocation", "type": "string" }, "Name": { "markdownDescription": "A name for the store.", "title": "Name", "type": "string" }, "SseConfig": { "$ref": "#/definitions/AWS::Omics::SequenceStore.SseConfig", "markdownDescription": "Server-side encryption (SSE) settings for the store.", "title": "SseConfig" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Omics::SequenceStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Omics::SequenceStore.SseConfig": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "An encryption key ARN.", "title": "KeyArn", "type": "string" }, "Type": { "markdownDescription": "The encryption type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::VariantStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the store.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A name for the store.", "title": "Name", "type": "string" }, "Reference": { "$ref": "#/definitions/AWS::Omics::VariantStore.ReferenceItem", "markdownDescription": "The genome reference for the store's variants.", "title": "Reference" }, "SseConfig": { "$ref": "#/definitions/AWS::Omics::VariantStore.SseConfig", "markdownDescription": "Server-side encryption (SSE) settings for the store.", "title": "SseConfig" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the store.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name", "Reference" ], "type": "object" }, "Type": { "enum": [ "AWS::Omics::VariantStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Omics::VariantStore.ReferenceItem": { "additionalProperties": false, "properties": { "ReferenceArn": { "markdownDescription": "The reference's ARN.", "title": "ReferenceArn", "type": "string" } }, "required": [ "ReferenceArn" ], "type": "object" }, "AWS::Omics::VariantStore.SseConfig": { "additionalProperties": false, "properties": { "KeyArn": { "markdownDescription": "An encryption key ARN.", "title": "KeyArn", "type": "string" }, "Type": { "markdownDescription": "The encryption type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::Workflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Accelerators": { "markdownDescription": "", "title": "Accelerators", "type": "string" }, "DefinitionUri": { "markdownDescription": "The URI of a definition for the workflow.", "title": "DefinitionUri", "type": "string" }, "Description": { "markdownDescription": "The parameter's description.", "title": "Description", "type": "string" }, "Engine": { "markdownDescription": "An engine for the workflow.", "title": "Engine", "type": "string" }, "Main": { "markdownDescription": "The path of the main definition file for the workflow.", "title": "Main", "type": "string" }, "Name": { "markdownDescription": "The workflow's name.", "title": "Name", "type": "string" }, "ParameterTemplate": { "additionalProperties": false, "markdownDescription": "The workflow's parameter template.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::Omics::Workflow.WorkflowParameter" } }, "title": "ParameterTemplate", "type": "object" }, "StorageCapacity": { "markdownDescription": "The default storage capacity for the workflow runs, in gibibytes.", "title": "StorageCapacity", "type": "number" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags for the workflow.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::Omics::Workflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Omics::Workflow.WorkflowParameter": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The parameter's description.", "title": "Description", "type": "string" }, "Optional": { "markdownDescription": "Whether the parameter is optional.", "title": "Optional", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchServerless::AccessPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the policy.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the policy.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The JSON policy document without any whitespaces.", "title": "Policy", "type": "string" }, "Type": { "markdownDescription": "The type of access policy. Currently the only option is `data` .", "title": "Type", "type": "string" } }, "required": [ "Name", "Policy", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::AccessPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpenSearchServerless::Collection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the collection.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the collection.\n\nCollection names must meet the following criteria:\n\n- Starts with a lowercase letter\n- Unique to your account and AWS Region\n- Contains between 3 and 28 characters\n- Contains only lowercase letters a-z, the numbers 0-9, and the hyphen (-)", "title": "Name", "type": "string" }, "StandbyReplicas": { "markdownDescription": "Indicates whether to use standby replicas for the collection. You can't update this property after the collection is already created. If you attempt to modify this property, the collection continues to use the original value.", "title": "StandbyReplicas", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the collection.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of collection. Possible values are `SEARCH` , `TIMESERIES` , and `VECTORSEARCH` . For more information, see [Choosing a collection type](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/serverless-overview.html#serverless-usecase) .", "title": "Type", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::Collection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpenSearchServerless::LifecyclePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the lifecycle policy.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the lifecycle policy.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The JSON policy document without any whitespaces.", "title": "Policy", "type": "string" }, "Type": { "markdownDescription": "The type of lifecycle policy.", "title": "Type", "type": "string" } }, "required": [ "Name", "Policy", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::LifecyclePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpenSearchServerless::SecurityConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the security configuration.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the security configuration.", "title": "Name", "type": "string" }, "SamlOptions": { "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions", "markdownDescription": "SAML options for the security configuration in the form of a key-value map.", "title": "SamlOptions" }, "Type": { "markdownDescription": "The type of security configuration. Currently the only option is `saml` .", "title": "Type", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::SecurityConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::OpenSearchServerless::SecurityConfig.SamlConfigOptions": { "additionalProperties": false, "properties": { "GroupAttribute": { "markdownDescription": "The group attribute for this SAML integration.", "title": "GroupAttribute", "type": "string" }, "Metadata": { "markdownDescription": "The XML IdP metadata file generated from your identity provider.", "title": "Metadata", "type": "string" }, "SessionTimeout": { "markdownDescription": "The session timeout, in minutes. Default is 60 minutes (12 hours).", "title": "SessionTimeout", "type": "number" }, "UserAttribute": { "markdownDescription": "A user attribute for this SAML integration.", "title": "UserAttribute", "type": "string" } }, "required": [ "Metadata" ], "type": "object" }, "AWS::OpenSearchServerless::SecurityPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the security policy.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the policy.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The JSON policy document without any whitespaces.", "title": "Policy", "type": "string" }, "Type": { "markdownDescription": "The type of security policy. Can be either `encryption` or `network` .", "title": "Type", "type": "string" } }, "required": [ "Name", "Policy", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::SecurityPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpenSearchServerless::VpcEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the endpoint.", "title": "Name", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The unique identifiers of the security groups that define the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets from which you access OpenSearch Serverless.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC from which you access OpenSearch Serverless.", "title": "VpcId", "type": "string" } }, "required": [ "Name", "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchServerless::VpcEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpenSearchService::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessPolicies": { "markdownDescription": "An AWS Identity and Access Management ( IAM ) policy document that specifies who can access the OpenSearch Service domain and their permissions. For more information, see [Configuring access policies](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ac.html#ac-creating) in the *Amazon OpenSearch Service Developer Guide* .", "title": "AccessPolicies", "type": "object" }, "AdvancedOptions": { "additionalProperties": true, "markdownDescription": "Additional options to specify for the OpenSearch Service domain. For more information, see [AdvancedOptions](https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_CreateDomain.html#API_CreateDomain_RequestBody) in the OpenSearch Service API reference.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdvancedOptions", "type": "object" }, "AdvancedSecurityOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput", "markdownDescription": "Specifies options for fine-grained access control and SAML authentication.\n\nIf you specify advanced security options, you must also enable node-to-node encryption ( [NodeToNodeEncryptionOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-nodetonodeencryptionoptions.html) ) and encryption at rest ( [EncryptionAtRestOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-encryptionatrestoptions.html) ). You must also enable `EnforceHTTPS` within [DomainEndpointOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-domainendpointoptions.html) , which requires HTTPS for all traffic to the domain.", "title": "AdvancedSecurityOptions" }, "ClusterConfig": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.ClusterConfig", "markdownDescription": "Container for the cluster configuration of a domain.", "title": "ClusterConfig" }, "CognitoOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.CognitoOptions", "markdownDescription": "Configures OpenSearch Service to use Amazon Cognito authentication for OpenSearch Dashboards.", "title": "CognitoOptions" }, "DomainEndpointOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.DomainEndpointOptions", "markdownDescription": "Specifies additional options for the domain endpoint, such as whether to require HTTPS for all traffic or whether to use a custom endpoint rather than the default endpoint.", "title": "DomainEndpointOptions" }, "DomainName": { "markdownDescription": "A name for the OpenSearch Service domain. The name must have a minimum length of 3 and a maximum length of 28. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the domain name. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nRequired when creating a new domain.\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "DomainName", "type": "string" }, "EBSOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.EBSOptions", "markdownDescription": "The configurations of Amazon Elastic Block Store (Amazon EBS) volumes that are attached to data nodes in the OpenSearch Service domain. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", "title": "EBSOptions" }, "EncryptionAtRestOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.EncryptionAtRestOptions", "markdownDescription": "Whether the domain should encrypt data at rest, and if so, the AWS KMS key to use. See [Encryption of data at rest for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/encryption-at-rest.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", "title": "EncryptionAtRestOptions" }, "EngineVersion": { "markdownDescription": "The version of OpenSearch to use. The value must be in the format `OpenSearch_X.Y` or `Elasticsearch_X.Y` . If not specified, the latest version of OpenSearch is used. For information about the versions that OpenSearch Service supports, see [Supported versions of OpenSearch and Elasticsearch](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/what-is.html#choosing-version) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you set the [EnableVersionUpgrade](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatepolicy.html#cfn-attributes-updatepolicy-upgradeopensearchdomain) update policy to `true` , you can update `EngineVersion` without interruption. When `EnableVersionUpgrade` is set to `false` , or is not specified, updating `EngineVersion` results in [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) .", "title": "EngineVersion", "type": "string" }, "IPAddressType": { "markdownDescription": "Choose either dual stack or IPv4 as your IP address type. Dual stack allows you to share domain resources across IPv4 and IPv6 address types, and is the recommended option. If you set your IP address type to dual stack, you can't change your address type later.", "title": "IPAddressType", "type": "string" }, "LogPublishingOptions": { "additionalProperties": false, "markdownDescription": "An object with one or more of the following keys: `SEARCH_SLOW_LOGS` , `ES_APPLICATION_LOGS` , `INDEX_SLOW_LOGS` , `AUDIT_LOGS` , depending on the types of logs you want to publish. Each key needs a valid `LogPublishingOption` value. For the full syntax, see the [examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#aws-resource-opensearchservice-domain--examples) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.LogPublishingOption" } }, "title": "LogPublishingOptions", "type": "object" }, "NodeToNodeEncryptionOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions", "markdownDescription": "Specifies whether node-to-node encryption is enabled. See [Node-to-node encryption for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ntn.html) .", "title": "NodeToNodeEncryptionOptions" }, "OffPeakWindowOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindowOptions", "markdownDescription": "Options for a domain's off-peak window, during which OpenSearch Service can perform mandatory configuration changes on the domain.", "title": "OffPeakWindowOptions" }, "SnapshotOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.SnapshotOptions", "markdownDescription": "*DEPRECATED* . The automated snapshot configuration for the OpenSearch Service domain indexes.", "title": "SnapshotOptions" }, "SoftwareUpdateOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.SoftwareUpdateOptions", "markdownDescription": "Service software update options for the domain.", "title": "SoftwareUpdateOptions" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key\u2013value pairs) to associate with the OpenSearch Service domain.", "title": "Tags", "type": "array" }, "VPCOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.VPCOptions", "markdownDescription": "The virtual private cloud (VPC) configuration for the OpenSearch Service domain. For more information, see [Launching your Amazon OpenSearch Service domains within a VPC](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html) in the *Amazon OpenSearch Service Developer Guide* .\n\nIf you remove this entity altogether, along with its associated properties, it causes a replacement. You might encounter this scenario if you're updating your security configuration from a VPC to a public endpoint.", "title": "VPCOptions" } }, "type": "object" }, "Type": { "enum": [ "AWS::OpenSearchService::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::OpenSearchService::Domain.AdvancedSecurityOptionsInput": { "additionalProperties": false, "properties": { "AnonymousAuthDisableDate": { "markdownDescription": "Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", "title": "AnonymousAuthDisableDate", "type": "string" }, "AnonymousAuthEnabled": { "markdownDescription": "True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) .", "title": "AnonymousAuthEnabled", "type": "boolean" }, "Enabled": { "markdownDescription": "True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) .", "title": "Enabled", "type": "boolean" }, "InternalUserDatabaseEnabled": { "markdownDescription": "True to enable the internal user database.", "title": "InternalUserDatabaseEnabled", "type": "boolean" }, "MasterUserOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.MasterUserOptions", "markdownDescription": "Specifies information about the master user.", "title": "MasterUserOptions" }, "SAMLOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.SAMLOptions", "markdownDescription": "Container for information about the SAML configuration for OpenSearch Dashboards.", "title": "SAMLOptions" } }, "type": "object" }, "AWS::OpenSearchService::Domain.ClusterConfig": { "additionalProperties": false, "properties": { "ColdStorageOptions": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.ColdStorageOptions", "markdownDescription": "Container for cold storage configuration options.", "title": "ColdStorageOptions" }, "DedicatedMasterCount": { "markdownDescription": "The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property.", "title": "DedicatedMasterCount", "type": "number" }, "DedicatedMasterEnabled": { "markdownDescription": "Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) .", "title": "DedicatedMasterEnabled", "type": "boolean" }, "DedicatedMasterType": { "markdownDescription": "The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", "title": "DedicatedMasterType", "type": "string" }, "InstanceCount": { "markdownDescription": "The number of data nodes (instances) to use in the OpenSearch Service domain.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) .", "title": "InstanceType", "type": "string" }, "MultiAZWithStandbyEnabled": { "markdownDescription": "Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) .", "title": "MultiAZWithStandbyEnabled", "type": "boolean" }, "WarmCount": { "markdownDescription": "The number of warm nodes in the cluster.", "title": "WarmCount", "type": "number" }, "WarmEnabled": { "markdownDescription": "Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) .", "title": "WarmEnabled", "type": "boolean" }, "WarmType": { "markdownDescription": "The instance type for the cluster's warm nodes.", "title": "WarmType", "type": "string" }, "ZoneAwarenessConfig": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.ZoneAwarenessConfig", "markdownDescription": "Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` .", "title": "ZoneAwarenessConfig" }, "ZoneAwarenessEnabled": { "markdownDescription": "Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) .", "title": "ZoneAwarenessEnabled", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchService::Domain.CognitoOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) .", "title": "Enabled", "type": "boolean" }, "IdentityPoolId": { "markdownDescription": "The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", "title": "IdentityPoolId", "type": "string" }, "RoleArn": { "markdownDescription": "The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", "title": "RoleArn", "type": "string" }, "UserPoolId": { "markdownDescription": "The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication.\n\nRequired if you enabled Cognito Authentication for OpenSearch Dashboards.", "title": "UserPoolId", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.ColdStorageOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchService::Domain.DomainEndpointOptions": { "additionalProperties": false, "properties": { "CustomEndpoint": { "markdownDescription": "The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain.", "title": "CustomEndpoint", "type": "string" }, "CustomEndpointCertificateArn": { "markdownDescription": "The AWS Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain.", "title": "CustomEndpointCertificateArn", "type": "string" }, "CustomEndpointEnabled": { "markdownDescription": "True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` .", "title": "CustomEndpointEnabled", "type": "boolean" }, "EnforceHTTPS": { "markdownDescription": "True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", "title": "EnforceHTTPS", "type": "boolean" }, "TLSSecurityPolicy": { "markdownDescription": "The minimum TLS version required for traffic to the domain. The policy can be one of the following values:\n\n- *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2\n- *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2\n- *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites", "title": "TLSSecurityPolicy", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.EBSOptions": { "additionalProperties": false, "properties": { "EBSEnabled": { "markdownDescription": "Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain.", "title": "EBSEnabled", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types.", "title": "Iops", "type": "number" }, "Throughput": { "markdownDescription": "The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type.", "title": "Throughput", "type": "number" }, "VolumeSize": { "markdownDescription": "The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* .", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* .", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.EncryptionAtRestOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", "title": "Enabled", "type": "boolean" }, "KmsKeyId": { "markdownDescription": "The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest.\n\nYou can also use `keyAlias` as a value.\n\nIf no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property.", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.Idp": { "additionalProperties": false, "properties": { "EntityId": { "markdownDescription": "The unique entity ID of the application in the SAML identity provider.", "title": "EntityId", "type": "string" }, "MetadataContent": { "markdownDescription": "The metadata of the SAML application, in XML format.", "title": "MetadataContent", "type": "string" } }, "required": [ "EntityId", "MetadataContent" ], "type": "object" }, "AWS::OpenSearchService::Domain.LogPublishingOption": { "additionalProperties": false, "properties": { "CloudWatchLogsLogGroupArn": { "markdownDescription": "Specifies the CloudWatch log group to publish to. Required if you enable log publishing.", "title": "CloudWatchLogsLogGroupArn", "type": "string" }, "Enabled": { "markdownDescription": "If `true` , enables the publishing of logs to CloudWatch.\n\nDefault: `false` .", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchService::Domain.MasterUserOptions": { "additionalProperties": false, "properties": { "MasterUserARN": { "markdownDescription": "Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", "title": "MasterUserARN", "type": "string" }, "MasterUserName": { "markdownDescription": "Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", "title": "MasterUserName", "type": "string" }, "MasterUserPassword": { "markdownDescription": "Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .\n\nIf you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead.", "title": "MasterUserPassword", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.NodeToNodeEncryptionOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) .", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchService::Domain.OffPeakWindow": { "additionalProperties": false, "properties": { "WindowStartTime": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.WindowStartTime", "markdownDescription": "The desired start time for an off-peak maintenance window.", "title": "WindowStartTime" } }, "type": "object" }, "AWS::OpenSearchService::Domain.OffPeakWindowOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether off-peak window settings are enabled for the domain.", "title": "Enabled", "type": "boolean" }, "OffPeakWindow": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.OffPeakWindow", "markdownDescription": "Off-peak window settings for the domain.", "title": "OffPeakWindow" } }, "type": "object" }, "AWS::OpenSearchService::Domain.SAMLOptions": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "True to enable SAML authentication for a domain.", "title": "Enabled", "type": "boolean" }, "Idp": { "$ref": "#/definitions/AWS::OpenSearchService::Domain.Idp", "markdownDescription": "The SAML Identity Provider's information.", "title": "Idp" }, "MasterBackendRole": { "markdownDescription": "The backend role that the SAML master user is mapped to.", "title": "MasterBackendRole", "type": "string" }, "MasterUserName": { "markdownDescription": "The SAML master user name, which is stored in the domain's internal user database.", "title": "MasterUserName", "type": "string" }, "RolesKey": { "markdownDescription": "Element of the SAML assertion to use for backend roles. Default is `roles` .", "title": "RolesKey", "type": "string" }, "SessionTimeoutMinutes": { "markdownDescription": "The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60.", "title": "SessionTimeoutMinutes", "type": "number" }, "SubjectKey": { "markdownDescription": "Element of the SAML assertion to use for the user name. Default is `NameID` .", "title": "SubjectKey", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.ServiceSoftwareOptions": { "additionalProperties": false, "properties": { "AutomatedUpdateDate": { "markdownDescription": "The timestamp, in Epoch time, until which you can manually request a service software update. After this date, we automatically update your service software.", "title": "AutomatedUpdateDate", "type": "string" }, "Cancellable": { "markdownDescription": "True if you're able to cancel your service software version update. False if you can't cancel your service software update.", "title": "Cancellable", "type": "boolean" }, "CurrentVersion": { "markdownDescription": "The current service software version present on the domain.", "title": "CurrentVersion", "type": "string" }, "Description": { "markdownDescription": "A description of the service software update status.", "title": "Description", "type": "string" }, "NewVersion": { "markdownDescription": "The new service software version, if one is available.", "title": "NewVersion", "type": "string" }, "OptionalDeployment": { "markdownDescription": "True if a service software is never automatically updated. False if a service software is automatically updated after the automated update date.", "title": "OptionalDeployment", "type": "boolean" }, "UpdateAvailable": { "markdownDescription": "True if you're able to update your service software version. False if you can't update your service software version.", "title": "UpdateAvailable", "type": "boolean" }, "UpdateStatus": { "markdownDescription": "The status of your service software update.", "title": "UpdateStatus", "type": "string" } }, "type": "object" }, "AWS::OpenSearchService::Domain.SnapshotOptions": { "additionalProperties": false, "properties": { "AutomatedSnapshotStartHour": { "markdownDescription": "The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23.", "title": "AutomatedSnapshotStartHour", "type": "number" } }, "type": "object" }, "AWS::OpenSearchService::Domain.SoftwareUpdateOptions": { "additionalProperties": false, "properties": { "AutoSoftwareUpdateEnabled": { "markdownDescription": "Specifies whether automatic service software updates are enabled for the domain.", "title": "AutoSoftwareUpdateEnabled", "type": "boolean" } }, "type": "object" }, "AWS::OpenSearchService::Domain.VPCOptions": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* .\n\nIf you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error \"You must specify exactly one subnet\" during template creation.", "title": "SubnetIds", "type": "array" } }, "type": "object" }, "AWS::OpenSearchService::Domain.WindowStartTime": { "additionalProperties": false, "properties": { "Hours": { "markdownDescription": "The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23.", "title": "Hours", "type": "number" }, "Minutes": { "markdownDescription": "The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59.", "title": "Minutes", "type": "number" } }, "required": [ "Hours", "Minutes" ], "type": "object" }, "AWS::OpenSearchService::Domain.ZoneAwarenessConfig": { "additionalProperties": false, "properties": { "AvailabilityZoneCount": { "markdownDescription": "If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use.\n\nValid values are `2` and `3` . Default is 2.", "title": "AvailabilityZoneCount", "type": "number" } }, "type": "object" }, "AWS::OpsWorks::App": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppSource": { "$ref": "#/definitions/AWS::OpsWorks::App.Source", "markdownDescription": "A `Source` object that specifies the app repository.", "title": "AppSource" }, "Attributes": { "additionalProperties": true, "markdownDescription": "One or more user-defined key/value pairs to be added to the stack attributes.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "DataSources": { "items": { "$ref": "#/definitions/AWS::OpsWorks::App.DataSource" }, "markdownDescription": "The app's data source.", "title": "DataSources", "type": "array" }, "Description": { "markdownDescription": "A description of the app.", "title": "Description", "type": "string" }, "Domains": { "items": { "type": "string" }, "markdownDescription": "The app virtual host settings, with multiple domains separated by commas. For example: `'www.example.com, example.com'`", "title": "Domains", "type": "array" }, "EnableSsl": { "markdownDescription": "Whether to enable SSL for the app.", "title": "EnableSsl", "type": "boolean" }, "Environment": { "items": { "$ref": "#/definitions/AWS::OpsWorks::App.EnvironmentVariable" }, "markdownDescription": "An array of `EnvironmentVariable` objects that specify environment variables to be associated with the app. After you deploy the app, these variables are defined on the associated app server instance. For more information, see [Environment Variables](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html#workingapps-creating-environment) .\n\nThere is no specific limit on the number of environment variables. However, the size of the associated data structure - which includes the variables' names, values, and protected flag values - cannot exceed 20 KB. This limit should accommodate most if not all use cases. Exceeding it will cause an exception with the message, \"Environment: is too large (maximum is 20KB).\"\n\n> If you have specified one or more environment variables, you cannot modify the stack's Chef version.", "title": "Environment", "type": "array" }, "Name": { "markdownDescription": "The app name.", "title": "Name", "type": "string" }, "Shortname": { "markdownDescription": "The app's short name.", "title": "Shortname", "type": "string" }, "SslConfiguration": { "$ref": "#/definitions/AWS::OpsWorks::App.SslConfiguration", "markdownDescription": "An `SslConfiguration` object with the SSL configuration.", "title": "SslConfiguration" }, "StackId": { "markdownDescription": "The stack ID.", "title": "StackId", "type": "string" }, "Type": { "markdownDescription": "The app type. Each supported type is associated with a particular layer. For example, PHP applications are associated with a PHP layer. AWS OpsWorks Stacks deploys an application to those instances that are members of the corresponding layer. If your app isn't one of the standard types, or you prefer to implement your own Deploy recipes, specify `other` .", "title": "Type", "type": "string" } }, "required": [ "Name", "StackId", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::App" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::App.DataSource": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The data source's ARN.", "title": "Arn", "type": "string" }, "DatabaseName": { "markdownDescription": "The database name.", "title": "DatabaseName", "type": "string" }, "Type": { "markdownDescription": "The data source's type, `AutoSelectOpsworksMysqlInstance` , `OpsworksMysqlInstance` , `RdsDbInstance` , or `None` .", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::App.EnvironmentVariable": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "(Required) The environment variable's name, which can consist of up to 64 characters and must be specified. The name can contain upper- and lowercase letters, numbers, and underscores (_), but it must start with a letter or underscore.", "title": "Key", "type": "string" }, "Secure": { "markdownDescription": "(Optional) Whether the variable's value is returned by the `DescribeApps` action. To hide an environment variable's value, set `Secure` to `true` . `DescribeApps` returns `*****FILTERED*****` instead of the actual value. The default value for `Secure` is `false` .", "title": "Secure", "type": "boolean" }, "Value": { "markdownDescription": "(Optional) The environment variable's value, which can be left empty. If you specify a value, it can contain up to 256 characters, which must all be printable.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::OpsWorks::App.Source": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", "title": "Password", "type": "string" }, "Revision": { "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", "title": "Revision", "type": "string" }, "SshKey": { "markdownDescription": "In requests, the repository's SSH key.\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", "title": "SshKey", "type": "string" }, "Type": { "markdownDescription": "The repository type.", "title": "Type", "type": "string" }, "Url": { "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", "title": "Url", "type": "string" }, "Username": { "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::App.SslConfiguration": { "additionalProperties": false, "properties": { "Certificate": { "markdownDescription": "The contents of the certificate's domain.crt file.", "title": "Certificate", "type": "string" }, "Chain": { "markdownDescription": "Optional. Can be used to specify an intermediate certificate authority key or client authentication.", "title": "Chain", "type": "string" }, "PrivateKey": { "markdownDescription": "The private key; the contents of the certificate's domain.kex file.", "title": "PrivateKey", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::ElasticLoadBalancerAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ElasticLoadBalancerName": { "markdownDescription": "The Elastic Load Balancing instance name.", "title": "ElasticLoadBalancerName", "type": "string" }, "LayerId": { "markdownDescription": "The AWS OpsWorks layer ID to which the Elastic Load Balancing load balancer is attached.", "title": "LayerId", "type": "string" } }, "required": [ "ElasticLoadBalancerName", "LayerId" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::ElasticLoadBalancerAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentVersion": { "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- `INHERIT` - Use the stack's default agent version setting.\n- *version_number* - Use the specified agent version. This value overrides the stack's default setting. To update the agent version, edit the instance configuration and specify a new version. AWS OpsWorks Stacks installs that version on the instance.\n\nThe default setting is `INHERIT` . To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.", "title": "AgentVersion", "type": "string" }, "AmiId": { "markdownDescription": "A custom AMI ID to be used to create the instance. The AMI should be based on one of the supported operating systems. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\n> If you specify a custom AMI, you must set `Os` to `Custom` .", "title": "AmiId", "type": "string" }, "Architecture": { "markdownDescription": "The instance architecture. The default option is `x86_64` . Instance types do not necessarily support both architectures. For a list of the architectures that are supported by the different instance types, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) .", "title": "Architecture", "type": "string" }, "AutoScalingType": { "markdownDescription": "For load-based or time-based instances, the type. Windows stacks can use only time-based instances.", "title": "AutoScalingType", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone of the AWS OpsWorks instance, such as `us-east-2a` .", "title": "AvailabilityZone", "type": "string" }, "BlockDeviceMappings": { "items": { "$ref": "#/definitions/AWS::OpsWorks::Instance.BlockDeviceMapping" }, "markdownDescription": "An array of `BlockDeviceMapping` objects that specify the instance's block devices. For more information, see [Block Device Mapping](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) . Note that block device mappings are not supported for custom AMIs.", "title": "BlockDeviceMappings", "type": "array" }, "EbsOptimized": { "markdownDescription": "Whether to create an Amazon EBS-optimized instance.", "title": "EbsOptimized", "type": "boolean" }, "ElasticIps": { "items": { "type": "string" }, "markdownDescription": "A list of Elastic IP addresses to associate with the instance.", "title": "ElasticIps", "type": "array" }, "Hostname": { "markdownDescription": "The instance host name. The following are character limits for instance host names.\n\n- Linux-based instances: 63 characters\n- Windows-based instances: 15 characters", "title": "Hostname", "type": "string" }, "InstallUpdatesOnBoot": { "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> We strongly recommend using the default value of `true` to ensure that your instances have the latest security updates.", "title": "InstallUpdatesOnBoot", "type": "boolean" }, "InstanceType": { "markdownDescription": "The instance type, such as `t2.micro` . For a list of supported instance types, open the stack in the console, choose *Instances* , and choose *+ Instance* . The *Size* list contains the currently supported types. For more information, see [Instance Families and Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) . The parameter values that you use to specify the various types are in the *API Name* column of the *Available Instance Types* table.", "title": "InstanceType", "type": "string" }, "LayerIds": { "items": { "type": "string" }, "markdownDescription": "An array that contains the instance's layer IDs.", "title": "LayerIds", "type": "array" }, "Os": { "markdownDescription": "The instance's operating system, which must be set to one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` .\n\nNot all operating systems are supported with all versions of Chef. For more information about the supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .\n\nThe default option is the current Amazon Linux version. If you set this parameter to `Custom` , you must use the `CreateInstance` action's AmiId parameter to specify the custom AMI that you want to use. Block device mappings are not supported if the value is `Custom` . For more information about how to use custom AMIs with AWS OpsWorks Stacks, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .", "title": "Os", "type": "string" }, "RootDeviceType": { "markdownDescription": "The instance root device type. For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", "title": "RootDeviceType", "type": "string" }, "SshKeyName": { "markdownDescription": "The instance's Amazon EC2 key-pair name.", "title": "SshKeyName", "type": "string" }, "StackId": { "markdownDescription": "The stack ID.", "title": "StackId", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the instance's subnet. If the stack is running in a VPC, you can use this parameter to override the stack's default subnet ID value and direct AWS OpsWorks Stacks to launch the instance in a different subnet.", "title": "SubnetId", "type": "string" }, "Tenancy": { "markdownDescription": "The instance's tenancy option. The default option is no tenancy, or if the instance is running in a VPC, inherit tenancy settings from the VPC. The following are valid values for this parameter: `dedicated` , `default` , or `host` . Because there are costs associated with changes in tenancy options, we recommend that you research tenancy options before choosing them for your instances. For more information about dedicated hosts, see [Dedicated Hosts Overview](https://docs.aws.amazon.com/ec2/dedicated-hosts/) and [Amazon EC2 Dedicated Hosts](https://docs.aws.amazon.com/ec2/dedicated-hosts/) . For more information about dedicated instances, see [Dedicated Instances](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/dedicated-instance.html) and [Amazon EC2 Dedicated Instances](https://docs.aws.amazon.com/ec2/purchasing-options/dedicated-instances/) .", "title": "Tenancy", "type": "string" }, "TimeBasedAutoScaling": { "$ref": "#/definitions/AWS::OpsWorks::Instance.TimeBasedAutoScaling", "markdownDescription": "The time-based scaling configuration for the instance.", "title": "TimeBasedAutoScaling" }, "VirtualizationType": { "markdownDescription": "The instance's virtualization type, `paravirtual` or `hvm` .", "title": "VirtualizationType", "type": "string" }, "Volumes": { "items": { "type": "string" }, "markdownDescription": "A list of AWS OpsWorks volume IDs to associate with the instance. For more information, see [`AWS::OpsWorks::Volume`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opsworks-volume.html) .", "title": "Volumes", "type": "array" } }, "required": [ "InstanceType", "LayerIds", "StackId" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::Instance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::Instance.BlockDeviceMapping": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The device name that is exposed to the instance, such as `/dev/sdh` . For the root device, you can use the explicit device name or you can set this parameter to `ROOT_DEVICE` and AWS OpsWorks Stacks will provide the correct device name.", "title": "DeviceName", "type": "string" }, "Ebs": { "$ref": "#/definitions/AWS::OpsWorks::Instance.EbsBlockDevice", "markdownDescription": "An `EBSBlockDevice` that defines how to configure an Amazon EBS volume when the instance is launched. You can specify either the `VirtualName` or `Ebs` , but not both.", "title": "Ebs" }, "NoDevice": { "markdownDescription": "Suppresses the specified device included in the AMI's block device mapping.", "title": "NoDevice", "type": "string" }, "VirtualName": { "markdownDescription": "The virtual device name. For more information, see [BlockDeviceMapping](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_BlockDeviceMapping.html) . You can specify either the `VirtualName` or `Ebs` , but not both.", "title": "VirtualName", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::Instance.EbsBlockDevice": { "additionalProperties": false, "properties": { "DeleteOnTermination": { "markdownDescription": "Whether the volume is deleted on instance termination.", "title": "DeleteOnTermination", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the volume supports. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", "title": "Iops", "type": "number" }, "SnapshotId": { "markdownDescription": "The snapshot ID.", "title": "SnapshotId", "type": "string" }, "VolumeSize": { "markdownDescription": "The volume size, in GiB. For more information, see [EbsBlockDevice](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_EbsBlockDevice.html) .", "title": "VolumeSize", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. `gp2` for General Purpose (SSD) volumes, `io1` for Provisioned IOPS (SSD) volumes, `st1` for Throughput Optimized hard disk drives (HDD), `sc1` for Cold HDD,and `standard` for Magnetic volumes.\n\nIf you specify the `io1` volume type, you must also specify a value for the `Iops` attribute. The maximum ratio of provisioned IOPS to requested volume size (in GiB) is 50:1. AWS uses the default volume size (in GiB) specified in the AMI attributes to set IOPS to 50 x (volume size).", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::Instance.TimeBasedAutoScaling": { "additionalProperties": false, "properties": { "Friday": { "additionalProperties": true, "markdownDescription": "The schedule for Friday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Friday", "type": "object" }, "Monday": { "additionalProperties": true, "markdownDescription": "The schedule for Monday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Monday", "type": "object" }, "Saturday": { "additionalProperties": true, "markdownDescription": "The schedule for Saturday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Saturday", "type": "object" }, "Sunday": { "additionalProperties": true, "markdownDescription": "The schedule for Sunday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Sunday", "type": "object" }, "Thursday": { "additionalProperties": true, "markdownDescription": "The schedule for Thursday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Thursday", "type": "object" }, "Tuesday": { "additionalProperties": true, "markdownDescription": "The schedule for Tuesday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tuesday", "type": "object" }, "Wednesday": { "additionalProperties": true, "markdownDescription": "The schedule for Wednesday.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Wednesday", "type": "object" } }, "type": "object" }, "AWS::OpsWorks::Layer": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.\n\nTo create a cluster layer, set the `EcsClusterArn` attribute to the cluster's ARN.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "AutoAssignElasticIps": { "markdownDescription": "Whether to automatically assign an [Elastic IP address](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", "title": "AutoAssignElasticIps", "type": "boolean" }, "AutoAssignPublicIps": { "markdownDescription": "For stacks that are running in a VPC, whether to automatically assign a public IP address to the layer's instances. For more information, see [How to Edit a Layer](https://docs.aws.amazon.com/opsworks/latest/userguide/workinglayers-basics-edit.html) .", "title": "AutoAssignPublicIps", "type": "boolean" }, "CustomInstanceProfileArn": { "markdownDescription": "The ARN of an IAM profile to be used for the layer's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", "title": "CustomInstanceProfileArn", "type": "string" }, "CustomJson": { "markdownDescription": "A JSON-formatted string containing custom stack configuration and deployment attributes to be installed on the layer's instances. For more information, see [Using Custom JSON](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook-json-override.html) . This feature is supported as of version 1.7.42 of the AWS CLI .", "title": "CustomJson", "type": "object" }, "CustomRecipes": { "$ref": "#/definitions/AWS::OpsWorks::Layer.Recipes", "markdownDescription": "A `LayerCustomRecipes` object that specifies the layer custom recipes.", "title": "CustomRecipes" }, "CustomSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "An array containing the layer custom security group IDs.", "title": "CustomSecurityGroupIds", "type": "array" }, "EnableAutoHealing": { "markdownDescription": "Whether to disable auto healing for the layer.", "title": "EnableAutoHealing", "type": "boolean" }, "InstallUpdatesOnBoot": { "markdownDescription": "Whether to install operating system and package updates when the instance boots. The default value is `true` . To control when updates are installed, set this value to `false` . You must then update your instances manually by using `CreateDeployment` to run the `update_dependencies` stack command or by manually running `yum` (Amazon Linux) or `apt-get` (Ubuntu) on the instances.\n\n> To ensure that your instances have the latest security updates, we strongly recommend using the default value of `true` .", "title": "InstallUpdatesOnBoot", "type": "boolean" }, "LifecycleEventConfiguration": { "$ref": "#/definitions/AWS::OpsWorks::Layer.LifecycleEventConfiguration", "markdownDescription": "A `LifeCycleEventConfiguration` object that you can use to configure the Shutdown event to specify an execution timeout and enable or disable Elastic Load Balancer connection draining.", "title": "LifecycleEventConfiguration" }, "LoadBasedAutoScaling": { "$ref": "#/definitions/AWS::OpsWorks::Layer.LoadBasedAutoScaling", "markdownDescription": "The load-based scaling configuration for the AWS OpsWorks layer.", "title": "LoadBasedAutoScaling" }, "Name": { "markdownDescription": "The layer name, which is used by the console. Layer names can be a maximum of 32 characters.", "title": "Name", "type": "string" }, "Packages": { "items": { "type": "string" }, "markdownDescription": "An array of `Package` objects that describes the layer packages.", "title": "Packages", "type": "array" }, "Shortname": { "markdownDescription": "For custom layers only, use this parameter to specify the layer's short name, which is used internally by AWS OpsWorks Stacks and by Chef recipes. The short name is also used as the name for the directory where your app files are installed. It can have a maximum of 32 characters, which are limited to the alphanumeric characters, '-', '_', and '.'.\n\nBuilt-in layer short names are defined by AWS OpsWorks Stacks. For more information, see the [Layer Reference](https://docs.aws.amazon.com/opsworks/latest/userguide/layers.html) .", "title": "Shortname", "type": "string" }, "StackId": { "markdownDescription": "The layer stack ID.", "title": "StackId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies one or more sets of tags (key\u2013value pairs) to associate with this AWS OpsWorks layer. Use tags to manage your resources.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The layer type. A stack cannot have more than one built-in layer of the same type. It can have any number of custom layers. Built-in layers are not available in Chef 12 stacks.", "title": "Type", "type": "string" }, "UseEbsOptimizedInstances": { "markdownDescription": "Whether to use Amazon EBS-optimized instances.", "title": "UseEbsOptimizedInstances", "type": "boolean" }, "VolumeConfigurations": { "items": { "$ref": "#/definitions/AWS::OpsWorks::Layer.VolumeConfiguration" }, "markdownDescription": "A `VolumeConfigurations` object that describes the layer's Amazon EBS volumes.", "title": "VolumeConfigurations", "type": "array" } }, "required": [ "AutoAssignElasticIps", "AutoAssignPublicIps", "EnableAutoHealing", "Name", "Shortname", "StackId", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::Layer" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::Layer.AutoScalingThresholds": { "additionalProperties": false, "properties": { "CpuThreshold": { "markdownDescription": "The CPU utilization threshold, as a percent of the available CPU. A value of -1 disables the threshold.", "title": "CpuThreshold", "type": "number" }, "IgnoreMetricsTime": { "markdownDescription": "The amount of time (in minutes) after a scaling event occurs that AWS OpsWorks Stacks should ignore metrics and suppress additional scaling events. For example, AWS OpsWorks Stacks adds new instances following an upscaling event but the instances won't start reducing the load until they have been booted and configured. There is no point in raising additional scaling events during that operation, which typically takes several minutes. `IgnoreMetricsTime` allows you to direct AWS OpsWorks Stacks to suppress scaling events long enough to get the new instances online.", "title": "IgnoreMetricsTime", "type": "number" }, "InstanceCount": { "markdownDescription": "The number of instances to add or remove when the load exceeds a threshold.", "title": "InstanceCount", "type": "number" }, "LoadThreshold": { "markdownDescription": "The load threshold. A value of -1 disables the threshold. For more information about how load is computed, see [Load (computing)](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Load_%28computing%29) .", "title": "LoadThreshold", "type": "number" }, "MemoryThreshold": { "markdownDescription": "The memory utilization threshold, as a percent of the available memory. A value of -1 disables the threshold.", "title": "MemoryThreshold", "type": "number" }, "ThresholdsWaitTime": { "markdownDescription": "The amount of time, in minutes, that the load must exceed a threshold before more instances are added or removed.", "title": "ThresholdsWaitTime", "type": "number" } }, "type": "object" }, "AWS::OpsWorks::Layer.LifecycleEventConfiguration": { "additionalProperties": false, "properties": { "ShutdownEventConfiguration": { "$ref": "#/definitions/AWS::OpsWorks::Layer.ShutdownEventConfiguration", "markdownDescription": "The Shutdown event configuration.", "title": "ShutdownEventConfiguration" } }, "type": "object" }, "AWS::OpsWorks::Layer.LoadBasedAutoScaling": { "additionalProperties": false, "properties": { "DownScaling": { "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", "markdownDescription": "An `AutoScalingThresholds` object that describes the downscaling configuration, which defines how and when AWS OpsWorks Stacks reduces the number of instances.", "title": "DownScaling" }, "Enable": { "markdownDescription": "Whether load-based auto scaling is enabled for the layer.", "title": "Enable", "type": "boolean" }, "UpScaling": { "$ref": "#/definitions/AWS::OpsWorks::Layer.AutoScalingThresholds", "markdownDescription": "An `AutoScalingThresholds` object that describes the upscaling configuration, which defines how and when AWS OpsWorks Stacks increases the number of instances.", "title": "UpScaling" } }, "type": "object" }, "AWS::OpsWorks::Layer.Recipes": { "additionalProperties": false, "properties": { "Configure": { "items": { "type": "string" }, "markdownDescription": "An array of custom recipe names to be run following a `configure` event.", "title": "Configure", "type": "array" }, "Deploy": { "items": { "type": "string" }, "markdownDescription": "An array of custom recipe names to be run following a `deploy` event.", "title": "Deploy", "type": "array" }, "Setup": { "items": { "type": "string" }, "markdownDescription": "An array of custom recipe names to be run following a `setup` event.", "title": "Setup", "type": "array" }, "Shutdown": { "items": { "type": "string" }, "markdownDescription": "An array of custom recipe names to be run following a `shutdown` event.", "title": "Shutdown", "type": "array" }, "Undeploy": { "items": { "type": "string" }, "markdownDescription": "An array of custom recipe names to be run following a `undeploy` event.", "title": "Undeploy", "type": "array" } }, "type": "object" }, "AWS::OpsWorks::Layer.ShutdownEventConfiguration": { "additionalProperties": false, "properties": { "DelayUntilElbConnectionsDrained": { "markdownDescription": "Whether to enable Elastic Load Balancing connection draining. For more information, see [Connection Draining](https://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/TerminologyandKeyConcepts.html#conn-drain)", "title": "DelayUntilElbConnectionsDrained", "type": "boolean" }, "ExecutionTimeout": { "markdownDescription": "The time, in seconds, that AWS OpsWorks Stacks waits after triggering a Shutdown event before shutting down an instance.", "title": "ExecutionTimeout", "type": "number" } }, "type": "object" }, "AWS::OpsWorks::Layer.VolumeConfiguration": { "additionalProperties": false, "properties": { "Encrypted": { "markdownDescription": "Specifies whether an Amazon EBS volume is encrypted. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) .", "title": "Encrypted", "type": "boolean" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) to provision for the volume. For PIOPS volumes, the IOPS per disk.\n\nIf you specify `io1` for the volume type, you must specify this property.", "title": "Iops", "type": "number" }, "MountPoint": { "markdownDescription": "The volume mount point. For example \"/dev/sdh\".", "title": "MountPoint", "type": "string" }, "NumberOfDisks": { "markdownDescription": "The number of disks in the volume.", "title": "NumberOfDisks", "type": "number" }, "RaidLevel": { "markdownDescription": "The volume [RAID level](https://docs.aws.amazon.com/http://en.wikipedia.org/wiki/Standard_RAID_levels) .", "title": "RaidLevel", "type": "number" }, "Size": { "markdownDescription": "The volume size.", "title": "Size", "type": "number" }, "VolumeType": { "markdownDescription": "The volume type. For more information, see [Amazon EBS Volume Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) .\n\n- `standard` - Magnetic. Magnetic volumes must have a minimum size of 1 GiB and a maximum size of 1024 GiB.\n- `io1` - Provisioned IOPS (SSD). PIOPS volumes must have a minimum size of 4 GiB and a maximum size of 16384 GiB.\n- `gp2` - General Purpose (SSD). General purpose volumes must have a minimum size of 1 GiB and a maximum size of 16384 GiB.\n- `st1` - Throughput Optimized hard disk drive (HDD). Throughput optimized HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.\n- `sc1` - Cold HDD. Cold HDD volumes must have a minimum size of 125 GiB and a maximum size of 16384 GiB.", "title": "VolumeType", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::Stack": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AgentVersion": { "markdownDescription": "The default AWS OpsWorks Stacks agent version. You have the following options:\n\n- Auto-update - Set this parameter to `LATEST` . AWS OpsWorks Stacks automatically installs new agent versions on the stack's instances as soon as they are available.\n- Fixed version - Set this parameter to your preferred agent version. To update the agent version, you must edit the stack configuration and specify a new version. AWS OpsWorks Stacks installs that version on the stack's instances.\n\nThe default setting is the most recent release of the agent. To specify an agent version, you must use the complete version number, not the abbreviated number shown on the console. For a list of available agent version numbers, call `DescribeAgentVersions` . AgentVersion cannot be set to Chef 12.2.\n\n> You can also specify an agent version when you create or update an instance, which overrides the stack's default setting.", "title": "AgentVersion", "type": "string" }, "Attributes": { "additionalProperties": true, "markdownDescription": "One or more user-defined key-value pairs to be added to the stack attributes.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "ChefConfiguration": { "$ref": "#/definitions/AWS::OpsWorks::Stack.ChefConfiguration", "markdownDescription": "A `ChefConfiguration` object that specifies whether to enable Berkshelf and the Berkshelf version on Chef 11.10 stacks. For more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", "title": "ChefConfiguration" }, "CloneAppIds": { "items": { "type": "string" }, "markdownDescription": "If you're cloning an AWS OpsWorks stack, a list of AWS OpsWorks application stack IDs from the source stack to include in the cloned stack.", "title": "CloneAppIds", "type": "array" }, "ClonePermissions": { "markdownDescription": "If you're cloning an AWS OpsWorks stack, indicates whether to clone the source stack's permissions.", "title": "ClonePermissions", "type": "boolean" }, "ConfigurationManager": { "$ref": "#/definitions/AWS::OpsWorks::Stack.StackConfigurationManager", "markdownDescription": "The configuration manager. When you create a stack we recommend that you use the configuration manager to specify the Chef version: 12, 11.10, or 11.4 for Linux stacks, or 12.2 for Windows stacks. The default value for Linux stacks is currently 12.", "title": "ConfigurationManager" }, "CustomCookbooksSource": { "$ref": "#/definitions/AWS::OpsWorks::Stack.Source", "markdownDescription": "Contains the information required to retrieve an app or cookbook from a repository. For more information, see [Adding Apps](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-creating.html) or [Cookbooks and Recipes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingcookbook.html) .", "title": "CustomCookbooksSource" }, "CustomJson": { "markdownDescription": "A string that contains user-defined, custom JSON. It can be used to override the corresponding default stack configuration attribute values or to pass data to recipes. The string should be in the following format:\n\n`\"{\\\"key1\\\": \\\"value1\\\", \\\"key2\\\": \\\"value2\\\",...}\"`\n\nFor more information about custom JSON, see [Use Custom JSON to Modify the Stack Configuration Attributes](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-json.html) .", "title": "CustomJson", "type": "object" }, "DefaultAvailabilityZone": { "markdownDescription": "The stack's default Availability Zone, which must be in the specified region. For more information, see [Regions and Endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html) . If you also specify a value for `DefaultSubnetId` , the subnet must be in the same zone. For more information, see the `VpcId` parameter description.", "title": "DefaultAvailabilityZone", "type": "string" }, "DefaultInstanceProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM profile that is the default profile for all of the stack's EC2 instances. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", "title": "DefaultInstanceProfileArn", "type": "string" }, "DefaultOs": { "markdownDescription": "The stack's default operating system, which is installed on every instance unless you specify a different operating system when you create the instance. You can specify one of the following.\n\n- A supported Linux operating system: An Amazon Linux version, such as `Amazon Linux 2` , `Amazon Linux 2018.03` , `Amazon Linux 2017.09` , `Amazon Linux 2017.03` , `Amazon Linux 2016.09` , `Amazon Linux 2016.03` , `Amazon Linux 2015.09` , or `Amazon Linux 2015.03` .\n- A supported Ubuntu operating system, such as `Ubuntu 18.04 LTS` , `Ubuntu 16.04 LTS` , `Ubuntu 14.04 LTS` , or `Ubuntu 12.04 LTS` .\n- `CentOS Linux 7`\n- `Red Hat Enterprise Linux 7`\n- A supported Windows operating system, such as `Microsoft Windows Server 2012 R2 Base` , `Microsoft Windows Server 2012 R2 with SQL Server Express` , `Microsoft Windows Server 2012 R2 with SQL Server Standard` , or `Microsoft Windows Server 2012 R2 with SQL Server Web` .\n- A custom AMI: `Custom` . You specify the custom AMI you want to use when you create instances. For more information, see [Using Custom AMIs](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-custom-ami.html) .\n\nThe default option is the current Amazon Linux version. Not all operating systems are supported with all versions of Chef. For more information about supported operating systems, see [AWS OpsWorks Stacks Operating Systems](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-os.html) .", "title": "DefaultOs", "type": "string" }, "DefaultRootDeviceType": { "markdownDescription": "The default root device type. This value is the default for all instances in the stack, but you can override it when you create an instance. The default option is `instance-store` . For more information, see [Storage for the Root Device](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ComponentsAMIs.html#storage-for-the-root-device) .", "title": "DefaultRootDeviceType", "type": "string" }, "DefaultSshKeyName": { "markdownDescription": "A default Amazon EC2 key pair name. The default value is none. If you specify a key pair name, AWS OpsWorks installs the public key on the instance and you can use the private key with an SSH client to log in to the instance. For more information, see [Using SSH to Communicate with an Instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-ssh.html) and [Managing SSH Access](https://docs.aws.amazon.com/opsworks/latest/userguide/security-ssh-access.html) . You can override this setting by specifying a different key pair, or no key pair, when you [create an instance](https://docs.aws.amazon.com/opsworks/latest/userguide/workinginstances-add.html) .", "title": "DefaultSshKeyName", "type": "string" }, "DefaultSubnetId": { "markdownDescription": "The stack's default subnet ID. All instances are launched into this subnet unless you specify another subnet ID when you create the instance. This parameter is required if you specify a value for the `VpcId` parameter. If you also specify a value for `DefaultAvailabilityZone` , the subnet must be in that zone.", "title": "DefaultSubnetId", "type": "string" }, "EcsClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Elastic Container Service ( Amazon ECS ) cluster to register with the AWS OpsWorks stack.\n\n> If you specify a cluster that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the cluster.", "title": "EcsClusterArn", "type": "string" }, "ElasticIps": { "items": { "$ref": "#/definitions/AWS::OpsWorks::Stack.ElasticIp" }, "markdownDescription": "A list of Elastic IP addresses to register with the AWS OpsWorks stack.\n\n> If you specify an IP address that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the IP address.", "title": "ElasticIps", "type": "array" }, "HostnameTheme": { "markdownDescription": "The stack's host name theme, with spaces replaced by underscores. The theme is used to generate host names for the stack's instances. By default, `HostnameTheme` is set to `Layer_Dependent` , which creates host names by appending integers to the layer's short name. The other themes are:\n\n- `Baked_Goods`\n- `Clouds`\n- `Europe_Cities`\n- `Fruits`\n- `Greek_Deities_and_Titans`\n- `Legendary_creatures_from_Japan`\n- `Planets_and_Moons`\n- `Roman_Deities`\n- `Scottish_Islands`\n- `US_Cities`\n- `Wild_Cats`\n\nTo obtain a generated host name, call `GetHostNameSuggestion` , which returns a host name based on the current theme.", "title": "HostnameTheme", "type": "string" }, "Name": { "markdownDescription": "The stack name. Stack names can be a maximum of 64 characters.", "title": "Name", "type": "string" }, "RdsDbInstances": { "items": { "$ref": "#/definitions/AWS::OpsWorks::Stack.RdsDbInstance" }, "markdownDescription": "The Amazon Relational Database Service ( Amazon RDS ) database instance to register with the AWS OpsWorks stack.\n\n> If you specify a database instance that's registered with another AWS OpsWorks stack, AWS CloudFormation deregisters the existing association before registering the database instance.", "title": "RdsDbInstances", "type": "array" }, "ServiceRoleArn": { "markdownDescription": "The stack's IAM role, which allows AWS OpsWorks Stacks to work with AWS resources on your behalf. You must set this parameter to the Amazon Resource Name (ARN) for an existing IAM role. For more information about IAM ARNs, see [Using Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) .", "title": "ServiceRoleArn", "type": "string" }, "SourceStackId": { "markdownDescription": "If you're cloning an AWS OpsWorks stack, the stack ID of the source AWS OpsWorks stack to clone.", "title": "SourceStackId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values that are attached to a stack or layer.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : /`\n- Leading and trailing white spaces are trimmed from both the key and value.\n- A maximum of 40 tags is allowed for any resource.", "title": "Tags", "type": "array" }, "UseCustomCookbooks": { "markdownDescription": "Whether the stack uses custom cookbooks.", "title": "UseCustomCookbooks", "type": "boolean" }, "UseOpsworksSecurityGroups": { "markdownDescription": "Whether to associate the AWS OpsWorks Stacks built-in security groups with the stack's layers.\n\nAWS OpsWorks Stacks provides a standard set of built-in security groups, one for each layer, which are associated with layers by default. With `UseOpsworksSecurityGroups` you can instead provide your own custom security groups. `UseOpsworksSecurityGroups` has the following settings:\n\n- True - AWS OpsWorks Stacks automatically associates the appropriate built-in security group with each layer (default setting). You can associate additional security groups with a layer after you create it, but you cannot delete the built-in security group.\n- False - AWS OpsWorks Stacks does not associate built-in security groups with layers. You must create appropriate EC2 security groups and associate a security group with each layer that you create. However, you can still manually associate a built-in security group with a layer on creation; custom security groups are required only for those layers that need custom settings.\n\nFor more information, see [Create a New Stack](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-creating.html) .", "title": "UseOpsworksSecurityGroups", "type": "boolean" }, "VpcId": { "markdownDescription": "The ID of the VPC that the stack is to be launched into. The VPC must be in the stack's region. All instances are launched into this VPC. You cannot change the ID later.\n\n- If your account supports EC2-Classic, the default value is `no VPC` .\n- If your account does not support EC2-Classic, the default value is the default VPC for the specified region.\n\nIf the VPC ID corresponds to a default VPC and you have specified either the `DefaultAvailabilityZone` or the `DefaultSubnetId` parameter only, AWS OpsWorks Stacks infers the value of the other parameter. If you specify neither parameter, AWS OpsWorks Stacks sets these parameters to the first valid Availability Zone for the specified region and the corresponding default VPC subnet ID, respectively.\n\nIf you specify a nondefault VPC ID, note the following:\n\n- It must belong to a VPC in your account that is in the specified region.\n- You must specify a value for `DefaultSubnetId` .\n\nFor more information about how to use AWS OpsWorks Stacks with a VPC, see [Running a Stack in a VPC](https://docs.aws.amazon.com/opsworks/latest/userguide/workingstacks-vpc.html) . For more information about default VPC and EC2-Classic, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", "title": "VpcId", "type": "string" } }, "required": [ "DefaultInstanceProfileArn", "Name", "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::Stack" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::Stack.ChefConfiguration": { "additionalProperties": false, "properties": { "BerkshelfVersion": { "markdownDescription": "The Berkshelf version.", "title": "BerkshelfVersion", "type": "string" }, "ManageBerkshelf": { "markdownDescription": "Whether to enable Berkshelf.", "title": "ManageBerkshelf", "type": "boolean" } }, "type": "object" }, "AWS::OpsWorks::Stack.ElasticIp": { "additionalProperties": false, "properties": { "Ip": { "markdownDescription": "The IP address.", "title": "Ip", "type": "string" }, "Name": { "markdownDescription": "The name, which can be a maximum of 32 characters.", "title": "Name", "type": "string" } }, "required": [ "Ip" ], "type": "object" }, "AWS::OpsWorks::Stack.RdsDbInstance": { "additionalProperties": false, "properties": { "DbPassword": { "markdownDescription": "AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", "title": "DbPassword", "type": "string" }, "DbUser": { "markdownDescription": "The master user name.", "title": "DbUser", "type": "string" }, "RdsDbInstanceArn": { "markdownDescription": "The instance's ARN.", "title": "RdsDbInstanceArn", "type": "string" } }, "required": [ "DbPassword", "DbUser", "RdsDbInstanceArn" ], "type": "object" }, "AWS::OpsWorks::Stack.Source": { "additionalProperties": false, "properties": { "Password": { "markdownDescription": "When included in a request, the parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Password` to the appropriate IAM secret access key.\n- For HTTP bundles and Subversion repositories, set `Password` to the password.\n\nFor more information on how to safely handle IAM credentials, see [](https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html) .\n\nIn responses, AWS OpsWorks Stacks returns `*****FILTERED*****` instead of the actual value.", "title": "Password", "type": "string" }, "Revision": { "markdownDescription": "The application's version. AWS OpsWorks Stacks enables you to easily deploy new versions of an application. One of the simplest approaches is to have branches or revisions in your repository that represent different versions that can potentially be deployed.", "title": "Revision", "type": "string" }, "SshKey": { "markdownDescription": "The repository's SSH key. For more information, see [Using Git Repository SSH Keys](https://docs.aws.amazon.com/opsworks/latest/userguide/workingapps-deploykeys.html) in the *AWS OpsWorks User Guide* . To pass in an SSH key as a parameter, see the following example:\n\n`\"Parameters\" : { \"GitSSHKey\" : { \"Description\" : \"Change SSH key newlines to commas.\", \"Type\" : \"CommaDelimitedList\", \"NoEcho\" : \"true\" }, ... \"CustomCookbooksSource\": { \"Revision\" : { \"Ref\": \"GitRevision\"}, \"SshKey\" : { \"Fn::Join\" : [ \"\\n\", { \"Ref\": \"GitSSHKey\"} ] }, \"Type\": \"git\", \"Url\": { \"Ref\": \"GitURL\"} } ...`", "title": "SshKey", "type": "string" }, "Type": { "markdownDescription": "The repository type.", "title": "Type", "type": "string" }, "Url": { "markdownDescription": "The source URL. The following is an example of an Amazon S3 source URL: `https://s3.amazonaws.com/opsworks-demo-bucket/opsworks_cookbook_demo.tar.gz` .", "title": "Url", "type": "string" }, "Username": { "markdownDescription": "This parameter depends on the repository type.\n\n- For Amazon S3 bundles, set `Username` to the appropriate IAM access key ID.\n- For HTTP bundles, Git repositories, and Subversion repositories, set `Username` to the user name.", "title": "Username", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::Stack.StackConfigurationManager": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name. This parameter must be set to `Chef` .", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The Chef version. This parameter must be set to 12, 11.10, or 11.4 for Linux stacks, and to 12.2 for Windows stacks. The default value for Linux stacks is 12.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::OpsWorks::UserProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowSelfManagement": { "markdownDescription": "Whether users can specify their own SSH public key through the My Settings page. For more information, see [Managing User Permissions](https://docs.aws.amazon.com/opsworks/latest/userguide/security-settingsshkey.html) .", "title": "AllowSelfManagement", "type": "boolean" }, "IamUserArn": { "markdownDescription": "The user's IAM ARN.", "title": "IamUserArn", "type": "string" }, "SshPublicKey": { "markdownDescription": "The user's SSH public key.", "title": "SshPublicKey", "type": "string" }, "SshUsername": { "markdownDescription": "The user's SSH user name.", "title": "SshUsername", "type": "string" } }, "required": [ "IamUserArn" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::UserProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorks::Volume": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Ec2VolumeId": { "markdownDescription": "The Amazon EC2 volume ID.", "title": "Ec2VolumeId", "type": "string" }, "MountPoint": { "markdownDescription": "The volume mount point. For example, \"/mnt/disk1\".", "title": "MountPoint", "type": "string" }, "Name": { "markdownDescription": "The volume name. Volume names are a maximum of 128 characters.", "title": "Name", "type": "string" }, "StackId": { "markdownDescription": "The stack ID.", "title": "StackId", "type": "string" } }, "required": [ "Ec2VolumeId", "StackId" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorks::Volume" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorksCM::Server": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociatePublicIpAddress": { "markdownDescription": "Associate a public IP address with a server that you are launching. Valid values are `true` or `false` . The default value is `true` .", "title": "AssociatePublicIpAddress", "type": "boolean" }, "BackupId": { "markdownDescription": "If you specify this field, AWS OpsWorks CM creates the server by using the backup represented by BackupId.", "title": "BackupId", "type": "string" }, "BackupRetentionCount": { "markdownDescription": "The number of automated backups that you want to keep. Whenever a new backup is created, AWS OpsWorks CM deletes the oldest backups if this number is exceeded. The default value is `1` .", "title": "BackupRetentionCount", "type": "number" }, "CustomCertificate": { "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A PEM-formatted HTTPS certificate. The value can be be a single, self-signed certificate, or a certificate chain. If you specify a custom certificate, you must also specify values for `CustomDomain` and `CustomPrivateKey` . The following are requirements for the `CustomCertificate` value:\n\n- You can provide either a self-signed, custom certificate, or the full certificate chain.\n- The certificate must be a valid X509 certificate, or a certificate chain in PEM format.\n- The certificate must be valid at the time of upload. A certificate can't be used before its validity period begins (the certificate's `NotBefore` date), or after it expires (the certificate's `NotAfter` date).\n- The certificate\u2019s common name or subject alternative names (SANs), if present, must match the value of `CustomDomain` .\n- The certificate must match the value of `CustomPrivateKey` .", "title": "CustomCertificate", "type": "string" }, "CustomDomain": { "markdownDescription": "Supported on servers running Chef Automate 2.0 only. An optional public endpoint of a server, such as `https://aws.my-company.com` . To access the server, create a CNAME DNS record in your preferred DNS service that points the custom domain to the endpoint that is generated when the server is created (the value of the CreateServer Endpoint attribute). You cannot access the server by using the generated `Endpoint` value if the server is using a custom domain. If you specify a custom domain, you must also specify values for `CustomCertificate` and `CustomPrivateKey` .", "title": "CustomDomain", "type": "string" }, "CustomPrivateKey": { "markdownDescription": "Supported on servers running Chef Automate 2.0 only. A private key in PEM format for connecting to the server by using HTTPS. The private key must not be encrypted; it cannot be protected by a password or passphrase. If you specify a custom private key, you must also specify values for `CustomDomain` and `CustomCertificate` .", "title": "CustomPrivateKey", "type": "string" }, "DisableAutomatedBackup": { "markdownDescription": "Enable or disable scheduled backups. Valid values are `true` or `false` . The default value is `true` .", "title": "DisableAutomatedBackup", "type": "boolean" }, "Engine": { "markdownDescription": "The configuration management engine to use. Valid values include `ChefAutomate` and `Puppet` .", "title": "Engine", "type": "string" }, "EngineAttributes": { "items": { "$ref": "#/definitions/AWS::OpsWorksCM::Server.EngineAttribute" }, "markdownDescription": "Optional engine attributes on a specified server.\n\n**Attributes accepted in a Chef createServer request:** - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. When no CHEF_AUTOMATE_PIVOTAL_KEY is set, a private key is generated and returned in the response. When you are specifying the value of CHEF_AUTOMATE_PIVOTAL_KEY as a parameter in the AWS CloudFormation console, you must add newline ( `\\n` ) characters at the end of each line of the pivotal key value.\n- `CHEF_AUTOMATE_ADMIN_PASSWORD` : The password for the administrative user in the Chef Automate web-based dashboard. The password length is a minimum of eight characters, and a maximum of 32. The password can contain letters, numbers, and special characters (!/@#$%^&+=_). The password must contain at least one lower case letter, one upper case letter, one number, and one special character. When no CHEF_AUTOMATE_ADMIN_PASSWORD is set, one is generated and returned in the response.\n\n**Attributes accepted in a Puppet createServer request:** - `PUPPET_ADMIN_PASSWORD` : To work with the Puppet Enterprise console, a password must use ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add PUPPET_R10K_PRIVATE_KEY to specify a PEM-encoded private SSH key.", "title": "EngineAttributes", "type": "array" }, "EngineModel": { "markdownDescription": "The engine model of the server. Valid values in this release include `Monolithic` for Puppet and `Single` for Chef.", "title": "EngineModel", "type": "string" }, "EngineVersion": { "markdownDescription": "The major release version of the engine that you want to use. For a Chef server, the valid value for EngineVersion is currently `2` . For a Puppet server, valid values are `2019` or `2017` .", "title": "EngineVersion", "type": "string" }, "InstanceProfileArn": { "markdownDescription": "The ARN of the instance profile that your Amazon EC2 instances use.", "title": "InstanceProfileArn", "type": "string" }, "InstanceType": { "markdownDescription": "The Amazon EC2 instance type to use. For example, `m5.large` .", "title": "InstanceType", "type": "string" }, "KeyPair": { "markdownDescription": "The Amazon EC2 key pair to set for the instance. This parameter is optional; if desired, you may specify this parameter to connect to your instances by using SSH.", "title": "KeyPair", "type": "string" }, "PreferredBackupWindow": { "markdownDescription": "The start time for a one-hour period during which AWS OpsWorks CM backs up application-level data on your server if automated backups are enabled. Valid values must be specified in one of the following formats:\n\n- `HH:MM` for daily backups\n- `DDD:HH:MM` for weekly backups\n\n`MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random, daily start time.\n\n*Example:* `08:00` , which represents a daily start time of 08:00 UTC.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The start time for a one-hour period each week during which AWS OpsWorks CM performs maintenance on the instance. Valid values must be specified in the following format: `DDD:HH:MM` . `MM` must be specified as `00` . The specified time is in coordinated universal time (UTC). The default value is a random one-hour period on Tuesday, Wednesday, or Friday. See `TimeWindowDefinition` for more information.\n\n*Example:* `Mon:08:00` , which represents a start time of every Monday at 08:00 UTC. (8:00 a.m.)", "title": "PreferredMaintenanceWindow", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group IDs to attach to the Amazon EC2 instance. If you add this parameter, the specified security groups must be within the VPC that is specified by `SubnetIds` .\n\nIf you do not specify this parameter, AWS OpsWorks CM creates one new security group that uses TCP ports 22 and 443, open to 0.0.0.0/0 (everyone).", "title": "SecurityGroupIds", "type": "array" }, "ServiceRoleArn": { "markdownDescription": "The service role that the AWS OpsWorks CM service backend uses to work with your account. Although the AWS OpsWorks management console typically creates the service role for you, if you are using the AWS CLI or API commands, run the service-role-creation.yaml AWS CloudFormation template, located at https://s3.amazonaws.com/opsworks-cm-us-east-1-prod-default-assets/misc/opsworks-cm-roles.yaml. This template creates a CloudFormation stack that includes the service role and instance profile that you need.", "title": "ServiceRoleArn", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of subnets in which to launch the server EC2 instance.\n\nAmazon EC2-Classic customers: This field is required. All servers must run within a VPC. The VPC must have \"Auto Assign Public IP\" enabled.\n\nEC2-VPC customers: This field is optional. If you do not specify subnet IDs, your EC2 instances are created in a default subnet that is selected by Amazon EC2. If you specify subnet IDs, the VPC must have \"Auto Assign Public IP\" enabled.\n\nFor more information about supported Amazon EC2 platforms, see [Supported Platforms](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) .", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map that contains tag keys and tag values to attach to an AWS OpsWorks for Chef Automate or OpsWorks for Puppet Enterprise server.\n\n- The key cannot be empty.\n- The key can be a maximum of 127 characters, and can contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- The value can be a maximum 255 characters, and contain only Unicode letters, numbers, or separators, or the following special characters: `+ - = . _ : / @`\n- Leading and trailing spaces are trimmed from both the key and value.\n- A maximum of 50 user-applied tags is allowed for any AWS OpsWorks CM server.", "title": "Tags", "type": "array" } }, "required": [ "InstanceProfileArn", "InstanceType", "ServiceRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::OpsWorksCM::Server" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::OpsWorksCM::Server.EngineAttribute": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the engine attribute.\n\n*Attribute name for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_ADMIN_PASSWORD`\n\n*Attribute names for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD`\n- `PUPPET_R10K_REMOTE`\n- `PUPPET_R10K_PRIVATE_KEY`", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the engine attribute.\n\n*Attribute value for Chef Automate servers:*\n\n- `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers.\n\n`openssl genrsa -out *pivotal_key_file_name* .pem 2048`\n\nOn Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com.\n\n*Attribute values for Puppet Enterprise servers:*\n\n- `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters.\n- `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170.\n- `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Organizations::Account": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountName": { "markdownDescription": "The account name given to the account when it was created.", "title": "AccountName", "type": "string" }, "Email": { "markdownDescription": "The email address associated with the AWS account.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for this parameter is a string of characters that represents a standard internet email address.", "title": "Email", "type": "string" }, "ParentIds": { "items": { "type": "string" }, "markdownDescription": "The unique identifier (ID) of the root or organizational unit (OU) that you want to create the new account in. If you don't specify this parameter, the `ParentId` defaults to the root ID.\n\nThis parameter only accepts a string array with one string value.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", "title": "ParentIds", "type": "array" }, "RoleName": { "markdownDescription": "The name of an IAM role that AWS Organizations automatically preconfigures in the new member account. This role trusts the management account, allowing users in the management account to assume the role, as permitted by the management account administrator. The role has administrator permissions in the new member account.\n\nIf you don't specify this parameter, the role name defaults to `OrganizationAccountAccessRole` .\n\nFor more information about how to use this role to access the member account, see the following links:\n\n- [Creating the OrganizationAccountAccessRole in an invited member account](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts_access.html#orgs_manage_accounts_create-cross-account-role) in the *AWS Organizations User Guide*\n- Steps 2 and 3 in [IAM Tutorial: Delegate access across AWS accounts using IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) in the *IAM User Guide*\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter. The pattern can include uppercase letters, lowercase letters, digits with no spaces, and any of the following characters: =,.@-", "title": "RoleName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the newly created account. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the maximum allowed number of tags for an account, then the entire request fails and the account is not created.", "title": "Tags", "type": "array" } }, "required": [ "AccountName", "Email" ], "type": "object" }, "Type": { "enum": [ "AWS::Organizations::Account" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Organizations::Organization": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FeatureSet": { "markdownDescription": "Specifies the feature set supported by the new organization. Each feature set supports different levels of functionality.\n\n- `ALL` In addition to all the features supported by the consolidated billing feature set, the management account gains access to advanced features that give you more control over accounts in your organization. By default or if you set the `FeatureSet` property to `ALL` , the new organization is created with all features enabled and service control policies automatically enabled in the [root](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#root) . For more information, see [All features](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-all) in the *AWS Organizations User Guide* .\n- `CONSOLIDATED_BILLING` All member accounts have their bills consolidated to and paid by the management account. For more information, see [Consolidated billing](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html#feature-set-cb-only) in the *AWS Organizations User Guide* .\n\nThe consolidated billing feature subset isn't available for organizations in the AWS GovCloud (US) Region.\n\nFeature set `ALL` provides the following advanced features:\n\n- Apply any [policy type](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies.html#orgs-policy-types) to any member account in the organization.\n- Apply [service control policies (SCPs)](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html) to member accounts that restrict the services and actions that users (including the root user) and roles in an account can access. Using SCPs you can prevent member accounts from leaving the organization.\n- Enable [integration with supported AWS services](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_integrate_services_list.html) to let those services provide functionality across all of the accounts in your organization.\n\nIf you don't specify this property, the default value is `ALL` .", "title": "FeatureSet", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Organizations::Organization" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Organizations::OrganizationalUnit": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The friendly name of this OU.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", "title": "Name", "type": "string" }, "ParentId": { "markdownDescription": "The unique identifier (ID) of the parent root or OU that you want to create the new OU in.\n\n> To update the `ParentId` parameter value, you must first remove all accounts attached to the organizational unit (OU). OUs can't be moved within the organization with accounts still attached. \n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a parent ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", "title": "ParentId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the newly created OU. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for an OU, then the entire request fails and the OU is not created.", "title": "Tags", "type": "array" } }, "required": [ "Name", "ParentId" ], "type": "object" }, "Type": { "enum": [ "AWS::Organizations::OrganizationalUnit" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Organizations::Policy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The policy text content. You can specify the policy content as a JSON object or a JSON string.\n\n> When you specify the policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the policy content as a JSON object instead. \n\nThe text that you supply must adhere to the rules of the policy type you specify in the `Type` parameter. The following AWS Organizations quotas are enforced for the maximum size of a policy document:\n\n- Service control policies: 5,120 characters\n- AI services opt-out policies: 2,500 characters\n- Backup policies: 10,000 characters\n- Tag policies: 10,000 characters\n\nFor more information about Organizations service quotas, see [Quotas for AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_reference_limits.html) in the *AWS Organizations User Guide* .", "title": "Content", "type": "object" }, "Description": { "markdownDescription": "Human readable description of the policy.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "Name of the policy.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) that is used to validate this parameter is a string of any of the characters in the ASCII character range.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the newly created policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the AWS Organizations User Guide.\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for a policy, then the entire request fails and the policy is not created.", "title": "Tags", "type": "array" }, "TargetIds": { "items": { "type": "string" }, "markdownDescription": "List of unique identifiers (IDs) of the root, OU, or account that you want to attach the policy to. You can get the ID by calling the [ListRoots](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListRoots.html) , [ListOrganizationalUnitsForParent](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListOrganizationalUnitsForParent.html) , or [ListAccounts](https://docs.aws.amazon.com/organizations/latest/APIReference/API_ListAccounts.html) operations. If you don't specify this parameter, the policy is created but not attached to any organization resource.\n\nThe [regex pattern](https://docs.aws.amazon.com/http://wikipedia.org/wiki/regex) for a target ID string requires one of the following:\n\n- *Root* - A string that begins with \"r-\" followed by from 4 to 32 lowercase letters or digits.\n- *Account* - A string that consists of exactly 12 digits.\n- *Organizational unit (OU)* - A string that begins with \"ou-\" followed by from 4 to 32 lowercase letters or digits (the ID of the root that the OU is in). This string is followed by a second \"-\" dash and from 8 to 32 additional lowercase letters or digits.", "title": "TargetIds", "type": "array" }, "Type": { "markdownDescription": "The type of policy to create.", "title": "Type", "type": "string" } }, "required": [ "Content", "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Organizations::Policy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Organizations::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The policy text of the organization resource policy. You can specify the resource policy content as a JSON object or a JSON string.\n\n> When you specify the resource policy content as a JSON string, you can't perform drift detection on the CloudFormation stack. For this reason, we recommend specifying the resource policy content as a JSON object instead.", "title": "Content", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags that you want to attach to the newly created resource policy. For each tag in the list, you must specify both a tag key and a value. You can set the value to an empty string, but you can't set it to `null` . For more information about tagging, see [Tagging AWS Organizations resources](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tagging.html) in the *AWS Organizations User Guide* .\n\n> If any one of the tags is not valid or if you exceed the allowed number of tags for the resource policy, then the entire request fails and the resource policy is not created.", "title": "Tags", "type": "array" } }, "required": [ "Content" ], "type": "object" }, "Type": { "enum": [ "AWS::Organizations::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PCAConnectorAD::Connector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateAuthorityArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the certificate authority being used.", "title": "CertificateAuthorityArn", "type": "string" }, "DirectoryId": { "markdownDescription": "The identifier of the Active Directory.", "title": "DirectoryId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata assigned to a connector consisting of a key-value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "VpcInformation": { "$ref": "#/definitions/AWS::PCAConnectorAD::Connector.VpcInformation", "markdownDescription": "Information of the VPC and security group(s) used with the connector.", "title": "VpcInformation" } }, "required": [ "CertificateAuthorityArn", "DirectoryId", "VpcInformation" ], "type": "object" }, "Type": { "enum": [ "AWS::PCAConnectorAD::Connector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PCAConnectorAD::Connector.VpcInformation": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The security groups used with the connector. You can use a maximum of 4 security groups with a connector.", "title": "SecurityGroupIds", "type": "array" } }, "required": [ "SecurityGroupIds" ], "type": "object" }, "AWS::PCAConnectorAD::DirectoryRegistration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DirectoryId": { "markdownDescription": "The identifier of the Active Directory.", "title": "DirectoryId", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata assigned to a directory registration consisting of a key-value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "DirectoryId" ], "type": "object" }, "Type": { "enum": [ "AWS::PCAConnectorAD::DirectoryRegistration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PCAConnectorAD::ServicePrincipalName": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectorArn": { "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector.html](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", "title": "ConnectorArn", "type": "string" }, "DirectoryRegistrationArn": { "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateDirectoryRegistration](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateDirectoryRegistration.html) .", "title": "DirectoryRegistrationArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::PCAConnectorAD::ServicePrincipalName" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::PCAConnectorAD::Template": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectorArn": { "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateConnector](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateConnector.html) .", "title": "ConnectorArn", "type": "string" }, "Definition": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateDefinition", "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", "title": "Definition" }, "Name": { "markdownDescription": "Name of the templates. Template names must be unique.", "title": "Name", "type": "string" }, "ReenrollAllCertificateHolders": { "markdownDescription": "This setting allows the major version of a template to be increased automatically. All members of Active Directory groups that are allowed to enroll with a template will receive a new certificate issued using that template.", "title": "ReenrollAllCertificateHolders", "type": "boolean" }, "Tags": { "additionalProperties": true, "markdownDescription": "Metadata assigned to a template consisting of a key-value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "ConnectorArn", "Definition", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::PCAConnectorAD::Template" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PCAConnectorAD::Template.ApplicationPolicies": { "additionalProperties": false, "properties": { "Critical": { "markdownDescription": "Marks the application policy extension as critical.", "title": "Critical", "type": "boolean" }, "Policies": { "items": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicy" }, "markdownDescription": "Application policies describe what the certificate can be used for.", "title": "Policies", "type": "array" } }, "required": [ "Policies" ], "type": "object" }, "AWS::PCAConnectorAD::Template.ApplicationPolicy": { "additionalProperties": false, "properties": { "PolicyObjectIdentifier": { "markdownDescription": "The object identifier (OID) of an application policy.", "title": "PolicyObjectIdentifier", "type": "string" }, "PolicyType": { "markdownDescription": "The type of application policy", "title": "PolicyType", "type": "string" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.CertificateValidity": { "additionalProperties": false, "properties": { "RenewalPeriod": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", "markdownDescription": "Renewal period is the period of time before certificate expiration when a new certificate will be requested.", "title": "RenewalPeriod" }, "ValidityPeriod": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ValidityPeriod", "markdownDescription": "Information describing the end of the validity period of the certificate. This parameter sets the \u201cNot After\u201d date for the certificate. Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280. This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.", "title": "ValidityPeriod" } }, "required": [ "RenewalPeriod", "ValidityPeriod" ], "type": "object" }, "AWS::PCAConnectorAD::Template.EnrollmentFlagsV2": { "additionalProperties": false, "properties": { "EnableKeyReuseOnNtTokenKeysetStorageFull": { "markdownDescription": "Allow renewal using the same key.", "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", "type": "boolean" }, "IncludeSymmetricAlgorithms": { "markdownDescription": "Include symmetric algorithms allowed by the subject.", "title": "IncludeSymmetricAlgorithms", "type": "boolean" }, "NoSecurityExtension": { "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", "title": "NoSecurityExtension", "type": "boolean" }, "RemoveInvalidCertificateFromPersonalStore": { "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", "title": "RemoveInvalidCertificateFromPersonalStore", "type": "boolean" }, "UserInteractionRequired": { "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", "title": "UserInteractionRequired", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.EnrollmentFlagsV3": { "additionalProperties": false, "properties": { "EnableKeyReuseOnNtTokenKeysetStorageFull": { "markdownDescription": "Allow renewal using the same key.", "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", "type": "boolean" }, "IncludeSymmetricAlgorithms": { "markdownDescription": "Include symmetric algorithms allowed by the subject.", "title": "IncludeSymmetricAlgorithms", "type": "boolean" }, "NoSecurityExtension": { "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", "title": "NoSecurityExtension", "type": "boolean" }, "RemoveInvalidCertificateFromPersonalStore": { "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", "title": "RemoveInvalidCertificateFromPersonalStore", "type": "boolean" }, "UserInteractionRequired": { "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", "title": "UserInteractionRequired", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.EnrollmentFlagsV4": { "additionalProperties": false, "properties": { "EnableKeyReuseOnNtTokenKeysetStorageFull": { "markdownDescription": "Allow renewal using the same key.", "title": "EnableKeyReuseOnNtTokenKeysetStorageFull", "type": "boolean" }, "IncludeSymmetricAlgorithms": { "markdownDescription": "Include symmetric algorithms allowed by the subject.", "title": "IncludeSymmetricAlgorithms", "type": "boolean" }, "NoSecurityExtension": { "markdownDescription": "This flag instructs the CA to not include the security extension szOID_NTDS_CA_SECURITY_EXT (OID:1.3.6.1.4.1.311.25.2), as specified in [MS-WCCE] sections 2.2.2.7.7.4 and 3.2.2.6.2.1.4.5.9, in the issued certificate. This addresses a Windows Kerberos elevation-of-privilege vulnerability.", "title": "NoSecurityExtension", "type": "boolean" }, "RemoveInvalidCertificateFromPersonalStore": { "markdownDescription": "Delete expired or revoked certificates instead of archiving them.", "title": "RemoveInvalidCertificateFromPersonalStore", "type": "boolean" }, "UserInteractionRequired": { "markdownDescription": "Require user interaction when the subject is enrolled and the private key associated with the certificate is used.", "title": "UserInteractionRequired", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.ExtensionsV2": { "additionalProperties": false, "properties": { "ApplicationPolicies": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", "title": "ApplicationPolicies" }, "KeyUsage": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", "title": "KeyUsage" } }, "required": [ "KeyUsage" ], "type": "object" }, "AWS::PCAConnectorAD::Template.ExtensionsV3": { "additionalProperties": false, "properties": { "ApplicationPolicies": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", "title": "ApplicationPolicies" }, "KeyUsage": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature, certificate signing) of the key contained in the certificate.", "title": "KeyUsage" } }, "required": [ "KeyUsage" ], "type": "object" }, "AWS::PCAConnectorAD::Template.ExtensionsV4": { "additionalProperties": false, "properties": { "ApplicationPolicies": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ApplicationPolicies", "markdownDescription": "Application policies specify what the certificate is used for and its purpose.", "title": "ApplicationPolicies" }, "KeyUsage": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsage", "markdownDescription": "The key usage extension defines the purpose (e.g., encipherment, signature) of the key contained in the certificate.", "title": "KeyUsage" } }, "required": [ "KeyUsage" ], "type": "object" }, "AWS::PCAConnectorAD::Template.GeneralFlagsV2": { "additionalProperties": false, "properties": { "AutoEnrollment": { "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", "title": "AutoEnrollment", "type": "boolean" }, "MachineType": { "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users.", "title": "MachineType", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.GeneralFlagsV3": { "additionalProperties": false, "properties": { "AutoEnrollment": { "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", "title": "AutoEnrollment", "type": "boolean" }, "MachineType": { "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", "title": "MachineType", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.GeneralFlagsV4": { "additionalProperties": false, "properties": { "AutoEnrollment": { "markdownDescription": "Allows certificate issuance using autoenrollment. Set to TRUE to allow autoenrollment.", "title": "AutoEnrollment", "type": "boolean" }, "MachineType": { "markdownDescription": "Defines if the template is for machines or users. Set to TRUE if the template is for machines. Set to FALSE if the template is for users", "title": "MachineType", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.KeyUsage": { "additionalProperties": false, "properties": { "Critical": { "markdownDescription": "Sets the key usage extension to critical.", "title": "Critical", "type": "boolean" }, "UsageFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageFlags", "markdownDescription": "The key usage flags represent the purpose (e.g., encipherment, signature) of the key contained in the certificate.", "title": "UsageFlags" } }, "required": [ "UsageFlags" ], "type": "object" }, "AWS::PCAConnectorAD::Template.KeyUsageFlags": { "additionalProperties": false, "properties": { "DataEncipherment": { "markdownDescription": "DataEncipherment is asserted when the subject public key is used for directly enciphering raw user data without the use of an intermediate symmetric cipher.", "title": "DataEncipherment", "type": "boolean" }, "DigitalSignature": { "markdownDescription": "The digitalSignature is asserted when the subject public key is used for verifying digital signatures.", "title": "DigitalSignature", "type": "boolean" }, "KeyAgreement": { "markdownDescription": "KeyAgreement is asserted when the subject public key is used for key agreement.", "title": "KeyAgreement", "type": "boolean" }, "KeyEncipherment": { "markdownDescription": "KeyEncipherment is asserted when the subject public key is used for enciphering private or secret keys, i.e., for key transport.", "title": "KeyEncipherment", "type": "boolean" }, "NonRepudiation": { "markdownDescription": "NonRepudiation is asserted when the subject public key is used to verify digital signatures.", "title": "NonRepudiation", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.KeyUsageProperty": { "additionalProperties": false, "properties": { "PropertyFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags", "markdownDescription": "You can specify key usage for encryption, key agreement, and signature. You can use property flags or property type but not both.", "title": "PropertyFlags" }, "PropertyType": { "markdownDescription": "You can specify all key usages using property type ALL. You can use property type or property flags but not both.", "title": "PropertyType", "type": "string" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.KeyUsagePropertyFlags": { "additionalProperties": false, "properties": { "Decrypt": { "markdownDescription": "Allows key for encryption and decryption.", "title": "Decrypt", "type": "boolean" }, "KeyAgreement": { "markdownDescription": "Allows key exchange without encryption.", "title": "KeyAgreement", "type": "boolean" }, "Sign": { "markdownDescription": "Allow key use for digital signature.", "title": "Sign", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2": { "additionalProperties": false, "properties": { "CryptoProviders": { "items": { "type": "string" }, "markdownDescription": "Defines the cryptographic providers used to generate the private key.", "title": "CryptoProviders", "type": "array" }, "KeySpec": { "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", "title": "KeySpec", "type": "string" }, "MinimalKeyLength": { "markdownDescription": "Set the minimum key length of the private key.", "title": "MinimalKeyLength", "type": "number" } }, "required": [ "KeySpec", "MinimalKeyLength" ], "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "Defines the algorithm used to generate the private key.", "title": "Algorithm", "type": "string" }, "CryptoProviders": { "items": { "type": "string" }, "markdownDescription": "Defines the cryptographic providers used to generate the private key.", "title": "CryptoProviders", "type": "array" }, "KeySpec": { "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", "title": "KeySpec", "type": "string" }, "KeyUsageProperty": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", "title": "KeyUsageProperty" }, "MinimalKeyLength": { "markdownDescription": "Set the minimum key length of the private key.", "title": "MinimalKeyLength", "type": "number" } }, "required": [ "Algorithm", "KeySpec", "KeyUsageProperty", "MinimalKeyLength" ], "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4": { "additionalProperties": false, "properties": { "Algorithm": { "markdownDescription": "Defines the algorithm used to generate the private key.", "title": "Algorithm", "type": "string" }, "CryptoProviders": { "items": { "type": "string" }, "markdownDescription": "Defines the cryptographic providers used to generate the private key.", "title": "CryptoProviders", "type": "array" }, "KeySpec": { "markdownDescription": "Defines the purpose of the private key. Set it to \"KEY_EXCHANGE\" or \"SIGNATURE\" value.", "title": "KeySpec", "type": "string" }, "KeyUsageProperty": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.KeyUsageProperty", "markdownDescription": "The key usage property defines the purpose of the private key contained in the certificate. You can specify specific purposes using property flags or all by using property type ALL.", "title": "KeyUsageProperty" }, "MinimalKeyLength": { "markdownDescription": "Set the minimum key length of the private key.", "title": "MinimalKeyLength", "type": "number" } }, "required": [ "KeySpec", "MinimalKeyLength" ], "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2": { "additionalProperties": false, "properties": { "ClientVersion": { "markdownDescription": "Defines the minimum client compatibility.", "title": "ClientVersion", "type": "string" }, "ExportableKey": { "markdownDescription": "Allows the private key to be exported.", "title": "ExportableKey", "type": "boolean" }, "StrongKeyProtectionRequired": { "markdownDescription": "Require user input when using the private key for enrollment.", "title": "StrongKeyProtectionRequired", "type": "boolean" } }, "required": [ "ClientVersion" ], "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3": { "additionalProperties": false, "properties": { "ClientVersion": { "markdownDescription": "Defines the minimum client compatibility.", "title": "ClientVersion", "type": "string" }, "ExportableKey": { "markdownDescription": "Allows the private key to be exported.", "title": "ExportableKey", "type": "boolean" }, "RequireAlternateSignatureAlgorithm": { "markdownDescription": "Reguires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", "title": "RequireAlternateSignatureAlgorithm", "type": "boolean" }, "StrongKeyProtectionRequired": { "markdownDescription": "Requirer user input when using the private key for enrollment.", "title": "StrongKeyProtectionRequired", "type": "boolean" } }, "required": [ "ClientVersion" ], "type": "object" }, "AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4": { "additionalProperties": false, "properties": { "ClientVersion": { "markdownDescription": "Defines the minimum client compatibility.", "title": "ClientVersion", "type": "string" }, "ExportableKey": { "markdownDescription": "Allows the private key to be exported.", "title": "ExportableKey", "type": "boolean" }, "RequireAlternateSignatureAlgorithm": { "markdownDescription": "Requires the PKCS #1 v2.1 signature format for certificates. You should verify that your CA, objects, and applications can accept this signature format.", "title": "RequireAlternateSignatureAlgorithm", "type": "boolean" }, "RequireSameKeyRenewal": { "markdownDescription": "Renew certificate using the same private key.", "title": "RequireSameKeyRenewal", "type": "boolean" }, "StrongKeyProtectionRequired": { "markdownDescription": "Require user input when using the private key for enrollment.", "title": "StrongKeyProtectionRequired", "type": "boolean" }, "UseLegacyProvider": { "markdownDescription": "Specifies the cryptographic service provider category used to generate private keys. Set to TRUE to use Legacy Cryptographic Service Providers and FALSE to use Key Storage Providers.", "title": "UseLegacyProvider", "type": "boolean" } }, "required": [ "ClientVersion" ], "type": "object" }, "AWS::PCAConnectorAD::Template.SubjectNameFlagsV2": { "additionalProperties": false, "properties": { "RequireCommonName": { "markdownDescription": "Include the common name in the subject name.", "title": "RequireCommonName", "type": "boolean" }, "RequireDirectoryPath": { "markdownDescription": "Include the directory path in the subject name.", "title": "RequireDirectoryPath", "type": "boolean" }, "RequireDnsAsCn": { "markdownDescription": "Include the DNS as common name in the subject name.", "title": "RequireDnsAsCn", "type": "boolean" }, "RequireEmail": { "markdownDescription": "Include the subject's email in the subject name.", "title": "RequireEmail", "type": "boolean" }, "SanRequireDirectoryGuid": { "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", "title": "SanRequireDirectoryGuid", "type": "boolean" }, "SanRequireDns": { "markdownDescription": "Include the DNS in the subject alternate name.", "title": "SanRequireDns", "type": "boolean" }, "SanRequireDomainDns": { "markdownDescription": "Include the domain DNS in the subject alternate name.", "title": "SanRequireDomainDns", "type": "boolean" }, "SanRequireEmail": { "markdownDescription": "Include the subject's email in the subject alternate name.", "title": "SanRequireEmail", "type": "boolean" }, "SanRequireSpn": { "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", "title": "SanRequireSpn", "type": "boolean" }, "SanRequireUpn": { "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", "title": "SanRequireUpn", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.SubjectNameFlagsV3": { "additionalProperties": false, "properties": { "RequireCommonName": { "markdownDescription": "Include the common name in the subject name.", "title": "RequireCommonName", "type": "boolean" }, "RequireDirectoryPath": { "markdownDescription": "Include the directory path in the subject name.", "title": "RequireDirectoryPath", "type": "boolean" }, "RequireDnsAsCn": { "markdownDescription": "Include the DNS as common name in the subject name.", "title": "RequireDnsAsCn", "type": "boolean" }, "RequireEmail": { "markdownDescription": "Include the subject's email in the subject name.", "title": "RequireEmail", "type": "boolean" }, "SanRequireDirectoryGuid": { "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", "title": "SanRequireDirectoryGuid", "type": "boolean" }, "SanRequireDns": { "markdownDescription": "Include the DNS in the subject alternate name.", "title": "SanRequireDns", "type": "boolean" }, "SanRequireDomainDns": { "markdownDescription": "Include the domain DNS in the subject alternate name.", "title": "SanRequireDomainDns", "type": "boolean" }, "SanRequireEmail": { "markdownDescription": "Include the subject's email in the subject alternate name.", "title": "SanRequireEmail", "type": "boolean" }, "SanRequireSpn": { "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", "title": "SanRequireSpn", "type": "boolean" }, "SanRequireUpn": { "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", "title": "SanRequireUpn", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.SubjectNameFlagsV4": { "additionalProperties": false, "properties": { "RequireCommonName": { "markdownDescription": "Include the common name in the subject name.", "title": "RequireCommonName", "type": "boolean" }, "RequireDirectoryPath": { "markdownDescription": "Include the directory path in the subject name.", "title": "RequireDirectoryPath", "type": "boolean" }, "RequireDnsAsCn": { "markdownDescription": "Include the DNS as common name in the subject name.", "title": "RequireDnsAsCn", "type": "boolean" }, "RequireEmail": { "markdownDescription": "Include the subject's email in the subject name.", "title": "RequireEmail", "type": "boolean" }, "SanRequireDirectoryGuid": { "markdownDescription": "Include the globally unique identifier (GUID) in the subject alternate name.", "title": "SanRequireDirectoryGuid", "type": "boolean" }, "SanRequireDns": { "markdownDescription": "Include the DNS in the subject alternate name.", "title": "SanRequireDns", "type": "boolean" }, "SanRequireDomainDns": { "markdownDescription": "Include the domain DNS in the subject alternate name.", "title": "SanRequireDomainDns", "type": "boolean" }, "SanRequireEmail": { "markdownDescription": "Include the subject's email in the subject alternate name.", "title": "SanRequireEmail", "type": "boolean" }, "SanRequireSpn": { "markdownDescription": "Include the service principal name (SPN) in the subject alternate name.", "title": "SanRequireSpn", "type": "boolean" }, "SanRequireUpn": { "markdownDescription": "Include the user principal name (UPN) in the subject alternate name.", "title": "SanRequireUpn", "type": "boolean" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.TemplateDefinition": { "additionalProperties": false, "properties": { "TemplateV2": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV2", "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", "title": "TemplateV2" }, "TemplateV3": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV3", "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", "title": "TemplateV3" }, "TemplateV4": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.TemplateV4", "markdownDescription": "Template configuration to define the information included in certificates. Define certificate validity and renewal periods, certificate request handling and enrollment options, key usage extensions, application policies, and cryptography settings.", "title": "TemplateV4" } }, "type": "object" }, "AWS::PCAConnectorAD::Template.TemplateV2": { "additionalProperties": false, "properties": { "CertificateValidity": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", "title": "CertificateValidity" }, "EnrollmentFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV2", "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", "title": "EnrollmentFlags" }, "Extensions": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV2", "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", "title": "Extensions" }, "GeneralFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV2", "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", "title": "GeneralFlags" }, "PrivateKeyAttributes": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV2", "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, and cryptographic providers for the private key of a certificate for v2 templates. V2 templates allow you to use Legacy Cryptographic Service Providers.", "title": "PrivateKeyAttributes" }, "PrivateKeyFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV2", "markdownDescription": "Private key flags for v2 templates specify the client compatibility, if the private key can be exported, and if user input is required when using a private key.", "title": "PrivateKeyFlags" }, "SubjectNameFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV2", "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", "title": "SubjectNameFlags" }, "SupersededTemplates": { "items": { "type": "string" }, "markdownDescription": "List of templates in Active Directory that are superseded by this template.", "title": "SupersededTemplates", "type": "array" } }, "required": [ "CertificateValidity", "EnrollmentFlags", "Extensions", "GeneralFlags", "PrivateKeyAttributes", "PrivateKeyFlags", "SubjectNameFlags" ], "type": "object" }, "AWS::PCAConnectorAD::Template.TemplateV3": { "additionalProperties": false, "properties": { "CertificateValidity": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", "title": "CertificateValidity" }, "EnrollmentFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV3", "markdownDescription": "Enrollment flags describe the enrollment settings for certificates such as using the existing private key and deleting expired or revoked certificates.", "title": "EnrollmentFlags" }, "Extensions": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV3", "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", "title": "Extensions" }, "GeneralFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV3", "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", "title": "GeneralFlags" }, "HashAlgorithm": { "markdownDescription": "Specifies the hash algorithm used to hash the private key.", "title": "HashAlgorithm", "type": "string" }, "PrivateKeyAttributes": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV3", "markdownDescription": "Private key attributes allow you to specify the algorithm, minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v3 templates. V3 templates allow you to use Key Storage Providers.", "title": "PrivateKeyAttributes" }, "PrivateKeyFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV3", "markdownDescription": "Private key flags for v3 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, and if an alternate signature algorithm should be used.", "title": "PrivateKeyFlags" }, "SubjectNameFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV3", "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", "title": "SubjectNameFlags" }, "SupersededTemplates": { "items": { "type": "string" }, "markdownDescription": "List of templates in Active Directory that are superseded by this template.", "title": "SupersededTemplates", "type": "array" } }, "required": [ "CertificateValidity", "EnrollmentFlags", "Extensions", "GeneralFlags", "HashAlgorithm", "PrivateKeyAttributes", "PrivateKeyFlags", "SubjectNameFlags" ], "type": "object" }, "AWS::PCAConnectorAD::Template.TemplateV4": { "additionalProperties": false, "properties": { "CertificateValidity": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.CertificateValidity", "markdownDescription": "Certificate validity describes the validity and renewal periods of a certificate.", "title": "CertificateValidity" }, "EnrollmentFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.EnrollmentFlagsV4", "markdownDescription": "Enrollment flags describe the enrollment settings for certificates using the existing private key and deleting expired or revoked certificates.", "title": "EnrollmentFlags" }, "Extensions": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.ExtensionsV4", "markdownDescription": "Extensions describe the key usage extensions and application policies for a template.", "title": "Extensions" }, "GeneralFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.GeneralFlagsV4", "markdownDescription": "General flags describe whether the template is used for computers or users and if the template can be used with autoenrollment.", "title": "GeneralFlags" }, "HashAlgorithm": { "markdownDescription": "Specifies the hash algorithm used to hash the private key. Hash algorithm can only be specified when using Key Storage Providers.", "title": "HashAlgorithm", "type": "string" }, "PrivateKeyAttributes": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyAttributesV4", "markdownDescription": "Private key attributes allow you to specify the minimal key length, key spec, key usage, and cryptographic providers for the private key of a certificate for v4 templates. V4 templates allow you to use either Key Storage Providers or Legacy Cryptographic Service Providers. You specify the cryptography provider category in private key flags.", "title": "PrivateKeyAttributes" }, "PrivateKeyFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.PrivateKeyFlagsV4", "markdownDescription": "Private key flags for v4 templates specify the client compatibility, if the private key can be exported, if user input is required when using a private key, if an alternate signature algorithm should be used, and if certificates are renewed using the same private key.", "title": "PrivateKeyFlags" }, "SubjectNameFlags": { "$ref": "#/definitions/AWS::PCAConnectorAD::Template.SubjectNameFlagsV4", "markdownDescription": "Subject name flags describe the subject name and subject alternate name that is included in a certificate.", "title": "SubjectNameFlags" }, "SupersededTemplates": { "items": { "type": "string" }, "markdownDescription": "List of templates in Active Directory that are superseded by this template.", "title": "SupersededTemplates", "type": "array" } }, "required": [ "CertificateValidity", "EnrollmentFlags", "Extensions", "GeneralFlags", "PrivateKeyAttributes", "PrivateKeyFlags", "SubjectNameFlags" ], "type": "object" }, "AWS::PCAConnectorAD::Template.ValidityPeriod": { "additionalProperties": false, "properties": { "Period": { "markdownDescription": "The numeric value for the validity period.", "title": "Period", "type": "number" }, "PeriodType": { "markdownDescription": "The unit of time. You can select hours, days, weeks, months, and years.", "title": "PeriodType", "type": "string" } }, "required": [ "Period", "PeriodType" ], "type": "object" }, "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessRights": { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights", "markdownDescription": "Permissions to allow or deny an Active Directory group to enroll or autoenroll certificates issued against a template.", "title": "AccessRights" }, "GroupDisplayName": { "markdownDescription": "Name of the Active Directory group. This name does not need to match the group name in Active Directory.", "title": "GroupDisplayName", "type": "string" }, "GroupSecurityIdentifier": { "markdownDescription": "Security identifier (SID) of the group object from Active Directory. The SID starts with \"S-\".", "title": "GroupSecurityIdentifier", "type": "string" }, "TemplateArn": { "markdownDescription": "The Amazon Resource Name (ARN) that was returned when you called [CreateTemplate](https://docs.aws.amazon.com/pca-connector-ad/latest/APIReference/API_CreateTemplate.html) .", "title": "TemplateArn", "type": "string" } }, "required": [ "AccessRights", "GroupDisplayName" ], "type": "object" }, "Type": { "enum": [ "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PCAConnectorAD::TemplateGroupAccessControlEntry.AccessRights": { "additionalProperties": false, "properties": { "AutoEnroll": { "markdownDescription": "Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment", "title": "AutoEnroll", "type": "string" }, "Enroll": { "markdownDescription": "Allow or deny an Active Directory group from enrolling certificates issued against a template.", "title": "Enroll", "type": "string" } }, "type": "object" }, "AWS::Panorama::ApplicationInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationInstanceIdToReplace": { "markdownDescription": "The ID of an application instance to replace with the new instance.", "title": "ApplicationInstanceIdToReplace", "type": "string" }, "DefaultRuntimeContextDevice": { "markdownDescription": "The device's ID.", "title": "DefaultRuntimeContextDevice", "type": "string" }, "Description": { "markdownDescription": "A description for the application instance.", "title": "Description", "type": "string" }, "ManifestOverridesPayload": { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestOverridesPayload", "markdownDescription": "Setting overrides for the application manifest.", "title": "ManifestOverridesPayload" }, "ManifestPayload": { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance.ManifestPayload", "markdownDescription": "The application's manifest document.", "title": "ManifestPayload" }, "Name": { "markdownDescription": "A name for the application instance.", "title": "Name", "type": "string" }, "RuntimeRoleArn": { "markdownDescription": "The ARN of a runtime role for the application instance.", "title": "RuntimeRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags for the application instance.", "title": "Tags", "type": "array" } }, "required": [ "DefaultRuntimeContextDevice", "ManifestPayload" ], "type": "object" }, "Type": { "enum": [ "AWS::Panorama::ApplicationInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Panorama::ApplicationInstance.ManifestOverridesPayload": { "additionalProperties": false, "properties": { "PayloadData": { "markdownDescription": "The overrides document.", "title": "PayloadData", "type": "string" } }, "type": "object" }, "AWS::Panorama::ApplicationInstance.ManifestPayload": { "additionalProperties": false, "properties": { "PayloadData": { "markdownDescription": "The application manifest.", "title": "PayloadData", "type": "string" } }, "type": "object" }, "AWS::Panorama::Package": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PackageName": { "markdownDescription": "A name for the package.", "title": "PackageName", "type": "string" }, "StorageLocation": { "$ref": "#/definitions/AWS::Panorama::Package.StorageLocation", "markdownDescription": "A storage location.", "title": "StorageLocation" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags for the package.", "title": "Tags", "type": "array" } }, "required": [ "PackageName" ], "type": "object" }, "Type": { "enum": [ "AWS::Panorama::Package" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Panorama::Package.StorageLocation": { "additionalProperties": false, "properties": { "BinaryPrefixLocation": { "markdownDescription": "The location's binary prefix.", "title": "BinaryPrefixLocation", "type": "string" }, "Bucket": { "markdownDescription": "The location's bucket.", "title": "Bucket", "type": "string" }, "GeneratedPrefixLocation": { "markdownDescription": "The location's generated prefix.", "title": "GeneratedPrefixLocation", "type": "string" }, "ManifestPrefixLocation": { "markdownDescription": "The location's manifest prefix.", "title": "ManifestPrefixLocation", "type": "string" }, "RepoPrefixLocation": { "markdownDescription": "The location's repo prefix.", "title": "RepoPrefixLocation", "type": "string" } }, "type": "object" }, "AWS::Panorama::PackageVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MarkLatest": { "markdownDescription": "Whether to mark the new version as the latest version.", "title": "MarkLatest", "type": "boolean" }, "OwnerAccount": { "markdownDescription": "An owner account.", "title": "OwnerAccount", "type": "string" }, "PackageId": { "markdownDescription": "A package ID.", "title": "PackageId", "type": "string" }, "PackageVersion": { "markdownDescription": "A package version.", "title": "PackageVersion", "type": "string" }, "PatchVersion": { "markdownDescription": "A patch version.", "title": "PatchVersion", "type": "string" }, "UpdatedLatestPatchVersion": { "markdownDescription": "If the version was marked latest, the new version to maker as latest.", "title": "UpdatedLatestPatchVersion", "type": "string" } }, "required": [ "PackageId", "PackageVersion", "PatchVersion" ], "type": "object" }, "Type": { "enum": [ "AWS::Panorama::PackageVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PaymentCryptography::Alias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AliasName": { "markdownDescription": "A friendly name that you can use to refer to a key. The value must begin with `alias/` .\n\n> Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in AWS CloudTrail logs and other output.", "title": "AliasName", "type": "string" }, "KeyArn": { "markdownDescription": "The `KeyARN` of the key associated with the alias.", "title": "KeyArn", "type": "string" } }, "required": [ "AliasName" ], "type": "object" }, "Type": { "enum": [ "AWS::PaymentCryptography::Alias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PaymentCryptography::Key": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether the key is enabled.", "title": "Enabled", "type": "boolean" }, "Exportable": { "markdownDescription": "Specifies whether the key is exportable. This data is immutable after the key is created.", "title": "Exportable", "type": "boolean" }, "KeyAttributes": { "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyAttributes", "markdownDescription": "The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.", "title": "KeyAttributes" }, "KeyCheckValueAlgorithm": { "markdownDescription": "The algorithm that AWS Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.\n\nFor TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.", "title": "KeyCheckValueAlgorithm", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Exportable", "KeyAttributes" ], "type": "object" }, "Type": { "enum": [ "AWS::PaymentCryptography::Key" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PaymentCryptography::Key.KeyAttributes": { "additionalProperties": false, "properties": { "KeyAlgorithm": { "markdownDescription": "The key algorithm to be use during creation of an AWS Payment Cryptography key.\n\nFor symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms.", "title": "KeyAlgorithm", "type": "string" }, "KeyClass": { "markdownDescription": "The type of AWS Payment Cryptography key to create, which determines the classi\ufb01cation of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair.", "title": "KeyClass", "type": "string" }, "KeyModesOfUse": { "$ref": "#/definitions/AWS::PaymentCryptography::Key.KeyModesOfUse", "markdownDescription": "The list of cryptographic operations that you can perform using the key.", "title": "KeyModesOfUse" }, "KeyUsage": { "markdownDescription": "The cryptographic usage of an AWS Payment Cryptography key as de\ufb01ned in section A.5.2 of the TR-31 spec.", "title": "KeyUsage", "type": "string" } }, "required": [ "KeyAlgorithm", "KeyClass", "KeyModesOfUse", "KeyUsage" ], "type": "object" }, "AWS::PaymentCryptography::Key.KeyModesOfUse": { "additionalProperties": false, "properties": { "Decrypt": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to decrypt data.", "title": "Decrypt", "type": "boolean" }, "DeriveKey": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to derive new keys.", "title": "DeriveKey", "type": "boolean" }, "Encrypt": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to encrypt data.", "title": "Encrypt", "type": "boolean" }, "Generate": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys.", "title": "Generate", "type": "boolean" }, "NoRestrictions": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` .", "title": "NoRestrictions", "type": "boolean" }, "Sign": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used for signing.", "title": "Sign", "type": "boolean" }, "Unwrap": { "markdownDescription": "", "title": "Unwrap", "type": "boolean" }, "Verify": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to verify signatures.", "title": "Verify", "type": "boolean" }, "Wrap": { "markdownDescription": "Speci\ufb01es whether an AWS Payment Cryptography key can be used to wrap other keys.", "title": "Wrap", "type": "boolean" } }, "type": "object" }, "AWS::Personalize::Dataset": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatasetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group.", "title": "DatasetGroupArn", "type": "string" }, "DatasetImportJob": { "$ref": "#/definitions/AWS::Personalize::Dataset.DatasetImportJob", "markdownDescription": "Describes a job that imports training data from a data source (Amazon S3 bucket) to an Amazon Personalize dataset. If you specify a dataset import job as part of a dataset, all dataset import job fields are required.", "title": "DatasetImportJob" }, "DatasetType": { "markdownDescription": "One of the following values:\n\n- Interactions\n- Items\n- Users\n\n> You can't use CloudFormation to create an Action Interactions or Actions dataset.", "title": "DatasetType", "type": "string" }, "Name": { "markdownDescription": "The name of the dataset.", "title": "Name", "type": "string" }, "SchemaArn": { "markdownDescription": "The ARN of the associated schema.", "title": "SchemaArn", "type": "string" } }, "required": [ "DatasetGroupArn", "DatasetType", "Name", "SchemaArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Personalize::Dataset" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Personalize::Dataset.DataSource": { "additionalProperties": false, "properties": { "DataLocation": { "markdownDescription": "For dataset import jobs, the path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. For data deletion jobs, the path to the Amazon S3 bucket that stores the list of records to delete.\n\nFor example:\n\n`s3://bucket-name/folder-name/fileName.csv`\n\nIf your CSV files are in a folder in your Amazon S3 bucket and you want your import job or data deletion job to consider multiple files, you can specify the path to the folder. With a data deletion job, Amazon Personalize uses all files in the folder and any sub folder. Use the following syntax with a `/` after the folder name:\n\n`s3://bucket-name/folder-name/`", "title": "DataLocation", "type": "string" } }, "type": "object" }, "AWS::Personalize::Dataset.DatasetImportJob": { "additionalProperties": false, "properties": { "DataSource": { "$ref": "#/definitions/AWS::Personalize::Dataset.DataSource", "markdownDescription": "The Amazon S3 bucket that contains the training data to import.", "title": "DataSource" }, "DatasetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that receives the imported data.", "title": "DatasetArn", "type": "string" }, "DatasetImportJobArn": { "markdownDescription": "The ARN of the dataset import job.", "title": "DatasetImportJobArn", "type": "string" }, "JobName": { "markdownDescription": "The name of the import job.", "title": "JobName", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that has permissions to read from the Amazon S3 data source.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::Personalize::DatasetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The domain of a Domain dataset group.", "title": "Domain", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key used to encrypt the datasets.", "title": "KmsKeyArn", "type": "string" }, "Name": { "markdownDescription": "The name of the dataset group.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that has permissions to access the AWS Key Management Service (KMS) key. Supplying an IAM role is only valid when also specifying a KMS key.", "title": "RoleArn", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Personalize::DatasetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Personalize::Schema": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The domain of a schema that you created for a dataset in a Domain dataset group.", "title": "Domain", "type": "string" }, "Name": { "markdownDescription": "The name of the schema.", "title": "Name", "type": "string" }, "Schema": { "markdownDescription": "The schema.", "title": "Schema", "type": "string" } }, "required": [ "Name", "Schema" ], "type": "object" }, "Type": { "enum": [ "AWS::Personalize::Schema" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Personalize::Solution": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatasetGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the dataset group that provides the training data.", "title": "DatasetGroupArn", "type": "string" }, "EventType": { "markdownDescription": "The event type (for example, 'click' or 'like') that is used for training the model. If no `eventType` is provided, Amazon Personalize uses all interactions for training with equal weight regardless of type.", "title": "EventType", "type": "string" }, "Name": { "markdownDescription": "The name of the solution.", "title": "Name", "type": "string" }, "PerformAutoML": { "markdownDescription": "> We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see [Determining your use case.](https://docs.aws.amazon.com/personalize/latest/dg/determining-use-case.html) \n\nWhen true, Amazon Personalize performs a search for the best USER_PERSONALIZATION recipe from the list specified in the solution configuration ( `recipeArn` must not be specified). When false (the default), Amazon Personalize uses `recipeArn` for training.", "title": "PerformAutoML", "type": "boolean" }, "PerformHPO": { "markdownDescription": "Whether to perform hyperparameter optimization (HPO) on the chosen recipe. The default is `false` .", "title": "PerformHPO", "type": "boolean" }, "RecipeArn": { "markdownDescription": "The ARN of the recipe used to create the solution. This is required when `performAutoML` is false.", "title": "RecipeArn", "type": "string" }, "SolutionConfig": { "$ref": "#/definitions/AWS::Personalize::Solution.SolutionConfig", "markdownDescription": "Describes the configuration properties for the solution.", "title": "SolutionConfig" } }, "required": [ "DatasetGroupArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Personalize::Solution" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Personalize::Solution.AlgorithmHyperParameterRanges": { "additionalProperties": false, "properties": { "CategoricalHyperParameterRanges": { "items": { "$ref": "#/definitions/AWS::Personalize::Solution.CategoricalHyperParameterRange" }, "markdownDescription": "Provides the name and range of a categorical hyperparameter.", "title": "CategoricalHyperParameterRanges", "type": "array" }, "ContinuousHyperParameterRanges": { "items": { "$ref": "#/definitions/AWS::Personalize::Solution.ContinuousHyperParameterRange" }, "markdownDescription": "Provides the name and range of a continuous hyperparameter.", "title": "ContinuousHyperParameterRanges", "type": "array" }, "IntegerHyperParameterRanges": { "items": { "$ref": "#/definitions/AWS::Personalize::Solution.IntegerHyperParameterRange" }, "markdownDescription": "Provides the name and range of an integer-valued hyperparameter.", "title": "IntegerHyperParameterRanges", "type": "array" } }, "type": "object" }, "AWS::Personalize::Solution.AutoMLConfig": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "The metric to optimize.", "title": "MetricName", "type": "string" }, "RecipeList": { "items": { "type": "string" }, "markdownDescription": "The list of candidate recipes.", "title": "RecipeList", "type": "array" } }, "type": "object" }, "AWS::Personalize::Solution.CategoricalHyperParameterRange": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the hyperparameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "A list of the categories for the hyperparameter.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::Personalize::Solution.ContinuousHyperParameterRange": { "additionalProperties": false, "properties": { "MaxValue": { "markdownDescription": "The maximum allowable value for the hyperparameter.", "title": "MaxValue", "type": "number" }, "MinValue": { "markdownDescription": "The minimum allowable value for the hyperparameter.", "title": "MinValue", "type": "number" }, "Name": { "markdownDescription": "The name of the hyperparameter.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::Personalize::Solution.HpoConfig": { "additionalProperties": false, "properties": { "AlgorithmHyperParameterRanges": { "$ref": "#/definitions/AWS::Personalize::Solution.AlgorithmHyperParameterRanges", "markdownDescription": "The hyperparameters and their allowable ranges.", "title": "AlgorithmHyperParameterRanges" }, "HpoObjective": { "$ref": "#/definitions/AWS::Personalize::Solution.HpoObjective", "markdownDescription": "The metric to optimize during HPO.\n\n> Amazon Personalize doesn't support configuring the `hpoObjective` at this time.", "title": "HpoObjective" }, "HpoResourceConfig": { "$ref": "#/definitions/AWS::Personalize::Solution.HpoResourceConfig", "markdownDescription": "Describes the resource configuration for HPO.", "title": "HpoResourceConfig" } }, "type": "object" }, "AWS::Personalize::Solution.HpoObjective": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "The name of the metric.", "title": "MetricName", "type": "string" }, "MetricRegex": { "markdownDescription": "A regular expression for finding the metric in the training job logs.", "title": "MetricRegex", "type": "string" }, "Type": { "markdownDescription": "The type of the metric. Valid values are `Maximize` and `Minimize` .", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Personalize::Solution.HpoResourceConfig": { "additionalProperties": false, "properties": { "MaxNumberOfTrainingJobs": { "markdownDescription": "The maximum number of training jobs when you create a solution version. The maximum value for `maxNumberOfTrainingJobs` is `40` .", "title": "MaxNumberOfTrainingJobs", "type": "string" }, "MaxParallelTrainingJobs": { "markdownDescription": "The maximum number of parallel training jobs when you create a solution version. The maximum value for `maxParallelTrainingJobs` is `10` .", "title": "MaxParallelTrainingJobs", "type": "string" } }, "type": "object" }, "AWS::Personalize::Solution.IntegerHyperParameterRange": { "additionalProperties": false, "properties": { "MaxValue": { "markdownDescription": "The maximum allowable value for the hyperparameter.", "title": "MaxValue", "type": "number" }, "MinValue": { "markdownDescription": "The minimum allowable value for the hyperparameter.", "title": "MinValue", "type": "number" }, "Name": { "markdownDescription": "The name of the hyperparameter.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::Personalize::Solution.SolutionConfig": { "additionalProperties": false, "properties": { "AlgorithmHyperParameters": { "additionalProperties": true, "markdownDescription": "Lists the algorithm hyperparameters and their values.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AlgorithmHyperParameters", "type": "object" }, "AutoMLConfig": { "$ref": "#/definitions/AWS::Personalize::Solution.AutoMLConfig", "markdownDescription": "The [AutoMLConfig](https://docs.aws.amazon.com/personalize/latest/dg/API_AutoMLConfig.html) object containing a list of recipes to search when AutoML is performed.", "title": "AutoMLConfig" }, "EventValueThreshold": { "markdownDescription": "Only events with a value greater than or equal to this threshold are used for training a model.", "title": "EventValueThreshold", "type": "string" }, "FeatureTransformationParameters": { "additionalProperties": true, "markdownDescription": "Lists the feature transformation parameters.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "FeatureTransformationParameters", "type": "object" }, "HpoConfig": { "$ref": "#/definitions/AWS::Personalize::Solution.HpoConfig", "markdownDescription": "Describes the properties for hyperparameter optimization (HPO).", "title": "HpoConfig" } }, "type": "object" }, "AWS::Pinpoint::ADMChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the ADM channel applies to.", "title": "ApplicationId", "type": "string" }, "ClientId": { "markdownDescription": "The Client ID that you received from Amazon to send messages by using ADM.", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "The Client Secret that you received from Amazon to send messages by using ADM.", "title": "ClientSecret", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the ADM channel for the application.", "title": "Enabled", "type": "boolean" } }, "required": [ "ApplicationId", "ClientId", "ClientSecret" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::ADMChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::APNSChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs channel applies to.", "title": "ApplicationId", "type": "string" }, "BundleId": { "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", "title": "BundleId", "type": "string" }, "Certificate": { "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", "title": "Certificate", "type": "string" }, "DefaultAuthenticationMethod": { "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", "title": "DefaultAuthenticationMethod", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the APNs channel for the application.", "title": "Enabled", "type": "boolean" }, "PrivateKey": { "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", "title": "PrivateKey", "type": "string" }, "TeamId": { "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", "title": "TeamId", "type": "string" }, "TokenKey": { "markdownDescription": "The authentication key to use for APNs tokens.", "title": "TokenKey", "type": "string" }, "TokenKeyId": { "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", "title": "TokenKeyId", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::APNSChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::APNSSandboxChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs sandbox channel applies to.", "title": "ApplicationId", "type": "string" }, "BundleId": { "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", "title": "BundleId", "type": "string" }, "Certificate": { "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", "title": "Certificate", "type": "string" }, "DefaultAuthenticationMethod": { "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", "title": "DefaultAuthenticationMethod", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the APNs Sandbox channel for the Amazon Pinpoint application.", "title": "Enabled", "type": "boolean" }, "PrivateKey": { "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", "title": "PrivateKey", "type": "string" }, "TeamId": { "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", "title": "TeamId", "type": "string" }, "TokenKey": { "markdownDescription": "The authentication key to use for APNs tokens.", "title": "TokenKey", "type": "string" }, "TokenKeyId": { "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", "title": "TokenKeyId", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::APNSSandboxChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::APNSVoipChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the APNs VoIP channel applies to.", "title": "ApplicationId", "type": "string" }, "BundleId": { "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", "title": "BundleId", "type": "string" }, "Certificate": { "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with APNs by using an APNs certificate.", "title": "Certificate", "type": "string" }, "DefaultAuthenticationMethod": { "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", "title": "DefaultAuthenticationMethod", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the APNs VoIP channel for the Amazon Pinpoint application.", "title": "Enabled", "type": "boolean" }, "PrivateKey": { "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with APNs.", "title": "PrivateKey", "type": "string" }, "TeamId": { "markdownDescription": "The identifier that's assigned to your Apple Developer Account team. This identifier is used for APNs tokens.", "title": "TeamId", "type": "string" }, "TokenKey": { "markdownDescription": "The authentication key to use for APNs tokens.", "title": "TokenKey", "type": "string" }, "TokenKeyId": { "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with APNs by using APNs tokens.", "title": "TokenKeyId", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::APNSVoipChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::APNSVoipSandboxChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the application that the APNs VoIP sandbox channel applies to.", "title": "ApplicationId", "type": "string" }, "BundleId": { "markdownDescription": "The bundle identifier that's assigned to your iOS app. This identifier is used for APNs tokens.", "title": "BundleId", "type": "string" }, "Certificate": { "markdownDescription": "The APNs client certificate that you received from Apple. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using an APNs certificate.", "title": "Certificate", "type": "string" }, "DefaultAuthenticationMethod": { "markdownDescription": "The default authentication method that you want Amazon Pinpoint to use when authenticating with APNs. Valid options are `key` or `certificate` .", "title": "DefaultAuthenticationMethod", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether the APNs VoIP sandbox channel is enabled for the application.", "title": "Enabled", "type": "boolean" }, "PrivateKey": { "markdownDescription": "The private key for the APNs client certificate that you want Amazon Pinpoint to use to communicate with the APNs sandbox environment.", "title": "PrivateKey", "type": "string" }, "TeamId": { "markdownDescription": "The identifier that's assigned to your Apple developer account team. This identifier is used for APNs tokens.", "title": "TeamId", "type": "string" }, "TokenKey": { "markdownDescription": "The authentication key to use for APNs tokens.", "title": "TokenKey", "type": "string" }, "TokenKeyId": { "markdownDescription": "The key identifier that's assigned to your APNs signing key. Specify this value if you want Amazon Pinpoint to communicate with the APNs sandbox environment by using APNs tokens.", "title": "TokenKeyId", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::APNSVoipSandboxChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::App": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The display name of the application.", "title": "Name", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::App" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::ApplicationSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application.", "title": "ApplicationId", "type": "string" }, "CampaignHook": { "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.CampaignHook", "markdownDescription": "The settings for the Lambda function to use by default as a code hook for campaigns in the application. To override these settings for a specific campaign, use the Campaign resource to define custom Lambda function settings for the campaign.", "title": "CampaignHook" }, "CloudWatchMetricsEnabled": { "markdownDescription": "", "title": "CloudWatchMetricsEnabled", "type": "boolean" }, "Limits": { "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.Limits", "markdownDescription": "The default sending limits for campaigns in the application. To override these limits for a specific campaign, use the Campaign resource to define custom limits for the campaign.", "title": "Limits" }, "QuietTime": { "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings.QuietTime", "markdownDescription": "The default quiet time for campaigns in the application. Quiet time is a specific time range when campaigns don't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the application (or a campaign that has custom quiet time settings).\n\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the application (or a campaign that has custom quiet time settings).\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from a campaign, even if quiet time is enabled.\n\nTo override the default quiet time settings for a specific campaign, use the Campaign resource to define a custom quiet time for the campaign.", "title": "QuietTime" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::ApplicationSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::ApplicationSettings.CampaignHook": { "additionalProperties": false, "properties": { "LambdaFunctionName": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to send messages for campaigns in the application.", "title": "LambdaFunctionName", "type": "string" }, "Mode": { "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", "title": "Mode", "type": "string" }, "WebUrl": { "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", "title": "WebUrl", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::ApplicationSettings.Limits": { "additionalProperties": false, "properties": { "Daily": { "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", "title": "Daily", "type": "number" }, "MaximumDuration": { "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", "title": "MaximumDuration", "type": "number" }, "MessagesPerSecond": { "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", "title": "MessagesPerSecond", "type": "number" }, "Total": { "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", "title": "Total", "type": "number" } }, "type": "object" }, "AWS::Pinpoint::ApplicationSettings.QuietTime": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", "title": "End", "type": "string" }, "Start": { "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", "title": "Start", "type": "string" } }, "required": [ "End", "Start" ], "type": "object" }, "AWS::Pinpoint::BaiduChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "The API key that you received from the Baidu Cloud Push service to communicate with the service.", "title": "ApiKey", "type": "string" }, "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're configuring the Baidu channel for.", "title": "ApplicationId", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the Baidu channel for the application.", "title": "Enabled", "type": "boolean" }, "SecretKey": { "markdownDescription": "The secret key that you received from the Baidu Cloud Push service to communicate with the service.", "title": "SecretKey", "type": "string" } }, "required": [ "ApiKey", "ApplicationId", "SecretKey" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::BaiduChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::Campaign": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalTreatments": { "items": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.WriteTreatmentResource" }, "markdownDescription": "An array of requests that defines additional treatments for the campaign, in addition to the default treatment for the campaign.", "title": "AdditionalTreatments", "type": "array" }, "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the campaign is associated with.", "title": "ApplicationId", "type": "string" }, "CampaignHook": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignHook", "markdownDescription": "Specifies the Lambda function to use as a code hook for a campaign.", "title": "CampaignHook" }, "CustomDeliveryConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", "title": "CustomDeliveryConfiguration" }, "Description": { "markdownDescription": "A custom description of the campaign.", "title": "Description", "type": "string" }, "HoldoutPercent": { "markdownDescription": "The allocated percentage of users (segment members) who shouldn't receive messages from the campaign.", "title": "HoldoutPercent", "type": "number" }, "IsPaused": { "markdownDescription": "Specifies whether to pause the campaign. A paused campaign doesn't run unless you resume it by changing this value to `false` . If you restart a campaign, the campaign restarts from the beginning and not at the point you paused it. If a campaign is running it will complete and then pause. Pause only pauses or skips the next run for a recurring future scheduled campaign. A campaign scheduled for immediate can't be paused.", "title": "IsPaused", "type": "boolean" }, "Limits": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Limits", "markdownDescription": "The messaging limits for the campaign.", "title": "Limits" }, "MessageConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", "markdownDescription": "The message configuration settings for the treatment.", "title": "MessageConfiguration" }, "Name": { "markdownDescription": "The name of the campaign.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "An integer between 1 and 5, inclusive, that represents the priority of the in-app message campaign, where 1 is the highest priority and 5 is the lowest. If there are multiple messages scheduled to be displayed at the same time, the priority determines the order in which those messages are displayed.", "title": "Priority", "type": "number" }, "Schedule": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", "markdownDescription": "The schedule settings for the treatment.", "title": "Schedule" }, "SegmentId": { "markdownDescription": "The unique identifier for the segment to associate with the campaign.", "title": "SegmentId", "type": "string" }, "SegmentVersion": { "markdownDescription": "The version of the segment to associate with the campaign.", "title": "SegmentVersion", "type": "number" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" }, "TemplateConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", "markdownDescription": "The message template to use for the treatment.", "title": "TemplateConfiguration" }, "TreatmentDescription": { "markdownDescription": "A custom description of the treatment.", "title": "TreatmentDescription", "type": "string" }, "TreatmentName": { "markdownDescription": "A custom name for the treatment.", "title": "TreatmentName", "type": "string" } }, "required": [ "ApplicationId", "Name", "Schedule", "SegmentId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::Campaign" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::Campaign.AttributeDimension": { "additionalProperties": false, "properties": { "AttributeType": { "type": "string" }, "Values": { "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignCustomMessage": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "The raw, JSON-formatted string to use as the payload for the message. The maximum size is 5 KB.", "title": "Data", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignEmailMessage": { "additionalProperties": false, "properties": { "Body": { "markdownDescription": "The body of the email for recipients whose email clients don't render HTML content.", "title": "Body", "type": "string" }, "FromAddress": { "markdownDescription": "The verified email address to send the email from. The default address is the `FromAddress` specified for the email channel for the application.", "title": "FromAddress", "type": "string" }, "HtmlBody": { "markdownDescription": "The body of the email, in HTML format, for recipients whose email clients render HTML content.", "title": "HtmlBody", "type": "string" }, "Title": { "markdownDescription": "The subject line, or title, of the email.", "title": "Title", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignEventFilter": { "additionalProperties": false, "properties": { "Dimensions": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.EventDimensions", "markdownDescription": "The dimension settings of the event filter for the campaign.", "title": "Dimensions" }, "FilterType": { "markdownDescription": "The type of event that causes the campaign to be sent. Valid values are: `SYSTEM` , sends the campaign when a system event occurs; and, `ENDPOINT` , sends the campaign when an endpoint event (Events resource) occurs.", "title": "FilterType", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignHook": { "additionalProperties": false, "properties": { "LambdaFunctionName": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the Lambda function that Amazon Pinpoint invokes to customize a segment for a campaign.", "title": "LambdaFunctionName", "type": "string" }, "Mode": { "markdownDescription": "The mode that Amazon Pinpoint uses to invoke the Lambda function. Possible values are:\n\n- `FILTER` - Invoke the function to customize the segment that's used by a campaign.\n- `DELIVERY` - (Deprecated) Previously, invoked the function to send a campaign through a custom channel. This functionality is not supported anymore. To send a campaign through a custom channel, use the `CustomDeliveryConfiguration` and `CampaignCustomMessage` objects of the campaign.", "title": "Mode", "type": "string" }, "WebUrl": { "markdownDescription": "The web URL that Amazon Pinpoint calls to invoke the Lambda function over HTTPS.", "title": "WebUrl", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignInAppMessage": { "additionalProperties": false, "properties": { "Content": { "items": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageContent" }, "markdownDescription": "An array that contains configurtion information about the in-app message for the campaign, including title and body text, text colors, background colors, image URLs, and button configurations.", "title": "Content", "type": "array" }, "CustomConfig": { "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", "title": "CustomConfig", "type": "object" }, "Layout": { "markdownDescription": "A string that describes how the in-app message will appear. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", "title": "Layout", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CampaignSmsMessage": { "additionalProperties": false, "properties": { "Body": { "markdownDescription": "The body of the SMS message.", "title": "Body", "type": "string" }, "EntityId": { "markdownDescription": "The entity ID or Principal Entity (PE) id received from the regulatory body for sending SMS in your country.", "title": "EntityId", "type": "string" }, "MessageType": { "markdownDescription": "The SMS message type. Valid values are `TRANSACTIONAL` (for messages that are critical or time-sensitive, such as a one-time passwords) and `PROMOTIONAL` (for messsages that aren't critical or time-sensitive, such as marketing messages).", "title": "MessageType", "type": "string" }, "OriginationNumber": { "markdownDescription": "The long code to send the SMS message from. This value should be one of the dedicated long codes that's assigned to your AWS account. Although it isn't required, we recommend that you specify the long code using an E.164 format to ensure prompt and accurate delivery of the message. For example, +12065550100.", "title": "OriginationNumber", "type": "string" }, "SenderId": { "markdownDescription": "The alphabetic Sender ID to display as the sender of the message on a recipient's device. Support for sender IDs varies by country or region. To specify a phone number as the sender, omit this parameter and use `OriginationNumber` instead. For more information about support for Sender ID by country, see the [Amazon Pinpoint User Guide](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) .", "title": "SenderId", "type": "string" }, "TemplateId": { "markdownDescription": "The template ID received from the regulatory body for sending SMS in your country.", "title": "TemplateId", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.CustomDeliveryConfiguration": { "additionalProperties": false, "properties": { "DeliveryUri": { "markdownDescription": "The destination to send the campaign or treatment to. This value can be one of the following:\n\n- The name or Amazon Resource Name (ARN) of an AWS Lambda function to invoke to handle delivery of the campaign or treatment.\n- The URL for a web application or service that supports HTTPS and can receive the message. The URL has to be a full URL, including the HTTPS protocol.", "title": "DeliveryUri", "type": "string" }, "EndpointTypes": { "items": { "type": "string" }, "markdownDescription": "The types of endpoints to send the campaign or treatment to. Each valid value maps to a type of channel that you can associate with an endpoint by using the `ChannelType` property of an endpoint.", "title": "EndpointTypes", "type": "array" } }, "type": "object" }, "AWS::Pinpoint::Campaign.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", "title": "BackgroundColor", "type": "string" }, "BorderRadius": { "markdownDescription": "The border radius of a button.", "title": "BorderRadius", "type": "number" }, "ButtonAction": { "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", "title": "ButtonAction", "type": "string" }, "Link": { "markdownDescription": "The destination (such as a URL) for a button.", "title": "Link", "type": "string" }, "Text": { "markdownDescription": "The text that appears on a button in an in-app message.", "title": "Text", "type": "string" }, "TextColor": { "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.EventDimensions": { "additionalProperties": false, "properties": { "Attributes": { "markdownDescription": "One or more custom attributes that your application reports to Amazon Pinpoint. You can use these attributes as selection criteria when you create an event filter.", "title": "Attributes", "type": "object" }, "EventType": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.SetDimension", "markdownDescription": "The name of the event that causes the campaign to be sent or the journey activity to be performed. This can be a standard event that Amazon Pinpoint generates, such as `_email.delivered` or `_custom.delivered` . For campaigns, this can also be a custom event that's specific to your application. For information about standard events, see [Streaming Amazon Pinpoint Events](https://docs.aws.amazon.com/pinpoint/latest/developerguide/event-streams.html) in the *Amazon Pinpoint Developer Guide* .", "title": "EventType" }, "Metrics": { "markdownDescription": "One or more custom metrics that your application reports to Amazon Pinpoint . You can use these metrics as selection criteria when you create an event filter.", "title": "Metrics", "type": "object" } }, "type": "object" }, "AWS::Pinpoint::Campaign.InAppMessageBodyConfig": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", "title": "Alignment", "type": "string" }, "Body": { "markdownDescription": "The main body text of the message.", "title": "Body", "type": "string" }, "TextColor": { "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.InAppMessageButton": { "additionalProperties": false, "properties": { "Android": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to Android.", "title": "Android" }, "DefaultConfig": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.DefaultButtonConfiguration", "markdownDescription": "An object that defines the default behavior for a button in an in-app message.", "title": "DefaultConfig" }, "IOS": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", "markdownDescription": "An object that defines the default behavior for a button in in-app messages sent to iOS devices.", "title": "IOS" }, "Web": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.OverrideButtonConfiguration", "markdownDescription": "An object that defines the default behavior for a button in in-app messages for web applications.", "title": "Web" } }, "type": "object" }, "AWS::Pinpoint::Campaign.InAppMessageContent": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", "title": "BackgroundColor", "type": "string" }, "BodyConfig": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageBodyConfig", "markdownDescription": "Specifies the configuration of main body text in an in-app message template.", "title": "BodyConfig" }, "HeaderConfig": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageHeaderConfig", "markdownDescription": "Specifies the configuration and content of the header or title text of the in-app message.", "title": "HeaderConfig" }, "ImageUrl": { "markdownDescription": "The URL of the image that appears on an in-app message banner.", "title": "ImageUrl", "type": "string" }, "PrimaryBtn": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", "title": "PrimaryBtn" }, "SecondaryBtn": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.InAppMessageButton", "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", "title": "SecondaryBtn" } }, "type": "object" }, "AWS::Pinpoint::Campaign.InAppMessageHeaderConfig": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", "title": "Alignment", "type": "string" }, "Header": { "markdownDescription": "The header or title text of the in-app message.", "title": "Header", "type": "string" }, "TextColor": { "markdownDescription": "The color of the body text, expressed as a string consisting of a hex color code (such as \"#000000\" for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.Limits": { "additionalProperties": false, "properties": { "Daily": { "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during a 24-hour period. The maximum value is 100.", "title": "Daily", "type": "number" }, "MaximumDuration": { "markdownDescription": "The maximum amount of time, in seconds, that a campaign can attempt to deliver a message after the scheduled start time for the campaign. The minimum value is 60 seconds.", "title": "MaximumDuration", "type": "number" }, "MessagesPerSecond": { "markdownDescription": "The maximum number of messages that a campaign can send each second. The minimum value is 1. The maximum value is 20,000.", "title": "MessagesPerSecond", "type": "number" }, "Session": { "markdownDescription": "The maximum number of messages that the campaign can send per user session.", "title": "Session", "type": "number" }, "Total": { "markdownDescription": "The maximum number of messages that a campaign can send to a single endpoint during the course of the campaign. The maximum value is 100.", "title": "Total", "type": "number" } }, "type": "object" }, "AWS::Pinpoint::Campaign.Message": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to occur if a recipient taps the push notification. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of iOS and Android.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", "title": "Action", "type": "string" }, "Body": { "markdownDescription": "The body of the notification message. The maximum number of characters is 200.", "title": "Body", "type": "string" }, "ImageIconUrl": { "markdownDescription": "The URL of the image to display as the push notification icon, such as the icon for the app.", "title": "ImageIconUrl", "type": "string" }, "ImageSmallIconUrl": { "markdownDescription": "The URL of the image to display as the small, push notification icon, such as a small version of the icon for the app.", "title": "ImageSmallIconUrl", "type": "string" }, "ImageUrl": { "markdownDescription": "The URL of an image to display in the push notification.", "title": "ImageUrl", "type": "string" }, "JsonBody": { "markdownDescription": "The JSON payload to use for a silent push notification.", "title": "JsonBody", "type": "string" }, "MediaUrl": { "markdownDescription": "The URL of the image or video to display in the push notification.", "title": "MediaUrl", "type": "string" }, "RawContent": { "markdownDescription": "The raw, JSON-formatted string to use as the payload for the notification message. If specified, this value overrides all other content for the message.", "title": "RawContent", "type": "string" }, "SilentPush": { "markdownDescription": "Specifies whether the notification is a silent push notification, which is a push notification that doesn't display on a recipient's device. Silent push notifications can be used for cases such as updating an app's configuration, displaying messages in an in-app message center, or supporting phone home functionality.", "title": "SilentPush", "type": "boolean" }, "TimeToLive": { "markdownDescription": "The number of seconds that the push notification service should keep the message, if the service is unable to deliver the notification the first time. This value is converted to an expiration value when it's sent to a push notification service. If this value is `0` , the service treats the notification as if it expires immediately and the service doesn't store or try to deliver the notification again.\n\nThis value doesn't apply to messages that are sent through the Amazon Device Messaging (ADM) service.", "title": "TimeToLive", "type": "number" }, "Title": { "markdownDescription": "The title to display above the notification message on a recipient's device.", "title": "Title", "type": "string" }, "Url": { "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps the push notification and the value of the `Action` property is `URL` .", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.MessageConfiguration": { "additionalProperties": false, "properties": { "ADMMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", "markdownDescription": "The message that the campaign sends through the ADM (Amazon Device Messaging) channel. If specified, this message overrides the default message.", "title": "ADMMessage" }, "APNSMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", "markdownDescription": "The message that the campaign sends through the APNs (Apple Push Notification service) channel. If specified, this message overrides the default message.", "title": "APNSMessage" }, "BaiduMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", "markdownDescription": "The message that the campaign sends through the Baidu (Baidu Cloud Push) channel. If specified, this message overrides the default message.", "title": "BaiduMessage" }, "CustomMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignCustomMessage", "markdownDescription": "The message that the campaign sends through a custom channel, as specified by the delivery configuration ( `CustomDeliveryConfiguration` ) settings for the campaign. If specified, this message overrides the default message.", "title": "CustomMessage" }, "DefaultMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", "markdownDescription": "The default message that the campaign sends through all the channels that are configured for the campaign.", "title": "DefaultMessage" }, "EmailMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEmailMessage", "markdownDescription": "The message that the campaign sends through the email channel. If specified, this message overrides the default message.\n\n> The maximum email message size is 200 KB. You can use email templates to send larger email messages.", "title": "EmailMessage" }, "GCMMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Message", "markdownDescription": "The message that the campaign sends through the GCM channel, which enables Amazon Pinpoint to send push notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. If specified, this message overrides the default message.", "title": "GCMMessage" }, "InAppMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignInAppMessage", "markdownDescription": "The default message for the in-app messaging channel. This message overrides the default message ( `DefaultMessage` ).", "title": "InAppMessage" }, "SMSMessage": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignSmsMessage", "markdownDescription": "The message that the campaign sends through the SMS channel. If specified, this message overrides the default message.", "title": "SMSMessage" } }, "type": "object" }, "AWS::Pinpoint::Campaign.MetricDimension": { "additionalProperties": false, "properties": { "ComparisonOperator": { "type": "string" }, "Value": { "type": "number" } }, "type": "object" }, "AWS::Pinpoint::Campaign.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { "ButtonAction": { "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", "title": "ButtonAction", "type": "string" }, "Link": { "markdownDescription": "The destination (such as a URL) for a button.", "title": "Link", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.QuietTime": { "additionalProperties": false, "properties": { "End": { "markdownDescription": "The specific time when quiet time ends. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", "title": "End", "type": "string" }, "Start": { "markdownDescription": "The specific time when quiet time begins. This value has to use 24-hour notation and be in HH:MM format, where HH is the hour (with a leading zero, if applicable) and MM is the minutes. For example, use `02:30` to represent 2:30 AM, or `14:30` to represent 2:30 PM.", "title": "Start", "type": "string" } }, "required": [ "End", "Start" ], "type": "object" }, "AWS::Pinpoint::Campaign.Schedule": { "additionalProperties": false, "properties": { "EndTime": { "markdownDescription": "The scheduled time, in ISO 8601 format, when the campaign ended or will end.", "title": "EndTime", "type": "string" }, "EventFilter": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CampaignEventFilter", "markdownDescription": "The type of event that causes the campaign to be sent, if the value of the `Frequency` property is `EVENT` .", "title": "EventFilter" }, "Frequency": { "markdownDescription": "Specifies how often the campaign is sent or whether the campaign is sent in response to a specific event.", "title": "Frequency", "type": "string" }, "IsLocalTime": { "markdownDescription": "Specifies whether the start and end times for the campaign schedule use each recipient's local time. To base the schedule on each recipient's local time, set this value to `true` .", "title": "IsLocalTime", "type": "boolean" }, "QuietTime": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.QuietTime", "markdownDescription": "The default quiet time for the campaign. Quiet time is a specific time range when a campaign doesn't send messages to endpoints, if all the following conditions are met:\n\n- The `EndpointDemographic.Timezone` property of the endpoint is set to a valid value.\n- The current time in the endpoint's time zone is later than or equal to the time specified by the `QuietTime.Start` property for the campaign.\n- The current time in the endpoint's time zone is earlier than or equal to the time specified by the `QuietTime.End` property for the campaign.\n\nIf any of the preceding conditions isn't met, the endpoint will receive messages from the campaign, even if quiet time is enabled.", "title": "QuietTime" }, "StartTime": { "markdownDescription": "The scheduled time when the campaign began or will begin. Valid values are: `IMMEDIATE` , to start the campaign immediately; or, a specific time in ISO 8601 format.", "title": "StartTime", "type": "string" }, "TimeZone": { "markdownDescription": "The starting UTC offset for the campaign schedule, if the value of the `IsLocalTime` property is `true` . Valid values are: `UTC, UTC+01, UTC+02, UTC+03, UTC+03:30, UTC+04, UTC+04:30, UTC+05, UTC+05:30, UTC+05:45, UTC+06, UTC+06:30, UTC+07, UTC+08, UTC+09, UTC+09:30, UTC+10, UTC+10:30, UTC+11, UTC+12, UTC+13, UTC-02, UTC-03, UTC-04, UTC-05, UTC-06, UTC-07, UTC-08, UTC-09, UTC-10,` and `UTC-11` .", "title": "TimeZone", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.SetDimension": { "additionalProperties": false, "properties": { "DimensionType": { "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", "title": "DimensionType", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::Pinpoint::Campaign.Template": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The unique identifier for the version of the message template to use for the message. If specified, this value must match the identifier for an existing template version. To retrieve a list of versions and version identifiers for a template, use the [Template Versions](https://docs.aws.amazon.com/pinpoint/latest/apireference/templates-template-name-template-type-versions.html) resource.\n\nIf you don't specify a value for this property, Amazon Pinpoint uses the *active version* of the template. The *active version* is typically the version of a template that's been most recently reviewed and approved for use, depending on your workflow. It isn't necessarily the latest version of a template.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Campaign.TemplateConfiguration": { "additionalProperties": false, "properties": { "EmailTemplate": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", "markdownDescription": "The email template to use for the message.", "title": "EmailTemplate" }, "PushTemplate": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", "markdownDescription": "The push notification template to use for the message.", "title": "PushTemplate" }, "SMSTemplate": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", "markdownDescription": "The SMS template to use for the message.", "title": "SMSTemplate" }, "VoiceTemplate": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Template", "markdownDescription": "The voice template to use for the message. This object isn't supported for campaigns.", "title": "VoiceTemplate" } }, "type": "object" }, "AWS::Pinpoint::Campaign.WriteTreatmentResource": { "additionalProperties": false, "properties": { "CustomDeliveryConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.CustomDeliveryConfiguration", "markdownDescription": "The delivery configuration settings for sending the treatment through a custom channel. This object is required if the `MessageConfiguration` object for the treatment specifies a `CustomMessage` object.", "title": "CustomDeliveryConfiguration" }, "MessageConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.MessageConfiguration", "markdownDescription": "The message configuration settings for the treatment.", "title": "MessageConfiguration" }, "Schedule": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.Schedule", "markdownDescription": "The schedule settings for the treatment.", "title": "Schedule" }, "SizePercent": { "markdownDescription": "The allocated percentage of users (segment members) to send the treatment to.", "title": "SizePercent", "type": "number" }, "TemplateConfiguration": { "$ref": "#/definitions/AWS::Pinpoint::Campaign.TemplateConfiguration", "markdownDescription": "The message template to use for the treatment.", "title": "TemplateConfiguration" }, "TreatmentDescription": { "markdownDescription": "A custom description of the treatment.", "title": "TreatmentDescription", "type": "string" }, "TreatmentName": { "markdownDescription": "A custom name for the treatment.", "title": "TreatmentName", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::EmailChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you're specifying the email channel for.", "title": "ApplicationId", "type": "string" }, "ConfigurationSet": { "markdownDescription": "The [Amazon SES configuration set](https://docs.aws.amazon.com/ses/latest/APIReference/API_ConfigurationSet.html) that you want to apply to messages that you send through the channel.", "title": "ConfigurationSet", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the email channel for the application.", "title": "Enabled", "type": "boolean" }, "FromAddress": { "markdownDescription": "The verified email address that you want to send email from when you send email through the channel.", "title": "FromAddress", "type": "string" }, "Identity": { "markdownDescription": "The Amazon Resource Name (ARN) of the identity, verified with Amazon Simple Email Service (Amazon SES), that you want to use when you send email through the channel.", "title": "Identity", "type": "string" }, "OrchestrationSendingRoleArn": { "markdownDescription": "The ARN of an IAM role for Amazon Pinpoint to use to send email from your campaigns or journeys through Amazon SES .", "title": "OrchestrationSendingRoleArn", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the AWS Identity and Access Management (IAM) role that you want Amazon Pinpoint to use when it submits email-related event data for the channel.", "title": "RoleArn", "type": "string" } }, "required": [ "ApplicationId", "FromAddress", "Identity" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::EmailChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::EmailTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultSubstitutions": { "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", "title": "DefaultSubstitutions", "type": "string" }, "HtmlPart": { "markdownDescription": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message.", "title": "HtmlPart", "type": "string" }, "Subject": { "markdownDescription": "The subject line, or title, to use in email messages that are based on the message template.", "title": "Subject", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" }, "TemplateDescription": { "markdownDescription": "A custom description of the message template.", "title": "TemplateDescription", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the message template.", "title": "TemplateName", "type": "string" }, "TextPart": { "markdownDescription": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices.", "title": "TextPart", "type": "string" } }, "required": [ "Subject", "TemplateName" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::EmailTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::EventStream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that you want to export data from.", "title": "ApplicationId", "type": "string" }, "DestinationStreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Stream or Amazon Data Firehose delivery stream that you want to publish event data to.\n\nFor a Kinesis Data Stream, the ARN format is: `arn:aws:kinesis: region : account-id :stream/ stream_name`\n\nFor a Firehose delivery stream, the ARN format is: `arn:aws:firehose: region : account-id :deliverystream/ stream_name`", "title": "DestinationStreamArn", "type": "string" }, "RoleArn": { "markdownDescription": "The AWS Identity and Access Management (IAM) role that authorizes Amazon Pinpoint to publish event data to the stream in your AWS account.", "title": "RoleArn", "type": "string" } }, "required": [ "ApplicationId", "DestinationStreamArn", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::EventStream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::GCMChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiKey": { "markdownDescription": "The Web API key, also called the *server key* , that you received from Google to communicate with Google services.", "title": "ApiKey", "type": "string" }, "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the GCM channel applies to.", "title": "ApplicationId", "type": "string" }, "DefaultAuthenticationMethod": { "markdownDescription": "The default authentication method used for GCM. Values are either \"TOKEN\" or \"KEY\". Defaults to \"KEY\".", "title": "DefaultAuthenticationMethod", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the GCM channel for the Amazon Pinpoint application.", "title": "Enabled", "type": "boolean" }, "ServiceJson": { "markdownDescription": "The contents of the JSON file provided by Google during registration in order to generate an access token for authentication. For more information see [Migrate from legacy FCM APIs to HTTP v1](https://docs.aws.amazon.com/https://firebase.google.com/docs/cloud-messaging/migrate-v1) .", "title": "ServiceJson", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::GCMChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::InAppTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "items": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.InAppMessageContent" }, "markdownDescription": "An object that contains information about the content of an in-app message, including its title and body text, text colors, background colors, images, buttons, and behaviors.", "title": "Content", "type": "array" }, "CustomConfig": { "markdownDescription": "Custom data, in the form of key-value pairs, that is included in an in-app messaging payload.", "title": "CustomConfig", "type": "object" }, "Layout": { "markdownDescription": "A string that determines the appearance of the in-app message. You can specify one of the following:\n\n- `BOTTOM_BANNER` \u2013 a message that appears as a banner at the bottom of the page.\n- `TOP_BANNER` \u2013 a message that appears as a banner at the top of the page.\n- `OVERLAYS` \u2013 a message that covers entire screen.\n- `MOBILE_FEED` \u2013 a message that appears in a window in front of the page.\n- `MIDDLE_BANNER` \u2013 a message that appears as a banner in the middle of the page.\n- `CAROUSEL` \u2013 a scrollable layout of up to five unique messages.", "title": "Layout", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" }, "TemplateDescription": { "markdownDescription": "An optional description of the in-app template.", "title": "TemplateDescription", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the in-app message template.", "title": "TemplateName", "type": "string" } }, "required": [ "TemplateName" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::InAppTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::InAppTemplate.BodyConfig": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", "title": "Alignment", "type": "string" }, "Body": { "markdownDescription": "The main body text of the message.", "title": "Body", "type": "string" }, "TextColor": { "markdownDescription": "The color of the body text, expressed as a hex color code (such as #000000 for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::InAppTemplate.ButtonConfig": { "additionalProperties": false, "properties": { "Android": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", "markdownDescription": "Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration.", "title": "Android" }, "DefaultConfig": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration", "markdownDescription": "Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users.", "title": "DefaultConfig" }, "IOS": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", "markdownDescription": "Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration.", "title": "IOS" }, "Web": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration", "markdownDescription": "Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration.", "title": "Web" } }, "type": "object" }, "AWS::Pinpoint::InAppTemplate.DefaultButtonConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color of a button, expressed as a hex color code (such as #000000 for black).", "title": "BackgroundColor", "type": "string" }, "BorderRadius": { "markdownDescription": "The border radius of a button.", "title": "BorderRadius", "type": "number" }, "ButtonAction": { "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", "title": "ButtonAction", "type": "string" }, "Link": { "markdownDescription": "The destination (such as a URL) for a button.", "title": "Link", "type": "string" }, "Text": { "markdownDescription": "The text that appears on a button in an in-app message.", "title": "Text", "type": "string" }, "TextColor": { "markdownDescription": "The color of the body text in a button, expressed as a hex color code (such as #000000 for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::InAppTemplate.HeaderConfig": { "additionalProperties": false, "properties": { "Alignment": { "markdownDescription": "The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` .", "title": "Alignment", "type": "string" }, "Header": { "markdownDescription": "The title text of the in-app message.", "title": "Header", "type": "string" }, "TextColor": { "markdownDescription": "The color of the title text, expressed as a hex color code (such as #000000 for black).", "title": "TextColor", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::InAppTemplate.InAppMessageContent": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black).", "title": "BackgroundColor", "type": "string" }, "BodyConfig": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.BodyConfig", "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", "title": "BodyConfig" }, "HeaderConfig": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.HeaderConfig", "markdownDescription": "An object that contains configuration information about the header or title text of the in-app message.", "title": "HeaderConfig" }, "ImageUrl": { "markdownDescription": "The URL of the image that appears on an in-app message banner.", "title": "ImageUrl", "type": "string" }, "PrimaryBtn": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", "markdownDescription": "An object that contains configuration information about the primary button in an in-app message.", "title": "PrimaryBtn" }, "SecondaryBtn": { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate.ButtonConfig", "markdownDescription": "An object that contains configuration information about the secondary button in an in-app message.", "title": "SecondaryBtn" } }, "type": "object" }, "AWS::Pinpoint::InAppTemplate.OverrideButtonConfiguration": { "additionalProperties": false, "properties": { "ButtonAction": { "markdownDescription": "The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following:\n\n- `LINK` \u2013 A link to a web destination.\n- `DEEP_LINK` \u2013 A link to a specific page in an application.\n- `CLOSE` \u2013 Dismisses the message.", "title": "ButtonAction", "type": "string" }, "Link": { "markdownDescription": "The destination (such as a URL) for a button.", "title": "Link", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::PushTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ADM": { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", "markdownDescription": "The message template to use for the ADM (Amazon Device Messaging) channel. This message template overrides the default template for push notification channels ( `Default` ).", "title": "ADM" }, "APNS": { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate", "markdownDescription": "The message template to use for the APNs (Apple Push Notification service) channel. This message template overrides the default template for push notification channels ( `Default` ).", "title": "APNS" }, "Baidu": { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", "markdownDescription": "The message template to use for the Baidu (Baidu Cloud Push) channel. This message template overrides the default template for push notification channels ( `Default` ).", "title": "Baidu" }, "Default": { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate", "markdownDescription": "The default message template to use for push notification channels.", "title": "Default" }, "DefaultSubstitutions": { "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", "title": "DefaultSubstitutions", "type": "string" }, "GCM": { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate", "markdownDescription": "The message template to use for the GCM channel, which is used to send notifications through the Firebase Cloud Messaging (FCM), formerly Google Cloud Messaging (GCM), service. This message template overrides the default template for push notification channels ( `Default` ).", "title": "GCM" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" }, "TemplateDescription": { "markdownDescription": "A custom description of the message template.", "title": "TemplateDescription", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", "title": "TemplateName", "type": "string" } }, "required": [ "TemplateName" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::PushTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::PushTemplate.APNSPushNotificationTemplate": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", "title": "Action", "type": "string" }, "Body": { "markdownDescription": "The message body to use in push notifications that are based on the message template.", "title": "Body", "type": "string" }, "MediaUrl": { "markdownDescription": "The URL of an image or video to display in push notifications that are based on the message template.", "title": "MediaUrl", "type": "string" }, "Sound": { "markdownDescription": "The key for the sound to play when the recipient receives a push notification that's based on the message template. The value for this key is the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", "title": "Sound", "type": "string" }, "Title": { "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", "title": "Title", "type": "string" }, "Url": { "markdownDescription": "The URL to open in the recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::PushTemplate.AndroidPushNotificationTemplate": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This action uses the deep-linking features of the Android platform.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", "title": "Action", "type": "string" }, "Body": { "markdownDescription": "The message body to use in a push notification that's based on the message template.", "title": "Body", "type": "string" }, "ImageIconUrl": { "markdownDescription": "The URL of the large icon image to display in the content view of a push notification that's based on the message template.", "title": "ImageIconUrl", "type": "string" }, "ImageUrl": { "markdownDescription": "The URL of an image to display in a push notification that's based on the message template.", "title": "ImageUrl", "type": "string" }, "SmallImageIconUrl": { "markdownDescription": "The URL of the small icon image to display in the status bar and the content view of a push notification that's based on the message template.", "title": "SmallImageIconUrl", "type": "string" }, "Sound": { "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .", "title": "Sound", "type": "string" }, "Title": { "markdownDescription": "The title to use in a push notification that's based on the message template. This title appears above the notification message on a recipient's device.", "title": "Title", "type": "string" }, "Url": { "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::PushTemplate.DefaultPushNotificationTemplate": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action to occur if a recipient taps a push notification that's based on the message template. Valid values are:\n\n- `OPEN_APP` \u2013 Your app opens or it becomes the foreground app if it was sent to the background. This is the default action.\n- `DEEP_LINK` \u2013 Your app opens and displays a designated user interface in the app. This setting uses the deep-linking features of the iOS and Android platforms.\n- `URL` \u2013 The default mobile browser on the recipient's device opens and loads the web page at a URL that you specify.", "title": "Action", "type": "string" }, "Body": { "markdownDescription": "The message body to use in push notifications that are based on the message template.", "title": "Body", "type": "string" }, "Sound": { "markdownDescription": "The sound to play when a recipient receives a push notification that's based on the message template. You can use the default stream or specify the file name of a sound resource that's bundled in your app. On an Android platform, the sound file must reside in `/res/raw/` .\n\nFor an iOS platform, this value is the key for the name of a sound file in your app's main bundle or the `Library/Sounds` folder in your app's data container. If the sound file can't be found or you specify `default` for the value, the system plays the default alert sound.", "title": "Sound", "type": "string" }, "Title": { "markdownDescription": "The title to use in push notifications that are based on the message template. This title appears above the notification message on a recipient's device.", "title": "Title", "type": "string" }, "Url": { "markdownDescription": "The URL to open in a recipient's default mobile browser, if a recipient taps a push notification that's based on the message template and the value of the `Action` property is `URL` .", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::SMSChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the SMS channel applies to.", "title": "ApplicationId", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the SMS channel for the application.", "title": "Enabled", "type": "boolean" }, "SenderId": { "markdownDescription": "The identity that you want to display on recipients' devices when they receive messages from the SMS channel.\n\n> SenderIDs are only supported in certain countries and regions. For more information, see [Supported Countries and Regions](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-countries.html) in the *Amazon Pinpoint User Guide* .", "title": "SenderId", "type": "string" }, "ShortCode": { "markdownDescription": "The registered short code that you want to use when you send messages through the SMS channel.\n\n> For information about obtaining a dedicated short code for sending SMS messages, see [Requesting Dedicated Short Codes for SMS Messaging with Amazon Pinpoint](https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-sms-awssupport-short-code.html) in the *Amazon Pinpoint User Guide* .", "title": "ShortCode", "type": "string" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::SMSChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::Segment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the segment is associated with.", "title": "ApplicationId", "type": "string" }, "Dimensions": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions", "markdownDescription": "An array that defines the dimensions for the segment.", "title": "Dimensions" }, "Name": { "markdownDescription": "The name of the segment.\n\n> A segment must have a name otherwise it will not appear in the Amazon Pinpoint console.", "title": "Name", "type": "string" }, "SegmentGroups": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentGroups", "markdownDescription": "The segment group to use and the dimensions to apply to the group's base segments in order to build the segment. A segment group can consist of zero or more base segments. Your request can include only one segment group.", "title": "SegmentGroups" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" } }, "required": [ "ApplicationId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::Segment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::Segment.AttributeDimension": { "additionalProperties": false, "properties": { "AttributeType": { "type": "string" }, "Values": { "items": { "type": "string" }, "type": "array" } }, "type": "object" }, "AWS::Pinpoint::Segment.Behavior": { "additionalProperties": false, "properties": { "Recency": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Recency", "markdownDescription": "Specifies how recently segment members were active.", "title": "Recency" } }, "type": "object" }, "AWS::Pinpoint::Segment.Coordinates": { "additionalProperties": false, "properties": { "Latitude": { "markdownDescription": "The latitude coordinate of the location.", "title": "Latitude", "type": "number" }, "Longitude": { "markdownDescription": "The longitude coordinate of the location.", "title": "Longitude", "type": "number" } }, "required": [ "Latitude", "Longitude" ], "type": "object" }, "AWS::Pinpoint::Segment.Demographic": { "additionalProperties": false, "properties": { "AppVersion": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The app version criteria for the segment.", "title": "AppVersion" }, "Channel": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The channel criteria for the segment.", "title": "Channel" }, "DeviceType": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The device type criteria for the segment.", "title": "DeviceType" }, "Make": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The device make criteria for the segment.", "title": "Make" }, "Model": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The device model criteria for the segment.", "title": "Model" }, "Platform": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The device platform criteria for the segment.", "title": "Platform" } }, "type": "object" }, "AWS::Pinpoint::Segment.GPSPoint": { "additionalProperties": false, "properties": { "Coordinates": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Coordinates", "markdownDescription": "The GPS coordinates to measure distance from.", "title": "Coordinates" }, "RangeInKilometers": { "markdownDescription": "The range, in kilometers, from the GPS coordinates.", "title": "RangeInKilometers", "type": "number" } }, "required": [ "Coordinates", "RangeInKilometers" ], "type": "object" }, "AWS::Pinpoint::Segment.Groups": { "additionalProperties": false, "properties": { "Dimensions": { "items": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SegmentDimensions" }, "markdownDescription": "An array that defines the dimensions to include or exclude from the segment.", "title": "Dimensions", "type": "array" }, "SourceSegments": { "items": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SourceSegments" }, "markdownDescription": "The base segment to build the segment on. A base segment, also called a *source segment* , defines the initial population of endpoints for a segment. When you add dimensions to the segment, Amazon Pinpoint filters the base segment by using the dimensions that you specify.\n\nYou can specify more than one dimensional segment or only one imported segment. If you specify an imported segment, the segment size estimate that displays on the Amazon Pinpoint console indicates the size of the imported segment without any filters applied to it.", "title": "SourceSegments", "type": "array" }, "SourceType": { "markdownDescription": "Specifies how to handle multiple base segments for the segment. For example, if you specify three base segments for the segment, whether the resulting segment is based on all, any, or none of the base segments.", "title": "SourceType", "type": "string" }, "Type": { "markdownDescription": "Specifies how to handle multiple dimensions for the segment. For example, if you specify three dimensions for the segment, whether the resulting segment includes endpoints that match all, any, or none of the dimensions.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Segment.Location": { "additionalProperties": false, "properties": { "Country": { "$ref": "#/definitions/AWS::Pinpoint::Segment.SetDimension", "markdownDescription": "The country or region code, in ISO 3166-1 alpha-2 format, for the segment.", "title": "Country" }, "GPSPoint": { "$ref": "#/definitions/AWS::Pinpoint::Segment.GPSPoint", "markdownDescription": "The GPS point dimension for the segment.", "title": "GPSPoint" } }, "type": "object" }, "AWS::Pinpoint::Segment.Recency": { "additionalProperties": false, "properties": { "Duration": { "markdownDescription": "The duration to use when determining which users have been active or inactive with your app.\n\nPossible values: `HR_24` | `DAY_7` | `DAY_14` | `DAY_30` .", "title": "Duration", "type": "string" }, "RecencyType": { "markdownDescription": "The type of recency dimension to use for the segment. Valid values are: `ACTIVE` and `INACTIVE` . If the value is `ACTIVE` , the segment includes users who have used your app within the specified duration are included in the segment. If the value is `INACTIVE` , the segment includes users who haven't used your app within the specified duration are included in the segment.", "title": "RecencyType", "type": "string" } }, "required": [ "Duration", "RecencyType" ], "type": "object" }, "AWS::Pinpoint::Segment.SegmentDimensions": { "additionalProperties": false, "properties": { "Attributes": { "markdownDescription": "One or more custom attributes to use as criteria for the segment. For more information see [AttributeDimension](https://docs.aws.amazon.com/pinpoint/latest/apireference/apps-application-id-segments.html#apps-application-id-segments-model-attributedimension)", "title": "Attributes", "type": "object" }, "Behavior": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Behavior", "markdownDescription": "The behavior-based criteria, such as how recently users have used your app, for the segment.", "title": "Behavior" }, "Demographic": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Demographic", "markdownDescription": "The demographic-based criteria, such as device platform, for the segment.", "title": "Demographic" }, "Location": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Location", "markdownDescription": "The location-based criteria, such as region or GPS coordinates, for the segment.", "title": "Location" }, "Metrics": { "markdownDescription": "One or more custom metrics to use as criteria for the segment.", "title": "Metrics", "type": "object" }, "UserAttributes": { "markdownDescription": "One or more custom user attributes to use as criteria for the segment.", "title": "UserAttributes", "type": "object" } }, "type": "object" }, "AWS::Pinpoint::Segment.SegmentGroups": { "additionalProperties": false, "properties": { "Groups": { "items": { "$ref": "#/definitions/AWS::Pinpoint::Segment.Groups" }, "markdownDescription": "Specifies the set of segment criteria to evaluate when handling segment groups for the segment.", "title": "Groups", "type": "array" }, "Include": { "markdownDescription": "Specifies how to handle multiple segment groups for the segment. For example, if the segment includes three segment groups, whether the resulting segment includes endpoints that match all, any, or none of the segment groups.", "title": "Include", "type": "string" } }, "type": "object" }, "AWS::Pinpoint::Segment.SetDimension": { "additionalProperties": false, "properties": { "DimensionType": { "markdownDescription": "The type of segment dimension to use. Valid values are: `INCLUSIVE` , endpoints that match the criteria are included in the segment; and, `EXCLUSIVE` , endpoints that match the criteria are excluded from the segment.", "title": "DimensionType", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The criteria values to use for the segment dimension. Depending on the value of the `DimensionType` property, endpoints are included or excluded from the segment if their values match the criteria values.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::Pinpoint::Segment.SourceSegments": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The unique identifier for the source segment.", "title": "Id", "type": "string" }, "Version": { "markdownDescription": "The version number of the source segment.", "title": "Version", "type": "number" } }, "required": [ "Id" ], "type": "object" }, "AWS::Pinpoint::SmsTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Body": { "markdownDescription": "The message body to use in text messages that are based on the message template.", "title": "Body", "type": "string" }, "DefaultSubstitutions": { "markdownDescription": "A JSON object that specifies the default values to use for message variables in the message template. This object is a set of key-value pairs. Each key defines a message variable in the template. The corresponding value defines the default value for that variable. When you create a message that's based on the template, you can override these defaults with message-specific and address-specific variables and values.", "title": "DefaultSubstitutions", "type": "string" }, "Tags": { "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "object" }, "TemplateDescription": { "markdownDescription": "A custom description of the message template.", "title": "TemplateDescription", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the message template to use for the message. If specified, this value must match the name of an existing message template.", "title": "TemplateName", "type": "string" } }, "required": [ "Body", "TemplateName" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::SmsTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pinpoint::VoiceChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The unique identifier for the Amazon Pinpoint application that the voice channel applies to.", "title": "ApplicationId", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether to enable the voice channel for the application.", "title": "Enabled", "type": "boolean" } }, "required": [ "ApplicationId" ], "type": "object" }, "Type": { "enum": [ "AWS::Pinpoint::VoiceChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliveryOptions": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.DeliveryOptions", "markdownDescription": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.", "title": "DeliveryOptions" }, "Name": { "markdownDescription": "The name of the configuration set.", "title": "Name", "type": "string" }, "ReputationOptions": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.ReputationOptions", "markdownDescription": "An object that defines whether or not Amazon Pinpoint collects reputation metrics for the emails that you send that use the configuration set.", "title": "ReputationOptions" }, "SendingOptions": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.SendingOptions", "markdownDescription": "An object that defines whether or not Amazon Pinpoint can send email that you send using the configuration set.", "title": "SendingOptions" }, "Tags": { "items": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.Tags" }, "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the configuration set.", "title": "Tags", "type": "array" }, "TrackingOptions": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet.TrackingOptions", "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", "title": "TrackingOptions" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::PinpointEmail::ConfigurationSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { "SendingPoolName": { "markdownDescription": "The name of the dedicated IP pool that you want to associate with the configuration set.", "title": "SendingPoolName", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { "ReputationMetricsEnabled": { "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", "title": "ReputationMetricsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { "SendingEnabled": { "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", "title": "SendingEnabled", "type": "boolean" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSet.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the configuration set, then this value is required.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { "CustomRedirectDomain": { "markdownDescription": "The domain that you want to use for tracking open and click events.", "title": "CustomRedirectDomain", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigurationSetName": { "markdownDescription": "The name of the configuration set that contains the event destination that you want to modify.", "title": "ConfigurationSetName", "type": "string" }, "EventDestination": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination", "markdownDescription": "An object that defines the event destination.", "title": "EventDestination" }, "EventDestinationName": { "markdownDescription": "The name of the event destination that you want to modify.", "title": "EventDestinationName", "type": "string" } }, "required": [ "ConfigurationSetName", "EventDestinationName" ], "type": "object" }, "Type": { "enum": [ "AWS::PinpointEmail::ConfigurationSetEventDestination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { "DimensionConfigurations": { "items": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration" }, "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", "title": "DimensionConfigurations", "type": "array" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { "DefaultDimensionValue": { "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", "title": "DefaultDimensionValue", "type": "string" }, "DimensionName": { "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", "title": "DimensionName", "type": "string" }, "DimensionValueSource": { "markdownDescription": "The location where Amazon Pinpoint finds the value of a dimension to publish to Amazon CloudWatch. Acceptable values: `MESSAGE_TAG` , `EMAIL_HEADER` , and `LINK_TAG` .\n\nIf you want Amazon Pinpoint to use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` API, choose `MESSAGE_TAG` . If you want Amazon Pinpoint to use your own email headers, choose `EMAIL_HEADER` . If you want Amazon Pinpoint to use tags that are specified in your links, choose `LINK_TAG` .", "title": "DimensionValueSource", "type": "string" } }, "required": [ "DefaultDimensionValue", "DimensionName", "DimensionValueSource" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { "CloudWatchDestination": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.CloudWatchDestination", "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", "title": "CloudWatchDestination" }, "Enabled": { "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", "title": "Enabled", "type": "boolean" }, "KinesisFirehoseDestination": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination", "markdownDescription": "An object that defines an Amazon Kinesis Data Firehose destination for email events. You can use Amazon Kinesis Data Firehose to stream data to other services, such as Amazon S3 and Amazon Redshift.", "title": "KinesisFirehoseDestination" }, "MatchingEventTypes": { "items": { "type": "string" }, "markdownDescription": "The types of events that Amazon Pinpoint sends to the specified event destinations. Acceptable values: `SEND` , `REJECT` , `BOUNCE` , `COMPLAINT` , `DELIVERY` , `OPEN` , `CLICK` , and `RENDERING_FAILURE` .", "title": "MatchingEventTypes", "type": "array" }, "PinpointDestination": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination", "markdownDescription": "An object that defines a Amazon Pinpoint destination for email events. You can use Amazon Pinpoint events to create attributes in Amazon Pinpoint projects. You can use these attributes to create segments for your campaigns.", "title": "PinpointDestination" }, "SnsDestination": { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination", "markdownDescription": "An object that defines an Amazon SNS destination for email events. You can use Amazon SNS to send notification when certain email events occur.", "title": "SnsDestination" } }, "required": [ "MatchingEventTypes" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.KinesisFirehoseDestination": { "additionalProperties": false, "properties": { "DeliveryStreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Kinesis Data Firehose stream that Amazon Pinpoint sends email events to.", "title": "DeliveryStreamArn", "type": "string" }, "IamRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that Amazon Pinpoint uses when sending email events to the Amazon Kinesis Data Firehose stream.", "title": "IamRoleArn", "type": "string" } }, "required": [ "DeliveryStreamArn", "IamRoleArn" ], "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.PinpointDestination": { "additionalProperties": false, "properties": { "ApplicationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon Pinpoint project that you want to send email events to.", "title": "ApplicationArn", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::ConfigurationSetEventDestination.SnsDestination": { "additionalProperties": false, "properties": { "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish email events to. For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "TopicArn" ], "type": "object" }, "AWS::PinpointEmail::DedicatedIpPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PoolName": { "markdownDescription": "The name of the dedicated IP pool.", "title": "PoolName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool.Tags" }, "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the dedicated IP pool.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::PinpointEmail::DedicatedIpPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::PinpointEmail::DedicatedIpPool.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the dedicated IP pool, then this value is required.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::Identity": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DkimSigningEnabled": { "markdownDescription": "For domain identities, this attribute is used to enable or disable DomainKeys Identified Mail (DKIM) signing for the domain.\n\nIf the value is `true` , then the messages that you send from the domain are signed using both the DKIM keys for your domain, as well as the keys for the `amazonses.com` domain. If the value is `false` , then the messages that you send are only signed using the DKIM keys for the `amazonses.com` domain.", "title": "DkimSigningEnabled", "type": "boolean" }, "FeedbackForwardingEnabled": { "markdownDescription": "Used to enable or disable feedback forwarding for an identity. This setting determines what happens when an identity is used to send an email that results in a bounce or complaint event.\n\nWhen you enable feedback forwarding, Amazon Pinpoint sends you email notifications when bounce or complaint events occur. Amazon Pinpoint sends this notification to the address that you specified in the Return-Path header of the original email.\n\nWhen you disable feedback forwarding, Amazon Pinpoint sends notifications through other mechanisms, such as by notifying an Amazon SNS topic. You're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications, Amazon Pinpoint sends an email notification when these events occur (even if this setting is disabled).", "title": "FeedbackForwardingEnabled", "type": "boolean" }, "MailFromAttributes": { "$ref": "#/definitions/AWS::PinpointEmail::Identity.MailFromAttributes", "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", "title": "MailFromAttributes" }, "Name": { "markdownDescription": "The address or domain of the identity, such as *sender@example.com* or *example.co.uk* .", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::PinpointEmail::Identity.Tags" }, "markdownDescription": "An object that defines the tags (keys and values) that you want to associate with the email identity.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::PinpointEmail::Identity" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::PinpointEmail::Identity.MailFromAttributes": { "additionalProperties": false, "properties": { "BehaviorOnMxFailure": { "markdownDescription": "The action that Amazon Pinpoint to takes if it can't read the required MX record for a custom MAIL FROM domain. When you set this value to `UseDefaultValue` , Amazon Pinpoint uses *amazonses.com* as the MAIL FROM domain. When you set this value to `RejectMessage` , Amazon Pinpoint returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.", "title": "BehaviorOnMxFailure", "type": "string" }, "MailFromDomain": { "markdownDescription": "The name of a domain that an email identity uses as a custom MAIL FROM domain.", "title": "MailFromDomain", "type": "string" } }, "type": "object" }, "AWS::PinpointEmail::Identity.Tags": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.\n\nIf you specify tags for the identity, then this value is required.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don\u2019t want a resource to have a specific tag value, don\u2019t specify a value for this parameter. Amazon Pinpoint will set the value to an empty string.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the pipe.", "title": "Description", "type": "string" }, "DesiredState": { "markdownDescription": "The state the pipe should be in.", "title": "DesiredState", "type": "string" }, "Enrichment": { "markdownDescription": "The ARN of the enrichment resource.", "title": "Enrichment", "type": "string" }, "EnrichmentParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentParameters", "markdownDescription": "The parameters required to set up enrichment on your pipe.", "title": "EnrichmentParameters" }, "LogConfiguration": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeLogConfiguration", "markdownDescription": "The logging configuration settings for the pipe.", "title": "LogConfiguration" }, "Name": { "markdownDescription": "The name of the pipe.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the role that allows the pipe to send data to the target.", "title": "RoleArn", "type": "string" }, "Source": { "markdownDescription": "The ARN of the source resource.", "title": "Source", "type": "string" }, "SourceParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceParameters", "markdownDescription": "The parameters required to set up a source for your pipe.", "title": "SourceParameters" }, "Tags": { "additionalProperties": true, "markdownDescription": "The list of key-value pairs to associate with the pipe.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Target": { "markdownDescription": "The ARN of the target resource.", "title": "Target", "type": "string" }, "TargetParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetParameters", "markdownDescription": "The parameters required to set up a target for your pipe.\n\nFor more information about pipe target parameters, including how to use dynamic path parameters, see [Target parameters](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) in the *Amazon EventBridge User Guide* .", "title": "TargetParameters" } }, "required": [ "RoleArn", "Source", "Target" ], "type": "object" }, "Type": { "enum": [ "AWS::Pipes::Pipe" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Pipes::Pipe.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", "title": "AssignPublicIp", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", "title": "Subnets", "type": "array" } }, "required": [ "Subnets" ], "type": "object" }, "AWS::Pipes::Pipe.BatchArrayProperties": { "additionalProperties": false, "properties": { "Size": { "markdownDescription": "The size of the array, if this is an array batch job.", "title": "Size", "type": "number" } }, "type": "object" }, "AWS::Pipes::Pipe.BatchContainerOverrides": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition.", "title": "Command", "type": "array" }, "Environment": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchEnvironmentVariable" }, "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition.\n\n> Environment variables cannot start with \" `AWS Batch` \". This naming convention is reserved for variables that AWS Batch sets.", "title": "Environment", "type": "array" }, "InstanceType": { "markdownDescription": "The instance type to use for a multi-node parallel job.\n\n> This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided.", "title": "InstanceType", "type": "string" }, "ResourceRequirements": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchResourceRequirement" }, "markdownDescription": "The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", "title": "ResourceRequirements", "type": "array" } }, "type": "object" }, "AWS::Pipes::Pipe.BatchEnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.BatchJobDependency": { "additionalProperties": false, "properties": { "JobId": { "markdownDescription": "The job ID of the AWS Batch job that's associated with this dependency.", "title": "JobId", "type": "string" }, "Type": { "markdownDescription": "The type of the job dependency.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.BatchResourceRequirement": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified.\n\n- **type=\"GPU\"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on.\n\n> GPUs aren't available for jobs that are running on Fargate resources.\n- **type=\"MEMORY\"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) .\n\n> If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . \n\nFor jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value.\n\n- **value = 512** - `VCPU` = 0.25\n- **value = 1024** - `VCPU` = 0.25 or 0.5\n- **value = 2048** - `VCPU` = 0.25, 0.5, or 1\n- **value = 3072** - `VCPU` = 0.5, or 1\n- **value = 4096** - `VCPU` = 0.5, 1, or 2\n- **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2\n- **value = 8192** - `VCPU` = 1, 2, 4, or 8\n- **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4\n- **value = 16384** - `VCPU` = 2, 4, or 8\n- **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4\n- **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8\n- **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8\n- **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16\n- **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16\n- **type=\"VCPU\"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.\n\nThe default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* .\n\nFor jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16\n\n- **value = 0.25** - `MEMORY` = 512, 1024, or 2048\n- **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096\n- **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192\n- **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384\n- **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720\n- **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440\n- **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::Pipes::Pipe.BatchRetryStrategy": { "additionalProperties": false, "properties": { "Attempts": { "markdownDescription": "The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value.", "title": "Attempts", "type": "number" } }, "type": "object" }, "AWS::Pipes::Pipe.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", "title": "Weight", "type": "number" } }, "required": [ "CapacityProvider" ], "type": "object" }, "AWS::Pipes::Pipe.CloudwatchLogsLogDestination": { "additionalProperties": false, "properties": { "LogGroupArn": { "markdownDescription": "The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records.", "title": "LogGroupArn", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.DeadLetterConfig": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The ARN of the specified target for the dead-letter queue.\n\nFor Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN.", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.EcsContainerOverride": { "additionalProperties": false, "properties": { "Command": { "items": { "type": "string" }, "markdownDescription": "The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name.", "title": "Command", "type": "array" }, "Cpu": { "markdownDescription": "The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name.", "title": "Cpu", "type": "number" }, "Environment": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentVariable" }, "markdownDescription": "The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name.", "title": "Environment", "type": "array" }, "EnvironmentFiles": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEnvironmentFile" }, "markdownDescription": "A list of files containing the environment variables to pass to a container, instead of the value from the container definition.", "title": "EnvironmentFiles", "type": "array" }, "Memory": { "markdownDescription": "The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name.", "title": "Memory", "type": "number" }, "MemoryReservation": { "markdownDescription": "The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name.", "title": "MemoryReservation", "type": "number" }, "Name": { "markdownDescription": "The name of the container that receives the override. This parameter is required if any override is specified.", "title": "Name", "type": "string" }, "ResourceRequirements": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsResourceRequirement" }, "markdownDescription": "The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU.", "title": "ResourceRequirements", "type": "array" } }, "type": "object" }, "AWS::Pipes::Pipe.EcsEnvironmentFile": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The file type to use. The only supported value is `s3` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::Pipes::Pipe.EcsEnvironmentVariable": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the key-value pair. For environment variables, this is the name of the environment variable.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the key-value pair. For environment variables, this is the value of the environment variable.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.EcsEphemeralStorage": { "additionalProperties": false, "properties": { "SizeInGiB": { "markdownDescription": "The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB.", "title": "SizeInGiB", "type": "number" } }, "required": [ "SizeInGiB" ], "type": "object" }, "AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride": { "additionalProperties": false, "properties": { "DeviceName": { "markdownDescription": "The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition.", "title": "DeviceName", "type": "string" }, "DeviceType": { "markdownDescription": "The Elastic Inference accelerator type to use.", "title": "DeviceType", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.EcsResourceRequirement": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The value for the specified resource type.\n\nIf the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on.\n\nIf the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::Pipes::Pipe.EcsTaskOverride": { "additionalProperties": false, "properties": { "ContainerOverrides": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsContainerOverride" }, "markdownDescription": "One or more container overrides that are sent to a task.", "title": "ContainerOverrides", "type": "array" }, "Cpu": { "markdownDescription": "The cpu override for the task.", "title": "Cpu", "type": "string" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsEphemeralStorage", "markdownDescription": "The ephemeral storage setting override for the task.\n\n> This parameter is only supported for tasks hosted on Fargate that use the following platform versions:\n> \n> - Linux platform version `1.4.0` or later.\n> - Windows platform version `1.0.0` or later.", "title": "EphemeralStorage" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "ExecutionRoleArn", "type": "string" }, "InferenceAcceleratorOverrides": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsInferenceAcceleratorOverride" }, "markdownDescription": "The Elastic Inference accelerator override for the task.", "title": "InferenceAcceleratorOverrides", "type": "array" }, "Memory": { "markdownDescription": "The memory override for the task.", "title": "Memory", "type": "string" }, "TaskRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "TaskRoleArn", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.Filter": { "additionalProperties": false, "properties": { "Pattern": { "markdownDescription": "The event pattern.", "title": "Pattern", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.FilterCriteria": { "additionalProperties": false, "properties": { "Filters": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.Filter" }, "markdownDescription": "The event patterns.", "title": "Filters", "type": "array" } }, "type": "object" }, "AWS::Pipes::Pipe.FirehoseLogDestination": { "additionalProperties": false, "properties": { "DeliveryStreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records.", "title": "DeliveryStreamArn", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.MQBrokerAccessCredentials": { "additionalProperties": false, "properties": { "BasicAuth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "BasicAuth", "type": "string" } }, "required": [ "BasicAuth" ], "type": "object" }, "AWS::Pipes::Pipe.MSKAccessCredentials": { "additionalProperties": false, "properties": { "ClientCertificateTlsAuth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "ClientCertificateTlsAuth", "type": "string" }, "SaslScram512Auth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "SaslScram512Auth", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.NetworkConfiguration": { "additionalProperties": false, "properties": { "AwsvpcConfiguration": { "$ref": "#/definitions/AWS::Pipes::Pipe.AwsVpcConfiguration", "markdownDescription": "Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode.", "title": "AwsvpcConfiguration" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeEnrichmentHttpParameters": { "additionalProperties": false, "properties": { "HeaderParameters": { "additionalProperties": true, "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "HeaderParameters", "type": "object" }, "PathParameterValues": { "items": { "type": "string" }, "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", "title": "PathParameterValues", "type": "array" }, "QueryStringParameters": { "additionalProperties": true, "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "QueryStringParameters", "type": "object" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeEnrichmentParameters": { "additionalProperties": false, "properties": { "HttpParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeEnrichmentHttpParameters", "markdownDescription": "Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination.\n\nIf you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence.", "title": "HttpParameters" }, "InputTemplate": { "markdownDescription": "Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", "title": "InputTemplate", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeLogConfiguration": { "additionalProperties": false, "properties": { "CloudwatchLogsLogDestination": { "$ref": "#/definitions/AWS::Pipes::Pipe.CloudwatchLogsLogDestination", "markdownDescription": "The logging configuration settings for the pipe.", "title": "CloudwatchLogsLogDestination" }, "FirehoseLogDestination": { "$ref": "#/definitions/AWS::Pipes::Pipe.FirehoseLogDestination", "markdownDescription": "The Amazon Data Firehose logging configuration settings for the pipe.", "title": "FirehoseLogDestination" }, "IncludeExecutionData": { "items": { "type": "string" }, "markdownDescription": "Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe.\n\nThis applies to all log destinations for the pipe.\n\nFor more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* .\n\n*Allowed values:* `ALL`", "title": "IncludeExecutionData", "type": "array" }, "Level": { "markdownDescription": "The level of logging detail to include. This applies to all log destinations for the pipe.", "title": "Level", "type": "string" }, "S3LogDestination": { "$ref": "#/definitions/AWS::Pipes::Pipe.S3LogDestination", "markdownDescription": "The Amazon S3 logging configuration settings for the pipe.", "title": "S3LogDestination" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "Credentials": { "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", "markdownDescription": "The credentials needed to access the resource.", "title": "Credentials" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "QueueName": { "markdownDescription": "The name of the destination queue to consume.", "title": "QueueName", "type": "string" } }, "required": [ "Credentials", "QueueName" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "DeadLetterConfig": { "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", "markdownDescription": "Define the target queue to send dead-letter queue events to.", "title": "DeadLetterConfig" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "MaximumRecordAgeInSeconds": { "markdownDescription": "(Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", "title": "MaximumRecordAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "(Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", "title": "MaximumRetryAttempts", "type": "number" }, "OnPartialBatchItemFailure": { "markdownDescription": "(Streams only) Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", "title": "OnPartialBatchItemFailure", "type": "string" }, "ParallelizationFactor": { "markdownDescription": "(Streams only) The number of batches to process concurrently from each shard. The default value is 1.", "title": "ParallelizationFactor", "type": "number" }, "StartingPosition": { "markdownDescription": "(Streams only) The position in a stream from which to start reading.\n\n*Valid values* : `TRIM_HORIZON | LATEST`", "title": "StartingPosition", "type": "string" } }, "required": [ "StartingPosition" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "DeadLetterConfig": { "$ref": "#/definitions/AWS::Pipes::Pipe.DeadLetterConfig", "markdownDescription": "Define the target queue to send dead-letter queue events to.", "title": "DeadLetterConfig" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "MaximumRecordAgeInSeconds": { "markdownDescription": "(Streams only) Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records.", "title": "MaximumRecordAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "(Streams only) Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source.", "title": "MaximumRetryAttempts", "type": "number" }, "OnPartialBatchItemFailure": { "markdownDescription": "(Streams only) Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch.", "title": "OnPartialBatchItemFailure", "type": "string" }, "ParallelizationFactor": { "markdownDescription": "(Streams only) The number of batches to process concurrently from each shard. The default value is 1.", "title": "ParallelizationFactor", "type": "number" }, "StartingPosition": { "markdownDescription": "(Streams only) The position in a stream from which to start reading.", "title": "StartingPosition", "type": "string" }, "StartingPositionTimestamp": { "markdownDescription": "With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds.", "title": "StartingPositionTimestamp", "type": "string" } }, "required": [ "StartingPosition" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "ConsumerGroupID": { "markdownDescription": "The name of the destination queue to consume.", "title": "ConsumerGroupID", "type": "string" }, "Credentials": { "$ref": "#/definitions/AWS::Pipes::Pipe.MSKAccessCredentials", "markdownDescription": "The credentials needed to access the resource.", "title": "Credentials" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "StartingPosition": { "markdownDescription": "(Streams only) The position in a stream from which to start reading.", "title": "StartingPosition", "type": "string" }, "TopicName": { "markdownDescription": "The name of the topic that the pipe will read from.", "title": "TopicName", "type": "string" } }, "required": [ "TopicName" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceParameters": { "additionalProperties": false, "properties": { "ActiveMQBrokerParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceActiveMQBrokerParameters", "markdownDescription": "The parameters for using an Active MQ broker as a source.", "title": "ActiveMQBrokerParameters" }, "DynamoDBStreamParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceDynamoDBStreamParameters", "markdownDescription": "The parameters for using a DynamoDB stream as a source.", "title": "DynamoDBStreamParameters" }, "FilterCriteria": { "$ref": "#/definitions/AWS::Pipes::Pipe.FilterCriteria", "markdownDescription": "The collection of event patterns used to filter events.\n\nTo remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects.\n\nFor more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* .", "title": "FilterCriteria" }, "KinesisStreamParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceKinesisStreamParameters", "markdownDescription": "The parameters for using a Kinesis stream as a source.", "title": "KinesisStreamParameters" }, "ManagedStreamingKafkaParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceManagedStreamingKafkaParameters", "markdownDescription": "The parameters for using an MSK stream as a source.", "title": "ManagedStreamingKafkaParameters" }, "RabbitMQBrokerParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters", "markdownDescription": "The parameters for using a Rabbit MQ broker as a source.", "title": "RabbitMQBrokerParameters" }, "SelfManagedKafkaParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters", "markdownDescription": "The parameters for using a self-managed Apache Kafka stream as a source.\n\nA *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* .", "title": "SelfManagedKafkaParameters" }, "SqsQueueParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeSourceSqsQueueParameters", "markdownDescription": "The parameters for using a Amazon SQS stream as a source.", "title": "SqsQueueParameters" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeSourceRabbitMQBrokerParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "Credentials": { "$ref": "#/definitions/AWS::Pipes::Pipe.MQBrokerAccessCredentials", "markdownDescription": "The credentials needed to access the resource.", "title": "Credentials" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "QueueName": { "markdownDescription": "The name of the destination queue to consume.", "title": "QueueName", "type": "string" }, "VirtualHost": { "markdownDescription": "The name of the virtual host associated with the source broker.", "title": "VirtualHost", "type": "string" } }, "required": [ "Credentials", "QueueName" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceSelfManagedKafkaParameters": { "additionalProperties": false, "properties": { "AdditionalBootstrapServers": { "items": { "type": "string" }, "markdownDescription": "An array of server URLs.", "title": "AdditionalBootstrapServers", "type": "array" }, "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "ConsumerGroupID": { "markdownDescription": "The name of the destination queue to consume.", "title": "ConsumerGroupID", "type": "string" }, "Credentials": { "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials", "markdownDescription": "The credentials needed to access the resource.", "title": "Credentials" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" }, "ServerRootCaCertificate": { "markdownDescription": "The ARN of the Secrets Manager secret used for certification.", "title": "ServerRootCaCertificate", "type": "string" }, "StartingPosition": { "markdownDescription": "(Streams only) The position in a stream from which to start reading.", "title": "StartingPosition", "type": "string" }, "TopicName": { "markdownDescription": "The name of the topic that the pipe will read from.", "title": "TopicName", "type": "string" }, "Vpc": { "$ref": "#/definitions/AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc", "markdownDescription": "This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used.", "title": "Vpc" } }, "required": [ "TopicName" ], "type": "object" }, "AWS::Pipes::Pipe.PipeSourceSqsQueueParameters": { "additionalProperties": false, "properties": { "BatchSize": { "markdownDescription": "The maximum number of records to include in each batch.", "title": "BatchSize", "type": "number" }, "MaximumBatchingWindowInSeconds": { "markdownDescription": "The maximum length of a time to wait for events.", "title": "MaximumBatchingWindowInSeconds", "type": "number" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetBatchJobParameters": { "additionalProperties": false, "properties": { "ArrayProperties": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchArrayProperties", "markdownDescription": "The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job.", "title": "ArrayProperties" }, "ContainerOverrides": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchContainerOverrides", "markdownDescription": "The overrides that are sent to a container.", "title": "ContainerOverrides" }, "DependsOn": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchJobDependency" }, "markdownDescription": "A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin.", "title": "DependsOn", "type": "array" }, "JobDefinition": { "markdownDescription": "The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used.", "title": "JobDefinition", "type": "string" }, "JobName": { "markdownDescription": "The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_).", "title": "JobName", "type": "string" }, "Parameters": { "additionalProperties": true, "markdownDescription": "Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "RetryStrategy": { "$ref": "#/definitions/AWS::Pipes::Pipe.BatchRetryStrategy", "markdownDescription": "The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition.", "title": "RetryStrategy" } }, "required": [ "JobDefinition", "JobName" ], "type": "object" }, "AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters": { "additionalProperties": false, "properties": { "LogStreamName": { "markdownDescription": "The name of the log stream.", "title": "LogStreamName", "type": "string" }, "Timestamp": { "markdownDescription": "The time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC.", "title": "Timestamp", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetEcsTaskParameters": { "additionalProperties": false, "properties": { "CapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.CapacityProviderStrategyItem" }, "markdownDescription": "The capacity provider strategy to use for the task.\n\nIf a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used.", "title": "CapacityProviderStrategy", "type": "array" }, "EnableECSManagedTags": { "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide.", "title": "EnableECSManagedTags", "type": "boolean" }, "EnableExecuteCommand": { "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", "title": "EnableExecuteCommand", "type": "boolean" }, "Group": { "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", "title": "Group", "type": "string" }, "LaunchType": { "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "LaunchType", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::Pipes::Pipe.NetworkConfiguration", "markdownDescription": "Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks.\n\nIf you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails.", "title": "NetworkConfiguration" }, "Overrides": { "$ref": "#/definitions/AWS::Pipes::Pipe.EcsTaskOverride", "markdownDescription": "The overrides that are associated with a task.", "title": "Overrides" }, "PlacementConstraints": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementConstraint" }, "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", "title": "PlacementConstraints", "type": "array" }, "PlacementStrategy": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.PlacementStrategy" }, "markdownDescription": "The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task.", "title": "PlacementStrategy", "type": "array" }, "PlatformVersion": { "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .\n\nThis structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* .", "title": "PlatformVersion", "type": "string" }, "PropagateTags": { "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action.", "title": "PropagateTags", "type": "string" }, "ReferenceId": { "markdownDescription": "The reference ID to use for the task.", "title": "ReferenceId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference.", "title": "Tags", "type": "array" }, "TaskCount": { "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is 1.", "title": "TaskCount", "type": "number" }, "TaskDefinitionArn": { "markdownDescription": "The ARN of the task definition to use if the event target is an Amazon ECS task.", "title": "TaskDefinitionArn", "type": "string" } }, "required": [ "TaskDefinitionArn" ], "type": "object" }, "AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters": { "additionalProperties": false, "properties": { "DetailType": { "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", "title": "DetailType", "type": "string" }, "EndpointId": { "markdownDescription": "The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` .", "title": "EndpointId", "type": "string" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present.", "title": "Resources", "type": "array" }, "Source": { "markdownDescription": "The source of the event.", "title": "Source", "type": "string" }, "Time": { "markdownDescription": "The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used.", "title": "Time", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetHttpParameters": { "additionalProperties": false, "properties": { "HeaderParameters": { "additionalProperties": true, "markdownDescription": "The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "HeaderParameters", "type": "object" }, "PathParameterValues": { "items": { "type": "string" }, "markdownDescription": "The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards (\"*\").", "title": "PathParameterValues", "type": "array" }, "QueryStringParameters": { "additionalProperties": true, "markdownDescription": "The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "QueryStringParameters", "type": "object" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters": { "additionalProperties": false, "properties": { "PartitionKey": { "markdownDescription": "Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream.", "title": "PartitionKey", "type": "string" } }, "required": [ "PartitionKey" ], "type": "object" }, "AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters": { "additionalProperties": false, "properties": { "InvocationType": { "markdownDescription": "Specify whether to invoke the function synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n- `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API.\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", "title": "InvocationType", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetParameters": { "additionalProperties": false, "properties": { "BatchJobParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetBatchJobParameters", "markdownDescription": "The parameters for using an AWS Batch job as a target.", "title": "BatchJobParameters" }, "CloudWatchLogsParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetCloudWatchLogsParameters", "markdownDescription": "The parameters for using an CloudWatch Logs log stream as a target.", "title": "CloudWatchLogsParameters" }, "EcsTaskParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEcsTaskParameters", "markdownDescription": "The parameters for using an Amazon ECS task as a target.", "title": "EcsTaskParameters" }, "EventBridgeEventBusParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetEventBridgeEventBusParameters", "markdownDescription": "The parameters for using an EventBridge event bus as a target.", "title": "EventBridgeEventBusParameters" }, "HttpParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetHttpParameters", "markdownDescription": "These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations.", "title": "HttpParameters" }, "InputTemplate": { "markdownDescription": "Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) .\n\nTo remove an input template, specify an empty string.", "title": "InputTemplate", "type": "string" }, "KinesisStreamParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetKinesisStreamParameters", "markdownDescription": "The parameters for using a Kinesis stream as a target.", "title": "KinesisStreamParameters" }, "LambdaFunctionParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetLambdaFunctionParameters", "markdownDescription": "The parameters for using a Lambda function as a target.", "title": "LambdaFunctionParameters" }, "RedshiftDataParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters", "markdownDescription": "These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement.", "title": "RedshiftDataParameters" }, "SageMakerPipelineParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters", "markdownDescription": "The parameters for using a SageMaker pipeline as a target.", "title": "SageMakerPipelineParameters" }, "SqsQueueParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetSqsQueueParameters", "markdownDescription": "The parameters for using a Amazon SQS stream as a target.", "title": "SqsQueueParameters" }, "StepFunctionStateMachineParameters": { "$ref": "#/definitions/AWS::Pipes::Pipe.PipeTargetStateMachineParameters", "markdownDescription": "The parameters for using a Step Functions state machine as a target.", "title": "StepFunctionStateMachineParameters" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetRedshiftDataParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "The name of the database. Required when authenticating using temporary credentials.", "title": "Database", "type": "string" }, "DbUser": { "markdownDescription": "The database user name. Required when authenticating using temporary credentials.", "title": "DbUser", "type": "string" }, "SecretManagerArn": { "markdownDescription": "The name or ARN of the secret that enables access to the database. Required when authenticating using Secrets Manager.", "title": "SecretManagerArn", "type": "string" }, "Sqls": { "items": { "type": "string" }, "markdownDescription": "The SQL statement text to run.", "title": "Sqls", "type": "array" }, "StatementName": { "markdownDescription": "The name of the SQL statement. You can name the SQL statement when you create it to identify the query.", "title": "StatementName", "type": "string" }, "WithEvent": { "markdownDescription": "Indicates whether to send an event back to EventBridge after the SQL statement runs.", "title": "WithEvent", "type": "boolean" } }, "required": [ "Database", "Sqls" ], "type": "object" }, "AWS::Pipes::Pipe.PipeTargetSageMakerPipelineParameters": { "additionalProperties": false, "properties": { "PipelineParameterList": { "items": { "$ref": "#/definitions/AWS::Pipes::Pipe.SageMakerPipelineParameter" }, "markdownDescription": "List of Parameter names and values for SageMaker Model Building Pipeline execution.", "title": "PipelineParameterList", "type": "array" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetSqsQueueParameters": { "additionalProperties": false, "properties": { "MessageDeduplicationId": { "markdownDescription": "This parameter applies only to FIFO (first-in-first-out) queues.\n\nThe token used for deduplication of sent messages.", "title": "MessageDeduplicationId", "type": "string" }, "MessageGroupId": { "markdownDescription": "The FIFO message group ID to use as the target.", "title": "MessageGroupId", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PipeTargetStateMachineParameters": { "additionalProperties": false, "properties": { "InvocationType": { "markdownDescription": "Specify whether to invoke the Step Functions state machine synchronously or asynchronously.\n\n- `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* .\n\n> `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows.\n- `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* .\n\nFor more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* .", "title": "InvocationType", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide.", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.PlacementStrategy": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used.", "title": "Field", "type": "string" }, "Type": { "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.S3LogDestination": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", "title": "BucketName", "type": "string" }, "BucketOwner": { "markdownDescription": "The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe.", "title": "BucketOwner", "type": "string" }, "OutputFormat": { "markdownDescription": "The format EventBridge uses for the log records.\n\n- `json` : JSON\n- `plain` : Plain text\n- `w3c` : [W3C extended logging file format](https://docs.aws.amazon.com/https://www.w3.org/TR/WD-logfile)", "title": "OutputFormat", "type": "string" }, "Prefix": { "markdownDescription": "The prefix text with which to begin Amazon S3 log object names.\n\nFor more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* .", "title": "Prefix", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationCredentials": { "additionalProperties": false, "properties": { "BasicAuth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "BasicAuth", "type": "string" }, "ClientCertificateTlsAuth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "ClientCertificateTlsAuth", "type": "string" }, "SaslScram256Auth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "SaslScram256Auth", "type": "string" }, "SaslScram512Auth": { "markdownDescription": "The ARN of the Secrets Manager secret.", "title": "SaslScram512Auth", "type": "string" } }, "type": "object" }, "AWS::Pipes::Pipe.SelfManagedKafkaAccessConfigurationVpc": { "additionalProperties": false, "properties": { "SecurityGroup": { "items": { "type": "string" }, "markdownDescription": "Specifies the security groups associated with the stream. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", "title": "SecurityGroup", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "Specifies the subnets associated with the stream. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", "title": "Subnets", "type": "array" } }, "type": "object" }, "AWS::Proton::EnvironmentAccountConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CodebuildRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM service role in the environment account. AWS Proton uses this role to provision infrastructure resources using CodeBuild-based provisioning in the associated environment account.", "title": "CodebuildRoleArn", "type": "string" }, "ComponentRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role that AWS Proton uses when provisioning directly defined components in the associated environment account. It determines the scope of infrastructure that a component can provision in the account.\n\nThe environment account connection must have a `componentRoleArn` to allow directly defined components to be associated with any environments running in the account.\n\nFor more information about components, see [AWS Proton components](https://docs.aws.amazon.com/proton/latest/userguide/ag-components.html) in the *AWS Proton User Guide* .", "title": "ComponentRoleArn", "type": "string" }, "EnvironmentAccountId": { "markdownDescription": "The environment account that's connected to the environment account connection.", "title": "EnvironmentAccountId", "type": "string" }, "EnvironmentName": { "markdownDescription": "The name of the environment that's associated with the environment account connection.", "title": "EnvironmentName", "type": "string" }, "ManagementAccountId": { "markdownDescription": "The ID of the management account that's connected to the environment account connection.", "title": "ManagementAccountId", "type": "string" }, "RoleArn": { "markdownDescription": "The IAM service role that's associated with the environment account connection.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment account connection. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Proton::EnvironmentAccountConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Proton::EnvironmentTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the environment template.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The name of the environment template as displayed in the developer interface.", "title": "DisplayName", "type": "string" }, "EncryptionKey": { "markdownDescription": "The customer provided encryption key for the environment template.", "title": "EncryptionKey", "type": "string" }, "Name": { "markdownDescription": "The name of the environment template.", "title": "Name", "type": "string" }, "Provisioning": { "markdownDescription": "When included, indicates that the environment template is for customer provisioned and managed infrastructure.", "title": "Provisioning", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional list of metadata items that you can associate with the AWS Proton environment template. A tag is a key-value pair.\n\nFor more information, see [AWS Proton resources and tagging](https://docs.aws.amazon.com/proton/latest/userguide/resources.html) in the *AWS Proton User Guide* .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Proton::EnvironmentTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Proton::ServiceTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the service template.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The service template name as displayed in the developer interface.", "title": "DisplayName", "type": "string" }, "EncryptionKey": { "markdownDescription": "The customer provided service template encryption key that's used to encrypt data.", "title": "EncryptionKey", "type": "string" }, "Name": { "markdownDescription": "The name of the service template.", "title": "Name", "type": "string" }, "PipelineProvisioning": { "markdownDescription": "If `pipelineProvisioning` is `true` , a service pipeline is included in the service template. Otherwise, a service pipeline *isn't* included in the service template.", "title": "PipelineProvisioning", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An object that includes the template bundle S3 bucket path and name for the new version of a service template.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Proton::ServiceTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QLDB::Ledger": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeletionProtection": { "markdownDescription": "Specifies whether the ledger is protected from being deleted by any user. If not defined during ledger creation, this feature is enabled ( `true` ) by default.\n\nIf deletion protection is enabled, you must first disable it before you can delete the ledger. You can disable it by calling the `UpdateLedger` operation to set this parameter to `false` .", "title": "DeletionProtection", "type": "boolean" }, "KmsKey": { "markdownDescription": "The key in AWS Key Management Service ( AWS KMS ) to use for encryption of data at rest in the ledger. For more information, see [Encryption at rest](https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html) in the *Amazon QLDB Developer Guide* .\n\nUse one of the following options to specify this parameter:\n\n- `AWS_OWNED_KMS_KEY` : Use an AWS KMS key that is owned and managed by AWS on your behalf.\n- *Undefined* : By default, use an AWS owned KMS key.\n- *A valid symmetric customer managed KMS key* : Use the specified symmetric encryption KMS key in your account that you create, own, and manage.\n\nAmazon QLDB does not support asymmetric keys. For more information, see [Using symmetric and asymmetric keys](https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .\n\nTo specify a customer managed KMS key, you can use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. When using an alias name, prefix it with `\"alias/\"` . To specify a key in a different AWS account , you must use the key ARN or alias ARN.\n\nFor example:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`\n\nFor more information, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", "title": "KmsKey", "type": "string" }, "Name": { "markdownDescription": "The name of the ledger that you want to create. The name must be unique among all of the ledgers in your AWS account in the current Region.\n\nNaming constraints for ledger names are defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", "title": "Name", "type": "string" }, "PermissionsMode": { "markdownDescription": "The permissions mode to assign to the ledger that you want to create. This parameter can have one of the following values:\n\n- `ALLOW_ALL` : A legacy permissions mode that enables access control with API-level granularity for ledgers.\n\nThis mode allows users who have the `SendCommand` API permission for this ledger to run all PartiQL commands (hence, `ALLOW_ALL` ) on any tables in the specified ledger. This mode disregards any table-level or command-level IAM permissions policies that you create for the ledger.\n- `STANDARD` : ( *Recommended* ) A permissions mode that enables access control with finer granularity for ledgers, tables, and PartiQL commands.\n\nBy default, this mode denies all user requests to run any PartiQL commands on any tables in this ledger. To allow PartiQL commands to run, you must create IAM permissions policies for specific table resources and PartiQL actions, in addition to the `SendCommand` API permission for the ledger. For information, see [Getting started with the standard permissions mode](https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html) in the *Amazon QLDB Developer Guide* .\n\n> We strongly recommend using the `STANDARD` permissions mode to maximize the security of your ledger data.", "title": "PermissionsMode", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "PermissionsMode" ], "type": "object" }, "Type": { "enum": [ "AWS::QLDB::Ledger" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QLDB::Stream": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ExclusiveEndTime": { "markdownDescription": "The exclusive date and time that specifies when the stream ends. If you don't define this parameter, the stream runs indefinitely until you cancel it.\n\nThe `ExclusiveEndTime` must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .", "title": "ExclusiveEndTime", "type": "string" }, "InclusiveStartTime": { "markdownDescription": "The inclusive start date and time from which to start streaming journal data. This parameter must be in `ISO 8601` date and time format and in Universal Coordinated Time (UTC). For example: `2019-06-13T21:36:34Z` .\n\nThe `InclusiveStartTime` cannot be in the future and must be before `ExclusiveEndTime` .\n\nIf you provide an `InclusiveStartTime` that is before the ledger's `CreationDateTime` , QLDB effectively defaults it to the ledger's `CreationDateTime` .", "title": "InclusiveStartTime", "type": "string" }, "KinesisConfiguration": { "$ref": "#/definitions/AWS::QLDB::Stream.KinesisConfiguration", "markdownDescription": "The configuration settings of the Kinesis Data Streams destination for your stream request.", "title": "KinesisConfiguration" }, "LedgerName": { "markdownDescription": "The name of the ledger.", "title": "LedgerName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that grants QLDB permissions for a journal stream to write data records to a Kinesis Data Streams resource.\n\nTo pass a role to QLDB when requesting a journal stream, you must have permissions to perform the `iam:PassRole` action on the IAM role resource. This is required for all journal stream requests.", "title": "RoleArn", "type": "string" }, "StreamName": { "markdownDescription": "The name that you want to assign to the QLDB journal stream. User-defined names can help identify and indicate the purpose of a stream.\n\nYour stream name must be unique among other *active* streams for a given ledger. Stream names have the same naming constraints as ledger names, as defined in [Quotas in Amazon QLDB](https://docs.aws.amazon.com/qldb/latest/developerguide/limits.html#limits.naming) in the *Amazon QLDB Developer Guide* .", "title": "StreamName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "InclusiveStartTime", "KinesisConfiguration", "LedgerName", "RoleArn", "StreamName" ], "type": "object" }, "Type": { "enum": [ "AWS::QLDB::Stream" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QLDB::Stream.KinesisConfiguration": { "additionalProperties": false, "properties": { "AggregationEnabled": { "markdownDescription": "Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call.\n\nDefault: `True`\n\n> Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* .", "title": "AggregationEnabled", "type": "boolean" }, "StreamArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.", "title": "StreamArn", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AnalysisId": { "markdownDescription": "The ID for the analysis that you're creating. This ID displays in the URL of the analysis.", "title": "AnalysisId", "type": "string" }, "AwsAccountId": { "markdownDescription": "The ID of the AWS account where you are creating an analysis.", "title": "AwsAccountId", "type": "string" }, "Definition": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefinition", "markdownDescription": "", "title": "Definition" }, "Errors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisError" }, "markdownDescription": "Errors associated with the analysis.", "title": "Errors", "type": "array" }, "Name": { "markdownDescription": "A descriptive name for the analysis that you're creating. This name displays for the analysis in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "Parameters": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Parameters", "markdownDescription": "The parameter names and override values that you want to use. An analysis can have any parameter type, and some parameters might accept multiple values.", "title": "Parameters" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ResourcePermission" }, "markdownDescription": "A structure that describes the principals and the resource-level permissions on an analysis. You can use the `Permissions` structure to grant permissions by providing a list of AWS Identity and Access Management (IAM) action information for each principal listed by Amazon Resource Name (ARN).\n\nTo specify no permissions, omit `Permissions` .", "title": "Permissions", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Sheet" }, "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", "title": "Sheets", "type": "array" }, "SourceEntity": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceEntity", "markdownDescription": "A source entity to use for the analysis that you're creating. This metadata structure contains details that describe a source template and one or more datasets.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", "title": "SourceEntity" }, "Status": { "markdownDescription": "Status associated with the analysis.", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the analysis.", "title": "Tags", "type": "array" }, "ThemeArn": { "markdownDescription": "The ARN for the theme to apply to the analysis that you're creating. To see the theme in the Amazon QuickSight console, make sure that you have access to it.", "title": "ThemeArn", "type": "string" }, "ValidationStrategy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ValidationStrategy", "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", "title": "ValidationStrategy" } }, "required": [ "AnalysisId", "AwsAccountId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::Analysis" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QuickSight::Analysis.AggregationFunction": { "additionalProperties": false, "properties": { "AttributeAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AttributeAggregationFunction", "markdownDescription": "Aggregation for attributes.", "title": "AttributeAggregationFunction" }, "CategoricalAggregationFunction": { "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", "title": "CategoricalAggregationFunction", "type": "string" }, "DateAggregationFunction": { "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", "title": "DateAggregationFunction", "type": "string" }, "NumericalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "Aggregation for numerical values.", "title": "NumericalAggregationFunction" } }, "type": "object" }, "AWS::QuickSight::Analysis.AggregationSortConfiguration": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The function that aggregates the values in `Column` .", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that determines the sort order of aggregated values.", "title": "Column" }, "SortDirection": { "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", "title": "SortDirection", "type": "string" } }, "required": [ "Column", "SortDirection" ], "type": "object" }, "AWS::QuickSight::Analysis.AnalysisDefaults": { "additionalProperties": false, "properties": { "DefaultNewSheetConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultNewSheetConfiguration", "markdownDescription": "The configuration for default new sheet settings.", "title": "DefaultNewSheetConfiguration" } }, "required": [ "DefaultNewSheetConfiguration" ], "type": "object" }, "AWS::QuickSight::Analysis.AnalysisDefinition": { "additionalProperties": false, "properties": { "AnalysisDefaults": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisDefaults", "markdownDescription": "", "title": "AnalysisDefaults" }, "CalculatedFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedField" }, "markdownDescription": "An array of calculated field definitions for the analysis.", "title": "CalculatedFields", "type": "array" }, "ColumnConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnConfiguration" }, "markdownDescription": "An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis.", "title": "ColumnConfigurations", "type": "array" }, "DataSetIdentifierDeclarations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetIdentifierDeclaration" }, "markdownDescription": "An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures.", "title": "DataSetIdentifierDeclarations", "type": "array" }, "FilterGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterGroup" }, "markdownDescription": "Filter definitions for an analysis.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", "title": "FilterGroups", "type": "array" }, "Options": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AssetOptions", "markdownDescription": "An array of option definitions for an analysis.", "title": "Options" }, "ParameterDeclarations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDeclaration" }, "markdownDescription": "An array of parameter declarations for an analysis.\n\nParameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterDeclarations", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetDefinition" }, "markdownDescription": "An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis.", "title": "Sheets", "type": "array" } }, "required": [ "DataSetIdentifierDeclarations" ], "type": "object" }, "AWS::QuickSight::Analysis.AnalysisError": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "The message associated with the analysis error.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "The type of the analysis error.", "title": "Type", "type": "string" }, "ViolatedEntities": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Entity" }, "markdownDescription": "Lists the violated entities that caused the analysis error", "title": "ViolatedEntities", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.AnalysisSourceEntity": { "additionalProperties": false, "properties": { "SourceTemplate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnalysisSourceTemplate", "markdownDescription": "The source template for the source entity of the analysis.", "title": "SourceTemplate" } }, "type": "object" }, "AWS::QuickSight::Analysis.AnalysisSourceTemplate": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the source template of an analysis.", "title": "Arn", "type": "string" }, "DataSetReferences": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataSetReference" }, "markdownDescription": "The dataset references of the source template of an analysis.", "title": "DataSetReferences", "type": "array" } }, "required": [ "Arn", "DataSetReferences" ], "type": "object" }, "AWS::QuickSight::Analysis.AnchorDateConfiguration": { "additionalProperties": false, "properties": { "AnchorOption": { "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", "title": "AnchorOption", "type": "string" }, "ParameterName": { "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", "title": "ParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ArcAxisConfiguration": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisDisplayRange", "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", "title": "Range" }, "ReserveRange": { "markdownDescription": "The reserved range of the arc axis.", "title": "ReserveRange", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum value of the arc axis range.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum value of the arc axis range.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.ArcConfiguration": { "additionalProperties": false, "properties": { "ArcAngle": { "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", "title": "ArcAngle", "type": "number" }, "ArcThickness": { "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ArcOptions": { "additionalProperties": false, "properties": { "ArcThickness": { "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.AssetOptions": { "additionalProperties": false, "properties": { "Timezone": { "markdownDescription": "Determines the timezone for the analysis.", "title": "Timezone", "type": "string" }, "WeekStart": { "markdownDescription": "Determines the week start day for an analysis.", "title": "WeekStart", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.AttributeAggregationFunction": { "additionalProperties": false, "properties": { "SimpleAttributeAggregation": { "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", "title": "SimpleAttributeAggregation", "type": "string" }, "ValueForMultipleValues": { "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", "title": "ValueForMultipleValues", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisDataOptions": { "additionalProperties": false, "properties": { "DateAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateAxisOptions", "markdownDescription": "The options for an axis with a date field.", "title": "DateAxisOptions" }, "NumericAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericAxisOptions", "markdownDescription": "The options for an axis with a numeric field.", "title": "NumericAxisOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The maximum setup for an axis display range.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "The minimum setup for an axis display range.", "title": "Minimum", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisLineVisibility": { "markdownDescription": "Determines whether or not the axis line is visible.", "title": "AxisLineVisibility", "type": "string" }, "AxisOffset": { "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", "title": "AxisOffset", "type": "string" }, "DataOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDataOptions", "markdownDescription": "The data options for an axis.", "title": "DataOptions" }, "GridLineVisibility": { "markdownDescription": "Determines whether or not the grid line is visible.", "title": "GridLineVisibility", "type": "string" }, "ScrollbarOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScrollBarOptions", "markdownDescription": "The scroll bar options for an axis.", "title": "ScrollbarOptions" }, "TickLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisTickLabelOptions", "markdownDescription": "The tick label options of an axis.", "title": "TickLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisDisplayRange": { "additionalProperties": false, "properties": { "DataDriven": { "markdownDescription": "The data-driven setup of an axis display range.", "title": "DataDriven", "type": "object" }, "MinMax": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayMinMaxRange", "markdownDescription": "The minimum and maximum setup of an axis display range.", "title": "MinMax" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisLabelOptions": { "additionalProperties": false, "properties": { "ApplyTo": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelReferenceOptions", "markdownDescription": "The options that indicate which field the label belongs to.", "title": "ApplyTo" }, "CustomLabel": { "markdownDescription": "The text for the axis label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the axis label.", "title": "FontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the axis label is targeted to.", "title": "Column" }, "FieldId": { "markdownDescription": "The field that the axis label is targeted to.", "title": "FieldId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.AxisLinearScale": { "additionalProperties": false, "properties": { "StepCount": { "markdownDescription": "The step count setup of a linear axis.", "title": "StepCount", "type": "number" }, "StepSize": { "markdownDescription": "The step size setup of a linear axis.", "title": "StepSize", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisLogarithmicScale": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base setup of a logarithmic axis scale.", "title": "Base", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisScale": { "additionalProperties": false, "properties": { "Linear": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLinearScale", "markdownDescription": "The linear axis scale setup.", "title": "Linear" }, "Logarithmic": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLogarithmicScale", "markdownDescription": "The logarithmic axis scale setup.", "title": "Logarithmic" } }, "type": "object" }, "AWS::QuickSight::Analysis.AxisTickLabelOptions": { "additionalProperties": false, "properties": { "LabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "Determines whether or not the axis ticks are visible.", "title": "LabelOptions" }, "RotationAngle": { "markdownDescription": "The rotation angle of the axis tick labels.", "title": "RotationAngle", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category (y-axis) field well of a bar chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color (group/color) field well of a bar chart.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a bar chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.BarChartConfiguration": { "additionalProperties": false, "properties": { "BarsArrangement": { "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", "title": "ColorLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Orientation": { "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", "title": "Orientation", "type": "string" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartSortConfiguration", "markdownDescription": "The sort configuration of a `BarChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", "title": "ValueAxis" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.BarChartFieldWells": { "additionalProperties": false, "properties": { "BarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a bar chart.", "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.BarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed in a bar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of values displayed in a bar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of color fields in a bar chart.", "title": "ColorSort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.BarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.BinCountOptions": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The options that determine the bin count value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.BinWidthOptions": { "additionalProperties": false, "properties": { "BinCountLimit": { "markdownDescription": "The options that determine the bin count limit.", "title": "BinCountLimit", "type": "number" }, "Value": { "markdownDescription": "The options that determine the bin width value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.BodySectionConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionContent", "markdownDescription": "The configuration of content in a body section.", "title": "Content" }, "PageBreakConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionPageBreakConfiguration", "markdownDescription": "The configuration of a page break for a section.", "title": "PageBreakConfiguration" }, "SectionId": { "markdownDescription": "The unique identifier of a body section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", "markdownDescription": "The style options of a body section.", "title": "Style" } }, "required": [ "Content", "SectionId" ], "type": "object" }, "AWS::QuickSight::Analysis.BodySectionContent": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of a body section.", "title": "Layout" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { "BoxPlotOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotOptions", "markdownDescription": "The box plot chart options for a box plot visual", "title": "BoxPlotOptions" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotSortConfiguration", "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotFieldWells": { "additionalProperties": false, "properties": { "BoxPlotAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a box plot.", "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotOptions": { "additionalProperties": false, "properties": { "AllDataPointsVisibility": { "markdownDescription": "Determines the visibility of all data points of the box plot.", "title": "AllDataPointsVisibility", "type": "string" }, "OutlierVisibility": { "markdownDescription": "Determines the visibility of the outlier in a box plot.", "title": "OutlierVisibility", "type": "string" }, "StyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotStyleOptions", "markdownDescription": "The style options of the box plot.", "title": "StyleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of a group by fields.", "title": "CategorySort", "type": "array" }, "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", "markdownDescription": "The pagination configuration of a table visual or box plot.", "title": "PaginationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { "FillStyle": { "markdownDescription": "The fill styles (solid, transparent) of the box plot.", "title": "FillStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.CalculatedField": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in this calculated field.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the calculated field.", "title": "Expression", "type": "string" }, "Name": { "markdownDescription": "The name of the calculated field.", "title": "Name", "type": "string" } }, "required": [ "DataSetIdentifier", "Expression", "Name" ], "type": "object" }, "AWS::QuickSight::Analysis.CalculatedMeasureField": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression in the table calculation.", "title": "Expression", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" } }, "required": [ "Expression", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.CascadingControlConfiguration": { "additionalProperties": false, "properties": { "SourceControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlSource" }, "markdownDescription": "A list of source controls that determine the values that are used in the current control.", "title": "SourceControls", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.CascadingControlSource": { "additionalProperties": false, "properties": { "ColumnToMatch": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", "title": "ColumnToMatch" }, "SourceSheetControlId": { "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", "title": "SourceSheetControlId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.CategoricalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.CategoricalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", "title": "CategoryValues", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" } }, "required": [ "CategoryValues", "Column" ], "type": "object" }, "AWS::QuickSight::Analysis.CategoryFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilterConfiguration", "markdownDescription": "The configuration for a `CategoryFilter` .", "title": "Configuration" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" } }, "required": [ "Column", "Configuration", "FilterId" ], "type": "object" }, "AWS::QuickSight::Analysis.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { "CustomFilterConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterConfiguration", "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", "title": "CustomFilterConfiguration" }, "CustomFilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomFilterListConfiguration", "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", "title": "CustomFilterListConfiguration" }, "FilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListConfiguration", "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", "title": "FilterListConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { "AxisLabelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisLabelOptions" }, "markdownDescription": "The label options for a chart axis.", "title": "AxisLabelOptions", "type": "array" }, "SortIconVisibility": { "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", "title": "SortIconVisibility", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ClusterMarker": { "additionalProperties": false, "properties": { "SimpleClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SimpleClusterMarker", "markdownDescription": "The simple cluster marker of the cluster marker.", "title": "SimpleClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Analysis.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { "ClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarker", "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", "title": "ClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Analysis.ColorScale": { "additionalProperties": false, "properties": { "ColorFillType": { "markdownDescription": "Determines the color fill type.", "title": "ColorFillType", "type": "string" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor" }, "markdownDescription": "Determines the list of colors that are applied to the visual.", "title": "Colors", "type": "array" }, "NullValueColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataColor", "markdownDescription": "Determines the color that is applied to null values.", "title": "NullValueColor" } }, "required": [ "ColorFillType", "Colors" ], "type": "object" }, "AWS::QuickSight::Analysis.ColorsConfiguration": { "additionalProperties": false, "properties": { "CustomColors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomColor" }, "markdownDescription": "A list of up to 50 custom colors.", "title": "CustomColors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ColumnConfiguration": { "additionalProperties": false, "properties": { "ColorsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorsConfiguration", "markdownDescription": "The color configurations of the column.", "title": "ColorsConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column.", "title": "Column" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", "markdownDescription": "The format configuration of a column.", "title": "FormatConfiguration" }, "Role": { "markdownDescription": "The role of the column.", "title": "Role", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Analysis.ColumnHierarchy": { "additionalProperties": false, "properties": { "DateTimeHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeHierarchy", "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", "title": "DateTimeHierarchy" }, "ExplicitHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ExplicitHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", "title": "ExplicitHierarchy" }, "PredefinedHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PredefinedHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", "title": "PredefinedHierarchy" } }, "type": "object" }, "AWS::QuickSight::Analysis.ColumnIdentifier": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the column.", "title": "ColumnName", "type": "string" }, "DataSetIdentifier": { "markdownDescription": "The data set that the column belongs to.", "title": "DataSetIdentifier", "type": "string" } }, "required": [ "ColumnName", "DataSetIdentifier" ], "type": "object" }, "AWS::QuickSight::Analysis.ColumnSort": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function that is defined in the column sort.", "title": "AggregationFunction" }, "Direction": { "markdownDescription": "The sort direction.", "title": "Direction", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "", "title": "SortBy" } }, "required": [ "Direction", "SortBy" ], "type": "object" }, "AWS::QuickSight::Analysis.ColumnTooltipItem": { "additionalProperties": false, "properties": { "Aggregation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the column tooltip item.", "title": "Aggregation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The target column of the tooltip item.", "title": "Column" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "BarValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", "title": "BarValues", "type": "array" }, "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated category field wells of a combo chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated colors field well of a combo chart.", "title": "Colors", "type": "array" }, "LineValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", "title": "LineValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ComboChartConfiguration": { "additionalProperties": false, "properties": { "BarDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", "title": "BarDataLabels" }, "BarsArrangement": { "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The category axis of a combo chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "LineDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", "title": "LineDataLabels" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", "title": "SecondaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartSortConfiguration", "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.ComboChartFieldWells": { "additionalProperties": false, "properties": { "ComboChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration for the category field well of a combo chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category field well in a combo chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration of the color field well in a combo chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the color field well in a combo chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.ComparisonConfiguration": { "additionalProperties": false, "properties": { "ComparisonFormat": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonFormatConfiguration", "markdownDescription": "The format of the comparison.", "title": "ComparisonFormat" }, "ComparisonMethod": { "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", "title": "ComparisonMethod", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", "markdownDescription": "The number display format.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", "markdownDescription": "The percentage display format.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.Computation": { "additionalProperties": false, "properties": { "Forecast": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastComputation", "markdownDescription": "The forecast computation configuration.", "title": "Forecast" }, "GrowthRate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GrowthRateComputation", "markdownDescription": "The growth rate computation configuration.", "title": "GrowthRate" }, "MaximumMinimum": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumMinimumComputation", "markdownDescription": "The maximum and minimum computation configuration.", "title": "MaximumMinimum" }, "MetricComparison": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MetricComparisonComputation", "markdownDescription": "The metric comparison computation configuration.", "title": "MetricComparison" }, "PeriodOverPeriod": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodOverPeriodComputation", "markdownDescription": "The period over period computation configuration.", "title": "PeriodOverPeriod" }, "PeriodToDate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PeriodToDateComputation", "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", "title": "PeriodToDate" }, "TopBottomMovers": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomMoversComputation", "markdownDescription": "The top movers and bottom movers computation configuration.", "title": "TopBottomMovers" }, "TopBottomRanked": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomRankedComputation", "markdownDescription": "The top ranked and bottom ranked computation configuration.", "title": "TopBottomRanked" }, "TotalAggregation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationComputation", "markdownDescription": "The total aggregation computation configuration.", "title": "TotalAggregation" }, "UniqueValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.UniqueValuesComputation", "markdownDescription": "The unique values computation configuration.", "title": "UniqueValues" } }, "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingColor": { "additionalProperties": false, "properties": { "Gradient": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingGradientColor", "markdownDescription": "Formatting configuration for gradient color.", "title": "Gradient" }, "Solid": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingSolidColor", "markdownDescription": "Formatting configuration for solid color.", "title": "Solid" } }, "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color of the icon.", "title": "Color", "type": "string" }, "DisplayConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration", "markdownDescription": "Determines the icon display configuration.", "title": "DisplayConfiguration" }, "Expression": { "markdownDescription": "The expression that determines the condition of the icon set.", "title": "Expression", "type": "string" }, "IconOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions", "markdownDescription": "Custom icon options for an icon set.", "title": "IconOptions" } }, "required": [ "Expression", "IconOptions" ], "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "Determines the type of icon.", "title": "Icon", "type": "string" }, "UnicodeIcon": { "markdownDescription": "Determines the Unicode icon type.", "title": "UnicodeIcon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { "Color": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientColor", "markdownDescription": "Determines the color.", "title": "Color" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for gradient color.", "title": "Expression", "type": "string" } }, "required": [ "Color", "Expression" ], "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { "CustomCondition": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingCustomIconCondition", "markdownDescription": "Determines the custom condition for an icon set.", "title": "CustomCondition" }, "IconSet": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIconSet", "markdownDescription": "Formatting configuration for icon set.", "title": "IconSet" } }, "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { "IconDisplayOption": { "markdownDescription": "Determines the icon display configuration.", "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression that determines the formatting configuration for the icon set.", "title": "Expression", "type": "string" }, "IconSetType": { "markdownDescription": "Determines the icon set type.", "title": "IconSetType", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Analysis.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for solid color.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Analysis.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { "ContributorDimensions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", "title": "ContributorDimensions", "type": "array" }, "MeasureFieldId": { "markdownDescription": "The measure field that is used in the contribution analysis.", "title": "MeasureFieldId", "type": "string" } }, "required": [ "ContributorDimensions", "MeasureFieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value for the currency format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the currency format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the currency format.", "title": "Suffix", "type": "string" }, "Symbol": { "markdownDescription": "Determines the symbol for the currency format.", "title": "Symbol", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.CustomActionFilterOperation": { "additionalProperties": false, "properties": { "SelectedFieldsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration", "markdownDescription": "The configuration that chooses the fields to be filtered.", "title": "SelectedFieldsConfiguration" }, "TargetVisualsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration", "markdownDescription": "The configuration that chooses the target visuals to be filtered.", "title": "TargetVisualsConfiguration" } }, "required": [ "SelectedFieldsConfiguration", "TargetVisualsConfiguration" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { "LocalNavigationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LocalNavigationConfiguration", "markdownDescription": "The configuration that chooses the navigation target.", "title": "LocalNavigationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { "ParameterValueConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SetParameterValueConfiguration" }, "markdownDescription": "The parameter that determines the value configuration.", "title": "ParameterValueConfigurations", "type": "array" } }, "required": [ "ParameterValueConfigurations" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomActionURLOperation": { "additionalProperties": false, "properties": { "URLTarget": { "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", "title": "URLTarget", "type": "string" }, "URLTemplate": { "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", "title": "URLTemplate", "type": "string" } }, "required": [ "URLTarget", "URLTemplate" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "FieldValue": { "markdownDescription": "The data value that the color is applied to.", "title": "FieldValue", "type": "string" }, "SpecialValue": { "markdownDescription": "The value of a special data value.", "title": "SpecialValue", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomContentConfiguration": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", "title": "ContentType", "type": "string" }, "ContentUrl": { "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", "title": "ContentUrl", "type": "string" }, "ImageScaling": { "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", "title": "ImageScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentConfiguration", "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", "title": "DataSetIdentifier", "type": "string" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomFilterConfiguration": { "additionalProperties": false, "properties": { "CategoryValue": { "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", "title": "CategoryValue", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomNarrativeOptions": { "additionalProperties": false, "properties": { "Narrative": { "markdownDescription": "The string input of custom narrative.", "title": "Narrative", "type": "string" } }, "required": [ "Narrative" ], "type": "object" }, "AWS::QuickSight::Analysis.CustomParameterValues": { "additionalProperties": false, "properties": { "DateTimeValues": { "items": { "type": "string" }, "markdownDescription": "A list of datetime-type parameter values.", "title": "DateTimeValues", "type": "array" }, "DecimalValues": { "items": { "type": "number" }, "markdownDescription": "A list of decimal-type parameter values.", "title": "DecimalValues", "type": "array" }, "IntegerValues": { "items": { "type": "number" }, "markdownDescription": "A list of integer-type parameter values.", "title": "IntegerValues", "type": "array" }, "StringValues": { "items": { "type": "string" }, "markdownDescription": "A list of string-type parameter values.", "title": "StringValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.CustomValuesConfiguration": { "additionalProperties": false, "properties": { "CustomValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomParameterValues", "markdownDescription": "", "title": "CustomValues" }, "IncludeNullValue": { "markdownDescription": "Includes the null value in custom action parameter values.", "title": "IncludeNullValue", "type": "boolean" } }, "required": [ "CustomValues" ], "type": "object" }, "AWS::QuickSight::Analysis.DataBarsOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the data bars options.", "title": "FieldId", "type": "string" }, "NegativeColor": { "markdownDescription": "The color of the negative data bar.", "title": "NegativeColor", "type": "string" }, "PositiveColor": { "markdownDescription": "The color of the positive data bar.", "title": "PositiveColor", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.DataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "The data value that the color is applied to.", "title": "DataValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataFieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field that you are setting the axis binding to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The field value of the field that you are setting the axis binding to.", "title": "FieldValue", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.DataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "Determines the visibility of the category field labels.", "title": "CategoryLabelVisibility", "type": "string" }, "DataLabelTypes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelType" }, "markdownDescription": "The option that determines the data label type.", "title": "DataLabelTypes", "type": "array" }, "LabelColor": { "markdownDescription": "Determines the color of the data labels.", "title": "LabelColor", "type": "string" }, "LabelContent": { "markdownDescription": "Determines the content of the data labels.", "title": "LabelContent", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "Determines the font configuration of the data labels.", "title": "LabelFontConfiguration" }, "MeasureLabelVisibility": { "markdownDescription": "Determines the visibility of the measure field labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Overlap": { "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", "title": "Overlap", "type": "string" }, "Position": { "markdownDescription": "Determines the position of the data labels.", "title": "Position", "type": "string" }, "TotalsVisibility": { "markdownDescription": "Determines the visibility of the total.", "title": "TotalsVisibility", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the data labels.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataLabelType": { "additionalProperties": false, "properties": { "DataPathLabelType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathLabelType", "markdownDescription": "The option that specifies individual data values for labels.", "title": "DataPathLabelType" }, "FieldLabelType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldLabelType", "markdownDescription": "Determines the label configuration for the entire field.", "title": "FieldLabelType" }, "MaximumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MaximumLabelType", "markdownDescription": "Determines the label configuration for the maximum value in a visual.", "title": "MaximumLabelType" }, "MinimumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MinimumLabelType", "markdownDescription": "Determines the label configuration for the minimum value in a visual.", "title": "MinimumLabelType" }, "RangeEndsLabelType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RangeEndsLabelType", "markdownDescription": "Determines the label configuration for range end value in a visual.", "title": "RangeEndsLabelType" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataPathColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that needs to be applied to the element.", "title": "Color", "type": "string" }, "Element": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue", "markdownDescription": "The element that the color needs to be applied to.", "title": "Element" }, "TimeGranularity": { "markdownDescription": "The time granularity of the field that the color needs to be applied to.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Color", "Element" ], "type": "object" }, "AWS::QuickSight::Analysis.DataPathLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the field that the data label needs to be applied to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that is labeled.", "title": "FieldValue", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the data label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataPathSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "Determines the sort direction.", "title": "Direction", "type": "string" }, "SortPaths": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The list of data paths that need to be sorted.", "title": "SortPaths", "type": "array" } }, "required": [ "Direction", "SortPaths" ], "type": "object" }, "AWS::QuickSight::Analysis.DataPathType": { "additionalProperties": false, "properties": { "PivotTableDataPathType": { "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", "title": "PivotTableDataPathType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataPathValue": { "additionalProperties": false, "properties": { "DataPathType": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathType", "markdownDescription": "The type configuration of the field.", "title": "DataPathType" }, "FieldId": { "markdownDescription": "The field ID of the field that needs to be sorted.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that needs to be sorted.", "title": "FieldValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", "title": "DataSetArn", "type": "string" }, "Identifier": { "markdownDescription": "The identifier of the data set, typically the data set's name.", "title": "Identifier", "type": "string" } }, "required": [ "DataSetArn", "Identifier" ], "type": "object" }, "AWS::QuickSight::Analysis.DataSetReference": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "Dataset Amazon Resource Name (ARN).", "title": "DataSetArn", "type": "string" }, "DataSetPlaceholder": { "markdownDescription": "Dataset placeholder.", "title": "DataSetPlaceholder", "type": "string" } }, "required": [ "DataSetArn", "DataSetPlaceholder" ], "type": "object" }, "AWS::QuickSight::Analysis.DateAxisOptions": { "additionalProperties": false, "properties": { "MissingDateVisibility": { "markdownDescription": "Determines whether or not missing dates are displayed.", "title": "MissingDateVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DateDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateDimensionField` .", "title": "Column" }, "DateGranularity": { "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", "title": "DateGranularity", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.DateMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.DateTimeDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", "title": "RollingDate" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DataTimeDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Determines the `DateTime` format.", "title": "DateTimeFormat", "type": "string" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.DateTimeHierarchy": { "additionalProperties": false, "properties": { "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Analysis.DateTimeParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for the date-time parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values for the date-time parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Analysis.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name" ], "type": "object" }, "AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DecimalDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.DecimalParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for the decimal parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "number" }, "markdownDescription": "The values for the decimal parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Analysis.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Analysis.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { "DecimalPlaces": { "markdownDescription": "The values of the decimal places.", "title": "DecimalPlaces", "type": "number" } }, "required": [ "DecimalPlaces" ], "type": "object" }, "AWS::QuickSight::Analysis.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "Type": { "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { "ControlOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlOptions", "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", "title": "ControlOptions" }, "Title": { "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", "title": "Title", "type": "string" } }, "required": [ "ControlOptions", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { "DefaultDateTimePickerOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultDateTimePickerControlOptions", "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", "title": "DefaultDateTimePickerOptions" }, "DefaultDropdownOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions", "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", "title": "DefaultDropdownOptions" }, "DefaultListOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterListControlOptions", "markdownDescription": "The default options that correspond to the `List` filter control type.", "title": "DefaultListOptions" }, "DefaultRelativeDateTimeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions", "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", "title": "DefaultRelativeDateTimeOptions" }, "DefaultSliderOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSliderControlOptions", "markdownDescription": "The default options that correspond to the `Slider` filter control type.", "title": "DefaultSliderOptions" }, "DefaultTextAreaOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextAreaControlOptions", "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", "title": "DefaultTextAreaOptions" }, "DefaultTextFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultTextFieldControlOptions", "markdownDescription": "The default options that correspond to the `TextField` filter control type.", "title": "DefaultTextFieldOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a free-form layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a grid layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeForm": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFreeFormLayoutConfiguration", "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", "title": "FreeForm" }, "Grid": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultGridLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a grid layout configuration.", "title": "Grid" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { "InteractiveLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultInteractiveLayoutConfiguration", "markdownDescription": "The options that determine the default settings for interactive layout configuration.", "title": "InteractiveLayoutConfiguration" }, "PaginatedLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", "title": "PaginatedLayoutConfiguration" }, "SheetContentType": { "markdownDescription": "The option that determines the sheet content type.", "title": "SheetContentType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { "SectionBased": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", "title": "SectionBased" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a section-based layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Analysis.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Type": { "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "StepSize" ], "type": "object" }, "AWS::QuickSight::Analysis.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { "CustomValuesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomValuesConfiguration", "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "title": "CustomValuesConfiguration" }, "SelectAllValueOptions": { "markdownDescription": "The configuration that selects all options.", "title": "SelectAllValueOptions", "type": "string" }, "SourceColumn": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "", "title": "SourceColumn" }, "SourceField": { "markdownDescription": "The source field ID of the destination parameter.", "title": "SourceField", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the destination parameter.", "title": "SourceParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DimensionField": { "additionalProperties": false, "properties": { "CategoricalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalDimensionField", "markdownDescription": "The dimension type field with categorical type columns.", "title": "CategoricalDimensionField" }, "DateDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateDimensionField", "markdownDescription": "The dimension type field with date type columns.", "title": "DateDimensionField" }, "NumericalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalDimensionField", "markdownDescription": "The dimension type field with numerical type columns.", "title": "NumericalDimensionField" } }, "type": "object" }, "AWS::QuickSight::Analysis.DonutCenterOptions": { "additionalProperties": false, "properties": { "LabelVisibility": { "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", "title": "LabelVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.DonutOptions": { "additionalProperties": false, "properties": { "ArcOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcOptions", "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", "title": "ArcOptions" }, "DonutCenterOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutCenterOptions", "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", "title": "DonutCenterOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DrillDownFilter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryDrillDownFilter", "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter", "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", "title": "NumericEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeDrillDownFilter", "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", "title": "TimeRangeFilter" } }, "type": "object" }, "AWS::QuickSight::Analysis.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.DynamicDefaultValue": { "additionalProperties": false, "properties": { "DefaultValueColumn": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the default value of each user or group.", "title": "DefaultValueColumn" }, "GroupNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the group name.", "title": "GroupNameColumn" }, "UserNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that contains the username.", "title": "UserNameColumn" } }, "required": [ "DefaultValueColumn" ], "type": "object" }, "AWS::QuickSight::Analysis.EmptyVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", "title": "DataSetIdentifier", "type": "string" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.Entity": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { "Amount": { "markdownDescription": "The amount or number of the exclude period.", "title": "Amount", "type": "number" }, "Granularity": { "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", "title": "Granularity", "type": "string" }, "Status": { "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", "title": "Status", "type": "string" } }, "required": [ "Amount", "Granularity" ], "type": "object" }, "AWS::QuickSight::Analysis.ExplicitHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the explicit hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the explicit hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Analysis.FieldBasedTooltip": { "additionalProperties": false, "properties": { "AggregationVisibility": { "markdownDescription": "The visibility of `Show aggregations` .", "title": "AggregationVisibility", "type": "string" }, "TooltipFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipItem" }, "markdownDescription": "The fields configuration in the tooltip.", "title": "TooltipFields", "type": "array" }, "TooltipTitleType": { "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", "title": "TooltipTitleType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FieldLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "Indicates the field that is targeted by the field label.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the field label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field for which you are setting the axis binding.", "title": "FieldId", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.FieldSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", "title": "Direction", "type": "string" }, "FieldId": { "markdownDescription": "The sort configuration target field.", "title": "FieldId", "type": "string" } }, "required": [ "Direction", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.FieldSortOptions": { "additionalProperties": false, "properties": { "ColumnSort": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", "markdownDescription": "The sort configuration for a column that is not used in a field well.", "title": "ColumnSort" }, "FieldSort": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", "markdownDescription": "The sort configuration for a field in a field well.", "title": "FieldSort" } }, "type": "object" }, "AWS::QuickSight::Analysis.FieldTooltipItem": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", "title": "FieldId", "type": "string" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "required": [ "ConditionalFormattingOptions" ], "type": "object" }, "AWS::QuickSight::Analysis.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { "Shape": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting", "markdownDescription": "The conditional formatting that determines the shape of the filled map.", "title": "Shape" } }, "required": [ "Shape" ], "type": "object" }, "AWS::QuickSight::Analysis.FilledMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the filled map visual.", "title": "MapStyleOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapSortConfiguration", "markdownDescription": "The sort configuration of a `FilledMapVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", "markdownDescription": "The window options of the filled map visual.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilledMapFieldWells": { "additionalProperties": false, "properties": { "FilledMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapAggregatedFieldWells", "markdownDescription": "The aggregated field well of the filled map.", "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the filled map shape.", "title": "FieldId", "type": "string" }, "Format": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ShapeConditionalFormat", "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", "title": "Format" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the location fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapConditionalFormatting", "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.Filter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoryFilter", "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericEqualityFilter", "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", "title": "NumericEqualityFilter" }, "NumericRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilter", "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", "title": "NumericRangeFilter" }, "RelativeDatesFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDatesFilter", "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", "title": "RelativeDatesFilter" }, "TimeEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeEqualityFilter", "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", "title": "TimeEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilter", "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", "title": "TimeRangeFilter" }, "TopBottomFilter": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TopBottomFilter", "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", "title": "TopBottomFilter" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterControl": { "additionalProperties": false, "properties": { "CrossSheet": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterCrossSheetControl", "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", "title": "CrossSheet" }, "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDateTimePickerControl", "markdownDescription": "A control from a date filter that is used to specify date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterListControl", "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", "title": "List" }, "RelativeDateTime": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterRelativeDateTimeControl", "markdownDescription": "A control from a date filter that is used to specify the relative date.", "title": "RelativeDateTime" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterCrossSheetControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterCrossSheetControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", "title": "SourceFilterId", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDateTimePickerControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of the `FilterDropDownControl` .", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDropDownControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterGroup": { "additionalProperties": false, "properties": { "CrossDataset": { "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", "title": "CrossDataset", "type": "string" }, "FilterGroupId": { "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", "title": "FilterGroupId", "type": "string" }, "Filters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Filter" }, "markdownDescription": "The list of filters that are present in a `FilterGroup` .", "title": "Filters", "type": "array" }, "ScopeConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterScopeConfiguration", "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ScopeConfiguration" }, "Status": { "markdownDescription": "The status of the `FilterGroup` .", "title": "Status", "type": "string" } }, "required": [ "CrossDataset", "FilterGroupId", "Filters", "ScopeConfiguration" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterListControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterListControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { "SelectedColumns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The selected columns of a dataset.", "title": "SelectedColumns", "type": "array" }, "SelectedFieldOptions": { "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "title": "SelectedFieldOptions", "type": "string" }, "SelectedFields": { "items": { "type": "string" }, "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", "title": "SelectedFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { "SameSheetTargetVisualConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration", "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterScopeConfiguration": { "additionalProperties": false, "properties": { "AllSheets": { "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", "title": "AllSheets", "type": "object" }, "SelectedSheets": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration", "markdownDescription": "The configuration for applying a filter to specific sheets.", "title": "SelectedSheets" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterSelectableValues": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in the `FilterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FilterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterSliderControl` .", "title": "FilterControlId", "type": "string" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterSliderControl` .", "title": "SourceFilterId", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `FilterSliderControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "MaximumValue", "MinimumValue", "SourceFilterId", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FilterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextFieldControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.FontConfiguration": { "additionalProperties": false, "properties": { "FontColor": { "markdownDescription": "Determines the color of the text.", "title": "FontColor", "type": "string" }, "FontDecoration": { "markdownDescription": "Determines the appearance of decorative lines on the text.", "title": "FontDecoration", "type": "string" }, "FontSize": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontSize", "markdownDescription": "The option that determines the text display size.", "title": "FontSize" }, "FontStyle": { "markdownDescription": "Determines the text display face that is inherited by the given font family.", "title": "FontStyle", "type": "string" }, "FontWeight": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontWeight", "markdownDescription": "The option that determines the text display weight, or boldness.", "title": "FontWeight" } }, "type": "object" }, "AWS::QuickSight::Analysis.FontSize": { "additionalProperties": false, "properties": { "Relative": { "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", "title": "Relative", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FontWeight": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The lexical name for the level of boldness of the text display.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ForecastComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "CustomSeasonalityValue": { "markdownDescription": "The custom seasonality value setup of a forecast computation.", "title": "CustomSeasonalityValue", "type": "number" }, "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", "title": "Seasonality", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.ForecastConfiguration": { "additionalProperties": false, "properties": { "ForecastProperties": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeBasedForecastProperties", "markdownDescription": "The forecast properties setup of a forecast in the line chart.", "title": "ForecastProperties" }, "Scenario": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastScenario", "markdownDescription": "The forecast scenario of a forecast in the line chart.", "title": "Scenario" } }, "type": "object" }, "AWS::QuickSight::Analysis.ForecastScenario": { "additionalProperties": false, "properties": { "WhatIfPointScenario": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfPointScenario", "markdownDescription": "The what-if analysis forecast setup with the target date.", "title": "WhatIfPointScenario" }, "WhatIfRangeScenario": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WhatIfRangeScenario", "markdownDescription": "The what-if analysis forecast setup with the date range.", "title": "WhatIfRangeScenario" } }, "type": "object" }, "AWS::QuickSight::Analysis.FormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeFormatConfiguration", "markdownDescription": "Formatting configuration for `DateTime` fields.", "title": "DateTimeFormatConfiguration" }, "NumberFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "Formatting configuration for number fields.", "title": "NumberFormatConfiguration" }, "StringFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringFormatConfiguration", "markdownDescription": "Formatting configuration for string fields.", "title": "StringFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in a free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutElement": { "additionalProperties": false, "properties": { "BackgroundStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle", "markdownDescription": "The background style configuration of a free-form layout element.", "title": "BackgroundStyle" }, "BorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element.", "title": "BorderStyle" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a free-form layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "Height": { "markdownDescription": "The height of an element within a free-form layout.", "title": "Height", "type": "string" }, "LoadingAnimation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LoadingAnimation", "markdownDescription": "The loading animation configuration of a free-form layout element.", "title": "LoadingAnimation" }, "RenderingRules": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementRenderingRule" }, "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", "title": "RenderingRules", "type": "array" }, "SelectedBorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", "title": "SelectedBorderStyle" }, "Visibility": { "markdownDescription": "The visibility of an element within a free-form layout.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of an element within a free-form layout.", "title": "Width", "type": "string" }, "XAxisLocation": { "markdownDescription": "The x-axis coordinate of the element.", "title": "XAxisLocation", "type": "string" }, "YAxisLocation": { "markdownDescription": "The y-axis coordinate of the element.", "title": "YAxisLocation", "type": "string" } }, "required": [ "ElementId", "ElementType", "Height", "Width", "XAxisLocation", "YAxisLocation" ], "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The background color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The background visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The border color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The border visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ "OptimizedViewPortWidth" ], "type": "object" }, "AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in the free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, "DataLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartDataLabelOptions", "markdownDescription": "The options that determine the presentation of the data labels.", "title": "DataLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartSortConfiguration", "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "The visibility of the category labels within the data labels.", "title": "CategoryLabelVisibility", "type": "string" }, "LabelColor": { "markdownDescription": "The color of the data label text.", "title": "LabelColor", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", "title": "LabelFontConfiguration" }, "MeasureDataLabelStyle": { "markdownDescription": "Determines the style of the metric labels.", "title": "MeasureDataLabelStyle", "type": "string" }, "MeasureLabelVisibility": { "markdownDescription": "The visibility of the measure labels within the data labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Position": { "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", "title": "Position", "type": "string" }, "Visibility": { "markdownDescription": "The visibility option that determines if data labels are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartFieldWells": { "additionalProperties": false, "properties": { "FunnelChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FunnelChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartConfiguration", "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the arc foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartArcConditionalFormatting", "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", "title": "Arc" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", "title": "PrimaryValue" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartFieldWells", "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, "GaugeChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartOptions", "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", "title": "GaugeChartOptions" }, "TooltipOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", "title": "TooltipOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", "title": "TargetValues", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a `GaugeChartVisual` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartOptions": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcConfiguration", "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", "title": "Arc" }, "ArcAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ArcAxisConfiguration", "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", "title": "ArcAxis" }, "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConfiguration", "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartConditionalFormatting", "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { "East": { "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", "title": "East", "type": "number" }, "North": { "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", "title": "North", "type": "number" }, "South": { "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", "title": "South", "type": "number" }, "West": { "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", "title": "West", "type": "number" } }, "required": [ "East", "North", "South", "West" ], "type": "object" }, "AWS::QuickSight::Analysis.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapDataColor" }, "markdownDescription": "The list of colors to be used in heatmap point style.", "title": "Colors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { "HeatmapColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapColorScale", "markdownDescription": "The color scale specification for the heatmap point style.", "title": "HeatmapColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color to be used in the heatmap point style.", "title": "Color", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color field wells of a geospatial map.", "title": "Colors", "type": "array" }, "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the geospatial map.", "title": "MapStyleOptions" }, "PointStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialPointStyleOptions", "markdownDescription": "The point style options of the geospatial map.", "title": "PointStyleOptions" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "", "title": "VisualPalette" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialWindowOptions", "markdownDescription": "The window options of the geospatial map.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { "GeospatialMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapAggregatedFieldWells", "markdownDescription": "The aggregated field well for a geospatial map.", "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { "BaseMapStyle": { "markdownDescription": "The base map style of the geospatial map.", "title": "BaseMapStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { "ClusterMarkerConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ClusterMarkerConfiguration", "markdownDescription": "The cluster marker configuration of the geospatial point style.", "title": "ClusterMarkerConfiguration" }, "HeatmapConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialHeatmapConfiguration", "markdownDescription": "The heatmap configuration of the geospatial point style.", "title": "HeatmapConfiguration" }, "SelectedPointStyle": { "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", "title": "SelectedPointStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.GeospatialWindowOptions": { "additionalProperties": false, "properties": { "Bounds": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialCoordinateBounds", "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", "title": "Bounds" }, "MapZoomMode": { "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", "title": "MapZoomMode", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { "SideSpecificBorder": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSideBorderOptions", "markdownDescription": "Determines the options for side specific border.", "title": "SideSpecificBorder" }, "UniformBorder": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "Determines the options for uniform border.", "title": "UniformBorder" } }, "type": "object" }, "AWS::QuickSight::Analysis.GradientColor": { "additionalProperties": false, "properties": { "Stops": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GradientStop" }, "markdownDescription": "The list of gradient color stops.", "title": "Stops", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.GradientStop": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "Determines the data value.", "title": "DataValue", "type": "number" }, "GradientOffset": { "markdownDescription": "Determines gradient offset value.", "title": "GradientOffset", "type": "number" } }, "required": [ "GradientOffset" ], "type": "object" }, "AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.GridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutElement" }, "markdownDescription": "The elements that are included in a grid layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Analysis.GridLayoutElement": { "additionalProperties": false, "properties": { "ColumnIndex": { "markdownDescription": "The column index for the upper left corner of an element.", "title": "ColumnIndex", "type": "number" }, "ColumnSpan": { "markdownDescription": "The width of a grid element expressed as a number of grid columns.", "title": "ColumnSpan", "type": "number" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a grid layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "RowIndex": { "markdownDescription": "The row index for the upper left corner of an element.", "title": "RowIndex", "type": "number" }, "RowSpan": { "markdownDescription": "The height of a grid element expressed as a number of grid rows.", "title": "RowSpan", "type": "number" } }, "required": [ "ColumnSpan", "ElementId", "ElementType", "RowSpan" ], "type": "object" }, "AWS::QuickSight::Analysis.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" }, "ResizeOption": { "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", "title": "ResizeOption", "type": "string" } }, "required": [ "ResizeOption" ], "type": "object" }, "AWS::QuickSight::Analysis.GrowthRateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodSize": { "markdownDescription": "The period size setup of a growth rate computation.", "title": "PeriodSize", "type": "number" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of the header or footer section.", "title": "Layout" }, "SectionId": { "markdownDescription": "The unique identifier of the header or footer section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionStyle", "markdownDescription": "The style options of a header or footer section.", "title": "Style" } }, "required": [ "Layout", "SectionId" ], "type": "object" }, "AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The columns field well of a heat map.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The rows field well of a heat map.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well of a heat map.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.HeatMapConfiguration": { "additionalProperties": false, "properties": { "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", "title": "ColorScale" }, "ColumnLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the column that is displayed in a heat map.", "title": "ColumnLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "RowLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the row that is displayed in a `heat map` .", "title": "RowLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapSortConfiguration", "markdownDescription": "The sort configuration of a heat map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Analysis.HeatMapFieldWells": { "additionalProperties": false, "properties": { "HeatMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a heat map.", "title": "HeatMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { "HeatMapColumnItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", "title": "HeatMapColumnItemsLimitConfiguration" }, "HeatMapColumnSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", "title": "HeatMapColumnSort", "type": "array" }, "HeatMapRowItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", "title": "HeatMapRowItemsLimitConfiguration" }, "HeatMapRowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The field sort configuration of the rows fields.", "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.HeatMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapConfiguration", "markdownDescription": "The configuration of a heat map.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.HistogramBinOptions": { "additionalProperties": false, "properties": { "BinCount": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BinCountOptions", "markdownDescription": "The options that determine the bin count of a histogram.", "title": "BinCount" }, "BinWidth": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BinWidthOptions", "markdownDescription": "The options that determine the bin width of a histogram.", "title": "BinWidth" }, "SelectedBinType": { "markdownDescription": "The options that determine the selected bin type.", "title": "SelectedBinType", "type": "string" }, "StartValue": { "markdownDescription": "The options that determine the bin start value.", "title": "StartValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.HistogramConfiguration": { "additionalProperties": false, "properties": { "BinOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramBinOptions", "markdownDescription": "The options that determine the presentation of histogram bins.", "title": "BinOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a histogram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "FieldWells" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a histogram.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a histogram.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "YAxisDisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.HistogramFieldWells": { "additionalProperties": false, "properties": { "HistogramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramAggregatedFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.HistogramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramConfiguration", "markdownDescription": "The configuration for a `HistogramVisual` .", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.InsightConfiguration": { "additionalProperties": false, "properties": { "Computations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Computation" }, "markdownDescription": "The computations configurations of the insight visual", "title": "Computations", "type": "array" }, "CustomNarrative": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomNarrativeOptions", "markdownDescription": "The custom narrative of the insight visual.", "title": "CustomNarrative" } }, "type": "object" }, "AWS::QuickSight::Analysis.InsightVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used in the insight visual.", "title": "DataSetIdentifier", "type": "string" }, "InsightConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightConfiguration", "markdownDescription": "The configuration of an insight visual.", "title": "InsightConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `IntegerDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.IntegerParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the integer parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "number" }, "markdownDescription": "The values for the integer parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Analysis.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Analysis.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { "ItemsLimit": { "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", "title": "ItemsLimit", "type": "number" }, "OtherCategories": { "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", "title": "OtherCategories", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the actual value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the actual value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the comparison value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the comparison value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormattingOption" }, "markdownDescription": "The conditional formatting options of a KPI visual.", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { "ActualValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIActualValueConditionalFormatting", "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", "title": "ActualValue" }, "ComparisonValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIComparisonValueConditionalFormatting", "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", "title": "ComparisonValue" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", "title": "PrimaryValue" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting", "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", "title": "ProgressBar" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIFieldWells", "markdownDescription": "The field well configuration of a KPI visual.", "title": "FieldWells" }, "KPIOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIOptions", "markdownDescription": "The options that determine the presentation of a KPI visual.", "title": "KPIOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISortConfiguration", "markdownDescription": "The sort configuration of a KPI visual.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The target value field wells of a KPI visual.", "title": "TargetValues", "type": "array" }, "TrendGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The trend group field wells of a KPI visual.", "title": "TrendGroups", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a KPI visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIOptions": { "additionalProperties": false, "properties": { "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a KPI visual.", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ProgressBarOptions", "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", "title": "ProgressBar" }, "SecondaryValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SecondaryValueOptions", "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", "title": "SecondaryValue" }, "SecondaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The options that determine the secondary value font configuration.", "title": "SecondaryValueFontConfiguration" }, "Sparkline": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPISparklineOptions", "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", "title": "Sparkline" }, "TrendArrows": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TrendArrowOptions", "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", "title": "TrendArrows" }, "VisualLayoutOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualLayoutOptions", "markdownDescription": "The options that determine the layout a KPI visual.", "title": "VisualLayoutOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the progress bar's foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPISortConfiguration": { "additionalProperties": false, "properties": { "TrendGroupSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the trend group fields.", "title": "TrendGroupSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPISparklineOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the sparkline.", "title": "Color", "type": "string" }, "TooltipVisibility": { "markdownDescription": "The tooltip visibility of the sparkline.", "title": "TooltipVisibility", "type": "string" }, "Type": { "markdownDescription": "The type of the sparkline.", "title": "Type", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the sparkline.", "title": "Visibility", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Analysis.KPIVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConfiguration", "markdownDescription": "The configuration of a KPI visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIConditionalFormatting", "markdownDescription": "The conditional formatting of a KPI visual.", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { "StandardLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisualStandardLayout", "markdownDescription": "The standard layout of the KPI visual.", "title": "StandardLayout" } }, "type": "object" }, "AWS::QuickSight::Analysis.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The standard layout type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Analysis.LabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The text for the label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the label.", "title": "FontConfiguration" }, "Visibility": { "markdownDescription": "Determines whether or not the label is visible.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.Layout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LayoutConfiguration", "markdownDescription": "The configuration that determines what the type of layout for a sheet.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Analysis.LayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormLayoutConfiguration", "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", "title": "FreeFormLayout" }, "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", "title": "GridLayout" }, "SectionBasedLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration", "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", "title": "SectionBasedLayout" } }, "type": "object" }, "AWS::QuickSight::Analysis.LegendOptions": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", "title": "Height", "type": "string" }, "Position": { "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", "title": "Position", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The custom title for the legend.", "title": "Title" }, "Visibility": { "markdownDescription": "Determines whether or not the legend is visible.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", "title": "Width", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a line chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartConfiguration": { "additionalProperties": false, "properties": { "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The default configuration of a line chart's contribution analysis.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a line chart.", "title": "DataLabels" }, "DefaultSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings", "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", "title": "DefaultSeriesSettings" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "FieldWells" }, "ForecastConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ForecastConfiguration" }, "markdownDescription": "The forecast configuration of a line chart.", "title": "ForecastConfigurations", "type": "array" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend configuration of a line chart.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLine" }, "markdownDescription": "The reference lines configuration of a line chart.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", "title": "SecondaryYAxisLabelOptions" }, "Series": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SeriesItem" }, "markdownDescription": "The series item configuration of a line chart.", "title": "Series", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartSortConfiguration", "markdownDescription": "The sort configuration of a line chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip configuration of a line chart.", "title": "Tooltip" }, "Type": { "markdownDescription": "Determines the type of the line chart.", "title": "Type", "type": "string" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a line chart.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis to which you are binding all line series to.", "title": "AxisBinding", "type": "string" }, "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", "markdownDescription": "Line styles options for all line series in the visual.", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for all line series in the visual.", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartFieldWells": { "additionalProperties": false, "properties": { "LineChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { "LineInterpolation": { "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", "title": "LineInterpolation", "type": "string" }, "LineStyle": { "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", "title": "LineStyle", "type": "string" }, "LineVisibility": { "markdownDescription": "Configuration option that determines whether to show the line for the series.", "title": "LineVisibility", "type": "string" }, "LineWidth": { "markdownDescription": "Width that determines the line thickness.", "title": "LineWidth", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { "MarkerColor": { "markdownDescription": "Color of marker in the series.", "title": "MarkerColor", "type": "string" }, "MarkerShape": { "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", "title": "MarkerShape", "type": "string" }, "MarkerSize": { "markdownDescription": "Size of marker in the series.", "title": "MarkerSize", "type": "string" }, "MarkerVisibility": { "markdownDescription": "Configuration option that determines whether to show the markers in the series.", "title": "MarkerVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartSeriesSettings": { "additionalProperties": false, "properties": { "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartLineStyleSettings", "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", "title": "CategoryItemsLimitConfiguration" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", "title": "ColorItemsLimitConfiguration" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.LineChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartConfiguration", "markdownDescription": "The configuration of a line chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the line series axis.", "title": "AxisOptions" }, "MissingDataConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MissingDataConfiguration" }, "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", "title": "MissingDataConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ListControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SearchOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSearchOptions", "markdownDescription": "The configuration of the search options in a list control.", "title": "SearchOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a list control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.ListControlSearchOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the search options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.LoadingAnimation": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of `LoadingAnimation` .", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { "TargetSheetId": { "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", "title": "TargetSheetId", "type": "string" } }, "required": [ "TargetSheetId" ], "type": "object" }, "AWS::QuickSight::Analysis.LongFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.MappedDataSetParameter": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", "title": "DataSetIdentifier", "type": "string" }, "DataSetParameterName": { "markdownDescription": "The name of the dataset parameter.", "title": "DataSetParameterName", "type": "string" } }, "required": [ "DataSetIdentifier", "DataSetParameterName" ], "type": "object" }, "AWS::QuickSight::Analysis.MaximumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the maximum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.MaximumMinimumComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Analysis.MeasureField": { "additionalProperties": false, "properties": { "CalculatedMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CalculatedMeasureField", "markdownDescription": "The calculated measure field only used in pivot tables.", "title": "CalculatedMeasureField" }, "CategoricalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CategoricalMeasureField", "markdownDescription": "The measure type field with categorical type columns.", "title": "CategoricalMeasureField" }, "DateMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateMeasureField", "markdownDescription": "The measure type field with date type columns.", "title": "DateMeasureField" }, "NumericalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalMeasureField", "markdownDescription": "The measure type field with numerical type columns.", "title": "NumericalMeasureField" } }, "type": "object" }, "AWS::QuickSight::Analysis.MetricComparisonComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "FromValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The field that is used in a metric comparison from value setup.", "title": "FromValue" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "TargetValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The field that is used in a metric comparison to value setup.", "title": "TargetValue" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.MinimumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the minimum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.MissingDataConfiguration": { "additionalProperties": false, "properties": { "TreatmentOption": { "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", "title": "TreatmentOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.NegativeValueConfiguration": { "additionalProperties": false, "properties": { "DisplayMode": { "markdownDescription": "Determines the display mode of the negative value configuration.", "title": "DisplayMode", "type": "string" } }, "required": [ "DisplayMode" ], "type": "object" }, "AWS::QuickSight::Analysis.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { "NullString": { "markdownDescription": "Determines the null string of null values.", "title": "NullString", "type": "string" } }, "required": [ "NullString" ], "type": "object" }, "AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value of the number format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the number format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the number format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumberFormatConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The options that determine the numeric format configuration.", "title": "FormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericAxisOptions": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayRange", "markdownDescription": "The range setup of a numeric axis.", "title": "Range" }, "Scale": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisScale", "markdownDescription": "The scale setup of a numeric axis.", "title": "Scale" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Value": { "markdownDescription": "The value of the double input numeric drill down filter.", "title": "Value", "type": "number" } }, "required": [ "Column", "Value" ], "type": "object" }, "AWS::QuickSight::Analysis.NumericEqualityFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" }, "Value": { "markdownDescription": "The input value.", "title": "Value", "type": "number" } }, "required": [ "Column", "FilterId", "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Analysis.NumericFormatConfiguration": { "additionalProperties": false, "properties": { "CurrencyDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CurrencyDisplayFormatConfiguration", "markdownDescription": "The options that determine the currency display format configuration.", "title": "CurrencyDisplayFormatConfiguration" }, "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberDisplayFormatConfiguration", "markdownDescription": "The options that determine the number display format configuration.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration", "markdownDescription": "The options that determine the percentage display format configuration.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericRangeFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximum": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum" }, "RangeMinimum": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Analysis.NumericRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter that is used in the numeric range.", "title": "Parameter", "type": "string" }, "StaticValue": { "markdownDescription": "The static value of the numeric range filter.", "title": "StaticValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { "DecimalSeparator": { "markdownDescription": "Determines the decimal separator.", "title": "DecimalSeparator", "type": "string" }, "ThousandsSeparator": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ThousandSeparatorOptions", "markdownDescription": "The options that determine the thousands separator configuration.", "title": "ThousandsSeparator" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericalAggregationFunction": { "additionalProperties": false, "properties": { "PercentileAggregation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentileAggregation", "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", "title": "PercentileAggregation" }, "SimpleNumericalAggregation": { "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", "title": "SimpleNumericalAggregation", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.NumericalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.NumericalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.PaginationConfiguration": { "additionalProperties": false, "properties": { "PageNumber": { "markdownDescription": "Indicates the page number.", "title": "PageNumber", "type": "number" }, "PageSize": { "markdownDescription": "Indicates how many items render in one page.", "title": "PageSize", "type": "number" } }, "required": [ "PageNumber", "PageSize" ], "type": "object" }, "AWS::QuickSight::Analysis.PanelConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "Sets the background color for each panel.", "title": "BackgroundColor", "type": "string" }, "BackgroundVisibility": { "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", "title": "BackgroundVisibility", "type": "string" }, "BorderColor": { "markdownDescription": "Sets the line color of panel borders.", "title": "BorderColor", "type": "string" }, "BorderStyle": { "markdownDescription": "Sets the line style of panel borders.", "title": "BorderStyle", "type": "string" }, "BorderThickness": { "markdownDescription": "Sets the line thickness of panel borders.", "title": "BorderThickness", "type": "string" }, "BorderVisibility": { "markdownDescription": "Determines whether or not each panel displays a border.", "title": "BorderVisibility", "type": "string" }, "GutterSpacing": { "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", "title": "GutterSpacing", "type": "string" }, "GutterVisibility": { "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", "title": "GutterVisibility", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelTitleOptions", "markdownDescription": "Configures the title display within each small multiples panel.", "title": "Title" } }, "type": "object" }, "AWS::QuickSight::Analysis.PanelTitleOptions": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "", "title": "FontConfiguration" }, "HorizontalTextAlignment": { "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", "title": "HorizontalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "Determines whether or not panel titles are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ParameterControl": { "additionalProperties": false, "properties": { "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDateTimePickerControl", "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterListControl", "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Analysis.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.ParameterDeclaration": { "additionalProperties": false, "properties": { "DateTimeParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameterDeclaration", "markdownDescription": "A parameter declaration for the `DateTime` data type.", "title": "DateTimeParameterDeclaration" }, "DecimalParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameterDeclaration", "markdownDescription": "A parameter declaration for the `Decimal` data type.", "title": "DecimalParameterDeclaration" }, "IntegerParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameterDeclaration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "IntegerParameterDeclaration" }, "StringParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameterDeclaration", "markdownDescription": "A parameter declaration for the `String` data type.", "title": "StringParameterDeclaration" } }, "type": "object" }, "AWS::QuickSight::Analysis.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDropDownControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterListControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterListControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of `ParameterListControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.ParameterSelectableValues": { "additionalProperties": false, "properties": { "LinkToDataSetColumn": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column identifier that fetches values from the data set.", "title": "LinkToDataSetColumn" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterSliderControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", "title": "SourceParameterName", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "ParameterControlId", "SourceParameterName", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextAreaControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextFieldControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Analysis.Parameters": { "additionalProperties": false, "properties": { "DateTimeParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DateTimeParameter" }, "markdownDescription": "The parameters that have a data type of date-time.", "title": "DateTimeParameters", "type": "array" }, "DecimalParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalParameter" }, "markdownDescription": "The parameters that have a data type of decimal.", "title": "DecimalParameters", "type": "array" }, "IntegerParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.IntegerParameter" }, "markdownDescription": "The parameters that have a data type of integer.", "title": "IntegerParameters", "type": "array" }, "StringParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringParameter" }, "markdownDescription": "The parameters that have a data type of string.", "title": "StringParameters", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PercentVisibleRange": { "additionalProperties": false, "properties": { "From": { "markdownDescription": "The lower bound of the range.", "title": "From", "type": "number" }, "To": { "markdownDescription": "The top bound of the range.", "title": "To", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "Prefix": { "markdownDescription": "Determines the prefix value of the percentage format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the percentage format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PercentileAggregation": { "additionalProperties": false, "properties": { "PercentileValue": { "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", "title": "PercentileValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.PeriodToDateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodTimeGranularity": { "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", "title": "PeriodTimeGranularity", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category (group/color) field wells of a pie chart.", "title": "Category", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The small multiples field well of a pie chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PieChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", "title": "CategoryLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "DonutOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DonutOptions", "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", "title": "DonutOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartSortConfiguration", "markdownDescription": "The sort configuration of a pie chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options for the value that is displayed in a pie chart.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.PieChartFieldWells": { "additionalProperties": false, "properties": { "PieChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a pie chart.", "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.PieChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartConfiguration", "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotFieldSortOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the field sort options.", "title": "FieldId", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortBy", "markdownDescription": "The sort by field for the field sort options.", "title": "SortBy" } }, "required": [ "FieldId", "SortBy" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "Scope": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope", "markdownDescription": "The scope of the cell for conditional formatting.", "title": "Scope" }, "Scopes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope" }, "markdownDescription": "A list of cell scopes for conditional formatting.", "title": "Scopes", "type": "array" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a pivot table.", "title": "Cell" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { "Role": { "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", "title": "Role", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOptions", "markdownDescription": "The field options for a pivot table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions", "markdownDescription": "The paginated report options for a pivot table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableSortConfiguration", "markdownDescription": "The sort configuration for a `PivotTableVisual` .", "title": "SortConfiguration" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableOptions", "markdownDescription": "The table options for a pivot table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableTotalOptions", "markdownDescription": "The total options for a pivot table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableDataPathOption": { "additionalProperties": false, "properties": { "DataPathList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The list of data path values for the data path options.", "title": "DataPathList", "type": "array" }, "Width": { "markdownDescription": "The width of the data path option.", "title": "Width", "type": "string" } }, "required": [ "DataPathList" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", "title": "State", "type": "string" }, "Target": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget", "markdownDescription": "A tagged-union object that sets the collapse state.", "title": "Target" } }, "required": [ "Target" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { "FieldDataPathValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathValue" }, "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", "title": "FieldDataPathValues", "type": "array" }, "FieldId": { "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label of the pivot table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the pivot table field.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the pivot table field.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldOptions": { "additionalProperties": false, "properties": { "CollapseStateOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldCollapseStateOption" }, "markdownDescription": "The collapse state options for the pivot table field options.", "title": "CollapseStateOptions", "type": "array" }, "DataPathOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableDataPathOption" }, "markdownDescription": "The data path options for the pivot table field options.", "title": "DataPathOptions", "type": "array" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldOption" }, "markdownDescription": "The selected field options for the pivot table field options.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the subtotal options.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableFieldWells": { "additionalProperties": false, "properties": { "PivotTableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the pivot table.", "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of cells.", "title": "CellStyle" }, "CollapsedRowDimensionsVisibility": { "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "title": "CollapsedRowDimensionsVisibility", "type": "string" }, "ColumnHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of the column header.", "title": "ColumnHeaderStyle" }, "ColumnNamesVisibility": { "markdownDescription": "The visibility of the column names.", "title": "ColumnNamesVisibility", "type": "string" }, "DefaultCellWidth": { "markdownDescription": "The default cell width of the pivot table.", "title": "DefaultCellWidth", "type": "string" }, "MetricPlacement": { "markdownDescription": "The metric placement (row, column) options.", "title": "MetricPlacement", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors).", "title": "RowAlternateColorOptions" }, "RowFieldNamesStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of row field names.", "title": "RowFieldNamesStyle" }, "RowHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of the row headers.", "title": "RowHeaderStyle" }, "RowsLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableRowsLabelOptions", "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", "title": "RowsLabelOptions" }, "RowsLayout": { "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", "title": "RowsLayout", "type": "string" }, "SingleMetricVisibility": { "markdownDescription": "The visibility of the single metric options.", "title": "SingleMetricVisibility", "type": "string" }, "ToggleButtonsVisibility": { "markdownDescription": "Determines the visibility of the pivot table.", "title": "ToggleButtonsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of the repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of the printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the rows label.", "title": "CustomLabel", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the rows label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableSortBy": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnSort", "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", "title": "Column" }, "DataPath": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathSort", "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", "title": "DataPath" }, "Field": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSort", "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", "title": "Field" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { "FieldSortOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotFieldSortOptions" }, "markdownDescription": "The field sort options for a pivot table sort configuration.", "title": "FieldSortOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableTotalOptions": { "additionalProperties": false, "properties": { "ColumnSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", "markdownDescription": "The column subtotal options.", "title": "ColumnSubtotalOptions" }, "ColumnTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", "markdownDescription": "The column total options.", "title": "ColumnTotalOptions" }, "RowSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SubtotalOptions", "markdownDescription": "The row subtotal options.", "title": "RowSubtotalOptions" }, "RowTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTotalOptions", "markdownDescription": "The row total options.", "title": "RowTotalOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.PivotTotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the total of header cells.", "title": "MetricHeaderCellStyle" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" }, "markdownDescription": "The total aggregation options for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the totals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Analysis.PredefinedHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the predefined hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the predefined hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Analysis.ProgressBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the progress bar.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The aggregated field well categories of a radar chart.", "title": "Category", "type": "array" }, "Color": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", "title": "Color", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility settings of a radar chart.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartConfiguration": { "additionalProperties": false, "properties": { "AlternateBandColorsVisibility": { "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", "title": "AlternateBandColorsVisibility", "type": "string" }, "AlternateBandEvenColor": { "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", "title": "AlternateBandEvenColor", "type": "string" }, "AlternateBandOddColor": { "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", "title": "AlternateBandOddColor", "type": "string" }, "AxesRangeScale": { "markdownDescription": "The axis behavior options of a radar chart.", "title": "AxesRangeScale", "type": "string" }, "BaseSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSeriesSettings", "markdownDescription": "The base sreies settings of a radar chart.", "title": "BaseSeriesSettings" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The category axis of a radar chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The category label options of a radar chart.", "title": "CategoryLabelOptions" }, "ColorAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The color axis of a radar chart.", "title": "ColorAxis" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The color label options of a radar chart.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartFieldWells", "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Shape": { "markdownDescription": "The shape of the radar chart.", "title": "Shape", "type": "string" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartSortConfiguration", "markdownDescription": "The sort configuration of a `RadarChartVisual` .", "title": "SortConfiguration" }, "StartAngle": { "markdownDescription": "The start angle of a radar chart's axis.", "title": "StartAngle", "type": "number" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartFieldWells": { "additionalProperties": false, "properties": { "RadarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a radar chart visual.", "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { "AreaStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartAreaStyleSettings", "markdownDescription": "The area style settings of a radar chart.", "title": "AreaStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The category items limit for a radar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The category sort options of a radar chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The color items limit of a radar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The color sort configuration of a radar chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.RangeEndsLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the range ends label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLine": { "additionalProperties": false, "properties": { "DataConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDataConfiguration", "markdownDescription": "The data configuration of the reference line.", "title": "DataConfiguration" }, "LabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration", "markdownDescription": "The label configuration of the reference line.", "title": "LabelConfiguration" }, "Status": { "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", "title": "Status", "type": "string" }, "StyleConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration", "markdownDescription": "The style configuration of the reference line.", "title": "StyleConfiguration" } }, "required": [ "DataConfiguration" ], "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The string text of the custom label.", "title": "CustomLabel", "type": "string" } }, "required": [ "CustomLabel" ], "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", "title": "AxisBinding", "type": "string" }, "DynamicConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration", "markdownDescription": "The dynamic configuration of the reference line data configuration.", "title": "DynamicConfiguration" }, "SeriesType": { "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", "title": "SeriesType", "type": "string" }, "StaticConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration", "markdownDescription": "The static data configuration of the reference line data configuration.", "title": "StaticConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { "Calculation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericalAggregationFunction", "markdownDescription": "The calculation that is used in the dynamic data.", "title": "Calculation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the dynamic data targets.", "title": "Column" }, "MeasureAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationFunction", "markdownDescription": "The aggregation function that is used in the dynamic data.", "title": "MeasureAggregationFunction" } }, "required": [ "Calculation", "Column" ], "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineCustomLabelConfiguration", "markdownDescription": "The custom label configuration of the label in a reference line.", "title": "CustomLabelConfiguration" }, "FontColor": { "markdownDescription": "The font color configuration of the label in a reference line.", "title": "FontColor", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the label in a reference line.", "title": "FontConfiguration" }, "HorizontalPosition": { "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", "title": "HorizontalPosition", "type": "string" }, "ValueLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration", "markdownDescription": "The value label configuration of the label in a reference line.", "title": "ValueLabelConfiguration" }, "VerticalPosition": { "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", "title": "VerticalPosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The double input of the static data.", "title": "Value", "type": "number" } }, "required": [ "Value" ], "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color of the reference line.", "title": "Color", "type": "string" }, "Pattern": { "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", "title": "Pattern", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The format configuration of the value label.", "title": "FormatConfiguration" }, "RelativePosition": { "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", "title": "RelativePosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.RelativeDatesFilter": { "additionalProperties": false, "properties": { "AnchorDateConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AnchorDateConfiguration", "markdownDescription": "The date configuration of the filter.", "title": "AnchorDateConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", "markdownDescription": "The configuration for the exclude period of the filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MinimumGranularity": { "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", "title": "MinimumGranularity", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "RelativeDateType": { "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", "title": "RelativeDateType", "type": "string" }, "RelativeDateValue": { "markdownDescription": "The date value of the filter.", "title": "RelativeDateValue", "type": "number" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AnchorDateConfiguration", "Column", "FilterId", "NullOption", "RelativeDateType", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Analysis.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permissions on.", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::Analysis.RollingDateConfiguration": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in the rolling date configuration.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the rolling date configuration.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Analysis.RowAlternateColorOptions": { "additionalProperties": false, "properties": { "RowAlternateColors": { "items": { "type": "string" }, "markdownDescription": "Determines the list of row alternate colors.", "title": "RowAlternateColors", "type": "array" }, "Status": { "markdownDescription": "Determines the widget status.", "title": "Status", "type": "string" }, "UsePrimaryBackgroundColor": { "markdownDescription": "The primary background color options for alternate rows.", "title": "UsePrimaryBackgroundColor", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { "TargetVisualOptions": { "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", "title": "TargetVisualOptions", "type": "string" }, "TargetVisuals": { "items": { "type": "string" }, "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", "title": "TargetVisuals", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Destination": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The destination field wells of a sankey diagram.", "title": "Destination", "type": "array" }, "Source": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The source field wells of a sankey diagram.", "title": "Source", "type": "array" }, "Weight": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The weight field wells of a sankey diagram.", "title": "Weight", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration", "markdownDescription": "The sort configuration of a sankey diagram.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { "SankeyDiagramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramAggregatedFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { "DestinationItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", "title": "DestinationItemsLimit" }, "SourceItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", "title": "SourceItemsLimit" }, "WeightSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the weight fields.", "title": "WeightSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramChartConfiguration", "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", "title": "YAxisDisplayOptions" }, "YAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", "title": "YAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { "ScatterPlotCategoricallyAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotCategoricallyAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, "ScatterPlotUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells", "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.ScrollBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the data zoom scroll bar.", "title": "Visibility", "type": "string" }, "VisibleRange": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisibleRangeOptions", "markdownDescription": "The visibility range for the data zoom scroll bar.", "title": "VisibleRange" } }, "type": "object" }, "AWS::QuickSight::Analysis.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines the visibility of the secondary value.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SectionAfterPageBreak": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The option that enables or disables a page break at the end of a section.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions", "markdownDescription": "The options for a paper canvas of a section-based layout.", "title": "PaperCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "BodySections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BodySectionConfiguration" }, "markdownDescription": "A list of body section configurations.", "title": "BodySections", "type": "array" }, "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "The options for the canvas of a section-based layout.", "title": "CanvasSizeOptions" }, "FooterSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of footer section configurations.", "title": "FooterSections", "type": "array" }, "HeaderSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of header section configurations.", "title": "HeaderSections", "type": "array" } }, "required": [ "BodySections", "CanvasSizeOptions", "FooterSections", "HeaderSections" ], "type": "object" }, "AWS::QuickSight::Analysis.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperMargin": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", "title": "PaperMargin" }, "PaperOrientation": { "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", "title": "PaperOrientation", "type": "string" }, "PaperSize": { "markdownDescription": "The paper size that is used to define canvas dimensions.", "title": "PaperSize", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FreeFormSectionLayoutConfiguration", "markdownDescription": "The free-form layout configuration of a section.", "title": "FreeFormLayout" } }, "required": [ "FreeFormLayout" ], "type": "object" }, "AWS::QuickSight::Analysis.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { "After": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SectionAfterPageBreak", "markdownDescription": "The configuration of a page break after a section.", "title": "After" } }, "type": "object" }, "AWS::QuickSight::Analysis.SectionStyle": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", "title": "Height", "type": "string" }, "Padding": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Spacing", "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", "title": "Padding" } }, "type": "object" }, "AWS::QuickSight::Analysis.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { "SheetVisualScopingConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetVisualScopingConfiguration" }, "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", "title": "SheetVisualScopingConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.SeriesItem": { "additionalProperties": false, "properties": { "DataFieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataFieldSeriesItem", "markdownDescription": "The data field series item configuration of a line chart.", "title": "DataFieldSeriesItem" }, "FieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSeriesItem", "markdownDescription": "The field series item configuration of a line chart.", "title": "FieldSeriesItem" } }, "type": "object" }, "AWS::QuickSight::Analysis.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { "DestinationParameterName": { "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", "title": "DestinationParameterName", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DestinationParameterValueConfiguration", "markdownDescription": "", "title": "Value" } }, "required": [ "DestinationParameterName", "Value" ], "type": "object" }, "AWS::QuickSight::Analysis.ShapeConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", "title": "BackgroundColor" } }, "required": [ "BackgroundColor" ], "type": "object" }, "AWS::QuickSight::Analysis.Sheet": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "SheetId": { "markdownDescription": "The unique identifier associated with a sheet.", "title": "SheetId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { "InfoIconText": { "markdownDescription": "The text content of info icon.", "title": "InfoIconText", "type": "string" }, "Visibility": { "markdownDescription": "The visibility configuration of info icon label options.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SheetControlLayout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Analysis.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GridLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "GridLayout" } }, "type": "object" }, "AWS::QuickSight::Analysis.SheetDefinition": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "A description of the sheet.", "title": "Description", "type": "string" }, "FilterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilterControl" }, "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", "title": "FilterControls", "type": "array" }, "Layouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Layout" }, "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", "title": "Layouts", "type": "array" }, "Name": { "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "ParameterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ParameterControl" }, "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterControls", "type": "array" }, "SheetControlLayouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlLayout" }, "markdownDescription": "The control layouts of the sheet.", "title": "SheetControlLayouts", "type": "array" }, "SheetId": { "markdownDescription": "The unique identifier of a sheet.", "title": "SheetId", "type": "string" }, "TextBoxes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetTextBox" }, "markdownDescription": "The text boxes that are on a sheet.", "title": "TextBoxes", "type": "array" }, "Title": { "markdownDescription": "The title of the sheet.", "title": "Title", "type": "string" }, "Visuals": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.Visual" }, "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", "title": "Visuals", "type": "array" } }, "required": [ "SheetId" ], "type": "object" }, "AWS::QuickSight::Analysis.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SheetElementRenderingRule": { "additionalProperties": false, "properties": { "ConfigurationOverrides": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetElementConfigurationOverrides", "markdownDescription": "The override configuration of the rendering rules of a sheet.", "title": "ConfigurationOverrides" }, "Expression": { "markdownDescription": "The expression of the rendering rules of a sheet.", "title": "Expression", "type": "string" } }, "required": [ "ConfigurationOverrides", "Expression" ], "type": "object" }, "AWS::QuickSight::Analysis.SheetTextBox": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content that is displayed in the text box.", "title": "Content", "type": "string" }, "SheetTextBoxId": { "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", "title": "SheetTextBoxId", "type": "string" } }, "required": [ "SheetTextBoxId" ], "type": "object" }, "AWS::QuickSight::Analysis.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { "Scope": { "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", "title": "Scope", "type": "string" }, "SheetId": { "markdownDescription": "The selected sheet that the filter is applied to.", "title": "SheetId", "type": "string" }, "VisualIds": { "items": { "type": "string" }, "markdownDescription": "The selected visuals that the filter is applied to.", "title": "VisualIds", "type": "array" } }, "required": [ "Scope", "SheetId" ], "type": "object" }, "AWS::QuickSight::Analysis.ShortFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SimpleClusterMarker": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the simple cluster marker.", "title": "Color", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { "Placement": { "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", "title": "Placement", "type": "string" }, "Scale": { "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", "title": "Scale", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SmallMultiplesOptions": { "additionalProperties": false, "properties": { "MaxVisibleColumns": { "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleColumns", "type": "number" }, "MaxVisibleRows": { "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleRows", "type": "number" }, "PanelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PanelConfiguration", "markdownDescription": "Configures the display options for each small multiples panel.", "title": "PanelConfiguration" }, "XAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples X axis.", "title": "XAxis" }, "YAxis": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples Y axis.", "title": "YAxis" } }, "type": "object" }, "AWS::QuickSight::Analysis.Spacing": { "additionalProperties": false, "properties": { "Bottom": { "markdownDescription": "Define the bottom spacing.", "title": "Bottom", "type": "string" }, "Left": { "markdownDescription": "Define the left spacing.", "title": "Left", "type": "string" }, "Right": { "markdownDescription": "Define the right spacing.", "title": "Right", "type": "string" }, "Top": { "markdownDescription": "Define the top spacing.", "title": "Top", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.StringDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.StringFormatConfiguration": { "additionalProperties": false, "properties": { "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric strings.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.StringParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for a string parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values of a string parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Analysis.StringParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Analysis.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.SubtotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the subtotal cells.", "title": "CustomLabel", "type": "string" }, "FieldLevel": { "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", "title": "FieldLevel", "type": "string" }, "FieldLevelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableFieldSubtotalOptions" }, "markdownDescription": "The optional configuration of subtotal cells.", "title": "FieldLevelOptions", "type": "array" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of header cells.", "title": "MetricHeaderCellStyle" }, "StyleTargets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableStyleTarget" }, "markdownDescription": "The style targets options for subtotals.", "title": "StyleTargets", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotal cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the subtotal cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableBorderOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of a table border.", "title": "Color", "type": "string" }, "Style": { "markdownDescription": "The style (none, solid) of a table border.", "title": "Style", "type": "string" }, "Thickness": { "markdownDescription": "The thickness of a table border.", "title": "Thickness", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { "TableCellImageScalingConfiguration": { "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", "title": "TableCellImageScalingConfiguration", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableCellStyle": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color for the table cells.", "title": "BackgroundColor", "type": "string" }, "Border": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GlobalTableBorderOptions", "markdownDescription": "The borders for the table cells.", "title": "Border" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the table cells.", "title": "FontConfiguration" }, "Height": { "markdownDescription": "The height color for the table cells.", "title": "Height", "type": "number" }, "HorizontalTextAlignment": { "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", "title": "HorizontalTextAlignment", "type": "string" }, "TextWrap": { "markdownDescription": "The text wrap (none, wrap) for the table cells.", "title": "TextWrap", "type": "string" }, "VerticalTextAlignment": { "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", "title": "VerticalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the table cells.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a table.", "title": "Cell" }, "Row": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableRowConditionalFormatting", "markdownDescription": "The row conditional formatting option for a table.", "title": "Row" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOptions", "markdownDescription": "The field options for a table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePaginatedReportOptions", "markdownDescription": "The paginated report options for a table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableSortConfiguration", "markdownDescription": "The sort configuration for a `TableVisual` .", "title": "SortConfiguration" }, "TableInlineVisualizations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableInlineVisualization" }, "markdownDescription": "A collection of inline visualizations to display within a chart.", "title": "TableInlineVisualizations", "type": "array" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableOptions", "markdownDescription": "The table options for a table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalOptions", "markdownDescription": "The total options for a table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", "title": "Icon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FontConfiguration", "markdownDescription": "The font configuration of the custom text content for the table URL link content.", "title": "FontConfiguration" }, "Value": { "markdownDescription": "The string value of the custom text content for the table URL link content.", "title": "Value", "type": "string" } }, "required": [ "FontConfiguration" ], "type": "object" }, "AWS::QuickSight::Analysis.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { "SizingOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellImageSizingConfiguration", "markdownDescription": "The sizing options for the table image configuration.", "title": "SizingOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration", "markdownDescription": "The URL content (text, icon) for the table link configuration.", "title": "Content" }, "Target": { "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", "title": "Target", "type": "string" } }, "required": [ "Content", "Target" ], "type": "object" }, "AWS::QuickSight::Analysis.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { "CustomIconContent": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomIconContent", "markdownDescription": "The custom icon content for the table link content configuration.", "title": "CustomIconContent" }, "CustomTextContent": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldCustomTextContent", "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", "title": "CustomTextContent" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label for a table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID for a table field.", "title": "FieldId", "type": "string" }, "URLStyling": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldURLConfiguration", "markdownDescription": "The URL configuration for a table field.", "title": "URLStyling" }, "Visibility": { "markdownDescription": "The visibility of a table field.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width for a table field.", "title": "Width", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.TableFieldOptions": { "additionalProperties": false, "properties": { "Order": { "items": { "type": "string" }, "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", "title": "Order", "type": "array" }, "PinnedFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TablePinnedFieldOptions", "markdownDescription": "The settings for the pinned columns of a table visual.", "title": "PinnedFieldOptions" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldOption" }, "markdownDescription": "The field options to be configured to a table.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { "ImageConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldImageConfiguration", "markdownDescription": "The image configuration of a table field URL.", "title": "ImageConfiguration" }, "LinkConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableFieldLinkConfiguration", "markdownDescription": "The link configuration of a table field URL.", "title": "LinkConfiguration" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableFieldWells": { "additionalProperties": false, "properties": { "TableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the table.", "title": "TableAggregatedFieldWells" }, "TableUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableUnaggregatedFieldWells", "markdownDescription": "The unaggregated field well for the table.", "title": "TableUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableInlineVisualization": { "additionalProperties": false, "properties": { "DataBars": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataBarsOptions", "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", "title": "DataBars" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of table cells.", "title": "CellStyle" }, "HeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "The table cell style of a table header.", "title": "HeaderStyle" }, "Orientation": { "markdownDescription": "The orientation (vertical, horizontal) for a table.", "title": "Orientation", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", "title": "RowAlternateColorOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { "PinnedLeftFields": { "items": { "type": "string" }, "markdownDescription": "A list of columns to be pinned to the left of a table visual.", "title": "PinnedLeftFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", "title": "BackgroundColor" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableSideBorderOptions": { "additionalProperties": false, "properties": { "Bottom": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the bottom border.", "title": "Bottom" }, "InnerHorizontal": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the inner horizontal border.", "title": "InnerHorizontal" }, "InnerVertical": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the inner vertical border.", "title": "InnerVertical" }, "Left": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the left border.", "title": "Left" }, "Right": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the right border.", "title": "Right" }, "Top": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableBorderOptions", "markdownDescription": "The table border options of the top border.", "title": "Top" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableSortConfiguration": { "additionalProperties": false, "properties": { "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PaginationConfiguration", "markdownDescription": "The pagination configuration (page size, page number) for the table.", "title": "PaginationConfiguration" }, "RowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The field sort options for rows in the table.", "title": "RowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableStyleTarget": { "additionalProperties": false, "properties": { "CellType": { "markdownDescription": "The cell type of the table style target.", "title": "CellType", "type": "string" } }, "required": [ "CellType" ], "type": "object" }, "AWS::QuickSight::Analysis.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.UnaggregatedField" }, "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text area control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.TextConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text background color.", "title": "BackgroundColor" }, "Icon": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting for the icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Analysis.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the placeholder options in a text control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text field control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { "Symbol": { "markdownDescription": "Determines the thousands separator symbol.", "title": "Symbol", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the thousands separator.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", "title": "Seasonality", "type": "number" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Analysis.TimeEqualityFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", "title": "ParameterName", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", "title": "RollingDate" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "Value": { "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", "title": "Value", "type": "string" } }, "required": [ "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Analysis.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "RangeMaximum": { "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum", "type": "string" }, "RangeMinimum": { "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "RangeMaximum", "RangeMinimum", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Analysis.TimeRangeFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ExcludePeriodConfiguration", "markdownDescription": "The exclude period of the time range filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximumValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximumValue" }, "RangeMinimumValue": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TimeRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimumValue" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Analysis.TimeRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter type input value.", "title": "Parameter", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RollingDateConfiguration", "markdownDescription": "The rolling date input value.", "title": "RollingDate" }, "StaticValue": { "markdownDescription": "The static input value.", "title": "StaticValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TooltipItem": { "additionalProperties": false, "properties": { "ColumnTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnTooltipItem", "markdownDescription": "The tooltip item for the columns that are not part of a field well.", "title": "ColumnTooltipItem" }, "FieldTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldTooltipItem", "markdownDescription": "The tooltip item for the fields.", "title": "FieldTooltipItem" } }, "type": "object" }, "AWS::QuickSight::Analysis.TooltipOptions": { "additionalProperties": false, "properties": { "FieldBasedTooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldBasedTooltip", "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", "title": "FieldBasedTooltip" }, "SelectedTooltipType": { "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", "title": "SelectedTooltipType", "type": "string" }, "TooltipVisibility": { "markdownDescription": "Determines whether or not the tooltip is visible.", "title": "TooltipVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TopBottomFilter": { "additionalProperties": false, "properties": { "AggregationSortConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AggregationSortConfiguration" }, "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", "title": "AggregationSortConfigurations", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "Limit": { "markdownDescription": "The number of items to include in the top bottom filter results.", "title": "Limit", "type": "number" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AggregationSortConfigurations", "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Analysis.TopBottomMoversComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "MoverSize": { "markdownDescription": "The mover size setup of the top and bottom movers computation.", "title": "MoverSize", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "SortOrder": { "markdownDescription": "The sort order setup of the top and bottom movers computation.", "title": "SortOrder", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Analysis.TopBottomRankedComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "ResultSize": { "markdownDescription": "The result size of a top and bottom ranked computation.", "title": "ResultSize", "type": "number" }, "Type": { "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Analysis.TotalAggregationComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.TotalAggregationFunction": { "additionalProperties": false, "properties": { "SimpleTotalAggregationFunction": { "markdownDescription": "A built in aggregation function for total values.", "title": "SimpleTotalAggregationFunction", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TotalAggregationOption": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field id that's associated with the total aggregation option.", "title": "FieldId", "type": "string" }, "TotalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationFunction", "markdownDescription": "The total aggregation function that you want to set for a specified field id.", "title": "TotalAggregationFunction" } }, "required": [ "FieldId", "TotalAggregationFunction" ], "type": "object" }, "AWS::QuickSight::Analysis.TotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TotalAggregationOption" }, "markdownDescription": "The total aggregation settings for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableCellStyle", "markdownDescription": "Cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", "title": "Colors", "type": "array" }, "Groups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", "title": "Groups", "type": "array" }, "Sizes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", "title": "Sizes", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TreeMapConfiguration": { "additionalProperties": false, "properties": { "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", "title": "ColorLabelOptions" }, "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", "title": "ColorScale" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "GroupLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", "title": "GroupLabelOptions" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SizeLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", "title": "SizeLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapSortConfiguration", "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Analysis.TreeMapFieldWells": { "additionalProperties": false, "properties": { "TreeMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a tree map.", "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { "TreeMapGroupItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed.", "title": "TreeMapGroupItemsLimitConfiguration" }, "TreeMapSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "TreeMapSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.TrendArrowOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the trend arrows.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.UnaggregatedField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnIdentifier", "markdownDescription": "The column that is used in the `UnaggregatedField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Analysis.UniqueValuesComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Analysis.ValidationStrategy": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::QuickSight::Analysis.VisibleRangeOptions": { "additionalProperties": false, "properties": { "PercentRange": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PercentVisibleRange", "markdownDescription": "The percent range in the visible range.", "title": "PercentRange" } }, "type": "object" }, "AWS::QuickSight::Analysis.Visual": { "additionalProperties": false, "properties": { "BarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BarChartVisual", "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", "title": "BarChartVisual" }, "BoxPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.BoxPlotVisual", "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", "title": "BoxPlotVisual" }, "ComboChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ComboChartVisual", "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", "title": "ComboChartVisual" }, "CustomContentVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomContentVisual", "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "CustomContentVisual" }, "EmptyVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.EmptyVisual", "markdownDescription": "An empty visual.", "title": "EmptyVisual" }, "FilledMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FilledMapVisual", "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", "title": "FilledMapVisual" }, "FunnelChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FunnelChartVisual", "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "FunnelChartVisual" }, "GaugeChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GaugeChartVisual", "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", "title": "GaugeChartVisual" }, "GeospatialMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.GeospatialMapVisual", "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", "title": "GeospatialMapVisual" }, "HeatMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HeatMapVisual", "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", "title": "HeatMapVisual" }, "HistogramVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.HistogramVisual", "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", "title": "HistogramVisual" }, "InsightVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.InsightVisual", "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", "title": "InsightVisual" }, "KPIVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.KPIVisual", "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", "title": "KPIVisual" }, "LineChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LineChartVisual", "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", "title": "LineChartVisual" }, "PieChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PieChartVisual", "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", "title": "PieChartVisual" }, "PivotTableVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.PivotTableVisual", "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", "title": "PivotTableVisual" }, "RadarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.RadarChartVisual", "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", "title": "RadarChartVisual" }, "SankeyDiagramVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.SankeyDiagramVisual", "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", "title": "SankeyDiagramVisual" }, "ScatterPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ScatterPlotVisual", "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", "title": "ScatterPlotVisual" }, "TableVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TableVisual", "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", "title": "TableVisual" }, "TreeMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.TreeMapVisual", "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", "title": "TreeMapVisual" }, "WaterfallVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallVisual", "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", "title": "WaterfallVisual" }, "WordCloudVisual": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudVisual", "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", "title": "WordCloudVisual" } }, "type": "object" }, "AWS::QuickSight::Analysis.VisualCustomAction": { "additionalProperties": false, "properties": { "ActionOperations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomActionOperation" }, "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ActionOperations", "type": "array" }, "CustomActionId": { "markdownDescription": "The ID of the `VisualCustomAction` .", "title": "CustomActionId", "type": "string" }, "Name": { "markdownDescription": "The name of the `VisualCustomAction` .", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "The status of the `VisualCustomAction` .", "title": "Status", "type": "string" }, "Trigger": { "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", "title": "Trigger", "type": "string" } }, "required": [ "ActionOperations", "CustomActionId", "Name", "Trigger" ], "type": "object" }, "AWS::QuickSight::Analysis.VisualCustomActionOperation": { "additionalProperties": false, "properties": { "FilterOperation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionFilterOperation", "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", "title": "FilterOperation" }, "NavigationOperation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionNavigationOperation", "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", "title": "NavigationOperation" }, "SetParametersOperation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionSetParametersOperation", "markdownDescription": "The set parameter operation that sets parameters in custom action.", "title": "SetParametersOperation" }, "URLOperation": { "$ref": "#/definitions/AWS::QuickSight::Analysis.CustomActionURLOperation", "markdownDescription": "The URL operation that opens a link to another webpage.", "title": "URLOperation" } }, "type": "object" }, "AWS::QuickSight::Analysis.VisualPalette": { "additionalProperties": false, "properties": { "ChartColor": { "markdownDescription": "The chart color options for the visual palette.", "title": "ChartColor", "type": "string" }, "ColorMap": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataPathColor" }, "markdownDescription": "The color map options for the visual palette.", "title": "ColorMap", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.VisualSubtitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LongFormatText", "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the subtitle label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ShortFormatText", "markdownDescription": "The short text format of the title label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the title label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Breakdowns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The breakdown field wells of a waterfall visual.", "title": "Breakdowns", "type": "array" }, "Categories": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The category field wells of a waterfall visual.", "title": "Categories", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The value field wells of a waterfall visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { "CategoryAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the category axis.", "title": "CategoryAxisDisplayOptions" }, "CategoryAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the category axis label.", "title": "CategoryAxisLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DataLabelOptions", "markdownDescription": "The data label configuration of a waterfall visual.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Analysis.LegendOptions", "markdownDescription": "The legend configuration of a waterfall visual.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartSortConfiguration", "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualPalette", "markdownDescription": "The visual palette configuration of a waterfall visual.", "title": "VisualPalette" }, "WaterfallChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartOptions", "markdownDescription": "The options that determine the presentation of a waterfall visual.", "title": "WaterfallChartOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { "WaterfallChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallChartOptions": { "additionalProperties": false, "properties": { "TotalBarLabel": { "markdownDescription": "This option determines the total bar label of a waterfall visual.", "title": "TotalBarLabel", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallChartSortConfiguration": { "additionalProperties": false, "properties": { "BreakdownItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of bar groups that are displayed.", "title": "BreakdownItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WaterfallChartConfiguration", "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Analysis.WhatIfPointScenario": { "additionalProperties": false, "properties": { "Date": { "markdownDescription": "The date that you need the forecast results for.", "title": "Date", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date.", "title": "Value", "type": "number" } }, "required": [ "Date", "Value" ], "type": "object" }, "AWS::QuickSight::Analysis.WhatIfRangeScenario": { "additionalProperties": false, "properties": { "EndDate": { "markdownDescription": "The end date in the date range that you need the forecast results for.", "title": "EndDate", "type": "string" }, "StartDate": { "markdownDescription": "The start date in the date range that you need the forecast results for.", "title": "StartDate", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date range.", "title": "Value", "type": "number" } }, "required": [ "EndDate", "StartDate", "Value" ], "type": "object" }, "AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.DimensionField" }, "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.MeasureField" }, "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", "title": "Size", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudSortConfiguration", "markdownDescription": "The sort configuration of a word cloud visual.", "title": "SortConfiguration" }, "WordCloudOptions": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudOptions", "markdownDescription": "The options for a word cloud visual.", "title": "WordCloudOptions" } }, "type": "object" }, "AWS::QuickSight::Analysis.WordCloudFieldWells": { "additionalProperties": false, "properties": { "WordCloudAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a word cloud.", "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Analysis.WordCloudOptions": { "additionalProperties": false, "properties": { "CloudLayout": { "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", "title": "CloudLayout", "type": "string" }, "MaximumStringLength": { "markdownDescription": "The length limit of each word from 1-100.", "title": "MaximumStringLength", "type": "number" }, "WordCasing": { "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", "title": "WordCasing", "type": "string" }, "WordOrientation": { "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", "title": "WordOrientation", "type": "string" }, "WordPadding": { "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", "title": "WordPadding", "type": "string" }, "WordScaling": { "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", "title": "WordScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Analysis.WordCloudSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Analysis.WordCloudVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Analysis.WordCloudChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Analysis.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Analysis.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The ID of the AWS account where you want to create the dashboard.", "title": "AwsAccountId", "type": "string" }, "DashboardId": { "markdownDescription": "The ID for the dashboard, also added to the IAM policy.", "title": "DashboardId", "type": "string" }, "DashboardPublishOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardPublishOptions", "markdownDescription": "Options for publishing the dashboard when you create it:\n\n- `AvailabilityStatus` for `AdHocFilteringOption` - This status can be either `ENABLED` or `DISABLED` . When this is set to `DISABLED` , Amazon QuickSight disables the left filter pane on the published dashboard, which can be used for ad hoc (one-time) filtering. This option is `ENABLED` by default.\n- `AvailabilityStatus` for `ExportToCSVOption` - This status can be either `ENABLED` or `DISABLED` . The visual option to export data to .CSV format isn't enabled when this is set to `DISABLED` . This option is `ENABLED` by default.\n- `VisibilityState` for `SheetControlsOption` - This visibility state can be either `COLLAPSED` or `EXPANDED` . This option is `COLLAPSED` by default.", "title": "DashboardPublishOptions" }, "Definition": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVersionDefinition", "markdownDescription": "", "title": "Definition" }, "LinkEntities": { "items": { "type": "string" }, "markdownDescription": "A list of analysis Amazon Resource Names (ARNs) to be linked to the dashboard.", "title": "LinkEntities", "type": "array" }, "LinkSharingConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LinkSharingConfiguration", "markdownDescription": "A structure that contains the link sharing configurations that you want to apply overrides to.", "title": "LinkSharingConfiguration" }, "Name": { "markdownDescription": "The display name of the dashboard.", "title": "Name", "type": "string" }, "Parameters": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Parameters", "markdownDescription": "The parameters for the creation of the dashboard, which you want to use to override the default settings. A dashboard can have any type of parameters, and some parameters might accept multiple values.", "title": "Parameters" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" }, "markdownDescription": "A structure that contains the permissions of the dashboard. You can use this structure for granting permissions by providing a list of IAM action information for each principal ARN.\n\nTo specify no permissions, omit the permissions list.", "title": "Permissions", "type": "array" }, "SourceEntity": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceEntity", "markdownDescription": "The entity that you are using as a source when you create the dashboard. In `SourceEntity` , you specify the type of object that you want to use. You can only create a dashboard from a template, so you use a `SourceTemplate` entity. If you need to create a dashboard from an analysis, first convert the analysis to a template by using the `CreateTemplate` API operation. For `SourceTemplate` , specify the Amazon Resource Name (ARN) of the source template. The `SourceTemplate` ARN can contain any AWS account; and any QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.", "title": "SourceEntity" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dashboard.", "title": "Tags", "type": "array" }, "ThemeArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the theme that is being used for this dashboard. If you add a value for this field, it overrides the value that is used in the source entity. The theme ARN must exist in the same AWS account where you create the dashboard.", "title": "ThemeArn", "type": "string" }, "ValidationStrategy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ValidationStrategy", "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", "title": "ValidationStrategy" }, "VersionDescription": { "markdownDescription": "A description for the first version of the dashboard being created.", "title": "VersionDescription", "type": "string" } }, "required": [ "AwsAccountId", "DashboardId", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::Dashboard" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QuickSight::Dashboard.AdHocFilteringOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "Availability status.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AggregationFunction": { "additionalProperties": false, "properties": { "AttributeAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AttributeAggregationFunction", "markdownDescription": "Aggregation for attributes.", "title": "AttributeAggregationFunction" }, "CategoricalAggregationFunction": { "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", "title": "CategoricalAggregationFunction", "type": "string" }, "DateAggregationFunction": { "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", "title": "DateAggregationFunction", "type": "string" }, "NumericalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", "markdownDescription": "Aggregation for numerical values.", "title": "NumericalAggregationFunction" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AggregationSortConfiguration": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The function that aggregates the values in `Column` .", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that determines the sort order of aggregated values.", "title": "Column" }, "SortDirection": { "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", "title": "SortDirection", "type": "string" } }, "required": [ "Column", "SortDirection" ], "type": "object" }, "AWS::QuickSight::Dashboard.AnalysisDefaults": { "additionalProperties": false, "properties": { "DefaultNewSheetConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration", "markdownDescription": "The configuration for default new sheet settings.", "title": "DefaultNewSheetConfiguration" } }, "required": [ "DefaultNewSheetConfiguration" ], "type": "object" }, "AWS::QuickSight::Dashboard.AnchorDateConfiguration": { "additionalProperties": false, "properties": { "AnchorOption": { "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", "title": "AnchorOption", "type": "string" }, "ParameterName": { "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", "title": "ParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ArcAxisConfiguration": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisDisplayRange", "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", "title": "Range" }, "ReserveRange": { "markdownDescription": "The reserved range of the arc axis.", "title": "ReserveRange", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum value of the arc axis range.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum value of the arc axis range.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ArcConfiguration": { "additionalProperties": false, "properties": { "ArcAngle": { "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", "title": "ArcAngle", "type": "number" }, "ArcThickness": { "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ArcOptions": { "additionalProperties": false, "properties": { "ArcThickness": { "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AssetOptions": { "additionalProperties": false, "properties": { "Timezone": { "markdownDescription": "Determines the timezone for the analysis.", "title": "Timezone", "type": "string" }, "WeekStart": { "markdownDescription": "Determines the week start day for an analysis.", "title": "WeekStart", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AttributeAggregationFunction": { "additionalProperties": false, "properties": { "SimpleAttributeAggregation": { "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", "title": "SimpleAttributeAggregation", "type": "string" }, "ValueForMultipleValues": { "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", "title": "ValueForMultipleValues", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisDataOptions": { "additionalProperties": false, "properties": { "DateAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateAxisOptions", "markdownDescription": "The options for an axis with a date field.", "title": "DateAxisOptions" }, "NumericAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericAxisOptions", "markdownDescription": "The options for an axis with a numeric field.", "title": "NumericAxisOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The maximum setup for an axis display range.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "The minimum setup for an axis display range.", "title": "Minimum", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisLineVisibility": { "markdownDescription": "Determines whether or not the axis line is visible.", "title": "AxisLineVisibility", "type": "string" }, "AxisOffset": { "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", "title": "AxisOffset", "type": "string" }, "DataOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDataOptions", "markdownDescription": "The data options for an axis.", "title": "DataOptions" }, "GridLineVisibility": { "markdownDescription": "Determines whether or not the grid line is visible.", "title": "GridLineVisibility", "type": "string" }, "ScrollbarOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScrollBarOptions", "markdownDescription": "The scroll bar options for an axis.", "title": "ScrollbarOptions" }, "TickLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisTickLabelOptions", "markdownDescription": "The tick label options of an axis.", "title": "TickLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisDisplayRange": { "additionalProperties": false, "properties": { "DataDriven": { "markdownDescription": "The data-driven setup of an axis display range.", "title": "DataDriven", "type": "object" }, "MinMax": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayMinMaxRange", "markdownDescription": "The minimum and maximum setup of an axis display range.", "title": "MinMax" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisLabelOptions": { "additionalProperties": false, "properties": { "ApplyTo": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelReferenceOptions", "markdownDescription": "The options that indicate which field the label belongs to.", "title": "ApplyTo" }, "CustomLabel": { "markdownDescription": "The text for the axis label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration of the axis label.", "title": "FontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the axis label is targeted to.", "title": "Column" }, "FieldId": { "markdownDescription": "The field that the axis label is targeted to.", "title": "FieldId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.AxisLinearScale": { "additionalProperties": false, "properties": { "StepCount": { "markdownDescription": "The step count setup of a linear axis.", "title": "StepCount", "type": "number" }, "StepSize": { "markdownDescription": "The step size setup of a linear axis.", "title": "StepSize", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisLogarithmicScale": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base setup of a logarithmic axis scale.", "title": "Base", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisScale": { "additionalProperties": false, "properties": { "Linear": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLinearScale", "markdownDescription": "The linear axis scale setup.", "title": "Linear" }, "Logarithmic": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLogarithmicScale", "markdownDescription": "The logarithmic axis scale setup.", "title": "Logarithmic" } }, "type": "object" }, "AWS::QuickSight::Dashboard.AxisTickLabelOptions": { "additionalProperties": false, "properties": { "LabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "Determines whether or not the axis ticks are visible.", "title": "LabelOptions" }, "RotationAngle": { "markdownDescription": "The rotation angle of the axis tick labels.", "title": "RotationAngle", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category (y-axis) field well of a bar chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The color (group/color) field well of a bar chart.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The small multiples field well of a bar chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BarChartConfiguration": { "additionalProperties": false, "properties": { "BarsArrangement": { "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", "title": "ColorLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Orientation": { "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", "title": "Orientation", "type": "string" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartSortConfiguration", "markdownDescription": "The sort configuration of a `BarChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", "title": "ValueAxis" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BarChartFieldWells": { "additionalProperties": false, "properties": { "BarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a bar chart.", "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed in a bar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of values displayed in a bar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of color fields in a bar chart.", "title": "ColorSort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.BinCountOptions": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The options that determine the bin count value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BinWidthOptions": { "additionalProperties": false, "properties": { "BinCountLimit": { "markdownDescription": "The options that determine the bin count limit.", "title": "BinCountLimit", "type": "number" }, "Value": { "markdownDescription": "The options that determine the bin width value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BodySectionConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionContent", "markdownDescription": "The configuration of content in a body section.", "title": "Content" }, "PageBreakConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionPageBreakConfiguration", "markdownDescription": "The configuration of a page break for a section.", "title": "PageBreakConfiguration" }, "SectionId": { "markdownDescription": "The unique identifier of a body section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", "markdownDescription": "The style options of a body section.", "title": "Style" } }, "required": [ "Content", "SectionId" ], "type": "object" }, "AWS::QuickSight::Dashboard.BodySectionContent": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of a body section.", "title": "Layout" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { "BoxPlotOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotOptions", "markdownDescription": "The box plot chart options for a box plot visual", "title": "BoxPlotOptions" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotSortConfiguration", "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotFieldWells": { "additionalProperties": false, "properties": { "BoxPlotAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a box plot.", "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotOptions": { "additionalProperties": false, "properties": { "AllDataPointsVisibility": { "markdownDescription": "Determines the visibility of all data points of the box plot.", "title": "AllDataPointsVisibility", "type": "string" }, "OutlierVisibility": { "markdownDescription": "Determines the visibility of the outlier in a box plot.", "title": "OutlierVisibility", "type": "string" }, "StyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotStyleOptions", "markdownDescription": "The style options of the box plot.", "title": "StyleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of a group by fields.", "title": "CategorySort", "type": "array" }, "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", "markdownDescription": "The pagination configuration of a table visual or box plot.", "title": "PaginationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { "FillStyle": { "markdownDescription": "The fill styles (solid, transparent) of the box plot.", "title": "FillStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CalculatedField": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in this calculated field.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the calculated field.", "title": "Expression", "type": "string" }, "Name": { "markdownDescription": "The name of the calculated field.", "title": "Name", "type": "string" } }, "required": [ "DataSetIdentifier", "Expression", "Name" ], "type": "object" }, "AWS::QuickSight::Dashboard.CalculatedMeasureField": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression in the table calculation.", "title": "Expression", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" } }, "required": [ "Expression", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CascadingControlConfiguration": { "additionalProperties": false, "properties": { "SourceControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlSource" }, "markdownDescription": "A list of source controls that determine the values that are used in the current control.", "title": "SourceControls", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CascadingControlSource": { "additionalProperties": false, "properties": { "ColumnToMatch": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", "title": "ColumnToMatch" }, "SourceSheetControlId": { "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", "title": "SourceSheetControlId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CategoricalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CategoricalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", "title": "CategoryValues", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" } }, "required": [ "CategoryValues", "Column" ], "type": "object" }, "AWS::QuickSight::Dashboard.CategoryFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilterConfiguration", "markdownDescription": "The configuration for a `CategoryFilter` .", "title": "Configuration" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" } }, "required": [ "Column", "Configuration", "FilterId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { "CustomFilterConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterConfiguration", "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", "title": "CustomFilterConfiguration" }, "CustomFilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomFilterListConfiguration", "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", "title": "CustomFilterListConfiguration" }, "FilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListConfiguration", "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", "title": "FilterListConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { "AxisLabelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisLabelOptions" }, "markdownDescription": "The label options for a chart axis.", "title": "AxisLabelOptions", "type": "array" }, "SortIconVisibility": { "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", "title": "SortIconVisibility", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ClusterMarker": { "additionalProperties": false, "properties": { "SimpleClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SimpleClusterMarker", "markdownDescription": "The simple cluster marker of the cluster marker.", "title": "SimpleClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { "ClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarker", "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", "title": "ClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ColorScale": { "additionalProperties": false, "properties": { "ColorFillType": { "markdownDescription": "Determines the color fill type.", "title": "ColorFillType", "type": "string" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor" }, "markdownDescription": "Determines the list of colors that are applied to the visual.", "title": "Colors", "type": "array" }, "NullValueColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataColor", "markdownDescription": "Determines the color that is applied to null values.", "title": "NullValueColor" } }, "required": [ "ColorFillType", "Colors" ], "type": "object" }, "AWS::QuickSight::Dashboard.ColorsConfiguration": { "additionalProperties": false, "properties": { "CustomColors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomColor" }, "markdownDescription": "A list of up to 50 custom colors.", "title": "CustomColors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ColumnConfiguration": { "additionalProperties": false, "properties": { "ColorsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorsConfiguration", "markdownDescription": "The color configurations of the column.", "title": "ColorsConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column.", "title": "Column" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", "markdownDescription": "The format configuration of a column.", "title": "FormatConfiguration" }, "Role": { "markdownDescription": "The role of the column.", "title": "Role", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Dashboard.ColumnHierarchy": { "additionalProperties": false, "properties": { "DateTimeHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeHierarchy", "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", "title": "DateTimeHierarchy" }, "ExplicitHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExplicitHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", "title": "ExplicitHierarchy" }, "PredefinedHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PredefinedHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", "title": "PredefinedHierarchy" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ColumnIdentifier": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the column.", "title": "ColumnName", "type": "string" }, "DataSetIdentifier": { "markdownDescription": "The data set that the column belongs to.", "title": "DataSetIdentifier", "type": "string" } }, "required": [ "ColumnName", "DataSetIdentifier" ], "type": "object" }, "AWS::QuickSight::Dashboard.ColumnSort": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The aggregation function that is defined in the column sort.", "title": "AggregationFunction" }, "Direction": { "markdownDescription": "The sort direction.", "title": "Direction", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "", "title": "SortBy" } }, "required": [ "Direction", "SortBy" ], "type": "object" }, "AWS::QuickSight::Dashboard.ColumnTooltipItem": { "additionalProperties": false, "properties": { "Aggregation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The aggregation function of the column tooltip item.", "title": "Aggregation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The target column of the tooltip item.", "title": "Column" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "BarValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", "title": "BarValues", "type": "array" }, "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The aggregated category field wells of a combo chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The aggregated colors field well of a combo chart.", "title": "Colors", "type": "array" }, "LineValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", "title": "LineValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ComboChartConfiguration": { "additionalProperties": false, "properties": { "BarDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", "title": "BarDataLabels" }, "BarsArrangement": { "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The category axis of a combo chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "LineDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", "title": "LineDataLabels" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", "title": "SecondaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartSortConfiguration", "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ComboChartFieldWells": { "additionalProperties": false, "properties": { "ComboChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration for the category field well of a combo chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category field well in a combo chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration of the color field well in a combo chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the color field well in a combo chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ComparisonConfiguration": { "additionalProperties": false, "properties": { "ComparisonFormat": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonFormatConfiguration", "markdownDescription": "The format of the comparison.", "title": "ComparisonFormat" }, "ComparisonMethod": { "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", "title": "ComparisonMethod", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", "markdownDescription": "The number display format.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", "markdownDescription": "The percentage display format.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.Computation": { "additionalProperties": false, "properties": { "Forecast": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastComputation", "markdownDescription": "The forecast computation configuration.", "title": "Forecast" }, "GrowthRate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GrowthRateComputation", "markdownDescription": "The growth rate computation configuration.", "title": "GrowthRate" }, "MaximumMinimum": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumMinimumComputation", "markdownDescription": "The maximum and minimum computation configuration.", "title": "MaximumMinimum" }, "MetricComparison": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MetricComparisonComputation", "markdownDescription": "The metric comparison computation configuration.", "title": "MetricComparison" }, "PeriodOverPeriod": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodOverPeriodComputation", "markdownDescription": "The period over period computation configuration.", "title": "PeriodOverPeriod" }, "PeriodToDate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PeriodToDateComputation", "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", "title": "PeriodToDate" }, "TopBottomMovers": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomMoversComputation", "markdownDescription": "The top movers and bottom movers computation configuration.", "title": "TopBottomMovers" }, "TopBottomRanked": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomRankedComputation", "markdownDescription": "The top ranked and bottom ranked computation configuration.", "title": "TopBottomRanked" }, "TotalAggregation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationComputation", "markdownDescription": "The total aggregation computation configuration.", "title": "TotalAggregation" }, "UniqueValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.UniqueValuesComputation", "markdownDescription": "The unique values computation configuration.", "title": "UniqueValues" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingColor": { "additionalProperties": false, "properties": { "Gradient": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor", "markdownDescription": "Formatting configuration for gradient color.", "title": "Gradient" }, "Solid": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor", "markdownDescription": "Formatting configuration for solid color.", "title": "Solid" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color of the icon.", "title": "Color", "type": "string" }, "DisplayConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration", "markdownDescription": "Determines the icon display configuration.", "title": "DisplayConfiguration" }, "Expression": { "markdownDescription": "The expression that determines the condition of the icon set.", "title": "Expression", "type": "string" }, "IconOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions", "markdownDescription": "Custom icon options for an icon set.", "title": "IconOptions" } }, "required": [ "Expression", "IconOptions" ], "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "Determines the type of icon.", "title": "Icon", "type": "string" }, "UnicodeIcon": { "markdownDescription": "Determines the Unicode icon type.", "title": "UnicodeIcon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { "Color": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientColor", "markdownDescription": "Determines the color.", "title": "Color" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for gradient color.", "title": "Expression", "type": "string" } }, "required": [ "Color", "Expression" ], "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { "CustomCondition": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingCustomIconCondition", "markdownDescription": "Determines the custom condition for an icon set.", "title": "CustomCondition" }, "IconSet": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIconSet", "markdownDescription": "Formatting configuration for icon set.", "title": "IconSet" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { "IconDisplayOption": { "markdownDescription": "Determines the icon display configuration.", "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression that determines the formatting configuration for the icon set.", "title": "Expression", "type": "string" }, "IconSetType": { "markdownDescription": "Determines the icon set type.", "title": "IconSetType", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Dashboard.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for solid color.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Dashboard.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { "ContributorDimensions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", "title": "ContributorDimensions", "type": "array" }, "MeasureFieldId": { "markdownDescription": "The measure field that is used in the contribution analysis.", "title": "MeasureFieldId", "type": "string" } }, "required": [ "ContributorDimensions", "MeasureFieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value for the currency format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the currency format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the currency format.", "title": "Suffix", "type": "string" }, "Symbol": { "markdownDescription": "Determines the symbol for the currency format.", "title": "Symbol", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CustomActionFilterOperation": { "additionalProperties": false, "properties": { "SelectedFieldsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration", "markdownDescription": "The configuration that chooses the fields to be filtered.", "title": "SelectedFieldsConfiguration" }, "TargetVisualsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration", "markdownDescription": "The configuration that chooses the target visuals to be filtered.", "title": "TargetVisualsConfiguration" } }, "required": [ "SelectedFieldsConfiguration", "TargetVisualsConfiguration" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { "LocalNavigationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LocalNavigationConfiguration", "markdownDescription": "The configuration that chooses the navigation target.", "title": "LocalNavigationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { "ParameterValueConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SetParameterValueConfiguration" }, "markdownDescription": "The parameter that determines the value configuration.", "title": "ParameterValueConfigurations", "type": "array" } }, "required": [ "ParameterValueConfigurations" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomActionURLOperation": { "additionalProperties": false, "properties": { "URLTarget": { "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", "title": "URLTarget", "type": "string" }, "URLTemplate": { "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", "title": "URLTemplate", "type": "string" } }, "required": [ "URLTarget", "URLTemplate" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "FieldValue": { "markdownDescription": "The data value that the color is applied to.", "title": "FieldValue", "type": "string" }, "SpecialValue": { "markdownDescription": "The value of a special data value.", "title": "SpecialValue", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomContentConfiguration": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", "title": "ContentType", "type": "string" }, "ContentUrl": { "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", "title": "ContentUrl", "type": "string" }, "ImageScaling": { "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", "title": "ImageScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentConfiguration", "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", "title": "DataSetIdentifier", "type": "string" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomFilterConfiguration": { "additionalProperties": false, "properties": { "CategoryValue": { "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", "title": "CategoryValue", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomNarrativeOptions": { "additionalProperties": false, "properties": { "Narrative": { "markdownDescription": "The string input of custom narrative.", "title": "Narrative", "type": "string" } }, "required": [ "Narrative" ], "type": "object" }, "AWS::QuickSight::Dashboard.CustomParameterValues": { "additionalProperties": false, "properties": { "DateTimeValues": { "items": { "type": "string" }, "markdownDescription": "A list of datetime-type parameter values.", "title": "DateTimeValues", "type": "array" }, "DecimalValues": { "items": { "type": "number" }, "markdownDescription": "A list of decimal-type parameter values.", "title": "DecimalValues", "type": "array" }, "IntegerValues": { "items": { "type": "number" }, "markdownDescription": "A list of integer-type parameter values.", "title": "IntegerValues", "type": "array" }, "StringValues": { "items": { "type": "string" }, "markdownDescription": "A list of string-type parameter values.", "title": "StringValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.CustomValuesConfiguration": { "additionalProperties": false, "properties": { "CustomValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomParameterValues", "markdownDescription": "", "title": "CustomValues" }, "IncludeNullValue": { "markdownDescription": "Includes the null value in custom action parameter values.", "title": "IncludeNullValue", "type": "boolean" } }, "required": [ "CustomValues" ], "type": "object" }, "AWS::QuickSight::Dashboard.DashboardError": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "Message.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "Type.", "title": "Type", "type": "string" }, "ViolatedEntities": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Entity" }, "markdownDescription": "Lists the violated entities that caused the dashboard error.", "title": "ViolatedEntities", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DashboardPublishOptions": { "additionalProperties": false, "properties": { "AdHocFilteringOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AdHocFilteringOption", "markdownDescription": "Ad hoc (one-time) filtering option.", "title": "AdHocFilteringOption" }, "DataPointDrillUpDownOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointDrillUpDownOption", "markdownDescription": "The drill-down options of data points in a dashboard.", "title": "DataPointDrillUpDownOption" }, "DataPointMenuLabelOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointMenuLabelOption", "markdownDescription": "The data point menu label options of a dashboard.", "title": "DataPointMenuLabelOption" }, "DataPointTooltipOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPointTooltipOption", "markdownDescription": "The data point tool tip options of a dashboard.", "title": "DataPointTooltipOption" }, "ExportToCSVOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportToCSVOption", "markdownDescription": "Export to .csv option.", "title": "ExportToCSVOption" }, "ExportWithHiddenFieldsOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption", "markdownDescription": "Determines if hidden fields are exported with a dashboard.", "title": "ExportWithHiddenFieldsOption" }, "SheetControlsOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlsOption", "markdownDescription": "Sheet controls option.", "title": "SheetControlsOption" }, "SheetLayoutElementMaximizationOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption", "markdownDescription": "The sheet layout maximization options of a dashbaord.", "title": "SheetLayoutElementMaximizationOption" }, "VisualAxisSortOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualAxisSortOption", "markdownDescription": "The axis sort options of a dashboard.", "title": "VisualAxisSortOption" }, "VisualMenuOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualMenuOption", "markdownDescription": "The menu options of a visual in a dashboard.", "title": "VisualMenuOption" }, "VisualPublishOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardVisualPublishOptions", "markdownDescription": "The visual publish options of a visual in a dashboard.", "title": "VisualPublishOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DashboardSourceEntity": { "additionalProperties": false, "properties": { "SourceTemplate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardSourceTemplate", "markdownDescription": "Source template.", "title": "SourceTemplate" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DashboardSourceTemplate": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" }, "DataSetReferences": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetReference" }, "markdownDescription": "Dataset references.", "title": "DataSetReferences", "type": "array" } }, "required": [ "Arn", "DataSetReferences" ], "type": "object" }, "AWS::QuickSight::Dashboard.DashboardVersion": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" }, "CreatedTime": { "markdownDescription": "The time that this dashboard version was created.", "title": "CreatedTime", "type": "string" }, "DataSetArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Numbers (ARNs) for the datasets that are associated with this version of the dashboard.", "title": "DataSetArns", "type": "array" }, "Description": { "markdownDescription": "Description.", "title": "Description", "type": "string" }, "Errors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DashboardError" }, "markdownDescription": "Errors associated with this dashboard version.", "title": "Errors", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Sheet" }, "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", "title": "Sheets", "type": "array" }, "SourceEntityArn": { "markdownDescription": "Source entity ARN.", "title": "SourceEntityArn", "type": "string" }, "Status": { "markdownDescription": "The HTTP status of the request.", "title": "Status", "type": "string" }, "ThemeArn": { "markdownDescription": "The ARN of the theme associated with a version of the dashboard.", "title": "ThemeArn", "type": "string" }, "VersionNumber": { "markdownDescription": "Version number for this version of the dashboard.", "title": "VersionNumber", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DashboardVersionDefinition": { "additionalProperties": false, "properties": { "AnalysisDefaults": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnalysisDefaults", "markdownDescription": "", "title": "AnalysisDefaults" }, "CalculatedFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedField" }, "markdownDescription": "An array of calculated field definitions for the dashboard.", "title": "CalculatedFields", "type": "array" }, "ColumnConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnConfiguration" }, "markdownDescription": "An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard.", "title": "ColumnConfigurations", "type": "array" }, "DataSetIdentifierDeclarations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration" }, "markdownDescription": "An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures.", "title": "DataSetIdentifierDeclarations", "type": "array" }, "FilterGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterGroup" }, "markdownDescription": "The filter definitions for a dashboard.\n\nFor more information, see [Filtering Data in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon QuickSight User Guide* .", "title": "FilterGroups", "type": "array" }, "Options": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AssetOptions", "markdownDescription": "An array of option definitions for a dashboard.", "title": "Options" }, "ParameterDeclarations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDeclaration" }, "markdownDescription": "The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterDeclarations", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetDefinition" }, "markdownDescription": "An array of sheet definitions for a dashboard.", "title": "Sheets", "type": "array" } }, "required": [ "DataSetIdentifierDeclarations" ], "type": "object" }, "AWS::QuickSight::Dashboard.DashboardVisualPublishOptions": { "additionalProperties": false, "properties": { "ExportHiddenFieldsOption": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExportHiddenFieldsOption", "markdownDescription": "Determines if hidden fields are included in an exported dashboard.", "title": "ExportHiddenFieldsOption" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataBarsOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the data bars options.", "title": "FieldId", "type": "string" }, "NegativeColor": { "markdownDescription": "The color of the negative data bar.", "title": "NegativeColor", "type": "string" }, "PositiveColor": { "markdownDescription": "The color of the positive data bar.", "title": "PositiveColor", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.DataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "The data value that the color is applied to.", "title": "DataValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataFieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field that you are setting the axis binding to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The field value of the field that you are setting the axis binding to.", "title": "FieldValue", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.DataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "Determines the visibility of the category field labels.", "title": "CategoryLabelVisibility", "type": "string" }, "DataLabelTypes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelType" }, "markdownDescription": "The option that determines the data label type.", "title": "DataLabelTypes", "type": "array" }, "LabelColor": { "markdownDescription": "Determines the color of the data labels.", "title": "LabelColor", "type": "string" }, "LabelContent": { "markdownDescription": "Determines the content of the data labels.", "title": "LabelContent", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "Determines the font configuration of the data labels.", "title": "LabelFontConfiguration" }, "MeasureLabelVisibility": { "markdownDescription": "Determines the visibility of the measure field labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Overlap": { "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", "title": "Overlap", "type": "string" }, "Position": { "markdownDescription": "Determines the position of the data labels.", "title": "Position", "type": "string" }, "TotalsVisibility": { "markdownDescription": "Determines the visibility of the total.", "title": "TotalsVisibility", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the data labels.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataLabelType": { "additionalProperties": false, "properties": { "DataPathLabelType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathLabelType", "markdownDescription": "The option that specifies individual data values for labels.", "title": "DataPathLabelType" }, "FieldLabelType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldLabelType", "markdownDescription": "Determines the label configuration for the entire field.", "title": "FieldLabelType" }, "MaximumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MaximumLabelType", "markdownDescription": "Determines the label configuration for the maximum value in a visual.", "title": "MaximumLabelType" }, "MinimumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MinimumLabelType", "markdownDescription": "Determines the label configuration for the minimum value in a visual.", "title": "MinimumLabelType" }, "RangeEndsLabelType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RangeEndsLabelType", "markdownDescription": "Determines the label configuration for range end value in a visual.", "title": "RangeEndsLabelType" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPathColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that needs to be applied to the element.", "title": "Color", "type": "string" }, "Element": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue", "markdownDescription": "The element that the color needs to be applied to.", "title": "Element" }, "TimeGranularity": { "markdownDescription": "The time granularity of the field that the color needs to be applied to.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Color", "Element" ], "type": "object" }, "AWS::QuickSight::Dashboard.DataPathLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the field that the data label needs to be applied to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that is labeled.", "title": "FieldValue", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the data label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPathSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "Determines the sort direction.", "title": "Direction", "type": "string" }, "SortPaths": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, "markdownDescription": "The list of data paths that need to be sorted.", "title": "SortPaths", "type": "array" } }, "required": [ "Direction", "SortPaths" ], "type": "object" }, "AWS::QuickSight::Dashboard.DataPathType": { "additionalProperties": false, "properties": { "PivotTableDataPathType": { "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", "title": "PivotTableDataPathType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPathValue": { "additionalProperties": false, "properties": { "DataPathType": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathType", "markdownDescription": "The type configuration of the field.", "title": "DataPathType" }, "FieldId": { "markdownDescription": "The field ID of the field that needs to be sorted.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that needs to be sorted.", "title": "FieldValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPointDrillUpDownOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the drill down options of data points.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPointMenuLabelOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the data point menu options.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataPointTooltipOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the data point tool tip options.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DataSetIdentifierDeclaration": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the data set.", "title": "DataSetArn", "type": "string" }, "Identifier": { "markdownDescription": "The identifier of the data set, typically the data set's name.", "title": "Identifier", "type": "string" } }, "required": [ "DataSetArn", "Identifier" ], "type": "object" }, "AWS::QuickSight::Dashboard.DataSetReference": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "Dataset Amazon Resource Name (ARN).", "title": "DataSetArn", "type": "string" }, "DataSetPlaceholder": { "markdownDescription": "Dataset placeholder.", "title": "DataSetPlaceholder", "type": "string" } }, "required": [ "DataSetArn", "DataSetPlaceholder" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateAxisOptions": { "additionalProperties": false, "properties": { "MissingDateVisibility": { "markdownDescription": "Determines whether or not missing dates are displayed.", "title": "MissingDateVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DateDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateDimensionField` .", "title": "Column" }, "DateGranularity": { "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", "title": "DateGranularity", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", "title": "RollingDate" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DataTimeDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Determines the `DateTime` format.", "title": "DateTimeFormat", "type": "string" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeHierarchy": { "additionalProperties": false, "properties": { "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for the date-time parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values for the date-time parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name" ], "type": "object" }, "AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DecimalDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DecimalParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for the decimal parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "number" }, "markdownDescription": "The values for the decimal parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Dashboard.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Dashboard.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { "DecimalPlaces": { "markdownDescription": "The values of the decimal places.", "title": "DecimalPlaces", "type": "number" } }, "required": [ "DecimalPlaces" ], "type": "object" }, "AWS::QuickSight::Dashboard.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "Type": { "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { "ControlOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlOptions", "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", "title": "ControlOptions" }, "Title": { "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", "title": "Title", "type": "string" } }, "required": [ "ControlOptions", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { "DefaultDateTimePickerOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultDateTimePickerControlOptions", "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", "title": "DefaultDateTimePickerOptions" }, "DefaultDropdownOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions", "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", "title": "DefaultDropdownOptions" }, "DefaultListOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterListControlOptions", "markdownDescription": "The default options that correspond to the `List` filter control type.", "title": "DefaultListOptions" }, "DefaultRelativeDateTimeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions", "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", "title": "DefaultRelativeDateTimeOptions" }, "DefaultSliderOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSliderControlOptions", "markdownDescription": "The default options that correspond to the `Slider` filter control type.", "title": "DefaultSliderOptions" }, "DefaultTextAreaOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions", "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", "title": "DefaultTextAreaOptions" }, "DefaultTextFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions", "markdownDescription": "The default options that correspond to the `TextField` filter control type.", "title": "DefaultTextFieldOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a free-form layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a grid layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeForm": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFreeFormLayoutConfiguration", "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", "title": "FreeForm" }, "Grid": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultGridLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a grid layout configuration.", "title": "Grid" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { "InteractiveLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultInteractiveLayoutConfiguration", "markdownDescription": "The options that determine the default settings for interactive layout configuration.", "title": "InteractiveLayoutConfiguration" }, "PaginatedLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", "title": "PaginatedLayoutConfiguration" }, "SheetContentType": { "markdownDescription": "The option that determines the sheet content type.", "title": "SheetContentType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { "SectionBased": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", "title": "SectionBased" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a section-based layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Dashboard.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Type": { "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "StepSize" ], "type": "object" }, "AWS::QuickSight::Dashboard.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { "CustomValuesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomValuesConfiguration", "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "title": "CustomValuesConfiguration" }, "SelectAllValueOptions": { "markdownDescription": "The configuration that selects all options.", "title": "SelectAllValueOptions", "type": "string" }, "SourceColumn": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "", "title": "SourceColumn" }, "SourceField": { "markdownDescription": "The source field ID of the destination parameter.", "title": "SourceField", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the destination parameter.", "title": "SourceParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DimensionField": { "additionalProperties": false, "properties": { "CategoricalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalDimensionField", "markdownDescription": "The dimension type field with categorical type columns.", "title": "CategoricalDimensionField" }, "DateDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateDimensionField", "markdownDescription": "The dimension type field with date type columns.", "title": "DateDimensionField" }, "NumericalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalDimensionField", "markdownDescription": "The dimension type field with numerical type columns.", "title": "NumericalDimensionField" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DonutCenterOptions": { "additionalProperties": false, "properties": { "LabelVisibility": { "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", "title": "LabelVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DonutOptions": { "additionalProperties": false, "properties": { "ArcOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcOptions", "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", "title": "ArcOptions" }, "DonutCenterOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutCenterOptions", "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", "title": "DonutCenterOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DrillDownFilter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryDrillDownFilter", "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter", "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", "title": "NumericEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter", "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", "title": "TimeRangeFilter" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.DynamicDefaultValue": { "additionalProperties": false, "properties": { "DefaultValueColumn": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that contains the default value of each user or group.", "title": "DefaultValueColumn" }, "GroupNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that contains the group name.", "title": "GroupNameColumn" }, "UserNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that contains the username.", "title": "UserNameColumn" } }, "required": [ "DefaultValueColumn" ], "type": "object" }, "AWS::QuickSight::Dashboard.EmptyVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", "title": "DataSetIdentifier", "type": "string" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.Entity": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { "Amount": { "markdownDescription": "The amount or number of the exclude period.", "title": "Amount", "type": "number" }, "Granularity": { "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", "title": "Granularity", "type": "string" }, "Status": { "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", "title": "Status", "type": "string" } }, "required": [ "Amount", "Granularity" ], "type": "object" }, "AWS::QuickSight::Dashboard.ExplicitHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the explicit hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the explicit hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ExportHiddenFieldsOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the export hidden fields options of a dashbaord.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ExportToCSVOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "Availability status.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ExportWithHiddenFieldsOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the export with hidden fields options.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FieldBasedTooltip": { "additionalProperties": false, "properties": { "AggregationVisibility": { "markdownDescription": "The visibility of `Show aggregations` .", "title": "AggregationVisibility", "type": "string" }, "TooltipFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipItem" }, "markdownDescription": "The fields configuration in the tooltip.", "title": "TooltipFields", "type": "array" }, "TooltipTitleType": { "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", "title": "TooltipTitleType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FieldLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "Indicates the field that is targeted by the field label.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the field label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field for which you are setting the axis binding.", "title": "FieldId", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.FieldSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", "title": "Direction", "type": "string" }, "FieldId": { "markdownDescription": "The sort configuration target field.", "title": "FieldId", "type": "string" } }, "required": [ "Direction", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.FieldSortOptions": { "additionalProperties": false, "properties": { "ColumnSort": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", "markdownDescription": "The sort configuration for a column that is not used in a field well.", "title": "ColumnSort" }, "FieldSort": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", "markdownDescription": "The sort configuration for a field in a field well.", "title": "FieldSort" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FieldTooltipItem": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", "title": "FieldId", "type": "string" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "required": [ "ConditionalFormattingOptions" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { "Shape": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting", "markdownDescription": "The conditional formatting that determines the shape of the filled map.", "title": "Shape" } }, "required": [ "Shape" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the filled map visual.", "title": "MapStyleOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapSortConfiguration", "markdownDescription": "The sort configuration of a `FilledMapVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", "markdownDescription": "The window options of the filled map visual.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapFieldWells": { "additionalProperties": false, "properties": { "FilledMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapAggregatedFieldWells", "markdownDescription": "The aggregated field well of the filled map.", "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the filled map shape.", "title": "FieldId", "type": "string" }, "Format": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShapeConditionalFormat", "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", "title": "Format" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the location fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapConditionalFormatting", "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.Filter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoryFilter", "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericEqualityFilter", "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", "title": "NumericEqualityFilter" }, "NumericRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilter", "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", "title": "NumericRangeFilter" }, "RelativeDatesFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDatesFilter", "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", "title": "RelativeDatesFilter" }, "TimeEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeEqualityFilter", "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", "title": "TimeEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilter", "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", "title": "TimeRangeFilter" }, "TopBottomFilter": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TopBottomFilter", "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", "title": "TopBottomFilter" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterControl": { "additionalProperties": false, "properties": { "CrossSheet": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterCrossSheetControl", "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", "title": "CrossSheet" }, "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDateTimePickerControl", "markdownDescription": "A control from a date filter that is used to specify date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterListControl", "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", "title": "List" }, "RelativeDateTime": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl", "markdownDescription": "A control from a date filter that is used to specify the relative date.", "title": "RelativeDateTime" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterCrossSheetControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterCrossSheetControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", "title": "SourceFilterId", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDateTimePickerControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", "markdownDescription": "The display options of the `FilterDropDownControl` .", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDropDownControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterGroup": { "additionalProperties": false, "properties": { "CrossDataset": { "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", "title": "CrossDataset", "type": "string" }, "FilterGroupId": { "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", "title": "FilterGroupId", "type": "string" }, "Filters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Filter" }, "markdownDescription": "The list of filters that are present in a `FilterGroup` .", "title": "Filters", "type": "array" }, "ScopeConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterScopeConfiguration", "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ScopeConfiguration" }, "Status": { "markdownDescription": "The status of the `FilterGroup` .", "title": "Status", "type": "string" } }, "required": [ "CrossDataset", "FilterGroupId", "Filters", "ScopeConfiguration" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterListControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterListControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { "SelectedColumns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, "markdownDescription": "The selected columns of a dataset.", "title": "SelectedColumns", "type": "array" }, "SelectedFieldOptions": { "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "title": "SelectedFieldOptions", "type": "string" }, "SelectedFields": { "items": { "type": "string" }, "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", "title": "SelectedFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { "SameSheetTargetVisualConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration", "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterScopeConfiguration": { "additionalProperties": false, "properties": { "AllSheets": { "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", "title": "AllSheets", "type": "object" }, "SelectedSheets": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration", "markdownDescription": "The configuration for applying a filter to specific sheets.", "title": "SelectedSheets" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterSelectableValues": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in the `FilterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FilterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterSliderControl` .", "title": "FilterControlId", "type": "string" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterSliderControl` .", "title": "SourceFilterId", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `FilterSliderControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "MaximumValue", "MinimumValue", "SourceFilterId", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FilterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextFieldControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.FontConfiguration": { "additionalProperties": false, "properties": { "FontColor": { "markdownDescription": "Determines the color of the text.", "title": "FontColor", "type": "string" }, "FontDecoration": { "markdownDescription": "Determines the appearance of decorative lines on the text.", "title": "FontDecoration", "type": "string" }, "FontSize": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontSize", "markdownDescription": "The option that determines the text display size.", "title": "FontSize" }, "FontStyle": { "markdownDescription": "Determines the text display face that is inherited by the given font family.", "title": "FontStyle", "type": "string" }, "FontWeight": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontWeight", "markdownDescription": "The option that determines the text display weight, or boldness.", "title": "FontWeight" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FontSize": { "additionalProperties": false, "properties": { "Relative": { "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", "title": "Relative", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FontWeight": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The lexical name for the level of boldness of the text display.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ForecastComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "CustomSeasonalityValue": { "markdownDescription": "The custom seasonality value setup of a forecast computation.", "title": "CustomSeasonalityValue", "type": "number" }, "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", "title": "Seasonality", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ForecastConfiguration": { "additionalProperties": false, "properties": { "ForecastProperties": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeBasedForecastProperties", "markdownDescription": "The forecast properties setup of a forecast in the line chart.", "title": "ForecastProperties" }, "Scenario": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastScenario", "markdownDescription": "The forecast scenario of a forecast in the line chart.", "title": "Scenario" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ForecastScenario": { "additionalProperties": false, "properties": { "WhatIfPointScenario": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfPointScenario", "markdownDescription": "The what-if analysis forecast setup with the target date.", "title": "WhatIfPointScenario" }, "WhatIfRangeScenario": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WhatIfRangeScenario", "markdownDescription": "The what-if analysis forecast setup with the date range.", "title": "WhatIfRangeScenario" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeFormatConfiguration", "markdownDescription": "Formatting configuration for `DateTime` fields.", "title": "DateTimeFormatConfiguration" }, "NumberFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", "markdownDescription": "Formatting configuration for number fields.", "title": "NumberFormatConfiguration" }, "StringFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringFormatConfiguration", "markdownDescription": "Formatting configuration for string fields.", "title": "StringFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in a free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutElement": { "additionalProperties": false, "properties": { "BackgroundStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle", "markdownDescription": "The background style configuration of a free-form layout element.", "title": "BackgroundStyle" }, "BorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element.", "title": "BorderStyle" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a free-form layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "Height": { "markdownDescription": "The height of an element within a free-form layout.", "title": "Height", "type": "string" }, "LoadingAnimation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LoadingAnimation", "markdownDescription": "The loading animation configuration of a free-form layout element.", "title": "LoadingAnimation" }, "RenderingRules": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementRenderingRule" }, "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", "title": "RenderingRules", "type": "array" }, "SelectedBorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", "title": "SelectedBorderStyle" }, "Visibility": { "markdownDescription": "The visibility of an element within a free-form layout.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of an element within a free-form layout.", "title": "Width", "type": "string" }, "XAxisLocation": { "markdownDescription": "The x-axis coordinate of the element.", "title": "XAxisLocation", "type": "string" }, "YAxisLocation": { "markdownDescription": "The y-axis coordinate of the element.", "title": "YAxisLocation", "type": "string" } }, "required": [ "ElementId", "ElementType", "Height", "Width", "XAxisLocation", "YAxisLocation" ], "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The background color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The background visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The border color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The border visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ "OptimizedViewPortWidth" ], "type": "object" }, "AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in the free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, "DataLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions", "markdownDescription": "The options that determine the presentation of the data labels.", "title": "DataLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartSortConfiguration", "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "The visibility of the category labels within the data labels.", "title": "CategoryLabelVisibility", "type": "string" }, "LabelColor": { "markdownDescription": "The color of the data label text.", "title": "LabelColor", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", "title": "LabelFontConfiguration" }, "MeasureDataLabelStyle": { "markdownDescription": "Determines the style of the metric labels.", "title": "MeasureDataLabelStyle", "type": "string" }, "MeasureLabelVisibility": { "markdownDescription": "The visibility of the measure labels within the data labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Position": { "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", "title": "Position", "type": "string" }, "Visibility": { "markdownDescription": "The visibility option that determines if data labels are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartFieldWells": { "additionalProperties": false, "properties": { "FunnelChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FunnelChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartConfiguration", "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the arc foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartArcConditionalFormatting", "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", "title": "Arc" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", "title": "PrimaryValue" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartFieldWells", "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, "GaugeChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartOptions", "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", "title": "GaugeChartOptions" }, "TooltipOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", "title": "TooltipOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", "title": "TargetValues", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a `GaugeChartVisual` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartOptions": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcConfiguration", "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", "title": "Arc" }, "ArcAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ArcAxisConfiguration", "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", "title": "ArcAxis" }, "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConfiguration", "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartConditionalFormatting", "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { "East": { "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", "title": "East", "type": "number" }, "North": { "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", "title": "North", "type": "number" }, "South": { "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", "title": "South", "type": "number" }, "West": { "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", "title": "West", "type": "number" } }, "required": [ "East", "North", "South", "West" ], "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor" }, "markdownDescription": "The list of colors to be used in heatmap point style.", "title": "Colors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { "HeatmapColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapColorScale", "markdownDescription": "The color scale specification for the heatmap point style.", "title": "HeatmapColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color to be used in the heatmap point style.", "title": "Color", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The color field wells of a geospatial map.", "title": "Colors", "type": "array" }, "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the geospatial map.", "title": "MapStyleOptions" }, "PointStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialPointStyleOptions", "markdownDescription": "The point style options of the geospatial map.", "title": "PointStyleOptions" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "", "title": "VisualPalette" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialWindowOptions", "markdownDescription": "The window options of the geospatial map.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { "GeospatialMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapAggregatedFieldWells", "markdownDescription": "The aggregated field well for a geospatial map.", "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { "BaseMapStyle": { "markdownDescription": "The base map style of the geospatial map.", "title": "BaseMapStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { "ClusterMarkerConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ClusterMarkerConfiguration", "markdownDescription": "The cluster marker configuration of the geospatial point style.", "title": "ClusterMarkerConfiguration" }, "HeatmapConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialHeatmapConfiguration", "markdownDescription": "The heatmap configuration of the geospatial point style.", "title": "HeatmapConfiguration" }, "SelectedPointStyle": { "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", "title": "SelectedPointStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GeospatialWindowOptions": { "additionalProperties": false, "properties": { "Bounds": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialCoordinateBounds", "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", "title": "Bounds" }, "MapZoomMode": { "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", "title": "MapZoomMode", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { "SideSpecificBorder": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSideBorderOptions", "markdownDescription": "Determines the options for side specific border.", "title": "SideSpecificBorder" }, "UniformBorder": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "Determines the options for uniform border.", "title": "UniformBorder" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GradientColor": { "additionalProperties": false, "properties": { "Stops": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GradientStop" }, "markdownDescription": "The list of gradient color stops.", "title": "Stops", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GradientStop": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "Determines the data value.", "title": "DataValue", "type": "number" }, "GradientOffset": { "markdownDescription": "Determines gradient offset value.", "title": "GradientOffset", "type": "number" } }, "required": [ "GradientOffset" ], "type": "object" }, "AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.GridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutElement" }, "markdownDescription": "The elements that are included in a grid layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Dashboard.GridLayoutElement": { "additionalProperties": false, "properties": { "ColumnIndex": { "markdownDescription": "The column index for the upper left corner of an element.", "title": "ColumnIndex", "type": "number" }, "ColumnSpan": { "markdownDescription": "The width of a grid element expressed as a number of grid columns.", "title": "ColumnSpan", "type": "number" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a grid layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "RowIndex": { "markdownDescription": "The row index for the upper left corner of an element.", "title": "RowIndex", "type": "number" }, "RowSpan": { "markdownDescription": "The height of a grid element expressed as a number of grid rows.", "title": "RowSpan", "type": "number" } }, "required": [ "ColumnSpan", "ElementId", "ElementType", "RowSpan" ], "type": "object" }, "AWS::QuickSight::Dashboard.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" }, "ResizeOption": { "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", "title": "ResizeOption", "type": "string" } }, "required": [ "ResizeOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.GrowthRateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodSize": { "markdownDescription": "The period size setup of a growth rate computation.", "title": "PeriodSize", "type": "number" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of the header or footer section.", "title": "Layout" }, "SectionId": { "markdownDescription": "The unique identifier of the header or footer section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionStyle", "markdownDescription": "The style options of a header or footer section.", "title": "Style" } }, "required": [ "Layout", "SectionId" ], "type": "object" }, "AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The columns field well of a heat map.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The rows field well of a heat map.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The values field well of a heat map.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HeatMapConfiguration": { "additionalProperties": false, "properties": { "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", "title": "ColorScale" }, "ColumnLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options of the column that is displayed in a heat map.", "title": "ColumnLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "RowLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options of the row that is displayed in a `heat map` .", "title": "RowLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapSortConfiguration", "markdownDescription": "The sort configuration of a heat map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HeatMapFieldWells": { "additionalProperties": false, "properties": { "HeatMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a heat map.", "title": "HeatMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { "HeatMapColumnItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", "title": "HeatMapColumnItemsLimitConfiguration" }, "HeatMapColumnSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", "title": "HeatMapColumnSort", "type": "array" }, "HeatMapRowItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", "title": "HeatMapRowItemsLimitConfiguration" }, "HeatMapRowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The field sort configuration of the rows fields.", "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HeatMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapConfiguration", "markdownDescription": "The configuration of a heat map.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HistogramBinOptions": { "additionalProperties": false, "properties": { "BinCount": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinCountOptions", "markdownDescription": "The options that determine the bin count of a histogram.", "title": "BinCount" }, "BinWidth": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BinWidthOptions", "markdownDescription": "The options that determine the bin width of a histogram.", "title": "BinWidth" }, "SelectedBinType": { "markdownDescription": "The options that determine the selected bin type.", "title": "SelectedBinType", "type": "string" }, "StartValue": { "markdownDescription": "The options that determine the bin start value.", "title": "StartValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HistogramConfiguration": { "additionalProperties": false, "properties": { "BinOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramBinOptions", "markdownDescription": "The options that determine the presentation of histogram bins.", "title": "BinOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The data label configuration of a histogram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "FieldWells" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip configuration of a histogram.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The visual palette configuration of a histogram.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "YAxisDisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HistogramFieldWells": { "additionalProperties": false, "properties": { "HistogramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramAggregatedFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.HistogramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramConfiguration", "markdownDescription": "The configuration for a `HistogramVisual` .", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.InsightConfiguration": { "additionalProperties": false, "properties": { "Computations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Computation" }, "markdownDescription": "The computations configurations of the insight visual", "title": "Computations", "type": "array" }, "CustomNarrative": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomNarrativeOptions", "markdownDescription": "The custom narrative of the insight visual.", "title": "CustomNarrative" } }, "type": "object" }, "AWS::QuickSight::Dashboard.InsightVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used in the insight visual.", "title": "DataSetIdentifier", "type": "string" }, "InsightConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightConfiguration", "markdownDescription": "The configuration of an insight visual.", "title": "InsightConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `IntegerDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.IntegerParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the integer parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "number" }, "markdownDescription": "The values for the integer parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Dashboard.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Dashboard.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { "ItemsLimit": { "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", "title": "ItemsLimit", "type": "number" }, "OtherCategories": { "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", "title": "OtherCategories", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the actual value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the actual value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the comparison value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the comparison value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormattingOption" }, "markdownDescription": "The conditional formatting options of a KPI visual.", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { "ActualValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIActualValueConditionalFormatting", "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", "title": "ActualValue" }, "ComparisonValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIComparisonValueConditionalFormatting", "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", "title": "ComparisonValue" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", "title": "PrimaryValue" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting", "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", "title": "ProgressBar" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIFieldWells", "markdownDescription": "The field well configuration of a KPI visual.", "title": "FieldWells" }, "KPIOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIOptions", "markdownDescription": "The options that determine the presentation of a KPI visual.", "title": "KPIOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISortConfiguration", "markdownDescription": "The sort configuration of a KPI visual.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The target value field wells of a KPI visual.", "title": "TargetValues", "type": "array" }, "TrendGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The trend group field wells of a KPI visual.", "title": "TrendGroups", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a KPI visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIOptions": { "additionalProperties": false, "properties": { "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a KPI visual.", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ProgressBarOptions", "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", "title": "ProgressBar" }, "SecondaryValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SecondaryValueOptions", "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", "title": "SecondaryValue" }, "SecondaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The options that determine the secondary value font configuration.", "title": "SecondaryValueFontConfiguration" }, "Sparkline": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPISparklineOptions", "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", "title": "Sparkline" }, "TrendArrows": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TrendArrowOptions", "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", "title": "TrendArrows" }, "VisualLayoutOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualLayoutOptions", "markdownDescription": "The options that determine the layout a KPI visual.", "title": "VisualLayoutOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the progress bar's foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPISortConfiguration": { "additionalProperties": false, "properties": { "TrendGroupSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the trend group fields.", "title": "TrendGroupSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPISparklineOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the sparkline.", "title": "Color", "type": "string" }, "TooltipVisibility": { "markdownDescription": "The tooltip visibility of the sparkline.", "title": "TooltipVisibility", "type": "string" }, "Type": { "markdownDescription": "The type of the sparkline.", "title": "Type", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the sparkline.", "title": "Visibility", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Dashboard.KPIVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConfiguration", "markdownDescription": "The configuration of a KPI visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIConditionalFormatting", "markdownDescription": "The conditional formatting of a KPI visual.", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { "StandardLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisualStandardLayout", "markdownDescription": "The standard layout of the KPI visual.", "title": "StandardLayout" } }, "type": "object" }, "AWS::QuickSight::Dashboard.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The standard layout type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Dashboard.LabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The text for the label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration of the label.", "title": "FontConfiguration" }, "Visibility": { "markdownDescription": "Determines whether or not the label is visible.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.Layout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LayoutConfiguration", "markdownDescription": "The configuration that determines what the type of layout for a sheet.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Dashboard.LayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormLayoutConfiguration", "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", "title": "FreeFormLayout" }, "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", "title": "GridLayout" }, "SectionBasedLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration", "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", "title": "SectionBasedLayout" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LegendOptions": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", "title": "Height", "type": "string" }, "Position": { "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", "title": "Position", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The custom title for the legend.", "title": "Title" }, "Visibility": { "markdownDescription": "Determines whether or not the legend is visible.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", "title": "Width", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The small multiples field well of a line chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartConfiguration": { "additionalProperties": false, "properties": { "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" }, "markdownDescription": "The default configuration of a line chart's contribution analysis.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The data label configuration of a line chart.", "title": "DataLabels" }, "DefaultSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings", "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", "title": "DefaultSeriesSettings" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "FieldWells" }, "ForecastConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ForecastConfiguration" }, "markdownDescription": "The forecast configuration of a line chart.", "title": "ForecastConfigurations", "type": "array" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend configuration of a line chart.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLine" }, "markdownDescription": "The reference lines configuration of a line chart.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", "title": "SecondaryYAxisLabelOptions" }, "Series": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SeriesItem" }, "markdownDescription": "The series item configuration of a line chart.", "title": "Series", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartSortConfiguration", "markdownDescription": "The sort configuration of a line chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip configuration of a line chart.", "title": "Tooltip" }, "Type": { "markdownDescription": "Determines the type of the line chart.", "title": "Type", "type": "string" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The visual palette configuration of a line chart.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis to which you are binding all line series to.", "title": "AxisBinding", "type": "string" }, "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", "markdownDescription": "Line styles options for all line series in the visual.", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for all line series in the visual.", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartFieldWells": { "additionalProperties": false, "properties": { "LineChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { "LineInterpolation": { "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", "title": "LineInterpolation", "type": "string" }, "LineStyle": { "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", "title": "LineStyle", "type": "string" }, "LineVisibility": { "markdownDescription": "Configuration option that determines whether to show the line for the series.", "title": "LineVisibility", "type": "string" }, "LineWidth": { "markdownDescription": "Width that determines the line thickness.", "title": "LineWidth", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { "MarkerColor": { "markdownDescription": "Color of marker in the series.", "title": "MarkerColor", "type": "string" }, "MarkerShape": { "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", "title": "MarkerShape", "type": "string" }, "MarkerSize": { "markdownDescription": "Size of marker in the series.", "title": "MarkerSize", "type": "string" }, "MarkerVisibility": { "markdownDescription": "Configuration option that determines whether to show the markers in the series.", "title": "MarkerVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartSeriesSettings": { "additionalProperties": false, "properties": { "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartLineStyleSettings", "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", "title": "CategoryItemsLimitConfiguration" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", "title": "ColorItemsLimitConfiguration" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LineChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartConfiguration", "markdownDescription": "The configuration of a line chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the line series axis.", "title": "AxisOptions" }, "MissingDataConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MissingDataConfiguration" }, "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", "title": "MissingDataConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LinkSharingConfiguration": { "additionalProperties": false, "properties": { "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ResourcePermission" }, "markdownDescription": "A structure that contains the permissions of a shareable link.", "title": "Permissions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ListControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SearchOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSearchOptions", "markdownDescription": "The configuration of the search options in a list control.", "title": "SearchOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a list control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ListControlSearchOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the search options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LoadingAnimation": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of `LoadingAnimation` .", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { "TargetSheetId": { "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", "title": "TargetSheetId", "type": "string" } }, "required": [ "TargetSheetId" ], "type": "object" }, "AWS::QuickSight::Dashboard.LongFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.MappedDataSetParameter": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", "title": "DataSetIdentifier", "type": "string" }, "DataSetParameterName": { "markdownDescription": "The name of the dataset parameter.", "title": "DataSetParameterName", "type": "string" } }, "required": [ "DataSetIdentifier", "DataSetParameterName" ], "type": "object" }, "AWS::QuickSight::Dashboard.MaximumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the maximum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.MaximumMinimumComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Dashboard.MeasureField": { "additionalProperties": false, "properties": { "CalculatedMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CalculatedMeasureField", "markdownDescription": "The calculated measure field only used in pivot tables.", "title": "CalculatedMeasureField" }, "CategoricalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CategoricalMeasureField", "markdownDescription": "The measure type field with categorical type columns.", "title": "CategoricalMeasureField" }, "DateMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateMeasureField", "markdownDescription": "The measure type field with date type columns.", "title": "DateMeasureField" }, "NumericalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalMeasureField", "markdownDescription": "The measure type field with numerical type columns.", "title": "NumericalMeasureField" } }, "type": "object" }, "AWS::QuickSight::Dashboard.MetricComparisonComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "FromValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The field that is used in a metric comparison from value setup.", "title": "FromValue" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "TargetValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The field that is used in a metric comparison to value setup.", "title": "TargetValue" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.MinimumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the minimum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.MissingDataConfiguration": { "additionalProperties": false, "properties": { "TreatmentOption": { "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", "title": "TreatmentOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NegativeValueConfiguration": { "additionalProperties": false, "properties": { "DisplayMode": { "markdownDescription": "Determines the display mode of the negative value configuration.", "title": "DisplayMode", "type": "string" } }, "required": [ "DisplayMode" ], "type": "object" }, "AWS::QuickSight::Dashboard.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { "NullString": { "markdownDescription": "Determines the null string of null values.", "title": "NullString", "type": "string" } }, "required": [ "NullString" ], "type": "object" }, "AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value of the number format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the number format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the number format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumberFormatConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", "markdownDescription": "The options that determine the numeric format configuration.", "title": "FormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericAxisOptions": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayRange", "markdownDescription": "The range setup of a numeric axis.", "title": "Range" }, "Scale": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisScale", "markdownDescription": "The scale setup of a numeric axis.", "title": "Scale" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Value": { "markdownDescription": "The value of the double input numeric drill down filter.", "title": "Value", "type": "number" } }, "required": [ "Column", "Value" ], "type": "object" }, "AWS::QuickSight::Dashboard.NumericEqualityFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" }, "Value": { "markdownDescription": "The input value.", "title": "Value", "type": "number" } }, "required": [ "Column", "FilterId", "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.NumericFormatConfiguration": { "additionalProperties": false, "properties": { "CurrencyDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CurrencyDisplayFormatConfiguration", "markdownDescription": "The options that determine the currency display format configuration.", "title": "CurrencyDisplayFormatConfiguration" }, "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberDisplayFormatConfiguration", "markdownDescription": "The options that determine the number display format configuration.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration", "markdownDescription": "The options that determine the percentage display format configuration.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericRangeFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximum": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum" }, "RangeMinimum": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.NumericRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter that is used in the numeric range.", "title": "Parameter", "type": "string" }, "StaticValue": { "markdownDescription": "The static value of the numeric range filter.", "title": "StaticValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { "DecimalSeparator": { "markdownDescription": "Determines the decimal separator.", "title": "DecimalSeparator", "type": "string" }, "ThousandsSeparator": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ThousandSeparatorOptions", "markdownDescription": "The options that determine the thousands separator configuration.", "title": "ThousandsSeparator" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericalAggregationFunction": { "additionalProperties": false, "properties": { "PercentileAggregation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentileAggregation", "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", "title": "PercentileAggregation" }, "SimpleNumericalAggregation": { "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", "title": "SimpleNumericalAggregation", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.NumericalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.NumericalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PaginationConfiguration": { "additionalProperties": false, "properties": { "PageNumber": { "markdownDescription": "Indicates the page number.", "title": "PageNumber", "type": "number" }, "PageSize": { "markdownDescription": "Indicates how many items render in one page.", "title": "PageSize", "type": "number" } }, "required": [ "PageNumber", "PageSize" ], "type": "object" }, "AWS::QuickSight::Dashboard.PanelConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "Sets the background color for each panel.", "title": "BackgroundColor", "type": "string" }, "BackgroundVisibility": { "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", "title": "BackgroundVisibility", "type": "string" }, "BorderColor": { "markdownDescription": "Sets the line color of panel borders.", "title": "BorderColor", "type": "string" }, "BorderStyle": { "markdownDescription": "Sets the line style of panel borders.", "title": "BorderStyle", "type": "string" }, "BorderThickness": { "markdownDescription": "Sets the line thickness of panel borders.", "title": "BorderThickness", "type": "string" }, "BorderVisibility": { "markdownDescription": "Determines whether or not each panel displays a border.", "title": "BorderVisibility", "type": "string" }, "GutterSpacing": { "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", "title": "GutterSpacing", "type": "string" }, "GutterVisibility": { "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", "title": "GutterVisibility", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelTitleOptions", "markdownDescription": "Configures the title display within each small multiples panel.", "title": "Title" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PanelTitleOptions": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "", "title": "FontConfiguration" }, "HorizontalTextAlignment": { "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", "title": "HorizontalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "Determines whether or not panel titles are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ParameterControl": { "additionalProperties": false, "properties": { "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDateTimePickerControl", "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterListControl", "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.ParameterDeclaration": { "additionalProperties": false, "properties": { "DateTimeParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameterDeclaration", "markdownDescription": "A parameter declaration for the `DateTime` data type.", "title": "DateTimeParameterDeclaration" }, "DecimalParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameterDeclaration", "markdownDescription": "A parameter declaration for the `Decimal` data type.", "title": "DecimalParameterDeclaration" }, "IntegerParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameterDeclaration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "IntegerParameterDeclaration" }, "StringParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameterDeclaration", "markdownDescription": "A parameter declaration for the `String` data type.", "title": "StringParameterDeclaration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDropDownControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterListControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterListControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of `ParameterListControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.ParameterSelectableValues": { "additionalProperties": false, "properties": { "LinkToDataSetColumn": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column identifier that fetches values from the data set.", "title": "LinkToDataSetColumn" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterSliderControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", "title": "SourceParameterName", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "ParameterControlId", "SourceParameterName", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextAreaControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextFieldControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Dashboard.Parameters": { "additionalProperties": false, "properties": { "DateTimeParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DateTimeParameter" }, "markdownDescription": "The parameters that have a data type of date-time.", "title": "DateTimeParameters", "type": "array" }, "DecimalParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalParameter" }, "markdownDescription": "The parameters that have a data type of decimal.", "title": "DecimalParameters", "type": "array" }, "IntegerParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.IntegerParameter" }, "markdownDescription": "The parameters that have a data type of integer.", "title": "IntegerParameters", "type": "array" }, "StringParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringParameter" }, "markdownDescription": "The parameters that have a data type of string.", "title": "StringParameters", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PercentVisibleRange": { "additionalProperties": false, "properties": { "From": { "markdownDescription": "The lower bound of the range.", "title": "From", "type": "number" }, "To": { "markdownDescription": "The top bound of the range.", "title": "To", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "Prefix": { "markdownDescription": "Determines the prefix value of the percentage format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the percentage format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PercentileAggregation": { "additionalProperties": false, "properties": { "PercentileValue": { "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", "title": "PercentileValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PeriodToDateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodTimeGranularity": { "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", "title": "PeriodTimeGranularity", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category (group/color) field wells of a pie chart.", "title": "Category", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The small multiples field well of a pie chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PieChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", "title": "CategoryLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "DonutOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DonutOptions", "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", "title": "DonutOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartSortConfiguration", "markdownDescription": "The sort configuration of a pie chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options for the value that is displayed in a pie chart.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PieChartFieldWells": { "additionalProperties": false, "properties": { "PieChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a pie chart.", "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PieChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartConfiguration", "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotFieldSortOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the field sort options.", "title": "FieldId", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortBy", "markdownDescription": "The sort by field for the field sort options.", "title": "SortBy" } }, "required": [ "FieldId", "SortBy" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "Scope": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope", "markdownDescription": "The scope of the cell for conditional formatting.", "title": "Scope" }, "Scopes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope" }, "markdownDescription": "A list of cell scopes for conditional formatting.", "title": "Scopes", "type": "array" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a pivot table.", "title": "Cell" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { "Role": { "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", "title": "Role", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOptions", "markdownDescription": "The field options for a pivot table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions", "markdownDescription": "The paginated report options for a pivot table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableSortConfiguration", "markdownDescription": "The sort configuration for a `PivotTableVisual` .", "title": "SortConfiguration" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableOptions", "markdownDescription": "The table options for a pivot table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableTotalOptions", "markdownDescription": "The total options for a pivot table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableDataPathOption": { "additionalProperties": false, "properties": { "DataPathList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, "markdownDescription": "The list of data path values for the data path options.", "title": "DataPathList", "type": "array" }, "Width": { "markdownDescription": "The width of the data path option.", "title": "Width", "type": "string" } }, "required": [ "DataPathList" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", "title": "State", "type": "string" }, "Target": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget", "markdownDescription": "A tagged-union object that sets the collapse state.", "title": "Target" } }, "required": [ "Target" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { "FieldDataPathValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathValue" }, "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", "title": "FieldDataPathValues", "type": "array" }, "FieldId": { "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label of the pivot table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the pivot table field.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the pivot table field.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldOptions": { "additionalProperties": false, "properties": { "CollapseStateOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldCollapseStateOption" }, "markdownDescription": "The collapse state options for the pivot table field options.", "title": "CollapseStateOptions", "type": "array" }, "DataPathOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableDataPathOption" }, "markdownDescription": "The data path options for the pivot table field options.", "title": "DataPathOptions", "type": "array" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldOption" }, "markdownDescription": "The selected field options for the pivot table field options.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the subtotal options.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableFieldWells": { "additionalProperties": false, "properties": { "PivotTableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the pivot table.", "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of cells.", "title": "CellStyle" }, "CollapsedRowDimensionsVisibility": { "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "title": "CollapsedRowDimensionsVisibility", "type": "string" }, "ColumnHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of the column header.", "title": "ColumnHeaderStyle" }, "ColumnNamesVisibility": { "markdownDescription": "The visibility of the column names.", "title": "ColumnNamesVisibility", "type": "string" }, "DefaultCellWidth": { "markdownDescription": "The default cell width of the pivot table.", "title": "DefaultCellWidth", "type": "string" }, "MetricPlacement": { "markdownDescription": "The metric placement (row, column) options.", "title": "MetricPlacement", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors).", "title": "RowAlternateColorOptions" }, "RowFieldNamesStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of row field names.", "title": "RowFieldNamesStyle" }, "RowHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of the row headers.", "title": "RowHeaderStyle" }, "RowsLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions", "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", "title": "RowsLabelOptions" }, "RowsLayout": { "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", "title": "RowsLayout", "type": "string" }, "SingleMetricVisibility": { "markdownDescription": "The visibility of the single metric options.", "title": "SingleMetricVisibility", "type": "string" }, "ToggleButtonsVisibility": { "markdownDescription": "Determines the visibility of the pivot table.", "title": "ToggleButtonsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of the repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of the printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the rows label.", "title": "CustomLabel", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the rows label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableSortBy": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnSort", "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", "title": "Column" }, "DataPath": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathSort", "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", "title": "DataPath" }, "Field": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSort", "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", "title": "Field" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { "FieldSortOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotFieldSortOptions" }, "markdownDescription": "The field sort options for a pivot table sort configuration.", "title": "FieldSortOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableTotalOptions": { "additionalProperties": false, "properties": { "ColumnSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", "markdownDescription": "The column subtotal options.", "title": "ColumnSubtotalOptions" }, "ColumnTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", "markdownDescription": "The column total options.", "title": "ColumnTotalOptions" }, "RowSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SubtotalOptions", "markdownDescription": "The row subtotal options.", "title": "RowSubtotalOptions" }, "RowTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTotalOptions", "markdownDescription": "The row total options.", "title": "RowTotalOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.PivotTotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the total of header cells.", "title": "MetricHeaderCellStyle" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" }, "markdownDescription": "The total aggregation options for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the totals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Dashboard.PredefinedHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the predefined hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the predefined hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ProgressBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the progress bar.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The aggregated field well categories of a radar chart.", "title": "Category", "type": "array" }, "Color": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", "title": "Color", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility settings of a radar chart.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartConfiguration": { "additionalProperties": false, "properties": { "AlternateBandColorsVisibility": { "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", "title": "AlternateBandColorsVisibility", "type": "string" }, "AlternateBandEvenColor": { "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", "title": "AlternateBandEvenColor", "type": "string" }, "AlternateBandOddColor": { "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", "title": "AlternateBandOddColor", "type": "string" }, "AxesRangeScale": { "markdownDescription": "The axis behavior options of a radar chart.", "title": "AxesRangeScale", "type": "string" }, "BaseSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSeriesSettings", "markdownDescription": "The base sreies settings of a radar chart.", "title": "BaseSeriesSettings" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The category axis of a radar chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The category label options of a radar chart.", "title": "CategoryLabelOptions" }, "ColorAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The color axis of a radar chart.", "title": "ColorAxis" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The color label options of a radar chart.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartFieldWells", "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Shape": { "markdownDescription": "The shape of the radar chart.", "title": "Shape", "type": "string" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartSortConfiguration", "markdownDescription": "The sort configuration of a `RadarChartVisual` .", "title": "SortConfiguration" }, "StartAngle": { "markdownDescription": "The start angle of a radar chart's axis.", "title": "StartAngle", "type": "number" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartFieldWells": { "additionalProperties": false, "properties": { "RadarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a radar chart visual.", "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { "AreaStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartAreaStyleSettings", "markdownDescription": "The area style settings of a radar chart.", "title": "AreaStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The category items limit for a radar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The category sort options of a radar chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The color items limit of a radar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The color sort configuration of a radar chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.RangeEndsLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the range ends label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLine": { "additionalProperties": false, "properties": { "DataConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration", "markdownDescription": "The data configuration of the reference line.", "title": "DataConfiguration" }, "LabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration", "markdownDescription": "The label configuration of the reference line.", "title": "LabelConfiguration" }, "Status": { "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", "title": "Status", "type": "string" }, "StyleConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration", "markdownDescription": "The style configuration of the reference line.", "title": "StyleConfiguration" } }, "required": [ "DataConfiguration" ], "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The string text of the custom label.", "title": "CustomLabel", "type": "string" } }, "required": [ "CustomLabel" ], "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", "title": "AxisBinding", "type": "string" }, "DynamicConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration", "markdownDescription": "The dynamic configuration of the reference line data configuration.", "title": "DynamicConfiguration" }, "SeriesType": { "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", "title": "SeriesType", "type": "string" }, "StaticConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration", "markdownDescription": "The static data configuration of the reference line data configuration.", "title": "StaticConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { "Calculation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericalAggregationFunction", "markdownDescription": "The calculation that is used in the dynamic data.", "title": "Calculation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the dynamic data targets.", "title": "Column" }, "MeasureAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationFunction", "markdownDescription": "The aggregation function that is used in the dynamic data.", "title": "MeasureAggregationFunction" } }, "required": [ "Calculation", "Column" ], "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineCustomLabelConfiguration", "markdownDescription": "The custom label configuration of the label in a reference line.", "title": "CustomLabelConfiguration" }, "FontColor": { "markdownDescription": "The font color configuration of the label in a reference line.", "title": "FontColor", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration of the label in a reference line.", "title": "FontConfiguration" }, "HorizontalPosition": { "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", "title": "HorizontalPosition", "type": "string" }, "ValueLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration", "markdownDescription": "The value label configuration of the label in a reference line.", "title": "ValueLabelConfiguration" }, "VerticalPosition": { "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", "title": "VerticalPosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The double input of the static data.", "title": "Value", "type": "number" } }, "required": [ "Value" ], "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color of the reference line.", "title": "Color", "type": "string" }, "Pattern": { "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", "title": "Pattern", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", "markdownDescription": "The format configuration of the value label.", "title": "FormatConfiguration" }, "RelativePosition": { "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", "title": "RelativePosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.RelativeDatesFilter": { "additionalProperties": false, "properties": { "AnchorDateConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AnchorDateConfiguration", "markdownDescription": "The date configuration of the filter.", "title": "AnchorDateConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", "markdownDescription": "The configuration for the exclude period of the filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MinimumGranularity": { "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", "title": "MinimumGranularity", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "RelativeDateType": { "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", "title": "RelativeDateType", "type": "string" }, "RelativeDateValue": { "markdownDescription": "The date value of the filter.", "title": "RelativeDateValue", "type": "number" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AnchorDateConfiguration", "Column", "FilterId", "NullOption", "RelativeDateType", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Dashboard.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permissions on.", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::Dashboard.RollingDateConfiguration": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in the rolling date configuration.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the rolling date configuration.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Dashboard.RowAlternateColorOptions": { "additionalProperties": false, "properties": { "RowAlternateColors": { "items": { "type": "string" }, "markdownDescription": "Determines the list of row alternate colors.", "title": "RowAlternateColors", "type": "array" }, "Status": { "markdownDescription": "Determines the widget status.", "title": "Status", "type": "string" }, "UsePrimaryBackgroundColor": { "markdownDescription": "The primary background color options for alternate rows.", "title": "UsePrimaryBackgroundColor", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { "TargetVisualOptions": { "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", "title": "TargetVisualOptions", "type": "string" }, "TargetVisuals": { "items": { "type": "string" }, "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", "title": "TargetVisuals", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Destination": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The destination field wells of a sankey diagram.", "title": "Destination", "type": "array" }, "Source": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The source field wells of a sankey diagram.", "title": "Source", "type": "array" }, "Weight": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The weight field wells of a sankey diagram.", "title": "Weight", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration", "markdownDescription": "The sort configuration of a sankey diagram.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { "SankeyDiagramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramAggregatedFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { "DestinationItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", "title": "DestinationItemsLimit" }, "SourceItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", "title": "SourceItemsLimit" }, "WeightSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the weight fields.", "title": "WeightSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramChartConfiguration", "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", "title": "YAxisDisplayOptions" }, "YAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", "title": "YAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { "ScatterPlotCategoricallyAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotCategoricallyAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, "ScatterPlotUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells", "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ScrollBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the data zoom scroll bar.", "title": "Visibility", "type": "string" }, "VisibleRange": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisibleRangeOptions", "markdownDescription": "The visibility range for the data zoom scroll bar.", "title": "VisibleRange" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines the visibility of the secondary value.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SectionAfterPageBreak": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The option that enables or disables a page break at the end of a section.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions", "markdownDescription": "The options for a paper canvas of a section-based layout.", "title": "PaperCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "BodySections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BodySectionConfiguration" }, "markdownDescription": "A list of body section configurations.", "title": "BodySections", "type": "array" }, "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "The options for the canvas of a section-based layout.", "title": "CanvasSizeOptions" }, "FooterSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of footer section configurations.", "title": "FooterSections", "type": "array" }, "HeaderSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of header section configurations.", "title": "HeaderSections", "type": "array" } }, "required": [ "BodySections", "CanvasSizeOptions", "FooterSections", "HeaderSections" ], "type": "object" }, "AWS::QuickSight::Dashboard.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperMargin": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", "title": "PaperMargin" }, "PaperOrientation": { "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", "title": "PaperOrientation", "type": "string" }, "PaperSize": { "markdownDescription": "The paper size that is used to define canvas dimensions.", "title": "PaperSize", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FreeFormSectionLayoutConfiguration", "markdownDescription": "The free-form layout configuration of a section.", "title": "FreeFormLayout" } }, "required": [ "FreeFormLayout" ], "type": "object" }, "AWS::QuickSight::Dashboard.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { "After": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SectionAfterPageBreak", "markdownDescription": "The configuration of a page break after a section.", "title": "After" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SectionStyle": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", "title": "Height", "type": "string" }, "Padding": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Spacing", "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", "title": "Padding" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { "SheetVisualScopingConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration" }, "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", "title": "SheetVisualScopingConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SeriesItem": { "additionalProperties": false, "properties": { "DataFieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataFieldSeriesItem", "markdownDescription": "The data field series item configuration of a line chart.", "title": "DataFieldSeriesItem" }, "FieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSeriesItem", "markdownDescription": "The field series item configuration of a line chart.", "title": "FieldSeriesItem" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { "DestinationParameterName": { "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", "title": "DestinationParameterName", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DestinationParameterValueConfiguration", "markdownDescription": "", "title": "Value" } }, "required": [ "DestinationParameterName", "Value" ], "type": "object" }, "AWS::QuickSight::Dashboard.ShapeConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", "title": "BackgroundColor" } }, "required": [ "BackgroundColor" ], "type": "object" }, "AWS::QuickSight::Dashboard.Sheet": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "SheetId": { "markdownDescription": "The unique identifier associated with a sheet.", "title": "SheetId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { "InfoIconText": { "markdownDescription": "The text content of info icon.", "title": "InfoIconText", "type": "string" }, "Visibility": { "markdownDescription": "The visibility configuration of info icon label options.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetControlLayout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Dashboard.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GridLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "GridLayout" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetControlsOption": { "additionalProperties": false, "properties": { "VisibilityState": { "markdownDescription": "Visibility state.", "title": "VisibilityState", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetDefinition": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "A description of the sheet.", "title": "Description", "type": "string" }, "FilterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilterControl" }, "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", "title": "FilterControls", "type": "array" }, "Layouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Layout" }, "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", "title": "Layouts", "type": "array" }, "Name": { "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "ParameterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ParameterControl" }, "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterControls", "type": "array" }, "SheetControlLayouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlLayout" }, "markdownDescription": "The control layouts of the sheet.", "title": "SheetControlLayouts", "type": "array" }, "SheetId": { "markdownDescription": "The unique identifier of a sheet.", "title": "SheetId", "type": "string" }, "TextBoxes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetTextBox" }, "markdownDescription": "The text boxes that are on a sheet.", "title": "TextBoxes", "type": "array" }, "Title": { "markdownDescription": "The title of the sheet.", "title": "Title", "type": "string" }, "Visuals": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.Visual" }, "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", "title": "Visuals", "type": "array" } }, "required": [ "SheetId" ], "type": "object" }, "AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetElementRenderingRule": { "additionalProperties": false, "properties": { "ConfigurationOverrides": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetElementConfigurationOverrides", "markdownDescription": "The override configuration of the rendering rules of a sheet.", "title": "ConfigurationOverrides" }, "Expression": { "markdownDescription": "The expression of the rendering rules of a sheet.", "title": "Expression", "type": "string" } }, "required": [ "ConfigurationOverrides", "Expression" ], "type": "object" }, "AWS::QuickSight::Dashboard.SheetLayoutElementMaximizationOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The status of the sheet layout maximization options of a dashbaord.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SheetTextBox": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content that is displayed in the text box.", "title": "Content", "type": "string" }, "SheetTextBoxId": { "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", "title": "SheetTextBoxId", "type": "string" } }, "required": [ "SheetTextBoxId" ], "type": "object" }, "AWS::QuickSight::Dashboard.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { "Scope": { "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", "title": "Scope", "type": "string" }, "SheetId": { "markdownDescription": "The selected sheet that the filter is applied to.", "title": "SheetId", "type": "string" }, "VisualIds": { "items": { "type": "string" }, "markdownDescription": "The selected visuals that the filter is applied to.", "title": "VisualIds", "type": "array" } }, "required": [ "Scope", "SheetId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ShortFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SimpleClusterMarker": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the simple cluster marker.", "title": "Color", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { "Placement": { "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", "title": "Placement", "type": "string" }, "Scale": { "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", "title": "Scale", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SmallMultiplesOptions": { "additionalProperties": false, "properties": { "MaxVisibleColumns": { "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleColumns", "type": "number" }, "MaxVisibleRows": { "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleRows", "type": "number" }, "PanelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PanelConfiguration", "markdownDescription": "Configures the display options for each small multiples panel.", "title": "PanelConfiguration" }, "XAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples X axis.", "title": "XAxis" }, "YAxis": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples Y axis.", "title": "YAxis" } }, "type": "object" }, "AWS::QuickSight::Dashboard.Spacing": { "additionalProperties": false, "properties": { "Bottom": { "markdownDescription": "Define the bottom spacing.", "title": "Bottom", "type": "string" }, "Left": { "markdownDescription": "Define the left spacing.", "title": "Left", "type": "string" }, "Right": { "markdownDescription": "Define the right spacing.", "title": "Right", "type": "string" }, "Top": { "markdownDescription": "Define the top spacing.", "title": "Top", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.StringDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.StringFormatConfiguration": { "additionalProperties": false, "properties": { "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric strings.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.StringParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A display name for a string parameter.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values of a string parameter.", "title": "Values", "type": "array" } }, "required": [ "Name", "Values" ], "type": "object" }, "AWS::QuickSight::Dashboard.StringParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Dashboard.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.SubtotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the subtotal cells.", "title": "CustomLabel", "type": "string" }, "FieldLevel": { "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", "title": "FieldLevel", "type": "string" }, "FieldLevelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableFieldSubtotalOptions" }, "markdownDescription": "The optional configuration of subtotal cells.", "title": "FieldLevelOptions", "type": "array" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of header cells.", "title": "MetricHeaderCellStyle" }, "StyleTargets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableStyleTarget" }, "markdownDescription": "The style targets options for subtotals.", "title": "StyleTargets", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the subtotal cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the subtotal cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableBorderOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of a table border.", "title": "Color", "type": "string" }, "Style": { "markdownDescription": "The style (none, solid) of a table border.", "title": "Style", "type": "string" }, "Thickness": { "markdownDescription": "The thickness of a table border.", "title": "Thickness", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { "TableCellImageScalingConfiguration": { "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", "title": "TableCellImageScalingConfiguration", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableCellStyle": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color for the table cells.", "title": "BackgroundColor", "type": "string" }, "Border": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GlobalTableBorderOptions", "markdownDescription": "The borders for the table cells.", "title": "Border" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration of the table cells.", "title": "FontConfiguration" }, "Height": { "markdownDescription": "The height color for the table cells.", "title": "Height", "type": "number" }, "HorizontalTextAlignment": { "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", "title": "HorizontalTextAlignment", "type": "string" }, "TextWrap": { "markdownDescription": "The text wrap (none, wrap) for the table cells.", "title": "TextWrap", "type": "string" }, "VerticalTextAlignment": { "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", "title": "VerticalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the table cells.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a table.", "title": "Cell" }, "Row": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableRowConditionalFormatting", "markdownDescription": "The row conditional formatting option for a table.", "title": "Row" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOptions", "markdownDescription": "The field options for a table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePaginatedReportOptions", "markdownDescription": "The paginated report options for a table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableSortConfiguration", "markdownDescription": "The sort configuration for a `TableVisual` .", "title": "SortConfiguration" }, "TableInlineVisualizations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableInlineVisualization" }, "markdownDescription": "A collection of inline visualizations to display within a chart.", "title": "TableInlineVisualizations", "type": "array" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableOptions", "markdownDescription": "The table options for a table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalOptions", "markdownDescription": "The total options for a table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", "title": "Icon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FontConfiguration", "markdownDescription": "The font configuration of the custom text content for the table URL link content.", "title": "FontConfiguration" }, "Value": { "markdownDescription": "The string value of the custom text content for the table URL link content.", "title": "Value", "type": "string" } }, "required": [ "FontConfiguration" ], "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { "SizingOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellImageSizingConfiguration", "markdownDescription": "The sizing options for the table image configuration.", "title": "SizingOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration", "markdownDescription": "The URL content (text, icon) for the table link configuration.", "title": "Content" }, "Target": { "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", "title": "Target", "type": "string" } }, "required": [ "Content", "Target" ], "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { "CustomIconContent": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomIconContent", "markdownDescription": "The custom icon content for the table link content configuration.", "title": "CustomIconContent" }, "CustomTextContent": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldCustomTextContent", "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", "title": "CustomTextContent" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label for a table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID for a table field.", "title": "FieldId", "type": "string" }, "URLStyling": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldURLConfiguration", "markdownDescription": "The URL configuration for a table field.", "title": "URLStyling" }, "Visibility": { "markdownDescription": "The visibility of a table field.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width for a table field.", "title": "Width", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldOptions": { "additionalProperties": false, "properties": { "Order": { "items": { "type": "string" }, "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", "title": "Order", "type": "array" }, "PinnedFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TablePinnedFieldOptions", "markdownDescription": "The settings for the pinned columns of a table visual.", "title": "PinnedFieldOptions" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldOption" }, "markdownDescription": "The field options to be configured to a table.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { "ImageConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldImageConfiguration", "markdownDescription": "The image configuration of a table field URL.", "title": "ImageConfiguration" }, "LinkConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableFieldLinkConfiguration", "markdownDescription": "The link configuration of a table field URL.", "title": "LinkConfiguration" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableFieldWells": { "additionalProperties": false, "properties": { "TableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the table.", "title": "TableAggregatedFieldWells" }, "TableUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells", "markdownDescription": "The unaggregated field well for the table.", "title": "TableUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableInlineVisualization": { "additionalProperties": false, "properties": { "DataBars": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataBarsOptions", "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", "title": "DataBars" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of table cells.", "title": "CellStyle" }, "HeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "The table cell style of a table header.", "title": "HeaderStyle" }, "Orientation": { "markdownDescription": "The orientation (vertical, horizontal) for a table.", "title": "Orientation", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", "title": "RowAlternateColorOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { "PinnedLeftFields": { "items": { "type": "string" }, "markdownDescription": "A list of columns to be pinned to the left of a table visual.", "title": "PinnedLeftFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", "title": "BackgroundColor" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableSideBorderOptions": { "additionalProperties": false, "properties": { "Bottom": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the bottom border.", "title": "Bottom" }, "InnerHorizontal": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the inner horizontal border.", "title": "InnerHorizontal" }, "InnerVertical": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the inner vertical border.", "title": "InnerVertical" }, "Left": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the left border.", "title": "Left" }, "Right": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the right border.", "title": "Right" }, "Top": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableBorderOptions", "markdownDescription": "The table border options of the top border.", "title": "Top" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableSortConfiguration": { "additionalProperties": false, "properties": { "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PaginationConfiguration", "markdownDescription": "The pagination configuration (page size, page number) for the table.", "title": "PaginationConfiguration" }, "RowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The field sort options for rows in the table.", "title": "RowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableStyleTarget": { "additionalProperties": false, "properties": { "CellType": { "markdownDescription": "The cell type of the table style target.", "title": "CellType", "type": "string" } }, "required": [ "CellType" ], "type": "object" }, "AWS::QuickSight::Dashboard.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.UnaggregatedField" }, "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text area control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TextConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text background color.", "title": "BackgroundColor" }, "Icon": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting for the icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the placeholder options in a text control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text field control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { "Symbol": { "markdownDescription": "Determines the thousands separator symbol.", "title": "Symbol", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the thousands separator.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", "title": "Seasonality", "type": "number" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TimeEqualityFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", "title": "ParameterName", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", "title": "RollingDate" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "Value": { "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", "title": "Value", "type": "string" } }, "required": [ "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "RangeMaximum": { "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum", "type": "string" }, "RangeMinimum": { "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "RangeMaximum", "RangeMinimum", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Dashboard.TimeRangeFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ExcludePeriodConfiguration", "markdownDescription": "The exclude period of the time range filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximumValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximumValue" }, "RangeMinimumValue": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TimeRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimumValue" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Dashboard.TimeRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter type input value.", "title": "Parameter", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RollingDateConfiguration", "markdownDescription": "The rolling date input value.", "title": "RollingDate" }, "StaticValue": { "markdownDescription": "The static input value.", "title": "StaticValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TooltipItem": { "additionalProperties": false, "properties": { "ColumnTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnTooltipItem", "markdownDescription": "The tooltip item for the columns that are not part of a field well.", "title": "ColumnTooltipItem" }, "FieldTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldTooltipItem", "markdownDescription": "The tooltip item for the fields.", "title": "FieldTooltipItem" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TooltipOptions": { "additionalProperties": false, "properties": { "FieldBasedTooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldBasedTooltip", "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", "title": "FieldBasedTooltip" }, "SelectedTooltipType": { "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", "title": "SelectedTooltipType", "type": "string" }, "TooltipVisibility": { "markdownDescription": "Determines whether or not the tooltip is visible.", "title": "TooltipVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TopBottomFilter": { "additionalProperties": false, "properties": { "AggregationSortConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AggregationSortConfiguration" }, "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", "title": "AggregationSortConfigurations", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "Limit": { "markdownDescription": "The number of items to include in the top bottom filter results.", "title": "Limit", "type": "number" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AggregationSortConfigurations", "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TopBottomMoversComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "MoverSize": { "markdownDescription": "The mover size setup of the top and bottom movers computation.", "title": "MoverSize", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "SortOrder": { "markdownDescription": "The sort order setup of the top and bottom movers computation.", "title": "SortOrder", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Dashboard.TopBottomRankedComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "ResultSize": { "markdownDescription": "The result size of a top and bottom ranked computation.", "title": "ResultSize", "type": "number" }, "Type": { "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Dashboard.TotalAggregationComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TotalAggregationFunction": { "additionalProperties": false, "properties": { "SimpleTotalAggregationFunction": { "markdownDescription": "A built in aggregation function for total values.", "title": "SimpleTotalAggregationFunction", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TotalAggregationOption": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field id that's associated with the total aggregation option.", "title": "FieldId", "type": "string" }, "TotalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationFunction", "markdownDescription": "The total aggregation function that you want to set for a specified field id.", "title": "TotalAggregationFunction" } }, "required": [ "FieldId", "TotalAggregationFunction" ], "type": "object" }, "AWS::QuickSight::Dashboard.TotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TotalAggregationOption" }, "markdownDescription": "The total aggregation settings for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableCellStyle", "markdownDescription": "Cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", "title": "Colors", "type": "array" }, "Groups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", "title": "Groups", "type": "array" }, "Sizes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", "title": "Sizes", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TreeMapConfiguration": { "additionalProperties": false, "properties": { "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", "title": "ColorLabelOptions" }, "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", "title": "ColorScale" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "GroupLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", "title": "GroupLabelOptions" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SizeLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", "title": "SizeLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapSortConfiguration", "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TreeMapFieldWells": { "additionalProperties": false, "properties": { "TreeMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a tree map.", "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { "TreeMapGroupItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed.", "title": "TreeMapGroupItemsLimitConfiguration" }, "TreeMapSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "TreeMapSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.TrendArrowOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the trend arrows.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.UnaggregatedField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnIdentifier", "markdownDescription": "The column that is used in the `UnaggregatedField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Dashboard.UniqueValuesComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Dashboard.ValidationStrategy": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::QuickSight::Dashboard.VisibleRangeOptions": { "additionalProperties": false, "properties": { "PercentRange": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PercentVisibleRange", "markdownDescription": "The percent range in the visible range.", "title": "PercentRange" } }, "type": "object" }, "AWS::QuickSight::Dashboard.Visual": { "additionalProperties": false, "properties": { "BarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BarChartVisual", "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", "title": "BarChartVisual" }, "BoxPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.BoxPlotVisual", "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", "title": "BoxPlotVisual" }, "ComboChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ComboChartVisual", "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", "title": "ComboChartVisual" }, "CustomContentVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomContentVisual", "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "CustomContentVisual" }, "EmptyVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.EmptyVisual", "markdownDescription": "An empty visual.", "title": "EmptyVisual" }, "FilledMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FilledMapVisual", "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", "title": "FilledMapVisual" }, "FunnelChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FunnelChartVisual", "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "FunnelChartVisual" }, "GaugeChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GaugeChartVisual", "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", "title": "GaugeChartVisual" }, "GeospatialMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.GeospatialMapVisual", "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", "title": "GeospatialMapVisual" }, "HeatMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HeatMapVisual", "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", "title": "HeatMapVisual" }, "HistogramVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.HistogramVisual", "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", "title": "HistogramVisual" }, "InsightVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.InsightVisual", "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", "title": "InsightVisual" }, "KPIVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.KPIVisual", "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", "title": "KPIVisual" }, "LineChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LineChartVisual", "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", "title": "LineChartVisual" }, "PieChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PieChartVisual", "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", "title": "PieChartVisual" }, "PivotTableVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.PivotTableVisual", "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", "title": "PivotTableVisual" }, "RadarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.RadarChartVisual", "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", "title": "RadarChartVisual" }, "SankeyDiagramVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.SankeyDiagramVisual", "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", "title": "SankeyDiagramVisual" }, "ScatterPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ScatterPlotVisual", "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", "title": "ScatterPlotVisual" }, "TableVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TableVisual", "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", "title": "TableVisual" }, "TreeMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.TreeMapVisual", "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", "title": "TreeMapVisual" }, "WaterfallVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallVisual", "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", "title": "WaterfallVisual" }, "WordCloudVisual": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudVisual", "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", "title": "WordCloudVisual" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualAxisSortOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The availaiblity status of a visual's axis sort options.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualCustomAction": { "additionalProperties": false, "properties": { "ActionOperations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomActionOperation" }, "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ActionOperations", "type": "array" }, "CustomActionId": { "markdownDescription": "The ID of the `VisualCustomAction` .", "title": "CustomActionId", "type": "string" }, "Name": { "markdownDescription": "The name of the `VisualCustomAction` .", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "The status of the `VisualCustomAction` .", "title": "Status", "type": "string" }, "Trigger": { "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", "title": "Trigger", "type": "string" } }, "required": [ "ActionOperations", "CustomActionId", "Name", "Trigger" ], "type": "object" }, "AWS::QuickSight::Dashboard.VisualCustomActionOperation": { "additionalProperties": false, "properties": { "FilterOperation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionFilterOperation", "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", "title": "FilterOperation" }, "NavigationOperation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionNavigationOperation", "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", "title": "NavigationOperation" }, "SetParametersOperation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionSetParametersOperation", "markdownDescription": "The set parameter operation that sets parameters in custom action.", "title": "SetParametersOperation" }, "URLOperation": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.CustomActionURLOperation", "markdownDescription": "The URL operation that opens a link to another webpage.", "title": "URLOperation" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualMenuOption": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The availaiblity status of a visual's menu options.", "title": "AvailabilityStatus", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualPalette": { "additionalProperties": false, "properties": { "ChartColor": { "markdownDescription": "The chart color options for the visual palette.", "title": "ChartColor", "type": "string" }, "ColorMap": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataPathColor" }, "markdownDescription": "The color map options for the visual palette.", "title": "ColorMap", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LongFormatText", "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the subtitle label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ShortFormatText", "markdownDescription": "The short text format of the title label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the title label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Breakdowns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The breakdown field wells of a waterfall visual.", "title": "Breakdowns", "type": "array" }, "Categories": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The category field wells of a waterfall visual.", "title": "Categories", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The value field wells of a waterfall visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { "CategoryAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the category axis.", "title": "CategoryAxisDisplayOptions" }, "CategoryAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the category axis label.", "title": "CategoryAxisLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DataLabelOptions", "markdownDescription": "The data label configuration of a waterfall visual.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.LegendOptions", "markdownDescription": "The legend configuration of a waterfall visual.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration", "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualPalette", "markdownDescription": "The visual palette configuration of a waterfall visual.", "title": "VisualPalette" }, "WaterfallChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartOptions", "markdownDescription": "The options that determine the presentation of a waterfall visual.", "title": "WaterfallChartOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { "WaterfallChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallChartOptions": { "additionalProperties": false, "properties": { "TotalBarLabel": { "markdownDescription": "This option determines the total bar label of a waterfall visual.", "title": "TotalBarLabel", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallChartSortConfiguration": { "additionalProperties": false, "properties": { "BreakdownItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of bar groups that are displayed.", "title": "BreakdownItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WaterfallChartConfiguration", "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Dashboard.WhatIfPointScenario": { "additionalProperties": false, "properties": { "Date": { "markdownDescription": "The date that you need the forecast results for.", "title": "Date", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date.", "title": "Value", "type": "number" } }, "required": [ "Date", "Value" ], "type": "object" }, "AWS::QuickSight::Dashboard.WhatIfRangeScenario": { "additionalProperties": false, "properties": { "EndDate": { "markdownDescription": "The end date in the date range that you need the forecast results for.", "title": "EndDate", "type": "string" }, "StartDate": { "markdownDescription": "The start date in the date range that you need the forecast results for.", "title": "StartDate", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date range.", "title": "Value", "type": "number" } }, "required": [ "EndDate", "StartDate", "Value" ], "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.DimensionField" }, "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.MeasureField" }, "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", "title": "Size", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudSortConfiguration", "markdownDescription": "The sort configuration of a word cloud visual.", "title": "SortConfiguration" }, "WordCloudOptions": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudOptions", "markdownDescription": "The options for a word cloud visual.", "title": "WordCloudOptions" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudFieldWells": { "additionalProperties": false, "properties": { "WordCloudAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a word cloud.", "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudOptions": { "additionalProperties": false, "properties": { "CloudLayout": { "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", "title": "CloudLayout", "type": "string" }, "MaximumStringLength": { "markdownDescription": "The length limit of each word from 1-100.", "title": "MaximumStringLength", "type": "number" }, "WordCasing": { "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", "title": "WordCasing", "type": "string" }, "WordOrientation": { "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", "title": "WordOrientation", "type": "string" }, "WordPadding": { "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", "title": "WordPadding", "type": "string" }, "WordScaling": { "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", "title": "WordScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Dashboard.WordCloudVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.WordCloudChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Dashboard.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::DataSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The AWS account ID.", "title": "AwsAccountId", "type": "string" }, "ColumnGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnGroup" }, "markdownDescription": "Groupings of columns that work together in certain Amazon QuickSight features. Currently, only geospatial hierarchy is supported.", "title": "ColumnGroups", "type": "array" }, "ColumnLevelPermissionRules": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnLevelPermissionRule" }, "markdownDescription": "A set of one or more definitions of a `ColumnLevelPermissionRule` .", "title": "ColumnLevelPermissionRules", "type": "array" }, "DataSetId": { "markdownDescription": "An ID for the dataset that you want to create. This ID is unique per AWS Region for each AWS account.", "title": "DataSetId", "type": "string" }, "DataSetRefreshProperties": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetRefreshProperties", "markdownDescription": "The refresh properties of a dataset.", "title": "DataSetRefreshProperties" }, "DataSetUsageConfiguration": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DataSetUsageConfiguration", "markdownDescription": "The usage configuration to apply to child datasets that reference this dataset as a source.", "title": "DataSetUsageConfiguration" }, "DatasetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DatasetParameter" }, "markdownDescription": "The parameters that are declared in a dataset.", "title": "DatasetParameters", "type": "array" }, "FieldFolders": { "additionalProperties": false, "markdownDescription": "The folder that contains fields and nested subfolders for your dataset.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::QuickSight::DataSet.FieldFolder" } }, "title": "FieldFolders", "type": "object" }, "ImportMode": { "markdownDescription": "Indicates whether you want to import the data into SPICE.", "title": "ImportMode", "type": "string" }, "IngestionWaitPolicy": { "$ref": "#/definitions/AWS::QuickSight::DataSet.IngestionWaitPolicy", "markdownDescription": "The wait policy to use when creating or updating a Dataset. The default is to wait for SPICE ingestion to finish with timeout of 36 hours.", "title": "IngestionWaitPolicy" }, "LogicalTableMap": { "additionalProperties": false, "markdownDescription": "Configures the combination and transformation of the data from the physical tables.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTable" } }, "title": "LogicalTableMap", "type": "object" }, "Name": { "markdownDescription": "The display name for the dataset.", "title": "Name", "type": "string" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ResourcePermission" }, "markdownDescription": "A list of resource permissions on the dataset.", "title": "Permissions", "type": "array" }, "PhysicalTableMap": { "additionalProperties": false, "markdownDescription": "Declares the physical tables that are available in the underlying data sources.", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::QuickSight::DataSet.PhysicalTable" } }, "title": "PhysicalTableMap", "type": "object" }, "RowLevelPermissionDataSet": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionDataSet", "markdownDescription": "The row-level security configuration for the data that you want to create.", "title": "RowLevelPermissionDataSet" }, "RowLevelPermissionTagConfiguration": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration", "markdownDescription": "The element you can use to define tags for row-level security.", "title": "RowLevelPermissionTagConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the dataset.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::DataSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::DataSet.CalculatedColumn": { "additionalProperties": false, "properties": { "ColumnId": { "markdownDescription": "A unique ID to identify a calculated column. During a dataset update, if the column ID of a calculated column matches that of an existing calculated column, Amazon QuickSight preserves the existing calculated column.", "title": "ColumnId", "type": "string" }, "ColumnName": { "markdownDescription": "Column name.", "title": "ColumnName", "type": "string" }, "Expression": { "markdownDescription": "An expression that defines the calculated column.", "title": "Expression", "type": "string" } }, "required": [ "ColumnId", "ColumnName", "Expression" ], "type": "object" }, "AWS::QuickSight::DataSet.CastColumnTypeOperation": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "Column name.", "title": "ColumnName", "type": "string" }, "Format": { "markdownDescription": "When casting a column from string to datetime type, you can supply a string in a format supported by Amazon QuickSight to denote the source data format.", "title": "Format", "type": "string" }, "NewColumnType": { "markdownDescription": "New column data type.", "title": "NewColumnType", "type": "string" }, "SubType": { "markdownDescription": "The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset.", "title": "SubType", "type": "string" } }, "required": [ "ColumnName", "NewColumnType" ], "type": "object" }, "AWS::QuickSight::DataSet.ColumnDescription": { "additionalProperties": false, "properties": { "Text": { "markdownDescription": "The text of a description for a column.", "title": "Text", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.ColumnGroup": { "additionalProperties": false, "properties": { "GeoSpatialColumnGroup": { "$ref": "#/definitions/AWS::QuickSight::DataSet.GeoSpatialColumnGroup", "markdownDescription": "Geospatial column group that denotes a hierarchy.", "title": "GeoSpatialColumnGroup" } }, "type": "object" }, "AWS::QuickSight::DataSet.ColumnLevelPermissionRule": { "additionalProperties": false, "properties": { "ColumnNames": { "items": { "type": "string" }, "markdownDescription": "An array of column names.", "title": "ColumnNames", "type": "array" }, "Principals": { "items": { "type": "string" }, "markdownDescription": "An array of Amazon Resource Names (ARNs) for Amazon QuickSight users or groups.", "title": "Principals", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.ColumnTag": { "additionalProperties": false, "properties": { "ColumnDescription": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnDescription", "markdownDescription": "A description for a column.", "title": "ColumnDescription" }, "ColumnGeographicRole": { "markdownDescription": "A geospatial role for a column.", "title": "ColumnGeographicRole", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.CreateColumnsOperation": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.CalculatedColumn" }, "markdownDescription": "Calculated columns to create.", "title": "Columns", "type": "array" } }, "required": [ "Columns" ], "type": "object" }, "AWS::QuickSight::DataSet.CustomSql": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, "markdownDescription": "The column schema from the SQL query result set.", "title": "Columns", "type": "array" }, "DataSourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the data source.", "title": "DataSourceArn", "type": "string" }, "Name": { "markdownDescription": "A display name for the SQL query result.", "title": "Name", "type": "string" }, "SqlQuery": { "markdownDescription": "The SQL query.", "title": "SqlQuery", "type": "string" } }, "required": [ "Columns", "DataSourceArn", "Name", "SqlQuery" ], "type": "object" }, "AWS::QuickSight::DataSet.DataSetRefreshProperties": { "additionalProperties": false, "properties": { "RefreshConfiguration": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RefreshConfiguration", "markdownDescription": "The refresh configuration for a dataset.", "title": "RefreshConfiguration" } }, "type": "object" }, "AWS::QuickSight::DataSet.DataSetUsageConfiguration": { "additionalProperties": false, "properties": { "DisableUseAsDirectQuerySource": { "markdownDescription": "An option that controls whether a child dataset of a direct query can use this dataset as a source.", "title": "DisableUseAsDirectQuerySource", "type": "boolean" }, "DisableUseAsImportedSource": { "markdownDescription": "An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.", "title": "DisableUseAsImportedSource", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::DataSet.DatasetParameter": { "additionalProperties": false, "properties": { "DateTimeDatasetParameter": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameter", "markdownDescription": "A date time parameter that is created in the dataset.", "title": "DateTimeDatasetParameter" }, "DecimalDatasetParameter": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameter", "markdownDescription": "A decimal parameter that is created in the dataset.", "title": "DecimalDatasetParameter" }, "IntegerDatasetParameter": { "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameter", "markdownDescription": "An integer parameter that is created in the dataset.", "title": "IntegerDatasetParameter" }, "StringDatasetParameter": { "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameter", "markdownDescription": "A string parameter that is created in the dataset.", "title": "StringDatasetParameter" } }, "type": "object" }, "AWS::QuickSight::DataSet.DateTimeDatasetParameter": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues", "markdownDescription": "A list of default values for a given date time parameter. This structure only accepts static values.", "title": "DefaultValues" }, "Id": { "markdownDescription": "An identifier for the parameter that is created in the dataset.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the date time parameter that is created in the dataset.", "title": "Name", "type": "string" }, "TimeGranularity": { "markdownDescription": "The time granularity of the date time parameter.", "title": "TimeGranularity", "type": "string" }, "ValueType": { "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", "title": "ValueType", "type": "string" } }, "required": [ "Id", "Name", "ValueType" ], "type": "object" }, "AWS::QuickSight::DataSet.DateTimeDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { "StaticValues": { "items": { "type": "string" }, "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.DecimalDatasetParameter": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues", "markdownDescription": "A list of default values for a given decimal parameter. This structure only accepts static values.", "title": "DefaultValues" }, "Id": { "markdownDescription": "An identifier for the decimal parameter created in the dataset.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the decimal parameter that is created in the dataset.", "title": "Name", "type": "string" }, "ValueType": { "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", "title": "ValueType", "type": "string" } }, "required": [ "Id", "Name", "ValueType" ], "type": "object" }, "AWS::QuickSight::DataSet.DecimalDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { "StaticValues": { "items": { "type": "number" }, "markdownDescription": "A list of static default values for a given decimal parameter.", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.FieldFolder": { "additionalProperties": false, "properties": { "Columns": { "items": { "type": "string" }, "markdownDescription": "A folder has a list of columns. A column can only be in one folder.", "title": "Columns", "type": "array" }, "Description": { "markdownDescription": "The description for a field folder.", "title": "Description", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.FilterOperation": { "additionalProperties": false, "properties": { "ConditionExpression": { "markdownDescription": "An expression that must evaluate to a Boolean value. Rows for which the expression evaluates to true are kept in the dataset.", "title": "ConditionExpression", "type": "string" } }, "required": [ "ConditionExpression" ], "type": "object" }, "AWS::QuickSight::DataSet.GeoSpatialColumnGroup": { "additionalProperties": false, "properties": { "Columns": { "items": { "type": "string" }, "markdownDescription": "Columns in this hierarchy.", "title": "Columns", "type": "array" }, "CountryCode": { "markdownDescription": "Country code.", "title": "CountryCode", "type": "string" }, "Name": { "markdownDescription": "A display name for the hierarchy.", "title": "Name", "type": "string" } }, "required": [ "Columns", "Name" ], "type": "object" }, "AWS::QuickSight::DataSet.IncrementalRefresh": { "additionalProperties": false, "properties": { "LookbackWindow": { "$ref": "#/definitions/AWS::QuickSight::DataSet.LookbackWindow", "markdownDescription": "The lookback window setup for an incremental refresh configuration.", "title": "LookbackWindow" } }, "type": "object" }, "AWS::QuickSight::DataSet.IngestionWaitPolicy": { "additionalProperties": false, "properties": { "IngestionWaitTimeInHours": { "markdownDescription": "The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. Applicable only when `DataSetImportMode` mode is set to SPICE and `WaitForSpiceIngestion` is set to true.", "title": "IngestionWaitTimeInHours", "type": "number" }, "WaitForSpiceIngestion": { "markdownDescription": "Wait for SPICE ingestion to finish to mark dataset creation or update as successful. Default (true). Applicable only when `DataSetImportMode` mode is set to SPICE.", "title": "WaitForSpiceIngestion", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::DataSet.InputColumn": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of this column in the underlying data source.", "title": "Name", "type": "string" }, "SubType": { "markdownDescription": "The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset.", "title": "SubType", "type": "string" }, "Type": { "markdownDescription": "The data type of the column.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::QuickSight::DataSet.IntegerDatasetParameter": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues", "markdownDescription": "A list of default values for a given integer parameter. This structure only accepts static values.", "title": "DefaultValues" }, "Id": { "markdownDescription": "An identifier for the integer parameter created in the dataset.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the integer parameter that is created in the dataset.", "title": "Name", "type": "string" }, "ValueType": { "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", "title": "ValueType", "type": "string" } }, "required": [ "Id", "Name", "ValueType" ], "type": "object" }, "AWS::QuickSight::DataSet.IntegerDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { "StaticValues": { "items": { "type": "number" }, "markdownDescription": "A list of static default values for a given integer parameter.", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.JoinInstruction": { "additionalProperties": false, "properties": { "LeftJoinKeyProperties": { "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", "markdownDescription": "Join key properties of the left operand.", "title": "LeftJoinKeyProperties" }, "LeftOperand": { "markdownDescription": "The operand on the left side of a join.", "title": "LeftOperand", "type": "string" }, "OnClause": { "markdownDescription": "The join instructions provided in the `ON` clause of a join.", "title": "OnClause", "type": "string" }, "RightJoinKeyProperties": { "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinKeyProperties", "markdownDescription": "Join key properties of the right operand.", "title": "RightJoinKeyProperties" }, "RightOperand": { "markdownDescription": "The operand on the right side of a join.", "title": "RightOperand", "type": "string" }, "Type": { "markdownDescription": "The type of join that it is.", "title": "Type", "type": "string" } }, "required": [ "LeftOperand", "OnClause", "RightOperand", "Type" ], "type": "object" }, "AWS::QuickSight::DataSet.JoinKeyProperties": { "additionalProperties": false, "properties": { "UniqueKey": { "markdownDescription": "A value that indicates that a row in a table is uniquely identified by the columns in a join key. This is used by Amazon QuickSight to optimize query performance.", "title": "UniqueKey", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::DataSet.LogicalTable": { "additionalProperties": false, "properties": { "Alias": { "markdownDescription": "A display name for the logical table.", "title": "Alias", "type": "string" }, "DataTransforms": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.TransformOperation" }, "markdownDescription": "Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.", "title": "DataTransforms", "type": "array" }, "Source": { "$ref": "#/definitions/AWS::QuickSight::DataSet.LogicalTableSource", "markdownDescription": "Source of this logical table.", "title": "Source" } }, "required": [ "Alias", "Source" ], "type": "object" }, "AWS::QuickSight::DataSet.LogicalTableSource": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "The Amazon Resource Number (ARN) of the parent dataset.", "title": "DataSetArn", "type": "string" }, "JoinInstruction": { "$ref": "#/definitions/AWS::QuickSight::DataSet.JoinInstruction", "markdownDescription": "Specifies the result of a join of two logical tables.", "title": "JoinInstruction" }, "PhysicalTableId": { "markdownDescription": "Physical table ID.", "title": "PhysicalTableId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.LookbackWindow": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the lookback window column.", "title": "ColumnName", "type": "string" }, "Size": { "markdownDescription": "The lookback window column size.", "title": "Size", "type": "number" }, "SizeUnit": { "markdownDescription": "The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` .", "title": "SizeUnit", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.NewDefaultValues": { "additionalProperties": false, "properties": { "DateTimeStaticValues": { "items": { "type": "string" }, "markdownDescription": "A list of static default values for a given date time parameter. The valid format for this property is `yyyy-MM-dd\u2019T\u2019HH:mm:ss\u2019Z\u2019` .", "title": "DateTimeStaticValues", "type": "array" }, "DecimalStaticValues": { "items": { "type": "number" }, "markdownDescription": "A list of static default values for a given decimal parameter.", "title": "DecimalStaticValues", "type": "array" }, "IntegerStaticValues": { "items": { "type": "number" }, "markdownDescription": "A list of static default values for a given integer parameter.", "title": "IntegerStaticValues", "type": "array" }, "StringStaticValues": { "items": { "type": "string" }, "markdownDescription": "A list of static default values for a given string parameter.", "title": "StringStaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.OutputColumn": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for a column.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The display name of the column..", "title": "Name", "type": "string" }, "SubType": { "markdownDescription": "The sub data type of the column.", "title": "SubType", "type": "string" }, "Type": { "markdownDescription": "The data type of the column.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSet.OverrideDatasetParameterOperation": { "additionalProperties": false, "properties": { "NewDefaultValues": { "$ref": "#/definitions/AWS::QuickSight::DataSet.NewDefaultValues", "markdownDescription": "The new default values for the parameter.", "title": "NewDefaultValues" }, "NewParameterName": { "markdownDescription": "The new name for the parameter.", "title": "NewParameterName", "type": "string" }, "ParameterName": { "markdownDescription": "The name of the parameter to be overridden with different values.", "title": "ParameterName", "type": "string" } }, "required": [ "ParameterName" ], "type": "object" }, "AWS::QuickSight::DataSet.PhysicalTable": { "additionalProperties": false, "properties": { "CustomSql": { "$ref": "#/definitions/AWS::QuickSight::DataSet.CustomSql", "markdownDescription": "A physical table type built from the results of the custom SQL query.", "title": "CustomSql" }, "RelationalTable": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RelationalTable", "markdownDescription": "A physical table type for relational data sources.", "title": "RelationalTable" }, "S3Source": { "$ref": "#/definitions/AWS::QuickSight::DataSet.S3Source", "markdownDescription": "A physical table type for as S3 data source.", "title": "S3Source" } }, "type": "object" }, "AWS::QuickSight::DataSet.ProjectOperation": { "additionalProperties": false, "properties": { "ProjectedColumns": { "items": { "type": "string" }, "markdownDescription": "Projected columns.", "title": "ProjectedColumns", "type": "array" } }, "required": [ "ProjectedColumns" ], "type": "object" }, "AWS::QuickSight::DataSet.RefreshConfiguration": { "additionalProperties": false, "properties": { "IncrementalRefresh": { "$ref": "#/definitions/AWS::QuickSight::DataSet.IncrementalRefresh", "markdownDescription": "The incremental refresh for the dataset.", "title": "IncrementalRefresh" } }, "type": "object" }, "AWS::QuickSight::DataSet.RelationalTable": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The catalog associated with a table.", "title": "Catalog", "type": "string" }, "DataSourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", "title": "DataSourceArn", "type": "string" }, "InputColumns": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, "markdownDescription": "The column schema of the table.", "title": "InputColumns", "type": "array" }, "Name": { "markdownDescription": "The name of the relational table.", "title": "Name", "type": "string" }, "Schema": { "markdownDescription": "The schema name. This name applies to certain relational database engines.", "title": "Schema", "type": "string" } }, "required": [ "DataSourceArn", "InputColumns", "Name" ], "type": "object" }, "AWS::QuickSight::DataSet.RenameColumnOperation": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the column to be renamed.", "title": "ColumnName", "type": "string" }, "NewColumnName": { "markdownDescription": "The new name for the column.", "title": "NewColumnName", "type": "string" } }, "required": [ "ColumnName", "NewColumnName" ], "type": "object" }, "AWS::QuickSight::DataSet.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permisions on", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::DataSet.RowLevelPermissionDataSet": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.", "title": "Arn", "type": "string" }, "FormatVersion": { "markdownDescription": "The user or group rules associated with the dataset that contains permissions for RLS.\n\nBy default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist.", "title": "FormatVersion", "type": "string" }, "Namespace": { "markdownDescription": "The namespace associated with the dataset that contains permissions for RLS.", "title": "Namespace", "type": "string" }, "PermissionPolicy": { "markdownDescription": "The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only.", "title": "PermissionPolicy", "type": "string" }, "Status": { "markdownDescription": "The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", "title": "Status", "type": "string" } }, "required": [ "Arn", "PermissionPolicy" ], "type": "object" }, "AWS::QuickSight::DataSet.RowLevelPermissionTagConfiguration": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` .", "title": "Status", "type": "string" }, "TagRuleConfigurations": { "markdownDescription": "The configuration of tags on a dataset to set row-level security.", "title": "TagRuleConfigurations", "type": "object" }, "TagRules": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RowLevelPermissionTagRule" }, "markdownDescription": "A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.", "title": "TagRules", "type": "array" } }, "required": [ "TagRules" ], "type": "object" }, "AWS::QuickSight::DataSet.RowLevelPermissionTagRule": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The column name that a tag key is assigned to.", "title": "ColumnName", "type": "string" }, "MatchAllValue": { "markdownDescription": "A string that you want to use to filter by all the values in a column in the dataset and don\u2019t want to list the values one by one. For example, you can use an asterisk as your match all value.", "title": "MatchAllValue", "type": "string" }, "TagKey": { "markdownDescription": "The unique key for a tag.", "title": "TagKey", "type": "string" }, "TagMultiValueDelimiter": { "markdownDescription": "A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.", "title": "TagMultiValueDelimiter", "type": "string" } }, "required": [ "ColumnName", "TagKey" ], "type": "object" }, "AWS::QuickSight::DataSet.S3Source": { "additionalProperties": false, "properties": { "DataSourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the data source.", "title": "DataSourceArn", "type": "string" }, "InputColumns": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.InputColumn" }, "markdownDescription": "A physical table type for an S3 data source.\n\n> For files that aren't JSON, only `STRING` data types are supported in input columns.", "title": "InputColumns", "type": "array" }, "UploadSettings": { "$ref": "#/definitions/AWS::QuickSight::DataSet.UploadSettings", "markdownDescription": "Information about the format for the S3 source file or files.", "title": "UploadSettings" } }, "required": [ "DataSourceArn", "InputColumns" ], "type": "object" }, "AWS::QuickSight::DataSet.StringDatasetParameter": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues", "markdownDescription": "A list of default values for a given string dataset parameter type. This structure only accepts static values.", "title": "DefaultValues" }, "Id": { "markdownDescription": "An identifier for the string parameter that is created in the dataset.", "title": "Id", "type": "string" }, "Name": { "markdownDescription": "The name of the string parameter that is created in the dataset.", "title": "Name", "type": "string" }, "ValueType": { "markdownDescription": "The value type of the dataset parameter. Valid values are `single value` or `multi value` .", "title": "ValueType", "type": "string" } }, "required": [ "Id", "Name", "ValueType" ], "type": "object" }, "AWS::QuickSight::DataSet.StringDatasetParameterDefaultValues": { "additionalProperties": false, "properties": { "StaticValues": { "items": { "type": "string" }, "markdownDescription": "A list of static default values for a given string parameter.", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::DataSet.TagColumnOperation": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The column that this operation acts on.", "title": "ColumnName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ColumnTag" }, "markdownDescription": "The dataset column tag, currently only used for geospatial type tagging.\n\n> This is not tags for the AWS tagging feature.", "title": "Tags", "type": "array" } }, "required": [ "ColumnName", "Tags" ], "type": "object" }, "AWS::QuickSight::DataSet.TransformOperation": { "additionalProperties": false, "properties": { "CastColumnTypeOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.CastColumnTypeOperation", "markdownDescription": "A transform operation that casts a column to a different type.", "title": "CastColumnTypeOperation" }, "CreateColumnsOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.CreateColumnsOperation", "markdownDescription": "An operation that creates calculated columns. Columns created in one such operation form a lexical closure.", "title": "CreateColumnsOperation" }, "FilterOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.FilterOperation", "markdownDescription": "An operation that filters rows based on some condition.", "title": "FilterOperation" }, "OverrideDatasetParameterOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.OverrideDatasetParameterOperation", "markdownDescription": "", "title": "OverrideDatasetParameterOperation" }, "ProjectOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.ProjectOperation", "markdownDescription": "An operation that projects columns. Operations that come after a projection can only refer to projected columns.", "title": "ProjectOperation" }, "RenameColumnOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.RenameColumnOperation", "markdownDescription": "An operation that renames a column.", "title": "RenameColumnOperation" }, "TagColumnOperation": { "$ref": "#/definitions/AWS::QuickSight::DataSet.TagColumnOperation", "markdownDescription": "An operation that tags a column with additional information.", "title": "TagColumnOperation" } }, "type": "object" }, "AWS::QuickSight::DataSet.UploadSettings": { "additionalProperties": false, "properties": { "ContainsHeader": { "markdownDescription": "Whether the file has a header row, or the files each have a header row.", "title": "ContainsHeader", "type": "boolean" }, "Delimiter": { "markdownDescription": "The delimiter between values in the file.", "title": "Delimiter", "type": "string" }, "Format": { "markdownDescription": "File format.", "title": "Format", "type": "string" }, "StartFromRow": { "markdownDescription": "A row number to start reading data from.", "title": "StartFromRow", "type": "number" }, "TextQualifier": { "markdownDescription": "Text qualifier.", "title": "TextQualifier", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AlternateDataSourceParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" }, "markdownDescription": "A set of alternate data source parameters that you want to share for the credentials stored with this data source. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the credentials from this existing data source. If the `AlternateDataSourceParameters` list is null, the `Credentials` originally used with this `DataSourceParameters` are automatically allowed.", "title": "AlternateDataSourceParameters", "type": "array" }, "AwsAccountId": { "markdownDescription": "The AWS account ID.", "title": "AwsAccountId", "type": "string" }, "Credentials": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceCredentials", "markdownDescription": "The credentials Amazon QuickSight that uses to connect to your underlying source. Currently, only credentials based on user name and password are supported.", "title": "Credentials" }, "DataSourceId": { "markdownDescription": "An ID for the data source. This ID is unique per AWS Region for each AWS account.", "title": "DataSourceId", "type": "string" }, "DataSourceParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters", "markdownDescription": "The parameters that Amazon QuickSight uses to connect to your underlying source.", "title": "DataSourceParameters" }, "ErrorInfo": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceErrorInfo", "markdownDescription": "Error information from the last update or the creation of the data source.", "title": "ErrorInfo" }, "Name": { "markdownDescription": "A display name for the data source.", "title": "Name", "type": "string" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSource.ResourcePermission" }, "markdownDescription": "A list of resource permissions on the data source.", "title": "Permissions", "type": "array" }, "SslProperties": { "$ref": "#/definitions/AWS::QuickSight::DataSource.SslProperties", "markdownDescription": "Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your underlying source.", "title": "SslProperties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the data source.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the data source. To return a list of all data sources, use `ListDataSources` .\n\nUse `AMAZON_ELASTICSEARCH` for Amazon OpenSearch Service.", "title": "Type", "type": "string" }, "VpcConnectionProperties": { "$ref": "#/definitions/AWS::QuickSight::DataSource.VpcConnectionProperties", "markdownDescription": "Use this parameter only when you want Amazon QuickSight to use a VPC connection when connecting to your underlying source.", "title": "VpcConnectionProperties" } }, "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::DataSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::DataSource.AmazonElasticsearchParameters": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The OpenSearch domain.", "title": "Domain", "type": "string" } }, "required": [ "Domain" ], "type": "object" }, "AWS::QuickSight::DataSource.AmazonOpenSearchParameters": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The OpenSearch domain.", "title": "Domain", "type": "string" } }, "required": [ "Domain" ], "type": "object" }, "AWS::QuickSight::DataSource.AthenaParameters": { "additionalProperties": false, "properties": { "RoleArn": { "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.", "title": "RoleArn", "type": "string" }, "WorkGroup": { "markdownDescription": "The workgroup that Amazon Athena uses.", "title": "WorkGroup", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSource.AuroraParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.AuroraPostgreSqlParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "The Amazon Aurora PostgreSQL database to connect to.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "The Amazon Aurora PostgreSQL-Compatible host to connect to.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port that Amazon Aurora PostgreSQL is listening on.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.CredentialPair": { "additionalProperties": false, "properties": { "AlternateDataSourceParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DataSourceParameters" }, "markdownDescription": "A set of alternate data source parameters that you want to share for these credentials. The credentials are applied in tandem with the data source parameters when you copy a data source by using a create or update request. The API operation compares the `DataSourceParameters` structure that's in the request with the structures in the `AlternateDataSourceParameters` allow list. If the structures are an exact match, the request is allowed to use the new data source with the existing credentials. If the `AlternateDataSourceParameters` list is null, the `DataSourceParameters` originally used with these `Credentials` is automatically allowed.", "title": "AlternateDataSourceParameters", "type": "array" }, "Password": { "markdownDescription": "Password.", "title": "Password", "type": "string" }, "Username": { "markdownDescription": "User name.", "title": "Username", "type": "string" } }, "required": [ "Password", "Username" ], "type": "object" }, "AWS::QuickSight::DataSource.DataSourceCredentials": { "additionalProperties": false, "properties": { "CopySourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of a data source that has the credential pair that you want to use. When `CopySourceArn` is not null, the credential pair from the data source in the ARN is used as the credentials for the `DataSourceCredentials` structure.", "title": "CopySourceArn", "type": "string" }, "CredentialPair": { "$ref": "#/definitions/AWS::QuickSight::DataSource.CredentialPair", "markdownDescription": "Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` .", "title": "CredentialPair" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret associated with the data source in AWS Secrets Manager .", "title": "SecretArn", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSource.DataSourceErrorInfo": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "Error message.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "Error type.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::DataSource.DataSourceParameters": { "additionalProperties": false, "properties": { "AmazonElasticsearchParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonElasticsearchParameters", "markdownDescription": "The parameters for OpenSearch.", "title": "AmazonElasticsearchParameters" }, "AmazonOpenSearchParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.AmazonOpenSearchParameters", "markdownDescription": "The parameters for OpenSearch.", "title": "AmazonOpenSearchParameters" }, "AthenaParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.AthenaParameters", "markdownDescription": "The parameters for Amazon Athena.", "title": "AthenaParameters" }, "AuroraParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraParameters", "markdownDescription": "The parameters for Amazon Aurora MySQL.", "title": "AuroraParameters" }, "AuroraPostgreSqlParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.AuroraPostgreSqlParameters", "markdownDescription": "The parameters for Amazon Aurora.", "title": "AuroraPostgreSqlParameters" }, "DatabricksParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.DatabricksParameters", "markdownDescription": "The required parameters that are needed to connect to a Databricks data source.", "title": "DatabricksParameters" }, "MariaDbParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.MariaDbParameters", "markdownDescription": "The parameters for MariaDB.", "title": "MariaDbParameters" }, "MySqlParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.MySqlParameters", "markdownDescription": "The parameters for MySQL.", "title": "MySqlParameters" }, "OracleParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.OracleParameters", "markdownDescription": "Oracle parameters.", "title": "OracleParameters" }, "PostgreSqlParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.PostgreSqlParameters", "markdownDescription": "The parameters for PostgreSQL.", "title": "PostgreSqlParameters" }, "PrestoParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.PrestoParameters", "markdownDescription": "The parameters for Presto.", "title": "PrestoParameters" }, "RdsParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.RdsParameters", "markdownDescription": "The parameters for Amazon RDS.", "title": "RdsParameters" }, "RedshiftParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.RedshiftParameters", "markdownDescription": "The parameters for Amazon Redshift.", "title": "RedshiftParameters" }, "S3Parameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.S3Parameters", "markdownDescription": "The parameters for S3.", "title": "S3Parameters" }, "SnowflakeParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.SnowflakeParameters", "markdownDescription": "The parameters for Snowflake.", "title": "SnowflakeParameters" }, "SparkParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.SparkParameters", "markdownDescription": "The parameters for Spark.", "title": "SparkParameters" }, "SqlServerParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.SqlServerParameters", "markdownDescription": "The parameters for SQL Server.", "title": "SqlServerParameters" }, "StarburstParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.StarburstParameters", "markdownDescription": "The parameters that are required to connect to a Starburst data source.", "title": "StarburstParameters" }, "TeradataParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.TeradataParameters", "markdownDescription": "The parameters for Teradata.", "title": "TeradataParameters" }, "TrinoParameters": { "$ref": "#/definitions/AWS::QuickSight::DataSource.TrinoParameters", "markdownDescription": "The parameters that are required to connect to a Trino data source.", "title": "TrinoParameters" } }, "type": "object" }, "AWS::QuickSight::DataSource.DatabricksParameters": { "additionalProperties": false, "properties": { "Host": { "markdownDescription": "The host name of the Databricks data source.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port for the Databricks data source.", "title": "Port", "type": "number" }, "SqlEndpointPath": { "markdownDescription": "The HTTP path of the Databricks data source.", "title": "SqlEndpointPath", "type": "string" } }, "required": [ "Host", "Port", "SqlEndpointPath" ], "type": "object" }, "AWS::QuickSight::DataSource.ManifestFileLocation": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "Amazon S3 bucket.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "Amazon S3 key that identifies an object.", "title": "Key", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::QuickSight::DataSource.MariaDbParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.MySqlParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.OracleParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.PostgreSqlParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.PrestoParameters": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "Catalog.", "title": "Catalog", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Catalog", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.RdsParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "InstanceId": { "markdownDescription": "Instance ID.", "title": "InstanceId", "type": "string" } }, "required": [ "Database", "InstanceId" ], "type": "object" }, "AWS::QuickSight::DataSource.RedshiftParameters": { "additionalProperties": false, "properties": { "ClusterId": { "markdownDescription": "Cluster ID. This field can be blank if the `Host` and `Port` are provided.", "title": "ClusterId", "type": "string" }, "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host. This field can be blank if `ClusterId` is provided.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port. This field can be blank if the `ClusterId` is provided.", "title": "Port", "type": "number" } }, "required": [ "Database" ], "type": "object" }, "AWS::QuickSight::DataSource.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permissions on.", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::DataSource.S3Parameters": { "additionalProperties": false, "properties": { "ManifestFileLocation": { "$ref": "#/definitions/AWS::QuickSight::DataSource.ManifestFileLocation", "markdownDescription": "Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Amazon QuickSight.", "title": "ManifestFileLocation" }, "RoleArn": { "markdownDescription": "Use the `RoleArn` structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use `RoleArn` to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.", "title": "RoleArn", "type": "string" } }, "required": [ "ManifestFileLocation" ], "type": "object" }, "AWS::QuickSight::DataSource.SnowflakeParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Warehouse": { "markdownDescription": "Warehouse.", "title": "Warehouse", "type": "string" } }, "required": [ "Database", "Host", "Warehouse" ], "type": "object" }, "AWS::QuickSight::DataSource.SparkParameters": { "additionalProperties": false, "properties": { "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.SqlServerParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.SslProperties": { "additionalProperties": false, "properties": { "DisableSsl": { "markdownDescription": "A Boolean option to control whether SSL should be disabled.", "title": "DisableSsl", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::DataSource.StarburstParameters": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The catalog name for the Starburst data source.", "title": "Catalog", "type": "string" }, "Host": { "markdownDescription": "The host name of the Starburst data source.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port for the Starburst data source.", "title": "Port", "type": "number" }, "ProductType": { "markdownDescription": "The product type for the Starburst data source.", "title": "ProductType", "type": "string" } }, "required": [ "Catalog", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.TeradataParameters": { "additionalProperties": false, "properties": { "Database": { "markdownDescription": "Database.", "title": "Database", "type": "string" }, "Host": { "markdownDescription": "Host.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "Port.", "title": "Port", "type": "number" } }, "required": [ "Database", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.TrinoParameters": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The catalog name for the Trino data source.", "title": "Catalog", "type": "string" }, "Host": { "markdownDescription": "The host name of the Trino data source.", "title": "Host", "type": "string" }, "Port": { "markdownDescription": "The port for the Trino data source.", "title": "Port", "type": "number" } }, "required": [ "Catalog", "Host", "Port" ], "type": "object" }, "AWS::QuickSight::DataSource.VpcConnectionProperties": { "additionalProperties": false, "properties": { "VpcConnectionArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the VPC connection.", "title": "VpcConnectionArn", "type": "string" } }, "required": [ "VpcConnectionArn" ], "type": "object" }, "AWS::QuickSight::RefreshSchedule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The AWS account ID of the account that you are creating a schedule in.", "title": "AwsAccountId", "type": "string" }, "DataSetId": { "markdownDescription": "The ID of the dataset that you are creating a refresh schedule for.", "title": "DataSetId", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshScheduleMap", "markdownDescription": "The refresh schedule of a dataset.", "title": "Schedule" } }, "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::RefreshSchedule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::RefreshSchedule.RefreshOnDay": { "additionalProperties": false, "properties": { "DayOfMonth": { "markdownDescription": "The day of the month that you want your dataset to refresh. This value is required for monthly refresh intervals.", "title": "DayOfMonth", "type": "string" }, "DayOfWeek": { "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", "title": "DayOfWeek", "type": "string" } }, "type": "object" }, "AWS::QuickSight::RefreshSchedule.RefreshScheduleMap": { "additionalProperties": false, "properties": { "RefreshType": { "markdownDescription": "The type of refresh that a dataset undergoes. Valid values are as follows:\n\n- `FULL_REFRESH` : A complete refresh of a dataset.\n- `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified.\n\nFor more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Amazon QuickSight User Guide* .", "title": "RefreshType", "type": "string" }, "ScheduleFrequency": { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.ScheduleFrequency", "markdownDescription": "The frequency for the refresh schedule.", "title": "ScheduleFrequency" }, "ScheduleId": { "markdownDescription": "An identifier for the refresh schedule.", "title": "ScheduleId", "type": "string" }, "StartAfterDateTime": { "markdownDescription": "Time after which the refresh schedule can be started, expressed in `YYYY-MM-DDTHH:MM:SS` format.", "title": "StartAfterDateTime", "type": "string" } }, "type": "object" }, "AWS::QuickSight::RefreshSchedule.ScheduleFrequency": { "additionalProperties": false, "properties": { "Interval": { "markdownDescription": "The interval between scheduled refreshes. Valid values are as follows:\n\n- `MINUTE15` : The dataset refreshes every 15 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `MINUTE30` : The dataset refreshes every 30 minutes. This value is only supported for incremental refreshes. This interval can only be used for one schedule per dataset.\n- `HOURLY` : The dataset refreshes every hour. This interval can only be used for one schedule per dataset.\n- `DAILY` : The dataset refreshes every day.\n- `WEEKLY` : The dataset refreshes every week.\n- `MONTHLY` : The dataset refreshes every month.", "title": "Interval", "type": "string" }, "RefreshOnDay": { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule.RefreshOnDay", "markdownDescription": "The day of the week that you want to schedule the refresh on. This value is required for weekly and monthly refresh intervals.", "title": "RefreshOnDay" }, "TimeOfTheDay": { "markdownDescription": "The time of day that you want the dataset to refresh. This value is expressed in HH:MM format. This field is not required for schedules that refresh hourly.", "title": "TimeOfTheDay", "type": "string" }, "TimeZone": { "markdownDescription": "The timezone that you want the refresh schedule to use. The timezone ID must match a corresponding ID found on `java.util.time.getAvailableIDs()` .", "title": "TimeZone", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The ID for the AWS account that the group is in. You use the ID for the AWS account that contains your Amazon QuickSight account.", "title": "AwsAccountId", "type": "string" }, "Definition": { "$ref": "#/definitions/AWS::QuickSight::Template.TemplateVersionDefinition", "markdownDescription": "", "title": "Definition" }, "Name": { "markdownDescription": "A display name for the template.", "title": "Name", "type": "string" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ResourcePermission" }, "markdownDescription": "A list of resource permissions to be set on the template.", "title": "Permissions", "type": "array" }, "SourceEntity": { "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceEntity", "markdownDescription": "The entity that you are using as a source when you create the template. In `SourceEntity` , you specify the type of object you're using as source: `SourceTemplate` for a template or `SourceAnalysis` for an analysis. Both of these require an Amazon Resource Name (ARN). For `SourceTemplate` , specify the ARN of the source template. For `SourceAnalysis` , specify the ARN of the source analysis. The `SourceTemplate` ARN can contain any AWS account and any Amazon QuickSight-supported AWS Region .\n\nUse the `DataSetReferences` entity within `SourceTemplate` or `SourceAnalysis` to list the replacement datasets for the placeholders listed in the original. The schema in each dataset must match its placeholder.\n\nEither a `SourceEntity` or a `Definition` must be provided in order for the request to be valid.", "title": "SourceEntity" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Contains a map of the key-value pairs for the resource tag or tags assigned to the resource.", "title": "Tags", "type": "array" }, "TemplateId": { "markdownDescription": "An ID for the template that you want to create. This template is unique per AWS Region ; in each AWS account.", "title": "TemplateId", "type": "string" }, "ValidationStrategy": { "$ref": "#/definitions/AWS::QuickSight::Template.ValidationStrategy", "markdownDescription": "The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to `LENIENT` , validation is skipped for specific errors.", "title": "ValidationStrategy" }, "VersionDescription": { "markdownDescription": "A description of the current template version being created. This API operation creates the first version of the template. Every time `UpdateTemplate` is called, a new version is created. Each version of the template maintains a description of the version in the `VersionDescription` field.", "title": "VersionDescription", "type": "string" } }, "required": [ "AwsAccountId", "TemplateId" ], "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::Template" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QuickSight::Template.AggregationFunction": { "additionalProperties": false, "properties": { "AttributeAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AttributeAggregationFunction", "markdownDescription": "Aggregation for attributes.", "title": "AttributeAggregationFunction" }, "CategoricalAggregationFunction": { "markdownDescription": "Aggregation for categorical values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.", "title": "CategoricalAggregationFunction", "type": "string" }, "DateAggregationFunction": { "markdownDescription": "Aggregation for date values.\n\n- `COUNT` : Aggregate by the total number of values, including duplicates.\n- `DISTINCT_COUNT` : Aggregate by the total number of distinct values.\n- `MIN` : Select the smallest date value.\n- `MAX` : Select the largest date value.", "title": "DateAggregationFunction", "type": "string" }, "NumericalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", "markdownDescription": "Aggregation for numerical values.", "title": "NumericalAggregationFunction" } }, "type": "object" }, "AWS::QuickSight::Template.AggregationSortConfiguration": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The function that aggregates the values in `Column` .", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that determines the sort order of aggregated values.", "title": "Column" }, "SortDirection": { "markdownDescription": "The sort direction of values.\n\n- `ASC` : Sort in ascending order.\n- `DESC` : Sort in descending order.", "title": "SortDirection", "type": "string" } }, "required": [ "Column", "SortDirection" ], "type": "object" }, "AWS::QuickSight::Template.AnalysisDefaults": { "additionalProperties": false, "properties": { "DefaultNewSheetConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultNewSheetConfiguration", "markdownDescription": "The configuration for default new sheet settings.", "title": "DefaultNewSheetConfiguration" } }, "required": [ "DefaultNewSheetConfiguration" ], "type": "object" }, "AWS::QuickSight::Template.AnchorDateConfiguration": { "additionalProperties": false, "properties": { "AnchorOption": { "markdownDescription": "The options for the date configuration. Choose one of the options below:\n\n- `NOW`", "title": "AnchorOption", "type": "string" }, "ParameterName": { "markdownDescription": "The name of the parameter that is used for the anchor date configuration.", "title": "ParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ArcAxisConfiguration": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisDisplayRange", "markdownDescription": "The arc axis range of a `GaugeChartVisual` .", "title": "Range" }, "ReserveRange": { "markdownDescription": "The reserved range of the arc axis.", "title": "ReserveRange", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.ArcAxisDisplayRange": { "additionalProperties": false, "properties": { "Max": { "markdownDescription": "The maximum value of the arc axis range.", "title": "Max", "type": "number" }, "Min": { "markdownDescription": "The minimum value of the arc axis range.", "title": "Min", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.ArcConfiguration": { "additionalProperties": false, "properties": { "ArcAngle": { "markdownDescription": "The option that determines the arc angle of a `GaugeChartVisual` .", "title": "ArcAngle", "type": "number" }, "ArcThickness": { "markdownDescription": "The options that determine the arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ArcOptions": { "additionalProperties": false, "properties": { "ArcThickness": { "markdownDescription": "The arc thickness of a `GaugeChartVisual` .", "title": "ArcThickness", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.AssetOptions": { "additionalProperties": false, "properties": { "Timezone": { "markdownDescription": "Determines the timezone for the analysis.", "title": "Timezone", "type": "string" }, "WeekStart": { "markdownDescription": "Determines the week start day for an analysis.", "title": "WeekStart", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.AttributeAggregationFunction": { "additionalProperties": false, "properties": { "SimpleAttributeAggregation": { "markdownDescription": "The built-in aggregation functions for attributes.\n\n- `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields.", "title": "SimpleAttributeAggregation", "type": "string" }, "ValueForMultipleValues": { "markdownDescription": "Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'.", "title": "ValueForMultipleValues", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.AxisDataOptions": { "additionalProperties": false, "properties": { "DateAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DateAxisOptions", "markdownDescription": "The options for an axis with a date field.", "title": "DateAxisOptions" }, "NumericAxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericAxisOptions", "markdownDescription": "The options for an axis with a numeric field.", "title": "NumericAxisOptions" } }, "type": "object" }, "AWS::QuickSight::Template.AxisDisplayMinMaxRange": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The maximum setup for an axis display range.", "title": "Maximum", "type": "number" }, "Minimum": { "markdownDescription": "The minimum setup for an axis display range.", "title": "Minimum", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.AxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisLineVisibility": { "markdownDescription": "Determines whether or not the axis line is visible.", "title": "AxisLineVisibility", "type": "string" }, "AxisOffset": { "markdownDescription": "The offset value that determines the starting placement of the axis within a visual's bounds.", "title": "AxisOffset", "type": "string" }, "DataOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDataOptions", "markdownDescription": "The data options for an axis.", "title": "DataOptions" }, "GridLineVisibility": { "markdownDescription": "Determines whether or not the grid line is visible.", "title": "GridLineVisibility", "type": "string" }, "ScrollbarOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ScrollBarOptions", "markdownDescription": "The scroll bar options for an axis.", "title": "ScrollbarOptions" }, "TickLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisTickLabelOptions", "markdownDescription": "The tick label options of an axis.", "title": "TickLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Template.AxisDisplayRange": { "additionalProperties": false, "properties": { "DataDriven": { "markdownDescription": "The data-driven setup of an axis display range.", "title": "DataDriven", "type": "object" }, "MinMax": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayMinMaxRange", "markdownDescription": "The minimum and maximum setup of an axis display range.", "title": "MinMax" } }, "type": "object" }, "AWS::QuickSight::Template.AxisLabelOptions": { "additionalProperties": false, "properties": { "ApplyTo": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelReferenceOptions", "markdownDescription": "The options that indicate which field the label belongs to.", "title": "ApplyTo" }, "CustomLabel": { "markdownDescription": "The text for the axis label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration of the axis label.", "title": "FontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.AxisLabelReferenceOptions": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the axis label is targeted to.", "title": "Column" }, "FieldId": { "markdownDescription": "The field that the axis label is targeted to.", "title": "FieldId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.AxisLinearScale": { "additionalProperties": false, "properties": { "StepCount": { "markdownDescription": "The step count setup of a linear axis.", "title": "StepCount", "type": "number" }, "StepSize": { "markdownDescription": "The step size setup of a linear axis.", "title": "StepSize", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.AxisLogarithmicScale": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base setup of a logarithmic axis scale.", "title": "Base", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.AxisScale": { "additionalProperties": false, "properties": { "Linear": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisLinearScale", "markdownDescription": "The linear axis scale setup.", "title": "Linear" }, "Logarithmic": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisLogarithmicScale", "markdownDescription": "The logarithmic axis scale setup.", "title": "Logarithmic" } }, "type": "object" }, "AWS::QuickSight::Template.AxisTickLabelOptions": { "additionalProperties": false, "properties": { "LabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "Determines whether or not the axis ticks are visible.", "title": "LabelOptions" }, "RotationAngle": { "markdownDescription": "The rotation angle of the axis tick labels.", "title": "RotationAngle", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.BarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category (y-axis) field well of a bar chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The color (group/color) field well of a bar chart.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The small multiples field well of a bar chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a bar chart. Values are aggregated by category.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.BarChartConfiguration": { "additionalProperties": false, "properties": { "BarsArrangement": { "markdownDescription": "Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for bar chart category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart.", "title": "ColorLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.BarChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Orientation": { "markdownDescription": "The orientation of the bars in a bar chart visual. There are two valid values in this structure:\n\n- `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts.\n- `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts.", "title": "Orientation", "type": "string" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.BarChartSortConfiguration", "markdownDescription": "The sort configuration of a `BarChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) for a bar chart value.", "title": "ValueAxis" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) for a bar chart value.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.BarChartFieldWells": { "additionalProperties": false, "properties": { "BarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.BarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a bar chart.", "title": "BarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.BarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed in a bar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of values displayed in a bar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of color fields in a bar chart.", "title": "ColorSort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.BarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.BarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.BinCountOptions": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The options that determine the bin count value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.BinWidthOptions": { "additionalProperties": false, "properties": { "BinCountLimit": { "markdownDescription": "The options that determine the bin count limit.", "title": "BinCountLimit", "type": "number" }, "Value": { "markdownDescription": "The options that determine the bin width value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.BodySectionConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionContent", "markdownDescription": "The configuration of content in a body section.", "title": "Content" }, "PageBreakConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionPageBreakConfiguration", "markdownDescription": "The configuration of a page break for a section.", "title": "PageBreakConfiguration" }, "SectionId": { "markdownDescription": "The unique identifier of a body section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", "markdownDescription": "The style options of a body section.", "title": "Style" } }, "required": [ "Content", "SectionId" ], "type": "object" }, "AWS::QuickSight::Template.BodySectionContent": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of a body section.", "title": "Layout" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The group by field well of a box plot chart. Values are grouped based on group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field well of a box plot chart. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotChartConfiguration": { "additionalProperties": false, "properties": { "BoxPlotOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotOptions", "markdownDescription": "The box plot chart options for a box plot visual", "title": "BoxPlotOptions" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort Icon visibility) of a box plot category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a box plot category.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility and sort icon visibility) of a box plot value.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotSortConfiguration", "markdownDescription": "The sort configuration of a `BoxPlotVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotFieldWells": { "additionalProperties": false, "properties": { "BoxPlotAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a box plot.", "title": "BoxPlotAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotOptions": { "additionalProperties": false, "properties": { "AllDataPointsVisibility": { "markdownDescription": "Determines the visibility of all data points of the box plot.", "title": "AllDataPointsVisibility", "type": "string" }, "OutlierVisibility": { "markdownDescription": "Determines the visibility of the outlier in a box plot.", "title": "OutlierVisibility", "type": "string" }, "StyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotStyleOptions", "markdownDescription": "The style options of the box plot.", "title": "StyleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of a group by fields.", "title": "CategorySort", "type": "array" }, "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", "markdownDescription": "The pagination configuration of a table visual or box plot.", "title": "PaginationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotStyleOptions": { "additionalProperties": false, "properties": { "FillStyle": { "markdownDescription": "The fill styles (solid, transparent) of the box plot.", "title": "FillStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.BoxPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.CalculatedField": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in this calculated field.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the calculated field.", "title": "Expression", "type": "string" }, "Name": { "markdownDescription": "The name of the calculated field.", "title": "Name", "type": "string" } }, "required": [ "DataSetIdentifier", "Expression", "Name" ], "type": "object" }, "AWS::QuickSight::Template.CalculatedMeasureField": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression in the table calculation.", "title": "Expression", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" } }, "required": [ "Expression", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.CascadingControlConfiguration": { "additionalProperties": false, "properties": { "SourceControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlSource" }, "markdownDescription": "A list of source controls that determine the values that are used in the current control.", "title": "SourceControls", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.CascadingControlSource": { "additionalProperties": false, "properties": { "ColumnToMatch": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column identifier that determines which column to look up for the source sheet control.", "title": "ColumnToMatch" }, "SourceSheetControlId": { "markdownDescription": "The source sheet control ID of a `CascadingControlSource` .", "title": "SourceSheetControlId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.CategoricalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.CategoricalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `CategoricalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.CategoryDrillDownFilter": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "A list of the string inputs that are the values of the category drill down filter.", "title": "CategoryValues", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" } }, "required": [ "CategoryValues", "Column" ], "type": "object" }, "AWS::QuickSight::Template.CategoryFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilterConfiguration", "markdownDescription": "The configuration for a `CategoryFilter` .", "title": "Configuration" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" } }, "required": [ "Column", "Configuration", "FilterId" ], "type": "object" }, "AWS::QuickSight::Template.CategoryFilterConfiguration": { "additionalProperties": false, "properties": { "CustomFilterConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterConfiguration", "markdownDescription": "A custom filter that filters based on a single value. This filter can be partially matched.", "title": "CustomFilterConfiguration" }, "CustomFilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomFilterListConfiguration", "markdownDescription": "A list of custom filter values. In the Amazon QuickSight console, this filter type is called a custom filter list.", "title": "CustomFilterListConfiguration" }, "FilterListConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterListConfiguration", "markdownDescription": "A list of filter configurations. In the Amazon QuickSight console, this filter type is called a filter list.", "title": "FilterListConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.ChartAxisLabelOptions": { "additionalProperties": false, "properties": { "AxisLabelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisLabelOptions" }, "markdownDescription": "The label options for a chart axis.", "title": "AxisLabelOptions", "type": "array" }, "SortIconVisibility": { "markdownDescription": "The visibility configuration of the sort icon on a chart's axis label.", "title": "SortIconVisibility", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of an axis label on a chart. Choose one of the following options:\n\n- `VISIBLE` : Shows the axis.\n- `HIDDEN` : Hides the axis.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ClusterMarker": { "additionalProperties": false, "properties": { "SimpleClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Template.SimpleClusterMarker", "markdownDescription": "The simple cluster marker of the cluster marker.", "title": "SimpleClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Template.ClusterMarkerConfiguration": { "additionalProperties": false, "properties": { "ClusterMarker": { "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarker", "markdownDescription": "The cluster marker that is a part of the cluster marker configuration.", "title": "ClusterMarker" } }, "type": "object" }, "AWS::QuickSight::Template.ColorScale": { "additionalProperties": false, "properties": { "ColorFillType": { "markdownDescription": "Determines the color fill type.", "title": "ColorFillType", "type": "string" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataColor" }, "markdownDescription": "Determines the list of colors that are applied to the visual.", "title": "Colors", "type": "array" }, "NullValueColor": { "$ref": "#/definitions/AWS::QuickSight::Template.DataColor", "markdownDescription": "Determines the color that is applied to null values.", "title": "NullValueColor" } }, "required": [ "ColorFillType", "Colors" ], "type": "object" }, "AWS::QuickSight::Template.ColorsConfiguration": { "additionalProperties": false, "properties": { "CustomColors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomColor" }, "markdownDescription": "A list of up to 50 custom colors.", "title": "CustomColors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ColumnConfiguration": { "additionalProperties": false, "properties": { "ColorsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ColorsConfiguration", "markdownDescription": "The color configurations of the column.", "title": "ColorsConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column.", "title": "Column" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", "markdownDescription": "The format configuration of a column.", "title": "FormatConfiguration" }, "Role": { "markdownDescription": "The role of the column.", "title": "Role", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Template.ColumnGroupColumnSchema": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the column group's column schema.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ColumnGroupSchema": { "additionalProperties": false, "properties": { "ColumnGroupColumnSchemaList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupColumnSchema" }, "markdownDescription": "A structure containing the list of schemas for column group columns.", "title": "ColumnGroupColumnSchemaList", "type": "array" }, "Name": { "markdownDescription": "The name of the column group schema.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ColumnHierarchy": { "additionalProperties": false, "properties": { "DateTimeHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeHierarchy", "markdownDescription": "The option that determines the hierarchy of any `DateTime` fields.", "title": "DateTimeHierarchy" }, "ExplicitHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Template.ExplicitHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals.", "title": "ExplicitHierarchy" }, "PredefinedHierarchy": { "$ref": "#/definitions/AWS::QuickSight::Template.PredefinedHierarchy", "markdownDescription": "The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source.", "title": "PredefinedHierarchy" } }, "type": "object" }, "AWS::QuickSight::Template.ColumnIdentifier": { "additionalProperties": false, "properties": { "ColumnName": { "markdownDescription": "The name of the column.", "title": "ColumnName", "type": "string" }, "DataSetIdentifier": { "markdownDescription": "The data set that the column belongs to.", "title": "DataSetIdentifier", "type": "string" } }, "required": [ "ColumnName", "DataSetIdentifier" ], "type": "object" }, "AWS::QuickSight::Template.ColumnSchema": { "additionalProperties": false, "properties": { "DataType": { "markdownDescription": "The data type of the column schema.", "title": "DataType", "type": "string" }, "GeographicRole": { "markdownDescription": "The geographic role of the column schema.", "title": "GeographicRole", "type": "string" }, "Name": { "markdownDescription": "The name of the column schema.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ColumnSort": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The aggregation function that is defined in the column sort.", "title": "AggregationFunction" }, "Direction": { "markdownDescription": "The sort direction.", "title": "Direction", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "", "title": "SortBy" } }, "required": [ "Direction", "SortBy" ], "type": "object" }, "AWS::QuickSight::Template.ColumnTooltipItem": { "additionalProperties": false, "properties": { "Aggregation": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The aggregation function of the column tooltip item.", "title": "Aggregation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The target column of the tooltip item.", "title": "Column" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "Column" ], "type": "object" }, "AWS::QuickSight::Template.ComboChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "BarValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The aggregated `BarValues` field well of a combo chart.", "title": "BarValues", "type": "array" }, "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The aggregated category field wells of a combo chart.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The aggregated colors field well of a combo chart.", "title": "Colors", "type": "array" }, "LineValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The aggregated `LineValues` field well of a combo chart.", "title": "LineValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ComboChartConfiguration": { "additionalProperties": false, "properties": { "BarDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a bar in a combo chart.", "title": "BarDataLabels" }, "BarsArrangement": { "markdownDescription": "Determines the bar arrangement in a combo chart. The following are valid values in this structure:\n\n- `CLUSTERED` : For clustered bar combo charts.\n- `STACKED` : For stacked bar combo charts.\n- `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error.", "title": "BarsArrangement", "type": "string" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The category axis of a combo chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well.", "title": "CategoryLabelOptions" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "LineDataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.\n\nThe data label options for a line in a combo chart.", "title": "LineDataLabels" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, "markdownDescription": "The reference line setup of the visual.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well.", "title": "SecondaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartSortConfiguration", "markdownDescription": "The sort configuration of a `ComboChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.ComboChartFieldWells": { "additionalProperties": false, "properties": { "ComboChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category.", "title": "ComboChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.ComboChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration for the category field well of a combo chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category field well in a combo chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The item limit configuration of the color field well in a combo chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the color field well in a combo chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ComboChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.ComparisonConfiguration": { "additionalProperties": false, "properties": { "ComparisonFormat": { "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonFormatConfiguration", "markdownDescription": "The format of the comparison.", "title": "ComparisonFormat" }, "ComparisonMethod": { "markdownDescription": "The method of the comparison. Choose from the following options:\n\n- `DIFFERENCE`\n- `PERCENT_DIFFERENCE`\n- `PERCENT`", "title": "ComparisonMethod", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ComparisonFormatConfiguration": { "additionalProperties": false, "properties": { "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", "markdownDescription": "The number display format.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", "markdownDescription": "The percentage display format.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.Computation": { "additionalProperties": false, "properties": { "Forecast": { "$ref": "#/definitions/AWS::QuickSight::Template.ForecastComputation", "markdownDescription": "The forecast computation configuration.", "title": "Forecast" }, "GrowthRate": { "$ref": "#/definitions/AWS::QuickSight::Template.GrowthRateComputation", "markdownDescription": "The growth rate computation configuration.", "title": "GrowthRate" }, "MaximumMinimum": { "$ref": "#/definitions/AWS::QuickSight::Template.MaximumMinimumComputation", "markdownDescription": "The maximum and minimum computation configuration.", "title": "MaximumMinimum" }, "MetricComparison": { "$ref": "#/definitions/AWS::QuickSight::Template.MetricComparisonComputation", "markdownDescription": "The metric comparison computation configuration.", "title": "MetricComparison" }, "PeriodOverPeriod": { "$ref": "#/definitions/AWS::QuickSight::Template.PeriodOverPeriodComputation", "markdownDescription": "The period over period computation configuration.", "title": "PeriodOverPeriod" }, "PeriodToDate": { "$ref": "#/definitions/AWS::QuickSight::Template.PeriodToDateComputation", "markdownDescription": "The period to `DataSetIdentifier` computation configuration.", "title": "PeriodToDate" }, "TopBottomMovers": { "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomMoversComputation", "markdownDescription": "The top movers and bottom movers computation configuration.", "title": "TopBottomMovers" }, "TopBottomRanked": { "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomRankedComputation", "markdownDescription": "The top ranked and bottom ranked computation configuration.", "title": "TopBottomRanked" }, "TotalAggregation": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationComputation", "markdownDescription": "The total aggregation computation configuration.", "title": "TotalAggregation" }, "UniqueValues": { "$ref": "#/definitions/AWS::QuickSight::Template.UniqueValuesComputation", "markdownDescription": "The unique values computation configuration.", "title": "UniqueValues" } }, "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingColor": { "additionalProperties": false, "properties": { "Gradient": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingGradientColor", "markdownDescription": "Formatting configuration for gradient color.", "title": "Gradient" }, "Solid": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingSolidColor", "markdownDescription": "Formatting configuration for solid color.", "title": "Solid" } }, "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color of the icon.", "title": "Color", "type": "string" }, "DisplayConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration", "markdownDescription": "Determines the icon display configuration.", "title": "DisplayConfiguration" }, "Expression": { "markdownDescription": "The expression that determines the condition of the icon set.", "title": "Expression", "type": "string" }, "IconOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions", "markdownDescription": "Custom icon options for an icon set.", "title": "IconOptions" } }, "required": [ "Expression", "IconOptions" ], "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingCustomIconOptions": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "Determines the type of icon.", "title": "Icon", "type": "string" }, "UnicodeIcon": { "markdownDescription": "Determines the Unicode icon type.", "title": "UnicodeIcon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingGradientColor": { "additionalProperties": false, "properties": { "Color": { "$ref": "#/definitions/AWS::QuickSight::Template.GradientColor", "markdownDescription": "Determines the color.", "title": "Color" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for gradient color.", "title": "Expression", "type": "string" } }, "required": [ "Color", "Expression" ], "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingIcon": { "additionalProperties": false, "properties": { "CustomCondition": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingCustomIconCondition", "markdownDescription": "Determines the custom condition for an icon set.", "title": "CustomCondition" }, "IconSet": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIconSet", "markdownDescription": "Formatting configuration for icon set.", "title": "IconSet" } }, "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingIconDisplayConfiguration": { "additionalProperties": false, "properties": { "IconDisplayOption": { "markdownDescription": "Determines the icon display configuration.", "title": "IconDisplayOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingIconSet": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "The expression that determines the formatting configuration for the icon set.", "title": "Expression", "type": "string" }, "IconSetType": { "markdownDescription": "Determines the icon set type.", "title": "IconSetType", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Template.ConditionalFormattingSolidColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "Expression": { "markdownDescription": "The expression that determines the formatting configuration for solid color.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Template.ContributionAnalysisDefault": { "additionalProperties": false, "properties": { "ContributorDimensions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, "markdownDescription": "The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` .", "title": "ContributorDimensions", "type": "array" }, "MeasureFieldId": { "markdownDescription": "The measure field that is used in the contribution analysis.", "title": "MeasureFieldId", "type": "string" } }, "required": [ "ContributorDimensions", "MeasureFieldId" ], "type": "object" }, "AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value for the currency format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the currency format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the currency format.", "title": "Suffix", "type": "string" }, "Symbol": { "markdownDescription": "Determines the symbol for the currency format.", "title": "Symbol", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.CustomActionFilterOperation": { "additionalProperties": false, "properties": { "SelectedFieldsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration", "markdownDescription": "The configuration that chooses the fields to be filtered.", "title": "SelectedFieldsConfiguration" }, "TargetVisualsConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration", "markdownDescription": "The configuration that chooses the target visuals to be filtered.", "title": "TargetVisualsConfiguration" } }, "required": [ "SelectedFieldsConfiguration", "TargetVisualsConfiguration" ], "type": "object" }, "AWS::QuickSight::Template.CustomActionNavigationOperation": { "additionalProperties": false, "properties": { "LocalNavigationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.LocalNavigationConfiguration", "markdownDescription": "The configuration that chooses the navigation target.", "title": "LocalNavigationConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.CustomActionSetParametersOperation": { "additionalProperties": false, "properties": { "ParameterValueConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SetParameterValueConfiguration" }, "markdownDescription": "The parameter that determines the value configuration.", "title": "ParameterValueConfigurations", "type": "array" } }, "required": [ "ParameterValueConfigurations" ], "type": "object" }, "AWS::QuickSight::Template.CustomActionURLOperation": { "additionalProperties": false, "properties": { "URLTarget": { "markdownDescription": "The target of the `CustomActionURLOperation` .\n\nValid values are defined as follows:\n\n- `NEW_TAB` : Opens the target URL in a new browser tab.\n- `NEW_WINDOW` : Opens the target URL in a new browser window.\n- `SAME_TAB` : Opens the target URL in the same browser tab.", "title": "URLTarget", "type": "string" }, "URLTemplate": { "markdownDescription": "THe URL link of the `CustomActionURLOperation` .", "title": "URLTemplate", "type": "string" } }, "required": [ "URLTarget", "URLTemplate" ], "type": "object" }, "AWS::QuickSight::Template.CustomColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "FieldValue": { "markdownDescription": "The data value that the color is applied to.", "title": "FieldValue", "type": "string" }, "SpecialValue": { "markdownDescription": "The value of a special data value.", "title": "SpecialValue", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Template.CustomContentConfiguration": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The content type of the custom content visual. You can use this to have the visual render as an image.", "title": "ContentType", "type": "string" }, "ContentUrl": { "markdownDescription": "The input URL that links to the custom content that you want in the custom visual.", "title": "ContentUrl", "type": "string" }, "ImageScaling": { "markdownDescription": "The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` .", "title": "ImageScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.CustomContentVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentConfiguration", "markdownDescription": "The configuration of a `CustomContentVisual` .", "title": "ChartConfiguration" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used to create the custom content visual. You can't create a visual without a dataset.", "title": "DataSetIdentifier", "type": "string" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.CustomFilterConfiguration": { "additionalProperties": false, "properties": { "CategoryValue": { "markdownDescription": "The category value for the filter.\n\nThis field is mutually exclusive to `ParameterName` .", "title": "CategoryValue", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `CategoryValue` .", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Template.CustomFilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Template.CustomNarrativeOptions": { "additionalProperties": false, "properties": { "Narrative": { "markdownDescription": "The string input of custom narrative.", "title": "Narrative", "type": "string" } }, "required": [ "Narrative" ], "type": "object" }, "AWS::QuickSight::Template.CustomParameterValues": { "additionalProperties": false, "properties": { "DateTimeValues": { "items": { "type": "string" }, "markdownDescription": "A list of datetime-type parameter values.", "title": "DateTimeValues", "type": "array" }, "DecimalValues": { "items": { "type": "number" }, "markdownDescription": "A list of decimal-type parameter values.", "title": "DecimalValues", "type": "array" }, "IntegerValues": { "items": { "type": "number" }, "markdownDescription": "A list of integer-type parameter values.", "title": "IntegerValues", "type": "array" }, "StringValues": { "items": { "type": "string" }, "markdownDescription": "A list of string-type parameter values.", "title": "StringValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.CustomValuesConfiguration": { "additionalProperties": false, "properties": { "CustomValues": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomParameterValues", "markdownDescription": "", "title": "CustomValues" }, "IncludeNullValue": { "markdownDescription": "Includes the null value in custom action parameter values.", "title": "IncludeNullValue", "type": "boolean" } }, "required": [ "CustomValues" ], "type": "object" }, "AWS::QuickSight::Template.DataBarsOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the data bars options.", "title": "FieldId", "type": "string" }, "NegativeColor": { "markdownDescription": "The color of the negative data bar.", "title": "NegativeColor", "type": "string" }, "PositiveColor": { "markdownDescription": "The color of the positive data bar.", "title": "PositiveColor", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.DataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that is applied to the data value.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "The data value that the color is applied to.", "title": "DataValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.DataFieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field that you are setting the axis binding to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The field value of the field that you are setting the axis binding to.", "title": "FieldValue", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.DataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "Determines the visibility of the category field labels.", "title": "CategoryLabelVisibility", "type": "string" }, "DataLabelTypes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelType" }, "markdownDescription": "The option that determines the data label type.", "title": "DataLabelTypes", "type": "array" }, "LabelColor": { "markdownDescription": "Determines the color of the data labels.", "title": "LabelColor", "type": "string" }, "LabelContent": { "markdownDescription": "Determines the content of the data labels.", "title": "LabelContent", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "Determines the font configuration of the data labels.", "title": "LabelFontConfiguration" }, "MeasureLabelVisibility": { "markdownDescription": "Determines the visibility of the measure field labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Overlap": { "markdownDescription": "Determines whether overlap is enabled or disabled for the data labels.", "title": "Overlap", "type": "string" }, "Position": { "markdownDescription": "Determines the position of the data labels.", "title": "Position", "type": "string" }, "TotalsVisibility": { "markdownDescription": "Determines the visibility of the total.", "title": "TotalsVisibility", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the data labels.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DataLabelType": { "additionalProperties": false, "properties": { "DataPathLabelType": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathLabelType", "markdownDescription": "The option that specifies individual data values for labels.", "title": "DataPathLabelType" }, "FieldLabelType": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldLabelType", "markdownDescription": "Determines the label configuration for the entire field.", "title": "FieldLabelType" }, "MaximumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Template.MaximumLabelType", "markdownDescription": "Determines the label configuration for the maximum value in a visual.", "title": "MaximumLabelType" }, "MinimumLabelType": { "$ref": "#/definitions/AWS::QuickSight::Template.MinimumLabelType", "markdownDescription": "Determines the label configuration for the minimum value in a visual.", "title": "MinimumLabelType" }, "RangeEndsLabelType": { "$ref": "#/definitions/AWS::QuickSight::Template.RangeEndsLabelType", "markdownDescription": "Determines the label configuration for range end value in a visual.", "title": "RangeEndsLabelType" } }, "type": "object" }, "AWS::QuickSight::Template.DataPathColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color that needs to be applied to the element.", "title": "Color", "type": "string" }, "Element": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue", "markdownDescription": "The element that the color needs to be applied to.", "title": "Element" }, "TimeGranularity": { "markdownDescription": "The time granularity of the field that the color needs to be applied to.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Color", "Element" ], "type": "object" }, "AWS::QuickSight::Template.DataPathLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the field that the data label needs to be applied to.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that is labeled.", "title": "FieldValue", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the data label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DataPathSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "Determines the sort direction.", "title": "Direction", "type": "string" }, "SortPaths": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, "markdownDescription": "The list of data paths that need to be sorted.", "title": "SortPaths", "type": "array" } }, "required": [ "Direction", "SortPaths" ], "type": "object" }, "AWS::QuickSight::Template.DataPathType": { "additionalProperties": false, "properties": { "PivotTableDataPathType": { "markdownDescription": "The type of data path value utilized in a pivot table. Choose one of the following options:\n\n- `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` .\n- `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement.\n- `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement.\n- `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` .", "title": "PivotTableDataPathType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DataPathValue": { "additionalProperties": false, "properties": { "DataPathType": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathType", "markdownDescription": "The type configuration of the field.", "title": "DataPathType" }, "FieldId": { "markdownDescription": "The field ID of the field that needs to be sorted.", "title": "FieldId", "type": "string" }, "FieldValue": { "markdownDescription": "The actual value of the field that needs to be sorted.", "title": "FieldValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DataSetConfiguration": { "additionalProperties": false, "properties": { "ColumnGroupSchemaList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnGroupSchema" }, "markdownDescription": "A structure containing the list of column group schemas.", "title": "ColumnGroupSchemaList", "type": "array" }, "DataSetSchema": { "$ref": "#/definitions/AWS::QuickSight::Template.DataSetSchema", "markdownDescription": "Dataset schema.", "title": "DataSetSchema" }, "Placeholder": { "markdownDescription": "Placeholder.", "title": "Placeholder", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DataSetReference": { "additionalProperties": false, "properties": { "DataSetArn": { "markdownDescription": "Dataset Amazon Resource Name (ARN).", "title": "DataSetArn", "type": "string" }, "DataSetPlaceholder": { "markdownDescription": "Dataset placeholder.", "title": "DataSetPlaceholder", "type": "string" } }, "required": [ "DataSetArn", "DataSetPlaceholder" ], "type": "object" }, "AWS::QuickSight::Template.DataSetSchema": { "additionalProperties": false, "properties": { "ColumnSchemaList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSchema" }, "markdownDescription": "A structure containing the list of column schemas.", "title": "ColumnSchemaList", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.DateAxisOptions": { "additionalProperties": false, "properties": { "MissingDateVisibility": { "markdownDescription": "Determines whether or not missing dates are displayed.", "title": "MissingDateVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DateDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateDimensionField` .", "title": "Column" }, "DateGranularity": { "markdownDescription": "The date granularity of the `DateDimensionField` . Choose one of the following options:\n\n- `YEAR`\n- `QUARTER`\n- `MONTH`\n- `WEEK`\n- `DAY`\n- `HOUR`\n- `MINUTE`\n- `SECOND`\n- `MILLISECOND`", "title": "DateGranularity", "type": "string" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.DateMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction", "type": "string" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `DateMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.DateTimeDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", "markdownDescription": "The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression.", "title": "RollingDate" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DataTimeDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.DateTimeFormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Determines the `DateTime` format.", "title": "DateTimeFormat", "type": "string" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric `DateTime` fields.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.DateTimeHierarchy": { "additionalProperties": false, "properties": { "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the `DateTime` hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the `DateTime` hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Template.DateTimeParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `DateTime` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name" ], "type": "object" }, "AWS::QuickSight::Template.DateTimePickerControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DateTimeValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DecimalDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.DecimalParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `Decimal` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Template.DecimalPlacesConfiguration": { "additionalProperties": false, "properties": { "DecimalPlaces": { "markdownDescription": "The values of the decimal places.", "title": "DecimalPlaces", "type": "number" } }, "required": [ "DecimalPlaces" ], "type": "object" }, "AWS::QuickSight::Template.DecimalValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultDateTimePickerControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "Type": { "markdownDescription": "The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options:\n\n- `SINGLE_VALUED` : The filter condition is a fixed date.\n- `DATE_RANGE` : The filter condition is a date time range.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultFilterControlConfiguration": { "additionalProperties": false, "properties": { "ControlOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlOptions", "markdownDescription": "The control option for the `DefaultFilterControlConfiguration` .", "title": "ControlOptions" }, "Title": { "markdownDescription": "The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter.", "title": "Title", "type": "string" } }, "required": [ "ControlOptions", "Title" ], "type": "object" }, "AWS::QuickSight::Template.DefaultFilterControlOptions": { "additionalProperties": false, "properties": { "DefaultDateTimePickerOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultDateTimePickerControlOptions", "markdownDescription": "The default options that correspond to the filter control type of a `DateTimePicker` .", "title": "DefaultDateTimePickerOptions" }, "DefaultDropdownOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterDropDownControlOptions", "markdownDescription": "The default options that correspond to the `Dropdown` filter control type.", "title": "DefaultDropdownOptions" }, "DefaultListOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterListControlOptions", "markdownDescription": "The default options that correspond to the `List` filter control type.", "title": "DefaultListOptions" }, "DefaultRelativeDateTimeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions", "markdownDescription": "The default options that correspond to the `RelativeDateTime` filter control type.", "title": "DefaultRelativeDateTimeOptions" }, "DefaultSliderOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSliderControlOptions", "markdownDescription": "The default options that correspond to the `Slider` filter control type.", "title": "DefaultSliderOptions" }, "DefaultTextAreaOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextAreaControlOptions", "markdownDescription": "The default options that correspond to the `TextArea` filter control type.", "title": "DefaultTextAreaOptions" }, "DefaultTextFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultTextFieldControlOptions", "markdownDescription": "The default options that correspond to the `TextField` filter control type.", "title": "DefaultTextFieldOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultFilterDropDownControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultFilterListControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "Type": { "markdownDescription": "The type of the `DefaultFilterListControlOptions` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a free-form layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Template.DefaultGridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a grid layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeForm": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFreeFormLayoutConfiguration", "markdownDescription": "The options that determine the default settings of a free-form layout configuration.", "title": "FreeForm" }, "Grid": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultGridLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a grid layout configuration.", "title": "Grid" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultNewSheetConfiguration": { "additionalProperties": false, "properties": { "InteractiveLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultInteractiveLayoutConfiguration", "markdownDescription": "The options that determine the default settings for interactive layout configuration.", "title": "InteractiveLayoutConfiguration" }, "PaginatedLayoutConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a paginated layout configuration.", "title": "PaginatedLayoutConfiguration" }, "SheetContentType": { "markdownDescription": "The option that determines the sheet content type.", "title": "SheetContentType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultPaginatedLayoutConfiguration": { "additionalProperties": false, "properties": { "SectionBased": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration", "markdownDescription": "The options that determine the default settings for a section-based layout configuration.", "title": "SectionBased" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultRelativeDateTimeControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultSectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "Determines the screen canvas size options for a section-based layout.", "title": "CanvasSizeOptions" } }, "required": [ "CanvasSizeOptions" ], "type": "object" }, "AWS::QuickSight::Template.DefaultSliderControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Type": { "markdownDescription": "The type of the `DefaultSliderControlOptions` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "StepSize" ], "type": "object" }, "AWS::QuickSight::Template.DefaultTextAreaControlOptions": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DefaultTextFieldControlOptions": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DestinationParameterValueConfiguration": { "additionalProperties": false, "properties": { "CustomValuesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomValuesConfiguration", "markdownDescription": "The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` .", "title": "CustomValuesConfiguration" }, "SelectAllValueOptions": { "markdownDescription": "The configuration that selects all options.", "title": "SelectAllValueOptions", "type": "string" }, "SourceColumn": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "", "title": "SourceColumn" }, "SourceField": { "markdownDescription": "The source field ID of the destination parameter.", "title": "SourceField", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the destination parameter.", "title": "SourceParameterName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DimensionField": { "additionalProperties": false, "properties": { "CategoricalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalDimensionField", "markdownDescription": "The dimension type field with categorical type columns.", "title": "CategoricalDimensionField" }, "DateDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Template.DateDimensionField", "markdownDescription": "The dimension type field with date type columns.", "title": "DateDimensionField" }, "NumericalDimensionField": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericalDimensionField", "markdownDescription": "The dimension type field with numerical type columns.", "title": "NumericalDimensionField" } }, "type": "object" }, "AWS::QuickSight::Template.DonutCenterOptions": { "additionalProperties": false, "properties": { "LabelVisibility": { "markdownDescription": "Determines the visibility of the label in a donut chart. In the Amazon QuickSight console, this option is called `'Show total'` .", "title": "LabelVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.DonutOptions": { "additionalProperties": false, "properties": { "ArcOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ArcOptions", "markdownDescription": "The option for define the arc of the chart shape. Valid values are as follows:\n\n- `WHOLE` - A pie chart\n- `SMALL` - A small-sized donut chart\n- `MEDIUM` - A medium-sized donut chart\n- `LARGE` - A large-sized donut chart", "title": "ArcOptions" }, "DonutCenterOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DonutCenterOptions", "markdownDescription": "The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts.", "title": "DonutCenterOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DrillDownFilter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.CategoryDrillDownFilter", "markdownDescription": "The category type drill down filter. This filter is used for string type columns.", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityDrillDownFilter", "markdownDescription": "The numeric equality type drill down filter. This filter is used for number type columns.", "title": "NumericEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeDrillDownFilter", "markdownDescription": "The time range drill down filter. This filter is used for date time columns.", "title": "TimeRangeFilter" } }, "type": "object" }, "AWS::QuickSight::Template.DropDownControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a dropdown control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.DynamicDefaultValue": { "additionalProperties": false, "properties": { "DefaultValueColumn": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that contains the default value of each user or group.", "title": "DefaultValueColumn" }, "GroupNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that contains the group name.", "title": "GroupNameColumn" }, "UserNameColumn": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that contains the username.", "title": "UserNameColumn" } }, "required": [ "DefaultValueColumn" ], "type": "object" }, "AWS::QuickSight::Template.EmptyVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The data set that is used in the empty visual. Every visual requires a dataset to render.", "title": "DataSetIdentifier", "type": "string" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.Entity": { "additionalProperties": false, "properties": { "Path": { "markdownDescription": "The hierarchical path of the entity within the analysis, template, or dashboard definition tree.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ExcludePeriodConfiguration": { "additionalProperties": false, "properties": { "Amount": { "markdownDescription": "The amount or number of the exclude period.", "title": "Amount", "type": "number" }, "Granularity": { "markdownDescription": "The granularity or unit (day, month, year) of the exclude period.", "title": "Granularity", "type": "string" }, "Status": { "markdownDescription": "The status of the exclude period. Choose from the following options:\n\n- `ENABLED`\n- `DISABLED`", "title": "Status", "type": "string" } }, "required": [ "Amount", "Granularity" ], "type": "object" }, "AWS::QuickSight::Template.ExplicitHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the explicit hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the explicit hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the explicit hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Template.FieldBasedTooltip": { "additionalProperties": false, "properties": { "AggregationVisibility": { "markdownDescription": "The visibility of `Show aggregations` .", "title": "AggregationVisibility", "type": "string" }, "TooltipFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipItem" }, "markdownDescription": "The fields configuration in the tooltip.", "title": "TooltipFields", "type": "array" }, "TooltipTitleType": { "markdownDescription": "The type for the >tooltip title. Choose one of the following options:\n\n- `NONE` : Doesn't use the primary value as the title.\n- `PRIMARY_VALUE` : Uses primary value as the title.", "title": "TooltipTitleType", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FieldLabelType": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "Indicates the field that is targeted by the field label.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the field label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FieldSeriesItem": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis that you are binding the field to.", "title": "AxisBinding", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the field for which you are setting the axis binding.", "title": "FieldId", "type": "string" }, "Settings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSeriesSettings", "markdownDescription": "The options that determine the presentation of line series associated to the field.", "title": "Settings" } }, "required": [ "AxisBinding", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.FieldSort": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "The sort direction. Choose one of the following options:\n\n- `ASC` : Ascending\n- `DESC` : Descending", "title": "Direction", "type": "string" }, "FieldId": { "markdownDescription": "The sort configuration target field.", "title": "FieldId", "type": "string" } }, "required": [ "Direction", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.FieldSortOptions": { "additionalProperties": false, "properties": { "ColumnSort": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", "markdownDescription": "The sort configuration for a column that is not used in a field well.", "title": "ColumnSort" }, "FieldSort": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", "markdownDescription": "The sort configuration for a field in a field well.", "title": "FieldSort" } }, "type": "object" }, "AWS::QuickSight::Template.FieldTooltipItem": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The unique ID of the field that is targeted by the tooltip.", "title": "FieldId", "type": "string" }, "Label": { "markdownDescription": "The label of the tooltip item.", "title": "Label", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the tooltip item.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.FilledMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The aggregated location field well of the filled map. Values are grouped by location fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The aggregated color field well of a filled map. Values are aggregated based on location fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FilledMapConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `FilledMapVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "required": [ "ConditionalFormattingOptions" ], "type": "object" }, "AWS::QuickSight::Template.FilledMapConditionalFormattingOption": { "additionalProperties": false, "properties": { "Shape": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapShapeConditionalFormatting", "markdownDescription": "The conditional formatting that determines the shape of the filled map.", "title": "Shape" } }, "required": [ "Shape" ], "type": "object" }, "AWS::QuickSight::Template.FilledMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the filled map visual.", "title": "MapStyleOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapSortConfiguration", "markdownDescription": "The sort configuration of a `FilledMapVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", "markdownDescription": "The window options of the filled map visual.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Template.FilledMapFieldWells": { "additionalProperties": false, "properties": { "FilledMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapAggregatedFieldWells", "markdownDescription": "The aggregated field well of the filled map.", "title": "FilledMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.FilledMapShapeConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the filled map shape.", "title": "FieldId", "type": "string" }, "Format": { "$ref": "#/definitions/AWS::QuickSight::Template.ShapeConditionalFormat", "markdownDescription": "The conditional formatting that determines the background color of a filled map's shape.", "title": "Format" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.FilledMapSortConfiguration": { "additionalProperties": false, "properties": { "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the location fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FilledMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapConditionalFormatting", "markdownDescription": "The conditional formatting of a `FilledMapVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.Filter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.CategoryFilter", "markdownDescription": "A `CategoryFilter` filters text values.\n\nFor more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon QuickSight User Guide* .", "title": "CategoryFilter" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericEqualityFilter", "markdownDescription": "A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value.", "title": "NumericEqualityFilter" }, "NumericRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilter", "markdownDescription": "A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range.", "title": "NumericRangeFilter" }, "RelativeDatesFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDatesFilter", "markdownDescription": "A `RelativeDatesFilter` filters date values that are relative to a given date.", "title": "RelativeDatesFilter" }, "TimeEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeEqualityFilter", "markdownDescription": "A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value.", "title": "TimeEqualityFilter" }, "TimeRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilter", "markdownDescription": "A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range.", "title": "TimeRangeFilter" }, "TopBottomFilter": { "$ref": "#/definitions/AWS::QuickSight::Template.TopBottomFilter", "markdownDescription": "A `TopBottomFilter` filters data to the top or bottom values for a given column.", "title": "TopBottomFilter" } }, "type": "object" }, "AWS::QuickSight::Template.FilterControl": { "additionalProperties": false, "properties": { "CrossSheet": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterCrossSheetControl", "markdownDescription": "A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet", "title": "CrossSheet" }, "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterDateTimePickerControl", "markdownDescription": "A control from a date filter that is used to specify date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterListControl", "markdownDescription": "A control to display a list of buttons or boxes. This is used to select either a single value or multiple values.", "title": "List" }, "RelativeDateTime": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterRelativeDateTimeControl", "markdownDescription": "A control from a date filter that is used to specify the relative date.", "title": "RelativeDateTime" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Template.FilterCrossSheetControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterCrossSheetControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterCrossSheetControl` .", "title": "SourceFilterId", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId" ], "type": "object" }, "AWS::QuickSight::Template.FilterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDateTimePickerControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDateTimePickerControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDateTimePickerControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", "markdownDescription": "The display options of the `FilterDropDownControl` .", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterDropDownControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterDropDownControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterDropDownControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from a dropdown menu.\n- `SINGLE_SELECT` : The user can select a single entry from a dropdown menu.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterGroup": { "additionalProperties": false, "properties": { "CrossDataset": { "markdownDescription": "The filter new feature which can apply filter group to all data sets. Choose one of the following options:\n\n- `ALL_DATASETS`\n- `SINGLE_DATASET`", "title": "CrossDataset", "type": "string" }, "FilterGroupId": { "markdownDescription": "The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis.", "title": "FilterGroupId", "type": "string" }, "Filters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Filter" }, "markdownDescription": "The list of filters that are present in a `FilterGroup` .", "title": "Filters", "type": "array" }, "ScopeConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterScopeConfiguration", "markdownDescription": "The configuration that specifies what scope to apply to a `FilterGroup` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ScopeConfiguration" }, "Status": { "markdownDescription": "The status of the `FilterGroup` .", "title": "Status", "type": "string" } }, "required": [ "CrossDataset", "FilterGroupId", "Filters", "ScopeConfiguration" ], "type": "object" }, "AWS::QuickSight::Template.FilterListConfiguration": { "additionalProperties": false, "properties": { "CategoryValues": { "items": { "type": "string" }, "markdownDescription": "The list of category values for the filter.", "title": "CategoryValues", "type": "array" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "MatchOperator" ], "type": "object" }, "AWS::QuickSight::Template.FilterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterListControl` .", "title": "FilterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterListControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterListControl` . Choose one of the following options:\n\n- `MULTI_SELECT` : The user can select multiple entries from the list.\n- `SINGLE_SELECT` : The user can select a single entry from the list.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterOperationSelectedFieldsConfiguration": { "additionalProperties": false, "properties": { "SelectedColumns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, "markdownDescription": "The selected columns of a dataset.", "title": "SelectedColumns", "type": "array" }, "SelectedFieldOptions": { "markdownDescription": "A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` .\n\nValid values are defined as follows:\n\n- `ALL_FIELDS` : Applies the filter operation to all fields.", "title": "SelectedFieldOptions", "type": "string" }, "SelectedFields": { "items": { "type": "string" }, "markdownDescription": "Chooses the fields that are filtered in `CustomActionFilterOperation` .", "title": "SelectedFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FilterOperationTargetVisualsConfiguration": { "additionalProperties": false, "properties": { "SameSheetTargetVisualConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.SameSheetTargetVisualConfiguration", "markdownDescription": "The configuration of the same-sheet target visuals that you want to be filtered.", "title": "SameSheetTargetVisualConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.FilterRelativeDateTimeControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterScopeConfiguration": { "additionalProperties": false, "properties": { "AllSheets": { "markdownDescription": "The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen.", "title": "AllSheets", "type": "object" }, "SelectedSheets": { "$ref": "#/definitions/AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration", "markdownDescription": "The configuration for applying a filter to specific sheets.", "title": "SelectedSheets" } }, "type": "object" }, "AWS::QuickSight::Template.FilterSelectableValues": { "additionalProperties": false, "properties": { "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in the `FilterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FilterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterSliderControl` .", "title": "FilterControlId", "type": "string" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterSliderControl` .", "title": "SourceFilterId", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `FilterSliderControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of the `FilterSliderControl` . Choose one of the following options:\n\n- `SINGLE_POINT` : Filter against(equals) a single data point.\n- `RANGE` : Filter data that is in a specified range.", "title": "Type", "type": "string" } }, "required": [ "FilterControlId", "MaximumValue", "MinimumValue", "SourceFilterId", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextAreaControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextAreaControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FilterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "FilterControlId": { "markdownDescription": "The ID of the `FilterTextFieldControl` .", "title": "FilterControlId", "type": "string" }, "SourceFilterId": { "markdownDescription": "The source filter ID of the `FilterTextFieldControl` .", "title": "SourceFilterId", "type": "string" }, "Title": { "markdownDescription": "The title of the `FilterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "FilterControlId", "SourceFilterId", "Title" ], "type": "object" }, "AWS::QuickSight::Template.FontConfiguration": { "additionalProperties": false, "properties": { "FontColor": { "markdownDescription": "Determines the color of the text.", "title": "FontColor", "type": "string" }, "FontDecoration": { "markdownDescription": "Determines the appearance of decorative lines on the text.", "title": "FontDecoration", "type": "string" }, "FontSize": { "$ref": "#/definitions/AWS::QuickSight::Template.FontSize", "markdownDescription": "The option that determines the text display size.", "title": "FontSize" }, "FontStyle": { "markdownDescription": "Determines the text display face that is inherited by the given font family.", "title": "FontStyle", "type": "string" }, "FontWeight": { "$ref": "#/definitions/AWS::QuickSight::Template.FontWeight", "markdownDescription": "The option that determines the text display weight, or boldness.", "title": "FontWeight" } }, "type": "object" }, "AWS::QuickSight::Template.FontSize": { "additionalProperties": false, "properties": { "Relative": { "markdownDescription": "The lexical name for the text size, proportional to its surrounding context.", "title": "Relative", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FontWeight": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The lexical name for the level of boldness of the text display.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ForecastComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "CustomSeasonalityValue": { "markdownDescription": "The custom seasonality value setup of a forecast computation.", "title": "CustomSeasonalityValue", "type": "number" }, "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `AUTOMATIC`\n- `CUSTOM` : Checks the custom seasonality value.", "title": "Seasonality", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.ForecastConfiguration": { "additionalProperties": false, "properties": { "ForecastProperties": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeBasedForecastProperties", "markdownDescription": "The forecast properties setup of a forecast in the line chart.", "title": "ForecastProperties" }, "Scenario": { "$ref": "#/definitions/AWS::QuickSight::Template.ForecastScenario", "markdownDescription": "The forecast scenario of a forecast in the line chart.", "title": "Scenario" } }, "type": "object" }, "AWS::QuickSight::Template.ForecastScenario": { "additionalProperties": false, "properties": { "WhatIfPointScenario": { "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfPointScenario", "markdownDescription": "The what-if analysis forecast setup with the target date.", "title": "WhatIfPointScenario" }, "WhatIfRangeScenario": { "$ref": "#/definitions/AWS::QuickSight::Template.WhatIfRangeScenario", "markdownDescription": "The what-if analysis forecast setup with the date range.", "title": "WhatIfRangeScenario" } }, "type": "object" }, "AWS::QuickSight::Template.FormatConfiguration": { "additionalProperties": false, "properties": { "DateTimeFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeFormatConfiguration", "markdownDescription": "Formatting configuration for `DateTime` fields.", "title": "DateTimeFormatConfiguration" }, "NumberFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", "markdownDescription": "Formatting configuration for number fields.", "title": "NumberFormatConfiguration" }, "StringFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.StringFormatConfiguration", "markdownDescription": "Formatting configuration for string fields.", "title": "StringFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a free-form layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in a free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutElement": { "additionalProperties": false, "properties": { "BackgroundStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle", "markdownDescription": "The background style configuration of a free-form layout element.", "title": "BackgroundStyle" }, "BorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element.", "title": "BorderStyle" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a free-form layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "Height": { "markdownDescription": "The height of an element within a free-form layout.", "title": "Height", "type": "string" }, "LoadingAnimation": { "$ref": "#/definitions/AWS::QuickSight::Template.LoadingAnimation", "markdownDescription": "The loading animation configuration of a free-form layout element.", "title": "LoadingAnimation" }, "RenderingRules": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementRenderingRule" }, "markdownDescription": "The rendering rules that determine when an element should be displayed within a free-form layout.", "title": "RenderingRules", "type": "array" }, "SelectedBorderStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle", "markdownDescription": "The border style configuration of a free-form layout element. This border style is used when the element is selected.", "title": "SelectedBorderStyle" }, "Visibility": { "markdownDescription": "The visibility of an element within a free-form layout.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of an element within a free-form layout.", "title": "Width", "type": "string" }, "XAxisLocation": { "markdownDescription": "The x-axis coordinate of the element.", "title": "XAxisLocation", "type": "string" }, "YAxisLocation": { "markdownDescription": "The y-axis coordinate of the element.", "title": "YAxisLocation", "type": "string" } }, "required": [ "ElementId", "ElementType", "Height", "Width", "XAxisLocation", "YAxisLocation" ], "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutElementBackgroundStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The background color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The background visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutElementBorderStyle": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The border color of a free-form layout element.", "title": "Color", "type": "string" }, "Visibility": { "markdownDescription": "The border visibility of a free-form layout element.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FreeFormLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" } }, "required": [ "OptimizedViewPortWidth" ], "type": "object" }, "AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration": { "additionalProperties": false, "properties": { "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutElement" }, "markdownDescription": "The elements that are included in the free-form layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Template.FunnelChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category field wells of a funnel chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a funnel chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FunnelChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options of the categories that are displayed in a `FunnelChartVisual` .", "title": "CategoryLabelOptions" }, "DataLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartDataLabelOptions", "markdownDescription": "The options that determine the presentation of the data labels.", "title": "DataLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartSortConfiguration", "markdownDescription": "The sort configuration of a `FunnelChartVisual` .", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip configuration of a `FunnelChartVisual` .", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options for the values that are displayed in a `FunnelChartVisual` .", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The visual palette configuration of a `FunnelChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.FunnelChartDataLabelOptions": { "additionalProperties": false, "properties": { "CategoryLabelVisibility": { "markdownDescription": "The visibility of the category labels within the data labels.", "title": "CategoryLabelVisibility", "type": "string" }, "LabelColor": { "markdownDescription": "The color of the data label text.", "title": "LabelColor", "type": "string" }, "LabelFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration for the data labels.\n\nOnly the `FontSize` attribute of the font configuration is used for data labels.", "title": "LabelFontConfiguration" }, "MeasureDataLabelStyle": { "markdownDescription": "Determines the style of the metric labels.", "title": "MeasureDataLabelStyle", "type": "string" }, "MeasureLabelVisibility": { "markdownDescription": "The visibility of the measure labels within the data labels.", "title": "MeasureLabelVisibility", "type": "string" }, "Position": { "markdownDescription": "Determines the positioning of the data label relative to a section of the funnel.", "title": "Position", "type": "string" }, "Visibility": { "markdownDescription": "The visibility option that determines if data labels are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.FunnelChartFieldWells": { "additionalProperties": false, "properties": { "FunnelChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a `FunnelChartVisual` .", "title": "FunnelChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.FunnelChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories displayed.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.FunnelChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartConfiguration", "markdownDescription": "The configuration of a `FunnelChartVisual` .", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.GaugeChartArcConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the arc foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options of a `GaugeChartVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartConditionalFormattingOption": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartArcConditionalFormatting", "markdownDescription": "The options that determine the presentation of the arc of a `GaugeChartVisual` .", "title": "Arc" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a `GaugeChartVisual` .", "title": "PrimaryValue" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The data label configuration of a `GaugeChartVisual` .", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartFieldWells", "markdownDescription": "The field well configuration of a `GaugeChartVisual` .", "title": "FieldWells" }, "GaugeChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartOptions", "markdownDescription": "The options that determine the presentation of the `GaugeChartVisual` .", "title": "GaugeChartOptions" }, "TooltipOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip configuration of a `GaugeChartVisual` .", "title": "TooltipOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The visual palette configuration of a `GaugeChartVisual` .", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The target value field wells of a `GaugeChartVisual` .", "title": "TargetValues", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a `GaugeChartVisual` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartOptions": { "additionalProperties": false, "properties": { "Arc": { "$ref": "#/definitions/AWS::QuickSight::Template.ArcConfiguration", "markdownDescription": "The arc configuration of a `GaugeChartVisual` .", "title": "Arc" }, "ArcAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.ArcAxisConfiguration", "markdownDescription": "The arc axis configuration of a `GaugeChartVisual` .", "title": "ArcAxis" }, "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a `GaugeChartVisual` .", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.GaugeChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConfiguration", "markdownDescription": "The configuration of a `GaugeChartVisual` .", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartConditionalFormatting", "markdownDescription": "The conditional formatting of a `GaugeChartVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.GeospatialCoordinateBounds": { "additionalProperties": false, "properties": { "East": { "markdownDescription": "The longitude of the east bound of the geospatial coordinate bounds.", "title": "East", "type": "number" }, "North": { "markdownDescription": "The latitude of the north bound of the geospatial coordinate bounds.", "title": "North", "type": "number" }, "South": { "markdownDescription": "The latitude of the south bound of the geospatial coordinate bounds.", "title": "South", "type": "number" }, "West": { "markdownDescription": "The longitude of the west bound of the geospatial coordinate bounds.", "title": "West", "type": "number" } }, "required": [ "East", "North", "South", "West" ], "type": "object" }, "AWS::QuickSight::Template.GeospatialHeatmapColorScale": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapDataColor" }, "markdownDescription": "The list of colors to be used in heatmap point style.", "title": "Colors", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialHeatmapConfiguration": { "additionalProperties": false, "properties": { "HeatmapColor": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapColorScale", "markdownDescription": "The color scale specification for the heatmap point style.", "title": "HeatmapColor" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialHeatmapDataColor": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color to be used in the heatmap point style.", "title": "Color", "type": "string" } }, "required": [ "Color" ], "type": "object" }, "AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The color field wells of a geospatial map.", "title": "Colors", "type": "array" }, "Geospatial": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The geospatial field wells of a geospatial map. Values are grouped by geospatial fields.", "title": "Geospatial", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The size field wells of a geospatial map. Values are aggregated based on geospatial fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialMapConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "MapStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapStyleOptions", "markdownDescription": "The map style options of the geospatial map.", "title": "MapStyleOptions" }, "PointStyleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialPointStyleOptions", "markdownDescription": "The point style options of the geospatial map.", "title": "PointStyleOptions" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "", "title": "VisualPalette" }, "WindowOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialWindowOptions", "markdownDescription": "The window options of the geospatial map.", "title": "WindowOptions" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialMapFieldWells": { "additionalProperties": false, "properties": { "GeospatialMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapAggregatedFieldWells", "markdownDescription": "The aggregated field well for a geospatial map.", "title": "GeospatialMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialMapStyleOptions": { "additionalProperties": false, "properties": { "BaseMapStyle": { "markdownDescription": "The base map style of the geospatial map.", "title": "BaseMapStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.GeospatialPointStyleOptions": { "additionalProperties": false, "properties": { "ClusterMarkerConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ClusterMarkerConfiguration", "markdownDescription": "The cluster marker configuration of the geospatial point style.", "title": "ClusterMarkerConfiguration" }, "HeatmapConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialHeatmapConfiguration", "markdownDescription": "The heatmap configuration of the geospatial point style.", "title": "HeatmapConfiguration" }, "SelectedPointStyle": { "markdownDescription": "The selected point styles (point, cluster) of the geospatial map.", "title": "SelectedPointStyle", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.GeospatialWindowOptions": { "additionalProperties": false, "properties": { "Bounds": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialCoordinateBounds", "markdownDescription": "The bounds options (north, south, west, east) of the geospatial window options.", "title": "Bounds" }, "MapZoomMode": { "markdownDescription": "The map zoom modes (manual, auto) of the geospatial window options.", "title": "MapZoomMode", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.GlobalTableBorderOptions": { "additionalProperties": false, "properties": { "SideSpecificBorder": { "$ref": "#/definitions/AWS::QuickSight::Template.TableSideBorderOptions", "markdownDescription": "Determines the options for side specific border.", "title": "SideSpecificBorder" }, "UniformBorder": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "Determines the options for uniform border.", "title": "UniformBorder" } }, "type": "object" }, "AWS::QuickSight::Template.GradientColor": { "additionalProperties": false, "properties": { "Stops": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.GradientStop" }, "markdownDescription": "The list of gradient color stops.", "title": "Stops", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.GradientStop": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "Determines the color.", "title": "Color", "type": "string" }, "DataValue": { "markdownDescription": "Determines the data value.", "title": "DataValue", "type": "number" }, "GradientOffset": { "markdownDescription": "Determines gradient offset value.", "title": "GradientOffset", "type": "number" } }, "required": [ "GradientOffset" ], "type": "object" }, "AWS::QuickSight::Template.GridLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "ScreenCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions", "markdownDescription": "The options that determine the sizing of the canvas used in a grid layout.", "title": "ScreenCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Template.GridLayoutConfiguration": { "additionalProperties": false, "properties": { "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutCanvasSizeOptions", "markdownDescription": "", "title": "CanvasSizeOptions" }, "Elements": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutElement" }, "markdownDescription": "The elements that are included in a grid layout.", "title": "Elements", "type": "array" } }, "required": [ "Elements" ], "type": "object" }, "AWS::QuickSight::Template.GridLayoutElement": { "additionalProperties": false, "properties": { "ColumnIndex": { "markdownDescription": "The column index for the upper left corner of an element.", "title": "ColumnIndex", "type": "number" }, "ColumnSpan": { "markdownDescription": "The width of a grid element expressed as a number of grid columns.", "title": "ColumnSpan", "type": "number" }, "ElementId": { "markdownDescription": "A unique identifier for an element within a grid layout.", "title": "ElementId", "type": "string" }, "ElementType": { "markdownDescription": "The type of element.", "title": "ElementType", "type": "string" }, "RowIndex": { "markdownDescription": "The row index for the upper left corner of an element.", "title": "RowIndex", "type": "number" }, "RowSpan": { "markdownDescription": "The height of a grid element expressed as a number of grid rows.", "title": "RowSpan", "type": "number" } }, "required": [ "ColumnSpan", "ElementId", "ElementType", "RowSpan" ], "type": "object" }, "AWS::QuickSight::Template.GridLayoutScreenCanvasSizeOptions": { "additionalProperties": false, "properties": { "OptimizedViewPortWidth": { "markdownDescription": "The width that the view port will be optimized for when the layout renders.", "title": "OptimizedViewPortWidth", "type": "string" }, "ResizeOption": { "markdownDescription": "This value determines the layout behavior when the viewport is resized.\n\n- `FIXED` : A fixed width will be used when optimizing the layout. In the Amazon QuickSight console, this option is called `Classic` .\n- `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Amazon QuickSight console, this option is called `Tiled` .", "title": "ResizeOption", "type": "string" } }, "required": [ "ResizeOption" ], "type": "object" }, "AWS::QuickSight::Template.GrowthRateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodSize": { "markdownDescription": "The period size setup of a growth rate computation.", "title": "PeriodSize", "type": "number" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.HeaderFooterSectionConfiguration": { "additionalProperties": false, "properties": { "Layout": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionLayoutConfiguration", "markdownDescription": "The layout configuration of the header or footer section.", "title": "Layout" }, "SectionId": { "markdownDescription": "The unique identifier of the header or footer section.", "title": "SectionId", "type": "string" }, "Style": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionStyle", "markdownDescription": "The style options of a header or footer section.", "title": "Style" } }, "required": [ "Layout", "SectionId" ], "type": "object" }, "AWS::QuickSight::Template.HeatMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The columns field well of a heat map.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The rows field well of a heat map.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The values field well of a heat map.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.HeatMapConfiguration": { "additionalProperties": false, "properties": { "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) in a heat map.", "title": "ColorScale" }, "ColumnLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options of the column that is displayed in a heat map.", "title": "ColumnLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "RowLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options of the row that is displayed in a `heat map` .", "title": "RowLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapSortConfiguration", "markdownDescription": "The sort configuration of a heat map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Template.HeatMapFieldWells": { "additionalProperties": false, "properties": { "HeatMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a heat map.", "title": "HeatMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.HeatMapSortConfiguration": { "additionalProperties": false, "properties": { "HeatMapColumnItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of columns that are displayed in a heat map.", "title": "HeatMapColumnItemsLimitConfiguration" }, "HeatMapColumnSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The column sort configuration for heat map for columns that aren't a part of a field well.", "title": "HeatMapColumnSort", "type": "array" }, "HeatMapRowItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of rows that are displayed in a heat map.", "title": "HeatMapRowItemsLimitConfiguration" }, "HeatMapRowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The field sort configuration of the rows fields.", "title": "HeatMapRowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.HeatMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapConfiguration", "markdownDescription": "The configuration of a heat map.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.HistogramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.HistogramBinOptions": { "additionalProperties": false, "properties": { "BinCount": { "$ref": "#/definitions/AWS::QuickSight::Template.BinCountOptions", "markdownDescription": "The options that determine the bin count of a histogram.", "title": "BinCount" }, "BinWidth": { "$ref": "#/definitions/AWS::QuickSight::Template.BinWidthOptions", "markdownDescription": "The options that determine the bin width of a histogram.", "title": "BinWidth" }, "SelectedBinType": { "markdownDescription": "The options that determine the selected bin type.", "title": "SelectedBinType", "type": "string" }, "StartValue": { "markdownDescription": "The options that determine the bin start value.", "title": "StartValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.HistogramConfiguration": { "additionalProperties": false, "properties": { "BinOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.HistogramBinOptions", "markdownDescription": "The options that determine the presentation of histogram bins.", "title": "BinOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The data label configuration of a histogram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.HistogramFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "FieldWells" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip configuration of a histogram.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The visual palette configuration of a histogram.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "YAxisDisplayOptions" } }, "type": "object" }, "AWS::QuickSight::Template.HistogramFieldWells": { "additionalProperties": false, "properties": { "HistogramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.HistogramAggregatedFieldWells", "markdownDescription": "The field well configuration of a histogram.", "title": "HistogramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.HistogramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.HistogramConfiguration", "markdownDescription": "The configuration for a `HistogramVisual` .", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.InsightConfiguration": { "additionalProperties": false, "properties": { "Computations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Computation" }, "markdownDescription": "The computations configurations of the insight visual", "title": "Computations", "type": "array" }, "CustomNarrative": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomNarrativeOptions", "markdownDescription": "The custom narrative of the insight visual.", "title": "CustomNarrative" } }, "type": "object" }, "AWS::QuickSight::Template.InsightVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "DataSetIdentifier": { "markdownDescription": "The dataset that is used in the insight visual.", "title": "DataSetIdentifier", "type": "string" }, "InsightConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.InsightConfiguration", "markdownDescription": "The configuration of an insight visual.", "title": "InsightConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "DataSetIdentifier", "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.IntegerDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "number" }, "markdownDescription": "The static values of the `IntegerDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.IntegerParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Template.IntegerDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Template.IntegerValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "number" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ItemsLimitConfiguration": { "additionalProperties": false, "properties": { "ItemsLimit": { "markdownDescription": "The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart.", "title": "ItemsLimit", "type": "number" }, "OtherCategories": { "markdownDescription": "The `Show other` of an axis in the chart. Choose one of the following options:\n\n- `INCLUDE`\n- `EXCLUDE`", "title": "OtherCategories", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.KPIActualValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the actual value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the actual value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the comparison value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the comparison value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.KPIConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormattingOption" }, "markdownDescription": "The conditional formatting options of a KPI visual.", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.KPIConditionalFormattingOption": { "additionalProperties": false, "properties": { "ActualValue": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIActualValueConditionalFormatting", "markdownDescription": "The conditional formatting for the actual value of a KPI visual.", "title": "ActualValue" }, "ComparisonValue": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIComparisonValueConditionalFormatting", "markdownDescription": "The conditional formatting for the comparison value of a KPI visual.", "title": "ComparisonValue" }, "PrimaryValue": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting", "markdownDescription": "The conditional formatting for the primary value of a KPI visual.", "title": "PrimaryValue" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIProgressBarConditionalFormatting", "markdownDescription": "The conditional formatting for the progress bar of a KPI visual.", "title": "ProgressBar" } }, "type": "object" }, "AWS::QuickSight::Template.KPIConfiguration": { "additionalProperties": false, "properties": { "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIFieldWells", "markdownDescription": "The field well configuration of a KPI visual.", "title": "FieldWells" }, "KPIOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIOptions", "markdownDescription": "The options that determine the presentation of a KPI visual.", "title": "KPIOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.KPISortConfiguration", "markdownDescription": "The sort configuration of a KPI visual.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.KPIFieldWells": { "additionalProperties": false, "properties": { "TargetValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The target value field wells of a KPI visual.", "title": "TargetValues", "type": "array" }, "TrendGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The trend group field wells of a KPI visual.", "title": "TrendGroups", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a KPI visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.KPIOptions": { "additionalProperties": false, "properties": { "Comparison": { "$ref": "#/definitions/AWS::QuickSight::Template.ComparisonConfiguration", "markdownDescription": "The comparison configuration of a KPI visual.", "title": "Comparison" }, "PrimaryValueDisplayType": { "markdownDescription": "The options that determine the primary value display type.", "title": "PrimaryValueDisplayType", "type": "string" }, "PrimaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The options that determine the primary value font configuration.", "title": "PrimaryValueFontConfiguration" }, "ProgressBar": { "$ref": "#/definitions/AWS::QuickSight::Template.ProgressBarOptions", "markdownDescription": "The options that determine the presentation of the progress bar of a KPI visual.", "title": "ProgressBar" }, "SecondaryValue": { "$ref": "#/definitions/AWS::QuickSight::Template.SecondaryValueOptions", "markdownDescription": "The options that determine the presentation of the secondary value of a KPI visual.", "title": "SecondaryValue" }, "SecondaryValueFontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The options that determine the secondary value font configuration.", "title": "SecondaryValueFontConfiguration" }, "Sparkline": { "$ref": "#/definitions/AWS::QuickSight::Template.KPISparklineOptions", "markdownDescription": "The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual.", "title": "Sparkline" }, "TrendArrows": { "$ref": "#/definitions/AWS::QuickSight::Template.TrendArrowOptions", "markdownDescription": "The options that determine the presentation of trend arrows in a KPI visual.", "title": "TrendArrows" }, "VisualLayoutOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualLayoutOptions", "markdownDescription": "The options that determine the layout a KPI visual.", "title": "VisualLayoutOptions" } }, "type": "object" }, "AWS::QuickSight::Template.KPIPrimaryValueConditionalFormatting": { "additionalProperties": false, "properties": { "Icon": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting of the primary value's icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the primary value's text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.KPIProgressBarConditionalFormatting": { "additionalProperties": false, "properties": { "ForegroundColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting of the progress bar's foreground color.", "title": "ForegroundColor" } }, "type": "object" }, "AWS::QuickSight::Template.KPISortConfiguration": { "additionalProperties": false, "properties": { "TrendGroupSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the trend group fields.", "title": "TrendGroupSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.KPISparklineOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the sparkline.", "title": "Color", "type": "string" }, "TooltipVisibility": { "markdownDescription": "The tooltip visibility of the sparkline.", "title": "TooltipVisibility", "type": "string" }, "Type": { "markdownDescription": "The type of the sparkline.", "title": "Type", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the sparkline.", "title": "Visibility", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Template.KPIVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIConfiguration", "markdownDescription": "The configuration of a KPI visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIConditionalFormatting", "markdownDescription": "The conditional formatting of a KPI visual.", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.KPIVisualLayoutOptions": { "additionalProperties": false, "properties": { "StandardLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisualStandardLayout", "markdownDescription": "The standard layout of the KPI visual.", "title": "StandardLayout" } }, "type": "object" }, "AWS::QuickSight::Template.KPIVisualStandardLayout": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The standard layout type.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Template.LabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The text for the label.", "title": "CustomLabel", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration of the label.", "title": "FontConfiguration" }, "Visibility": { "markdownDescription": "Determines whether or not the label is visible.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.Layout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Template.LayoutConfiguration", "markdownDescription": "The configuration that determines what the type of layout for a sheet.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Template.LayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormLayoutConfiguration", "markdownDescription": "A free-form is optimized for a fixed width and has more control over the exact placement of layout elements.", "title": "FreeFormLayout" }, "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", "markdownDescription": "A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` .", "title": "GridLayout" }, "SectionBasedLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutConfiguration", "markdownDescription": "A section based layout organizes visuals into multiple sections and has customized header, footer and page break.", "title": "SectionBasedLayout" } }, "type": "object" }, "AWS::QuickSight::Template.LegendOptions": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of the legend. If this value is omitted, a default height is used when rendering.", "title": "Height", "type": "string" }, "Position": { "markdownDescription": "The positions for the legend. Choose one of the following options:\n\n- `AUTO`\n- `RIGHT`\n- `BOTTOM`\n- `LEFT`", "title": "Position", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The custom title for the legend.", "title": "Title" }, "Visibility": { "markdownDescription": "Determines whether or not the legend is visible.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width of the legend. If this value is omitted, a default width is used when rendering.", "title": "Width", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category field wells of a line chart. Values are grouped by category fields.", "title": "Category", "type": "array" }, "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The color field wells of a line chart. Values are grouped by category fields.", "title": "Colors", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The small multiples field well of a line chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a line chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartConfiguration": { "additionalProperties": false, "properties": { "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" }, "markdownDescription": "The default configuration of a line chart's contribution analysis.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The data label configuration of a line chart.", "title": "DataLabels" }, "DefaultSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartDefaultSeriesSettings", "markdownDescription": "The options that determine the default presentation of all line series in `LineChartVisual` .", "title": "DefaultSeriesSettings" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "FieldWells" }, "ForecastConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ForecastConfiguration" }, "markdownDescription": "The forecast configuration of a line chart.", "title": "ForecastConfigurations", "type": "array" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend configuration of a line chart.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "ReferenceLines": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLine" }, "markdownDescription": "The reference lines configuration of a line chart.", "title": "ReferenceLines", "type": "array" }, "SecondaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LineSeriesAxisDisplayOptions", "markdownDescription": "The series axis configuration of a line chart.", "title": "SecondaryYAxisDisplayOptions" }, "SecondaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the secondary y-axis label.", "title": "SecondaryYAxisLabelOptions" }, "Series": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SeriesItem" }, "markdownDescription": "The series item configuration of a line chart.", "title": "Series", "type": "array" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartSortConfiguration", "markdownDescription": "The sort configuration of a line chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip configuration of a line chart.", "title": "Tooltip" }, "Type": { "markdownDescription": "Determines the type of the line chart.", "title": "Type", "type": "string" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The visual palette configuration of a line chart.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the x-axis label.", "title": "XAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartDefaultSeriesSettings": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis to which you are binding all line series to.", "title": "AxisBinding", "type": "string" }, "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", "markdownDescription": "Line styles options for all line series in the visual.", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for all line series in the visual.", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartFieldWells": { "additionalProperties": false, "properties": { "LineChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a line chart.", "title": "LineChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartLineStyleSettings": { "additionalProperties": false, "properties": { "LineInterpolation": { "markdownDescription": "Interpolation style for line series.\n\n- `LINEAR` : Show as default, linear style.\n- `SMOOTH` : Show as a smooth curve.\n- `STEPPED` : Show steps in line.", "title": "LineInterpolation", "type": "string" }, "LineStyle": { "markdownDescription": "Line style for line series.\n\n- `SOLID` : Show as a solid line.\n- `DOTTED` : Show as a dotted line.\n- `DASHED` : Show as a dashed line.", "title": "LineStyle", "type": "string" }, "LineVisibility": { "markdownDescription": "Configuration option that determines whether to show the line for the series.", "title": "LineVisibility", "type": "string" }, "LineWidth": { "markdownDescription": "Width that determines the line thickness.", "title": "LineWidth", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartMarkerStyleSettings": { "additionalProperties": false, "properties": { "MarkerColor": { "markdownDescription": "Color of marker in the series.", "title": "MarkerColor", "type": "string" }, "MarkerShape": { "markdownDescription": "Shape option for markers in the series.\n\n- `CIRCLE` : Show marker as a circle.\n- `TRIANGLE` : Show marker as a triangle.\n- `SQUARE` : Show marker as a square.\n- `DIAMOND` : Show marker as a diamond.\n- `ROUNDED_SQUARE` : Show marker as a rounded square.", "title": "MarkerShape", "type": "string" }, "MarkerSize": { "markdownDescription": "Size of marker in the series.", "title": "MarkerSize", "type": "string" }, "MarkerVisibility": { "markdownDescription": "Configuration option that determines whether to show the markers in the series.", "title": "MarkerVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartSeriesSettings": { "additionalProperties": false, "properties": { "LineStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartLineStyleSettings", "markdownDescription": "Line styles options for a line series in `LineChartVisual` .", "title": "LineStyleSettings" }, "MarkerStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartMarkerStyleSettings", "markdownDescription": "Marker styles options for a line series in `LineChartVisual` .", "title": "MarkerStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a line chart.", "title": "CategoryItemsLimitConfiguration" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "ColorItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of lines that are displayed in a line chart.", "title": "ColorItemsLimitConfiguration" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.LineChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartConfiguration", "markdownDescription": "The configuration of a line chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.LineSeriesAxisDisplayOptions": { "additionalProperties": false, "properties": { "AxisOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the line series axis.", "title": "AxisOptions" }, "MissingDataConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MissingDataConfiguration" }, "markdownDescription": "The configuration options that determine how missing data is treated during the rendering of a line chart.", "title": "MissingDataConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ListControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "SearchOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSearchOptions", "markdownDescription": "The configuration of the search options in a list control.", "title": "SearchOptions" }, "SelectAllOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlSelectAllOptions", "markdownDescription": "The configuration of the `Select all` options in a list control.", "title": "SelectAllOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.ListControlSearchOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the search options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ListControlSelectAllOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the `Select all` options in a list control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.LoadingAnimation": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of `LoadingAnimation` .", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.LocalNavigationConfiguration": { "additionalProperties": false, "properties": { "TargetSheetId": { "markdownDescription": "The sheet that is targeted for navigation in the same analysis.", "title": "TargetSheetId", "type": "string" } }, "required": [ "TargetSheetId" ], "type": "object" }, "AWS::QuickSight::Template.LongFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.MappedDataSetParameter": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "A unique name that identifies a dataset within the analysis or dashboard.", "title": "DataSetIdentifier", "type": "string" }, "DataSetParameterName": { "markdownDescription": "The name of the dataset parameter.", "title": "DataSetParameterName", "type": "string" } }, "required": [ "DataSetIdentifier", "DataSetParameterName" ], "type": "object" }, "AWS::QuickSight::Template.MaximumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the maximum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.MaximumMinimumComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The type of computation. Choose one of the following options:\n\n- MAXIMUM: A maximum computation.\n- MINIMUM: A minimum computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Template.MeasureField": { "additionalProperties": false, "properties": { "CalculatedMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedMeasureField", "markdownDescription": "The calculated measure field only used in pivot tables.", "title": "CalculatedMeasureField" }, "CategoricalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Template.CategoricalMeasureField", "markdownDescription": "The measure type field with categorical type columns.", "title": "CategoricalMeasureField" }, "DateMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Template.DateMeasureField", "markdownDescription": "The measure type field with date type columns.", "title": "DateMeasureField" }, "NumericalMeasureField": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericalMeasureField", "markdownDescription": "The measure type field with numerical type columns.", "title": "NumericalMeasureField" } }, "type": "object" }, "AWS::QuickSight::Template.MetricComparisonComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "FromValue": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The field that is used in a metric comparison from value setup.", "title": "FromValue" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "TargetValue": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The field that is used in a metric comparison to value setup.", "title": "TargetValue" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.MinimumLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the minimum label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.MissingDataConfiguration": { "additionalProperties": false, "properties": { "TreatmentOption": { "markdownDescription": "The treatment option that determines how missing data should be rendered. Choose from the following options:\n\n- `INTERPOLATE` : Interpolate missing values between the prior and the next known value.\n- `SHOW_AS_ZERO` : Show missing values as the value `0` .\n- `SHOW_AS_BLANK` : Display a blank space when rendering missing data.", "title": "TreatmentOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.NegativeValueConfiguration": { "additionalProperties": false, "properties": { "DisplayMode": { "markdownDescription": "Determines the display mode of the negative value configuration.", "title": "DisplayMode", "type": "string" } }, "required": [ "DisplayMode" ], "type": "object" }, "AWS::QuickSight::Template.NullValueFormatConfiguration": { "additionalProperties": false, "properties": { "NullString": { "markdownDescription": "Determines the null string of null values.", "title": "NullString", "type": "string" } }, "required": [ "NullString" ], "type": "object" }, "AWS::QuickSight::Template.NumberDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumberScale": { "markdownDescription": "Determines the number scale value of the number format.", "title": "NumberScale", "type": "string" }, "Prefix": { "markdownDescription": "Determines the prefix value of the number format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the number format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.NumberFormatConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", "markdownDescription": "The options that determine the numeric format configuration.", "title": "FormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.NumericAxisOptions": { "additionalProperties": false, "properties": { "Range": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayRange", "markdownDescription": "The range setup of a numeric axis.", "title": "Range" }, "Scale": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisScale", "markdownDescription": "The scale setup of a numeric axis.", "title": "Scale" } }, "type": "object" }, "AWS::QuickSight::Template.NumericEqualityDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "Value": { "markdownDescription": "The value of the double input numeric drill down filter.", "title": "Value", "type": "number" } }, "required": [ "Column", "Value" ], "type": "object" }, "AWS::QuickSight::Template.NumericEqualityFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MatchOperator": { "markdownDescription": "The match operator that is used to determine if a filter should be applied.", "title": "MatchOperator", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" }, "Value": { "markdownDescription": "The input value.", "title": "Value", "type": "number" } }, "required": [ "Column", "FilterId", "MatchOperator", "NullOption" ], "type": "object" }, "AWS::QuickSight::Template.NumericFormatConfiguration": { "additionalProperties": false, "properties": { "CurrencyDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CurrencyDisplayFormatConfiguration", "markdownDescription": "The options that determine the currency display format configuration.", "title": "CurrencyDisplayFormatConfiguration" }, "NumberDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumberDisplayFormatConfiguration", "markdownDescription": "The options that determine the number display format configuration.", "title": "NumberDisplayFormatConfiguration" }, "PercentageDisplayFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PercentageDisplayFormatConfiguration", "markdownDescription": "The options that determine the percentage display format configuration.", "title": "PercentageDisplayFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.NumericRangeFilter": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The aggregation function of the filter.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximum": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum" }, "RangeMinimum": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum" }, "SelectAllOptions": { "markdownDescription": "Select all of the values. Null is not the assigned value of select all.\n\n- `FILTER_ALL_VALUES`", "title": "SelectAllOptions", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Template.NumericRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter that is used in the numeric range.", "title": "Parameter", "type": "string" }, "StaticValue": { "markdownDescription": "The static value of the numeric range filter.", "title": "StaticValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.NumericSeparatorConfiguration": { "additionalProperties": false, "properties": { "DecimalSeparator": { "markdownDescription": "Determines the decimal separator.", "title": "DecimalSeparator", "type": "string" }, "ThousandsSeparator": { "$ref": "#/definitions/AWS::QuickSight::Template.ThousandSeparatorOptions", "markdownDescription": "The options that determine the thousands separator configuration.", "title": "ThousandsSeparator" } }, "type": "object" }, "AWS::QuickSight::Template.NumericalAggregationFunction": { "additionalProperties": false, "properties": { "PercentileAggregation": { "$ref": "#/definitions/AWS::QuickSight::Template.PercentileAggregation", "markdownDescription": "An aggregation based on the percentile of values in a dimension or measure.", "title": "PercentileAggregation" }, "SimpleNumericalAggregation": { "markdownDescription": "Built-in aggregation functions for numerical values.\n\n- `SUM` : The sum of a dimension or measure.\n- `AVERAGE` : The average of a dimension or measure.\n- `MIN` : The minimum value of a dimension or measure.\n- `MAX` : The maximum value of a dimension or measure.\n- `COUNT` : The count of a dimension or measure.\n- `DISTINCT_COUNT` : The count of distinct values in a dimension or measure.\n- `VAR` : The variance of a dimension or measure.\n- `VARP` : The partitioned variance of a dimension or measure.\n- `STDEV` : The standard deviation of a dimension or measure.\n- `STDEVP` : The partitioned standard deviation of a dimension or measure.\n- `MEDIAN` : The median value of a dimension or measure.", "title": "SimpleNumericalAggregation", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.NumericalDimensionField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalDimensionField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" }, "HierarchyId": { "markdownDescription": "The custom hierarchy ID.", "title": "HierarchyId", "type": "string" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.NumericalMeasureField": { "additionalProperties": false, "properties": { "AggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", "markdownDescription": "The aggregation function of the measure field.", "title": "AggregationFunction" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `NumericalMeasureField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumberFormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.PaginationConfiguration": { "additionalProperties": false, "properties": { "PageNumber": { "markdownDescription": "Indicates the page number.", "title": "PageNumber", "type": "number" }, "PageSize": { "markdownDescription": "Indicates how many items render in one page.", "title": "PageSize", "type": "number" } }, "required": [ "PageNumber", "PageSize" ], "type": "object" }, "AWS::QuickSight::Template.PanelConfiguration": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "Sets the background color for each panel.", "title": "BackgroundColor", "type": "string" }, "BackgroundVisibility": { "markdownDescription": "Determines whether or not a background for each small multiples panel is rendered.", "title": "BackgroundVisibility", "type": "string" }, "BorderColor": { "markdownDescription": "Sets the line color of panel borders.", "title": "BorderColor", "type": "string" }, "BorderStyle": { "markdownDescription": "Sets the line style of panel borders.", "title": "BorderStyle", "type": "string" }, "BorderThickness": { "markdownDescription": "Sets the line thickness of panel borders.", "title": "BorderThickness", "type": "string" }, "BorderVisibility": { "markdownDescription": "Determines whether or not each panel displays a border.", "title": "BorderVisibility", "type": "string" }, "GutterSpacing": { "markdownDescription": "Sets the total amount of negative space to display between sibling panels.", "title": "GutterSpacing", "type": "string" }, "GutterVisibility": { "markdownDescription": "Determines whether or not negative space between sibling panels is rendered.", "title": "GutterVisibility", "type": "string" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.PanelTitleOptions", "markdownDescription": "Configures the title display within each small multiples panel.", "title": "Title" } }, "type": "object" }, "AWS::QuickSight::Template.PanelTitleOptions": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "", "title": "FontConfiguration" }, "HorizontalTextAlignment": { "markdownDescription": "Sets the horizontal text alignment of the title within each panel.", "title": "HorizontalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "Determines whether or not panel titles are displayed.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ParameterControl": { "additionalProperties": false, "properties": { "DateTimePicker": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDateTimePickerControl", "markdownDescription": "A control from a date parameter that specifies date and time.", "title": "DateTimePicker" }, "Dropdown": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDropDownControl", "markdownDescription": "A control to display a dropdown list with buttons that are used to select a single value.", "title": "Dropdown" }, "List": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterListControl", "markdownDescription": "A control to display a list with buttons or boxes that are used to select either a single value or multiple values.", "title": "List" }, "Slider": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSliderControl", "markdownDescription": "A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle.", "title": "Slider" }, "TextArea": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextAreaControl", "markdownDescription": "A control to display a text box that is used to enter multiple entries.", "title": "TextArea" }, "TextField": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterTextFieldControl", "markdownDescription": "A control to display a text box that is used to enter a single entry.", "title": "TextField" } }, "type": "object" }, "AWS::QuickSight::Template.ParameterDateTimePickerControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimePickerControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDateTimePickerControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The name of the `ParameterDateTimePickerControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDateTimePickerControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Template.ParameterDeclaration": { "additionalProperties": false, "properties": { "DateTimeParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Template.DateTimeParameterDeclaration", "markdownDescription": "A parameter declaration for the `DateTime` data type.", "title": "DateTimeParameterDeclaration" }, "DecimalParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalParameterDeclaration", "markdownDescription": "A parameter declaration for the `Decimal` data type.", "title": "DecimalParameterDeclaration" }, "IntegerParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Template.IntegerParameterDeclaration", "markdownDescription": "A parameter declaration for the `Integer` data type.", "title": "IntegerParameterDeclaration" }, "StringParameterDeclaration": { "$ref": "#/definitions/AWS::QuickSight::Template.StringParameterDeclaration", "markdownDescription": "A parameter declaration for the `String` data type.", "title": "StringParameterDeclaration" } }, "type": "object" }, "AWS::QuickSight::Template.ParameterDropDownControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DropDownControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterDropDownControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterDropDownControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterDropDownControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type parameter name of the `ParameterDropDownControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Template.ParameterListControl": { "additionalProperties": false, "properties": { "CascadingControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.CascadingControlConfiguration", "markdownDescription": "The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls.", "title": "CascadingControlConfiguration" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ListControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterListControl` .", "title": "ParameterControlId", "type": "string" }, "SelectableValues": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterSelectableValues", "markdownDescription": "A list of selectable values that are used in a control.", "title": "SelectableValues" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterListControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterListControl` .", "title": "Title", "type": "string" }, "Type": { "markdownDescription": "The type of `ParameterListControl` .", "title": "Type", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Template.ParameterSelectableValues": { "additionalProperties": false, "properties": { "LinkToDataSetColumn": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column identifier that fetches values from the data set.", "title": "LinkToDataSetColumn" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The values that are used in `ParameterSelectableValues` .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ParameterSliderControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SliderControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "MaximumValue": { "markdownDescription": "The larger value that is displayed at the right of the slider.", "title": "MaximumValue", "type": "number" }, "MinimumValue": { "markdownDescription": "The smaller value that is displayed at the left of the slider.", "title": "MinimumValue", "type": "number" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterSliderControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterSliderControl` .", "title": "SourceParameterName", "type": "string" }, "StepSize": { "markdownDescription": "The number of increments that the slider bar is divided into.", "title": "StepSize", "type": "number" }, "Title": { "markdownDescription": "The title of the `ParameterSliderControl` .", "title": "Title", "type": "string" } }, "required": [ "MaximumValue", "MinimumValue", "ParameterControlId", "SourceParameterName", "StepSize", "Title" ], "type": "object" }, "AWS::QuickSight::Template.ParameterTextAreaControl": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "The delimiter that is used to separate the lines in text.", "title": "Delimiter", "type": "string" }, "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextAreaControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextAreaControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextAreaControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextAreaControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Template.ParameterTextFieldControl": { "additionalProperties": false, "properties": { "DisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextFieldControlDisplayOptions", "markdownDescription": "The display options of a control.", "title": "DisplayOptions" }, "ParameterControlId": { "markdownDescription": "The ID of the `ParameterTextFieldControl` .", "title": "ParameterControlId", "type": "string" }, "SourceParameterName": { "markdownDescription": "The source parameter name of the `ParameterTextFieldControl` .", "title": "SourceParameterName", "type": "string" }, "Title": { "markdownDescription": "The title of the `ParameterTextFieldControl` .", "title": "Title", "type": "string" } }, "required": [ "ParameterControlId", "SourceParameterName", "Title" ], "type": "object" }, "AWS::QuickSight::Template.PercentVisibleRange": { "additionalProperties": false, "properties": { "From": { "markdownDescription": "The lower bound of the range.", "title": "From", "type": "number" }, "To": { "markdownDescription": "The top bound of the range.", "title": "To", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.PercentageDisplayFormatConfiguration": { "additionalProperties": false, "properties": { "DecimalPlacesConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DecimalPlacesConfiguration", "markdownDescription": "The option that determines the decimal places configuration.", "title": "DecimalPlacesConfiguration" }, "NegativeValueConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NegativeValueConfiguration", "markdownDescription": "The options that determine the negative value configuration.", "title": "NegativeValueConfiguration" }, "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "Prefix": { "markdownDescription": "Determines the prefix value of the percentage format.", "title": "Prefix", "type": "string" }, "SeparatorConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericSeparatorConfiguration", "markdownDescription": "The options that determine the numeric separator configuration.", "title": "SeparatorConfiguration" }, "Suffix": { "markdownDescription": "Determines the suffix value of the percentage format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PercentileAggregation": { "additionalProperties": false, "properties": { "PercentileValue": { "markdownDescription": "The percentile value. This value can be any numeric constant 0\u2013100. A percentile value of 50 computes the median value of the measure.", "title": "PercentileValue", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.PeriodOverPeriodComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.PeriodToDateComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "PeriodTimeGranularity": { "markdownDescription": "The time granularity setup of period to date computation. Choose from the following options:\n\n- YEAR: Year to date.\n- MONTH: Month to date.", "title": "PeriodTimeGranularity", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.PieChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category (group/color) field wells of a pie chart.", "title": "Category", "type": "array" }, "SmallMultiples": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The small multiples field well of a pie chart.", "title": "SmallMultiples", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a pie chart. Values are aggregated based on categories.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PieChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options of the group/color that is displayed in a pie chart.", "title": "CategoryLabelOptions" }, "ContributionAnalysisDefaults": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ContributionAnalysisDefault" }, "markdownDescription": "The contribution analysis (anomaly configuration) setup of the visual.", "title": "ContributionAnalysisDefaults", "type": "array" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "DonutOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.DonutOptions", "markdownDescription": "The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart.", "title": "DonutOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.PieChartFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SmallMultiplesOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesOptions", "markdownDescription": "The small multiples setup for the visual.", "title": "SmallMultiplesOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PieChartSortConfiguration", "markdownDescription": "The sort configuration of a pie chart.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" }, "ValueLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options for the value that is displayed in a pie chart.", "title": "ValueLabelOptions" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.PieChartFieldWells": { "additionalProperties": false, "properties": { "PieChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.PieChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a pie chart.", "title": "PieChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.PieChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of categories that are displayed in a pie chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" }, "SmallMultiplesLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of small multiples panels that are displayed.", "title": "SmallMultiplesLimitConfiguration" }, "SmallMultiplesSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the small multiples field.", "title": "SmallMultiplesSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PieChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PieChartConfiguration", "markdownDescription": "The configuration of a pie chart.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.PivotFieldSortOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID for the field sort options.", "title": "FieldId", "type": "string" }, "SortBy": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortBy", "markdownDescription": "The sort by field for the field sort options.", "title": "SortBy" } }, "required": [ "FieldId", "SortBy" ], "type": "object" }, "AWS::QuickSight::Template.PivotTableAggregatedFieldWells": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The columns field well for a pivot table. Values are grouped by columns fields.", "title": "Columns", "type": "array" }, "Rows": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The rows field well for a pivot table. Values are grouped by rows fields.", "title": "Rows", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on rows and columns fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "Scope": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope", "markdownDescription": "The scope of the cell for conditional formatting.", "title": "Scope" }, "Scopes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingScope" }, "markdownDescription": "A list of cell scopes for conditional formatting.", "title": "Scopes", "type": "array" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.PivotTableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a pivot table.", "title": "Cell" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableConditionalFormattingScope": { "additionalProperties": false, "properties": { "Role": { "markdownDescription": "The role (field, field total, grand total) of the cell for conditional formatting.", "title": "Role", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOptions", "markdownDescription": "The field options for a pivot table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTablePaginatedReportOptions", "markdownDescription": "The paginated report options for a pivot table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableSortConfiguration", "markdownDescription": "The sort configuration for a `PivotTableVisual` .", "title": "SortConfiguration" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableOptions", "markdownDescription": "The table options for a pivot table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableTotalOptions", "markdownDescription": "The total options for a pivot table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableDataPathOption": { "additionalProperties": false, "properties": { "DataPathList": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, "markdownDescription": "The list of data path values for the data path options.", "title": "DataPathList", "type": "array" }, "Width": { "markdownDescription": "The width of the data path option.", "title": "Width", "type": "string" } }, "required": [ "DataPathList" ], "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldCollapseStateOption": { "additionalProperties": false, "properties": { "State": { "markdownDescription": "The state of the field target of a pivot table. Choose one of the following options:\n\n- `COLLAPSED`\n- `EXPANDED`", "title": "State", "type": "string" }, "Target": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget", "markdownDescription": "A tagged-union object that sets the collapse state.", "title": "Target" } }, "required": [ "Target" ], "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldCollapseStateTarget": { "additionalProperties": false, "properties": { "FieldDataPathValues": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathValue" }, "markdownDescription": "The data path of the pivot table's header. Used to set the collapse state.", "title": "FieldDataPathValues", "type": "array" }, "FieldId": { "markdownDescription": "The field ID of the pivot table that the collapse state needs to be set to.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label of the pivot table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID of the pivot table field.", "title": "FieldId", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the pivot table field.", "title": "Visibility", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldOptions": { "additionalProperties": false, "properties": { "CollapseStateOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldCollapseStateOption" }, "markdownDescription": "The collapse state options for the pivot table field options.", "title": "CollapseStateOptions", "type": "array" }, "DataPathOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableDataPathOption" }, "markdownDescription": "The data path options for the pivot table field options.", "title": "DataPathOptions", "type": "array" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldOption" }, "markdownDescription": "The selected field options for the pivot table field options.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldSubtotalOptions": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the subtotal options.", "title": "FieldId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableFieldWells": { "additionalProperties": false, "properties": { "PivotTableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the pivot table.", "title": "PivotTableAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of cells.", "title": "CellStyle" }, "CollapsedRowDimensionsVisibility": { "markdownDescription": "The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` .", "title": "CollapsedRowDimensionsVisibility", "type": "string" }, "ColumnHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of the column header.", "title": "ColumnHeaderStyle" }, "ColumnNamesVisibility": { "markdownDescription": "The visibility of the column names.", "title": "ColumnNamesVisibility", "type": "string" }, "DefaultCellWidth": { "markdownDescription": "The default cell width of the pivot table.", "title": "DefaultCellWidth", "type": "string" }, "MetricPlacement": { "markdownDescription": "The metric placement (row, column) options.", "title": "MetricPlacement", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors).", "title": "RowAlternateColorOptions" }, "RowFieldNamesStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of row field names.", "title": "RowFieldNamesStyle" }, "RowHeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of the row headers.", "title": "RowHeaderStyle" }, "RowsLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableRowsLabelOptions", "markdownDescription": "The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` .", "title": "RowsLabelOptions" }, "RowsLayout": { "markdownDescription": "The layout for the row dimension headers of a pivot table. Choose one of the following options.\n\n- `TABULAR` : (Default) Each row field is displayed in a separate column.\n- `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields.", "title": "RowsLayout", "type": "string" }, "SingleMetricVisibility": { "markdownDescription": "The visibility of the single metric options.", "title": "SingleMetricVisibility", "type": "string" }, "ToggleButtonsVisibility": { "markdownDescription": "Determines the visibility of the pivot table.", "title": "ToggleButtonsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of the repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of the printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableRowsLabelOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the rows label.", "title": "CustomLabel", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the rows label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableSortBy": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnSort", "markdownDescription": "The column sort (field id, direction) for the pivot table sort by options.", "title": "Column" }, "DataPath": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathSort", "markdownDescription": "The data path sort (data path value, direction) for the pivot table sort by options.", "title": "DataPath" }, "Field": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSort", "markdownDescription": "The field sort (field id, direction) for the pivot table sort by options.", "title": "Field" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableSortConfiguration": { "additionalProperties": false, "properties": { "FieldSortOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotFieldSortOptions" }, "markdownDescription": "The field sort options for a pivot table sort configuration.", "title": "FieldSortOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableTotalOptions": { "additionalProperties": false, "properties": { "ColumnSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", "markdownDescription": "The column subtotal options.", "title": "ColumnSubtotalOptions" }, "ColumnTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", "markdownDescription": "The column total options.", "title": "ColumnTotalOptions" }, "RowSubtotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SubtotalOptions", "markdownDescription": "The row subtotal options.", "title": "RowSubtotalOptions" }, "RowTotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTotalOptions", "markdownDescription": "The row total options.", "title": "RowTotalOptions" } }, "type": "object" }, "AWS::QuickSight::Template.PivotTableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.PivotTotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the total of header cells.", "title": "MetricHeaderCellStyle" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" }, "markdownDescription": "The total aggregation options for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the totals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Template.PredefinedHierarchy": { "additionalProperties": false, "properties": { "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier" }, "markdownDescription": "The list of columns that define the predefined hierarchy.", "title": "Columns", "type": "array" }, "DrillDownFilters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DrillDownFilter" }, "markdownDescription": "The option that determines the drill down filters for the predefined hierarchy.", "title": "DrillDownFilters", "type": "array" }, "HierarchyId": { "markdownDescription": "The hierarchy ID of the predefined hierarchy.", "title": "HierarchyId", "type": "string" } }, "required": [ "Columns", "HierarchyId" ], "type": "object" }, "AWS::QuickSight::Template.ProgressBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the progress bar.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The aggregated field well categories of a radar chart.", "title": "Category", "type": "array" }, "Color": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The color that are assigned to the aggregated field wells of a radar chart.", "title": "Color", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The values that are assigned to the aggregated field wells of a radar chart.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartAreaStyleSettings": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility settings of a radar chart.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartConfiguration": { "additionalProperties": false, "properties": { "AlternateBandColorsVisibility": { "markdownDescription": "Determines the visibility of the colors of alternatign bands in a radar chart.", "title": "AlternateBandColorsVisibility", "type": "string" }, "AlternateBandEvenColor": { "markdownDescription": "The color of the even-numbered alternate bands of a radar chart.", "title": "AlternateBandEvenColor", "type": "string" }, "AlternateBandOddColor": { "markdownDescription": "The color of the odd-numbered alternate bands of a radar chart.", "title": "AlternateBandOddColor", "type": "string" }, "AxesRangeScale": { "markdownDescription": "The axis behavior options of a radar chart.", "title": "AxesRangeScale", "type": "string" }, "BaseSeriesSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSeriesSettings", "markdownDescription": "The base sreies settings of a radar chart.", "title": "BaseSeriesSettings" }, "CategoryAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The category axis of a radar chart.", "title": "CategoryAxis" }, "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The category label options of a radar chart.", "title": "CategoryLabelOptions" }, "ColorAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The color axis of a radar chart.", "title": "ColorAxis" }, "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The color label options of a radar chart.", "title": "ColorLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartFieldWells", "markdownDescription": "The field well configuration of a `RadarChartVisual` .", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Shape": { "markdownDescription": "The shape of the radar chart.", "title": "Shape", "type": "string" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartSortConfiguration", "markdownDescription": "The sort configuration of a `RadarChartVisual` .", "title": "SortConfiguration" }, "StartAngle": { "markdownDescription": "The start angle of a radar chart's axis.", "title": "StartAngle", "type": "number" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartFieldWells": { "additionalProperties": false, "properties": { "RadarChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a radar chart visual.", "title": "RadarChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartSeriesSettings": { "additionalProperties": false, "properties": { "AreaStyleSettings": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartAreaStyleSettings", "markdownDescription": "The area style settings of a radar chart.", "title": "AreaStyleSettings" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The category items limit for a radar chart.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The category sort options of a radar chart.", "title": "CategorySort", "type": "array" }, "ColorItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The color items limit of a radar chart.", "title": "ColorItemsLimit" }, "ColorSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The color sort configuration of a radar chart.", "title": "ColorSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.RadarChartVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.RangeEndsLabelType": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the range ends label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ReferenceLine": { "additionalProperties": false, "properties": { "DataConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDataConfiguration", "markdownDescription": "The data configuration of the reference line.", "title": "DataConfiguration" }, "LabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineLabelConfiguration", "markdownDescription": "The label configuration of the reference line.", "title": "LabelConfiguration" }, "Status": { "markdownDescription": "The status of the reference line. Choose one of the following options:\n\n- `ENABLE`\n- `DISABLE`", "title": "Status", "type": "string" }, "StyleConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStyleConfiguration", "markdownDescription": "The style configuration of the reference line.", "title": "StyleConfiguration" } }, "required": [ "DataConfiguration" ], "type": "object" }, "AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The string text of the custom label.", "title": "CustomLabel", "type": "string" } }, "required": [ "CustomLabel" ], "type": "object" }, "AWS::QuickSight::Template.ReferenceLineDataConfiguration": { "additionalProperties": false, "properties": { "AxisBinding": { "markdownDescription": "The axis binding type of the reference line. Choose one of the following options:\n\n- `PrimaryY`\n- `SecondaryY`", "title": "AxisBinding", "type": "string" }, "DynamicConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration", "markdownDescription": "The dynamic configuration of the reference line data configuration.", "title": "DynamicConfiguration" }, "SeriesType": { "markdownDescription": "The series type of the reference line data configuration. Choose one of the following options:\n\n- `BAR`\n- `LINE`", "title": "SeriesType", "type": "string" }, "StaticConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration", "markdownDescription": "The static data configuration of the reference line data configuration.", "title": "StaticConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.ReferenceLineDynamicDataConfiguration": { "additionalProperties": false, "properties": { "Calculation": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericalAggregationFunction", "markdownDescription": "The calculation that is used in the dynamic data.", "title": "Calculation" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the dynamic data targets.", "title": "Column" }, "MeasureAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationFunction", "markdownDescription": "The aggregation function that is used in the dynamic data.", "title": "MeasureAggregationFunction" } }, "required": [ "Calculation", "Column" ], "type": "object" }, "AWS::QuickSight::Template.ReferenceLineLabelConfiguration": { "additionalProperties": false, "properties": { "CustomLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineCustomLabelConfiguration", "markdownDescription": "The custom label configuration of the label in a reference line.", "title": "CustomLabelConfiguration" }, "FontColor": { "markdownDescription": "The font color configuration of the label in a reference line.", "title": "FontColor", "type": "string" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration of the label in a reference line.", "title": "FontConfiguration" }, "HorizontalPosition": { "markdownDescription": "The horizontal position configuration of the label in a reference line. Choose one of the following options:\n\n- `LEFT`\n- `CENTER`\n- `RIGHT`", "title": "HorizontalPosition", "type": "string" }, "ValueLabelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration", "markdownDescription": "The value label configuration of the label in a reference line.", "title": "ValueLabelConfiguration" }, "VerticalPosition": { "markdownDescription": "The vertical position configuration of the label in a reference line. Choose one of the following options:\n\n- `ABOVE`\n- `BELOW`", "title": "VerticalPosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ReferenceLineStaticDataConfiguration": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The double input of the static data.", "title": "Value", "type": "number" } }, "required": [ "Value" ], "type": "object" }, "AWS::QuickSight::Template.ReferenceLineStyleConfiguration": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The hex color of the reference line.", "title": "Color", "type": "string" }, "Pattern": { "markdownDescription": "The pattern type of the line style. Choose one of the following options:\n\n- `SOLID`\n- `DASHED`\n- `DOTTED`", "title": "Pattern", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.ReferenceLineValueLabelConfiguration": { "additionalProperties": false, "properties": { "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", "markdownDescription": "The format configuration of the value label.", "title": "FormatConfiguration" }, "RelativePosition": { "markdownDescription": "The relative position of the value label. Choose one of the following options:\n\n- `BEFORE_CUSTOM_LABEL`\n- `AFTER_CUSTOM_LABEL`", "title": "RelativePosition", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.RelativeDateTimeControlDisplayOptions": { "additionalProperties": false, "properties": { "DateTimeFormat": { "markdownDescription": "Customize how dates are formatted in controls.", "title": "DateTimeFormat", "type": "string" }, "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.RelativeDatesFilter": { "additionalProperties": false, "properties": { "AnchorDateConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.AnchorDateConfiguration", "markdownDescription": "The date configuration of the filter.", "title": "AnchorDateConfiguration" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", "markdownDescription": "The configuration for the exclude period of the filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "MinimumGranularity": { "markdownDescription": "The minimum granularity (period granularity) of the relative dates filter.", "title": "MinimumGranularity", "type": "string" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "RelativeDateType": { "markdownDescription": "The range date type of the filter. Choose one of the options below:\n\n- `PREVIOUS`\n- `THIS`\n- `LAST`\n- `NOW`\n- `NEXT`", "title": "RelativeDateType", "type": "string" }, "RelativeDateValue": { "markdownDescription": "The date value of the filter.", "title": "RelativeDateValue", "type": "number" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AnchorDateConfiguration", "Column", "FilterId", "NullOption", "RelativeDateType", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Template.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permissions on.", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::Template.RollingDateConfiguration": { "additionalProperties": false, "properties": { "DataSetIdentifier": { "markdownDescription": "The data set that is used in the rolling date configuration.", "title": "DataSetIdentifier", "type": "string" }, "Expression": { "markdownDescription": "The expression of the rolling date configuration.", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::QuickSight::Template.RowAlternateColorOptions": { "additionalProperties": false, "properties": { "RowAlternateColors": { "items": { "type": "string" }, "markdownDescription": "Determines the list of row alternate colors.", "title": "RowAlternateColors", "type": "array" }, "Status": { "markdownDescription": "Determines the widget status.", "title": "Status", "type": "string" }, "UsePrimaryBackgroundColor": { "markdownDescription": "The primary background color options for alternate rows.", "title": "UsePrimaryBackgroundColor", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SameSheetTargetVisualConfiguration": { "additionalProperties": false, "properties": { "TargetVisualOptions": { "markdownDescription": "The options that choose the target visual in the same sheet.\n\nValid values are defined as follows:\n\n- `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet.", "title": "TargetVisualOptions", "type": "string" }, "TargetVisuals": { "items": { "type": "string" }, "markdownDescription": "A list of the target visual IDs that are located in the same sheet of the analysis.", "title": "TargetVisuals", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells": { "additionalProperties": false, "properties": { "Destination": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The destination field wells of a sankey diagram.", "title": "Destination", "type": "array" }, "Source": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The source field wells of a sankey diagram.", "title": "Source", "type": "array" }, "Weight": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The weight field wells of a sankey diagram.", "title": "Weight", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.SankeyDiagramChartConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The data label configuration of a sankey diagram.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramSortConfiguration", "markdownDescription": "The sort configuration of a sankey diagram.", "title": "SortConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.SankeyDiagramFieldWells": { "additionalProperties": false, "properties": { "SankeyDiagramAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramAggregatedFieldWells", "markdownDescription": "The field well configuration of a sankey diagram.", "title": "SankeyDiagramAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.SankeyDiagramSortConfiguration": { "additionalProperties": false, "properties": { "DestinationItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of destination nodes that are displayed in a sankey diagram.", "title": "DestinationItemsLimit" }, "SourceItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of source nodes that are displayed in a sankey diagram.", "title": "SourceItemsLimit" }, "WeightSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the weight fields.", "title": "WeightSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.SankeyDiagramVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramChartConfiguration", "markdownDescription": "The configuration of a sankey diagram.", "title": "ChartConfiguration" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is aggregated by category.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is aggregated by category.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ScatterPlotConfiguration": { "additionalProperties": false, "properties": { "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Tooltip" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The palette (chart color) display setup of the visual.", "title": "VisualPalette" }, "XAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis.", "title": "XAxisDisplayOptions" }, "XAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis.", "title": "XAxisLabelOptions" }, "YAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis.", "title": "YAxisDisplayOptions" }, "YAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis.", "title": "YAxisLabelOptions" } }, "type": "object" }, "AWS::QuickSight::Template.ScatterPlotFieldWells": { "additionalProperties": false, "properties": { "ScatterPlotCategoricallyAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotCategoricallyAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both.", "title": "ScatterPlotCategoricallyAggregatedFieldWells" }, "ScatterPlotUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells", "markdownDescription": "The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated.", "title": "ScatterPlotUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.ScatterPlotUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Category": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category field well of a scatter plot.", "title": "Category", "type": "array" }, "Label": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The label field well of a scatter plot.", "title": "Label", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The size field well of a scatter plot.", "title": "Size", "type": "array" }, "XAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The x-axis field well of a scatter plot.\n\nThe x-axis is a dimension field and cannot be aggregated.", "title": "XAxis", "type": "array" }, "YAxis": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The y-axis field well of a scatter plot.\n\nThe y-axis is a dimension field and cannot be aggregated.", "title": "YAxis", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.ScatterPlotVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.ScrollBarOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the data zoom scroll bar.", "title": "Visibility", "type": "string" }, "VisibleRange": { "$ref": "#/definitions/AWS::QuickSight::Template.VisibleRangeOptions", "markdownDescription": "The visibility range for the data zoom scroll bar.", "title": "VisibleRange" } }, "type": "object" }, "AWS::QuickSight::Template.SecondaryValueOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines the visibility of the secondary value.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SectionAfterPageBreak": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The option that enables or disables a page break at the end of a section.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperCanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions", "markdownDescription": "The options for a paper canvas of a section-based layout.", "title": "PaperCanvasSizeOptions" } }, "type": "object" }, "AWS::QuickSight::Template.SectionBasedLayoutConfiguration": { "additionalProperties": false, "properties": { "BodySections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.BodySectionConfiguration" }, "markdownDescription": "A list of body section configurations.", "title": "BodySections", "type": "array" }, "CanvasSizeOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionBasedLayoutCanvasSizeOptions", "markdownDescription": "The options for the canvas of a section-based layout.", "title": "CanvasSizeOptions" }, "FooterSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of footer section configurations.", "title": "FooterSections", "type": "array" }, "HeaderSections": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.HeaderFooterSectionConfiguration" }, "markdownDescription": "A list of header section configurations.", "title": "HeaderSections", "type": "array" } }, "required": [ "BodySections", "CanvasSizeOptions", "FooterSections", "HeaderSections" ], "type": "object" }, "AWS::QuickSight::Template.SectionBasedLayoutPaperCanvasSizeOptions": { "additionalProperties": false, "properties": { "PaperMargin": { "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", "markdownDescription": "Defines the spacing between the canvas content and the top, bottom, left, and right edges.", "title": "PaperMargin" }, "PaperOrientation": { "markdownDescription": "The paper orientation that is used to define canvas dimensions. Choose one of the following options:\n\n- PORTRAIT\n- LANDSCAPE", "title": "PaperOrientation", "type": "string" }, "PaperSize": { "markdownDescription": "The paper size that is used to define canvas dimensions.", "title": "PaperSize", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SectionLayoutConfiguration": { "additionalProperties": false, "properties": { "FreeFormLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.FreeFormSectionLayoutConfiguration", "markdownDescription": "The free-form layout configuration of a section.", "title": "FreeFormLayout" } }, "required": [ "FreeFormLayout" ], "type": "object" }, "AWS::QuickSight::Template.SectionPageBreakConfiguration": { "additionalProperties": false, "properties": { "After": { "$ref": "#/definitions/AWS::QuickSight::Template.SectionAfterPageBreak", "markdownDescription": "The configuration of a page break after a section.", "title": "After" } }, "type": "object" }, "AWS::QuickSight::Template.SectionStyle": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "The height of a section.\n\nHeights can only be defined for header and footer sections. The default height margin is 0.5 inches.", "title": "Height", "type": "string" }, "Padding": { "$ref": "#/definitions/AWS::QuickSight::Template.Spacing", "markdownDescription": "The spacing between section content and its top, bottom, left, and right edges.\n\nThere is no padding by default.", "title": "Padding" } }, "type": "object" }, "AWS::QuickSight::Template.SelectedSheetsFilterScopeConfiguration": { "additionalProperties": false, "properties": { "SheetVisualScopingConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetVisualScopingConfiguration" }, "markdownDescription": "The sheet ID and visual IDs of the sheet and visuals that the filter is applied to.", "title": "SheetVisualScopingConfigurations", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.SeriesItem": { "additionalProperties": false, "properties": { "DataFieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Template.DataFieldSeriesItem", "markdownDescription": "The data field series item configuration of a line chart.", "title": "DataFieldSeriesItem" }, "FieldSeriesItem": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSeriesItem", "markdownDescription": "The field series item configuration of a line chart.", "title": "FieldSeriesItem" } }, "type": "object" }, "AWS::QuickSight::Template.SetParameterValueConfiguration": { "additionalProperties": false, "properties": { "DestinationParameterName": { "markdownDescription": "The destination parameter name of the `SetParameterValueConfiguration` .", "title": "DestinationParameterName", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.DestinationParameterValueConfiguration", "markdownDescription": "", "title": "Value" } }, "required": [ "DestinationParameterName", "Value" ], "type": "object" }, "AWS::QuickSight::Template.ShapeConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the shape background color of a filled map visual.", "title": "BackgroundColor" } }, "required": [ "BackgroundColor" ], "type": "object" }, "AWS::QuickSight::Template.Sheet": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "SheetId": { "markdownDescription": "The unique identifier associated with a sheet.", "title": "SheetId", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SheetControlInfoIconLabelOptions": { "additionalProperties": false, "properties": { "InfoIconText": { "markdownDescription": "The text content of info icon.", "title": "InfoIconText", "type": "string" }, "Visibility": { "markdownDescription": "The visibility configuration of info icon label options.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SheetControlLayout": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "Configuration" } }, "required": [ "Configuration" ], "type": "object" }, "AWS::QuickSight::Template.SheetControlLayoutConfiguration": { "additionalProperties": false, "properties": { "GridLayout": { "$ref": "#/definitions/AWS::QuickSight::Template.GridLayoutConfiguration", "markdownDescription": "The configuration that determines the elements and canvas size options of sheet control.", "title": "GridLayout" } }, "type": "object" }, "AWS::QuickSight::Template.SheetDefinition": { "additionalProperties": false, "properties": { "ContentType": { "markdownDescription": "The layout content type of the sheet. Choose one of the following options:\n\n- `PAGINATED` : Creates a sheet for a paginated report.\n- `INTERACTIVE` : Creates a sheet for an interactive dashboard.", "title": "ContentType", "type": "string" }, "Description": { "markdownDescription": "A description of the sheet.", "title": "Description", "type": "string" }, "FilterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterControl" }, "markdownDescription": "The list of filter controls that are on a sheet.\n\nFor more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon QuickSight User Guide* .", "title": "FilterControls", "type": "array" }, "Layouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Layout" }, "markdownDescription": "Layouts define how the components of a sheet are arranged.\n\nFor more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon QuickSight User Guide* .", "title": "Layouts", "type": "array" }, "Name": { "markdownDescription": "The name of the sheet. This name is displayed on the sheet's tab in the Amazon QuickSight console.", "title": "Name", "type": "string" }, "ParameterControls": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterControl" }, "markdownDescription": "The list of parameter controls that are on a sheet.\n\nFor more information, see [Using a Control with a Parameter in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterControls", "type": "array" }, "SheetControlLayouts": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlLayout" }, "markdownDescription": "The control layouts of the sheet.", "title": "SheetControlLayouts", "type": "array" }, "SheetId": { "markdownDescription": "The unique identifier of a sheet.", "title": "SheetId", "type": "string" }, "TextBoxes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetTextBox" }, "markdownDescription": "The text boxes that are on a sheet.", "title": "TextBoxes", "type": "array" }, "Title": { "markdownDescription": "The title of the sheet.", "title": "Title", "type": "string" }, "Visuals": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Visual" }, "markdownDescription": "A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet.", "title": "Visuals", "type": "array" } }, "required": [ "SheetId" ], "type": "object" }, "AWS::QuickSight::Template.SheetElementConfigurationOverrides": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "Determines whether or not the overrides are visible. Choose one of the following options:\n\n- `VISIBLE`\n- `HIDDEN`", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SheetElementRenderingRule": { "additionalProperties": false, "properties": { "ConfigurationOverrides": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetElementConfigurationOverrides", "markdownDescription": "The override configuration of the rendering rules of a sheet.", "title": "ConfigurationOverrides" }, "Expression": { "markdownDescription": "The expression of the rendering rules of a sheet.", "title": "Expression", "type": "string" } }, "required": [ "ConfigurationOverrides", "Expression" ], "type": "object" }, "AWS::QuickSight::Template.SheetTextBox": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The content that is displayed in the text box.", "title": "Content", "type": "string" }, "SheetTextBoxId": { "markdownDescription": "The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers.", "title": "SheetTextBoxId", "type": "string" } }, "required": [ "SheetTextBoxId" ], "type": "object" }, "AWS::QuickSight::Template.SheetVisualScopingConfiguration": { "additionalProperties": false, "properties": { "Scope": { "markdownDescription": "The scope of the applied entities. Choose one of the following options:\n\n- `ALL_VISUALS`\n- `SELECTED_VISUALS`", "title": "Scope", "type": "string" }, "SheetId": { "markdownDescription": "The selected sheet that the filter is applied to.", "title": "SheetId", "type": "string" }, "VisualIds": { "items": { "type": "string" }, "markdownDescription": "The selected visuals that the filter is applied to.", "title": "VisualIds", "type": "array" } }, "required": [ "Scope", "SheetId" ], "type": "object" }, "AWS::QuickSight::Template.ShortFormatText": { "additionalProperties": false, "properties": { "PlainText": { "markdownDescription": "Plain text format.", "title": "PlainText", "type": "string" }, "RichText": { "markdownDescription": "Rich text. Examples of rich text include bold, underline, and italics.", "title": "RichText", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SimpleClusterMarker": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of the simple cluster marker.", "title": "Color", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SliderControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.SmallMultiplesAxisProperties": { "additionalProperties": false, "properties": { "Placement": { "markdownDescription": "Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels.", "title": "Placement", "type": "string" }, "Scale": { "markdownDescription": "Determines whether scale of the axes are shared or independent. The default value is `SHARED` .", "title": "Scale", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SmallMultiplesOptions": { "additionalProperties": false, "properties": { "MaxVisibleColumns": { "markdownDescription": "Sets the maximum number of visible columns to display in the grid of small multiples panels.\n\nThe default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleColumns", "type": "number" }, "MaxVisibleRows": { "markdownDescription": "Sets the maximum number of visible rows to display in the grid of small multiples panels.\n\nThe default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart.", "title": "MaxVisibleRows", "type": "number" }, "PanelConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PanelConfiguration", "markdownDescription": "Configures the display options for each small multiples panel.", "title": "PanelConfiguration" }, "XAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples X axis.", "title": "XAxis" }, "YAxis": { "$ref": "#/definitions/AWS::QuickSight::Template.SmallMultiplesAxisProperties", "markdownDescription": "The properties of a small multiples Y axis.", "title": "YAxis" } }, "type": "object" }, "AWS::QuickSight::Template.Spacing": { "additionalProperties": false, "properties": { "Bottom": { "markdownDescription": "Define the bottom spacing.", "title": "Bottom", "type": "string" }, "Left": { "markdownDescription": "Define the left spacing.", "title": "Left", "type": "string" }, "Right": { "markdownDescription": "Define the right spacing.", "title": "Right", "type": "string" }, "Top": { "markdownDescription": "Define the top spacing.", "title": "Top", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.StringDefaultValues": { "additionalProperties": false, "properties": { "DynamicValue": { "$ref": "#/definitions/AWS::QuickSight::Template.DynamicDefaultValue", "markdownDescription": "The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping.", "title": "DynamicValue" }, "StaticValues": { "items": { "type": "string" }, "markdownDescription": "The static values of the `DecimalDefaultValues` .", "title": "StaticValues", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.StringFormatConfiguration": { "additionalProperties": false, "properties": { "NullValueFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NullValueFormatConfiguration", "markdownDescription": "The options that determine the null value format configuration.", "title": "NullValueFormatConfiguration" }, "NumericFormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.NumericFormatConfiguration", "markdownDescription": "The formatting configuration for numeric strings.", "title": "NumericFormatConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.StringParameterDeclaration": { "additionalProperties": false, "properties": { "DefaultValues": { "$ref": "#/definitions/AWS::QuickSight::Template.StringDefaultValues", "markdownDescription": "The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided.", "title": "DefaultValues" }, "MappedDataSetParameters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MappedDataSetParameter" }, "markdownDescription": "", "title": "MappedDataSetParameters", "type": "array" }, "Name": { "markdownDescription": "The name of the parameter that is being declared.", "title": "Name", "type": "string" }, "ParameterValueType": { "markdownDescription": "The value type determines whether the parameter is a single-value or multi-value parameter.", "title": "ParameterValueType", "type": "string" }, "ValueWhenUnset": { "$ref": "#/definitions/AWS::QuickSight::Template.StringValueWhenUnsetConfiguration", "markdownDescription": "The configuration that defines the default value of a `String` parameter when a value has not been set.", "title": "ValueWhenUnset" } }, "required": [ "Name", "ParameterValueType" ], "type": "object" }, "AWS::QuickSight::Template.StringValueWhenUnsetConfiguration": { "additionalProperties": false, "properties": { "CustomValue": { "markdownDescription": "A custom value that's used when the value of a parameter isn't set.", "title": "CustomValue", "type": "string" }, "ValueWhenUnsetOption": { "markdownDescription": "The built-in options for default values. The value can be one of the following:\n\n- `RECOMMENDED` : The recommended value.\n- `NULL` : The `NULL` value.", "title": "ValueWhenUnsetOption", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.SubtotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the subtotal cells.", "title": "CustomLabel", "type": "string" }, "FieldLevel": { "markdownDescription": "The field level (all, custom, last) for the subtotal cells.", "title": "FieldLevel", "type": "string" }, "FieldLevelOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableFieldSubtotalOptions" }, "markdownDescription": "The optional configuration of subtotal cells.", "title": "FieldLevelOptions", "type": "array" }, "MetricHeaderCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of header cells.", "title": "MetricHeaderCellStyle" }, "StyleTargets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TableStyleTarget" }, "markdownDescription": "The style targets options for subtotals.", "title": "StyleTargets", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the subtotal cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the subtotal cells.", "title": "TotalsVisibility", "type": "string" }, "ValueCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The cell styling options for the subtotals of value cells.", "title": "ValueCellStyle" } }, "type": "object" }, "AWS::QuickSight::Template.TableAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The group by field well for a pivot table. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The values field well for a pivot table. Values are aggregated based on group by fields.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableBorderOptions": { "additionalProperties": false, "properties": { "Color": { "markdownDescription": "The color of a table border.", "title": "Color", "type": "string" }, "Style": { "markdownDescription": "The style (none, solid) of a table border.", "title": "Style", "type": "string" }, "Thickness": { "markdownDescription": "The thickness of a table border.", "title": "Thickness", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.TableCellConditionalFormatting": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field ID of the cell for conditional formatting.", "title": "FieldId", "type": "string" }, "TextFormat": { "$ref": "#/definitions/AWS::QuickSight::Template.TextConditionalFormat", "markdownDescription": "The text format of the cell for conditional formatting.", "title": "TextFormat" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.TableCellImageSizingConfiguration": { "additionalProperties": false, "properties": { "TableCellImageScalingConfiguration": { "markdownDescription": "The cell scaling configuration of the sizing options for the table image configuration.", "title": "TableCellImageScalingConfiguration", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TableCellStyle": { "additionalProperties": false, "properties": { "BackgroundColor": { "markdownDescription": "The background color for the table cells.", "title": "BackgroundColor", "type": "string" }, "Border": { "$ref": "#/definitions/AWS::QuickSight::Template.GlobalTableBorderOptions", "markdownDescription": "The borders for the table cells.", "title": "Border" }, "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration of the table cells.", "title": "FontConfiguration" }, "Height": { "markdownDescription": "The height color for the table cells.", "title": "Height", "type": "number" }, "HorizontalTextAlignment": { "markdownDescription": "The horizontal text alignment (left, center, right, auto) for the table cells.", "title": "HorizontalTextAlignment", "type": "string" }, "TextWrap": { "markdownDescription": "The text wrap (none, wrap) for the table cells.", "title": "TextWrap", "type": "string" }, "VerticalTextAlignment": { "markdownDescription": "The vertical text alignment (top, middle, bottom) for the table cells.", "title": "VerticalTextAlignment", "type": "string" }, "Visibility": { "markdownDescription": "The visibility of the table cells.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TableConditionalFormatting": { "additionalProperties": false, "properties": { "ConditionalFormattingOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormattingOption" }, "markdownDescription": "Conditional formatting options for a `PivotTableVisual` .", "title": "ConditionalFormattingOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableConditionalFormattingOption": { "additionalProperties": false, "properties": { "Cell": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellConditionalFormatting", "markdownDescription": "The cell conditional formatting option for a table.", "title": "Cell" }, "Row": { "$ref": "#/definitions/AWS::QuickSight::Template.TableRowConditionalFormatting", "markdownDescription": "The row conditional formatting option for a table.", "title": "Row" } }, "type": "object" }, "AWS::QuickSight::Template.TableConfiguration": { "additionalProperties": false, "properties": { "FieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOptions", "markdownDescription": "The field options for a table visual.", "title": "FieldOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "PaginatedReportOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TablePaginatedReportOptions", "markdownDescription": "The paginated report options for a table visual.", "title": "PaginatedReportOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TableSortConfiguration", "markdownDescription": "The sort configuration for a `TableVisual` .", "title": "SortConfiguration" }, "TableInlineVisualizations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TableInlineVisualization" }, "markdownDescription": "A collection of inline visualizations to display within a chart.", "title": "TableInlineVisualizations", "type": "array" }, "TableOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TableOptions", "markdownDescription": "The table options for a table visual.", "title": "TableOptions" }, "TotalOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalOptions", "markdownDescription": "The total options for a table visual.", "title": "TotalOptions" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldCustomIconContent": { "additionalProperties": false, "properties": { "Icon": { "markdownDescription": "The icon set type (link) of the custom icon content for table URL link content.", "title": "Icon", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldCustomTextContent": { "additionalProperties": false, "properties": { "FontConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FontConfiguration", "markdownDescription": "The font configuration of the custom text content for the table URL link content.", "title": "FontConfiguration" }, "Value": { "markdownDescription": "The string value of the custom text content for the table URL link content.", "title": "Value", "type": "string" } }, "required": [ "FontConfiguration" ], "type": "object" }, "AWS::QuickSight::Template.TableFieldImageConfiguration": { "additionalProperties": false, "properties": { "SizingOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellImageSizingConfiguration", "markdownDescription": "The sizing options for the table image configuration.", "title": "SizingOptions" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldLinkConfiguration": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkContentConfiguration", "markdownDescription": "The URL content (text, icon) for the table link configuration.", "title": "Content" }, "Target": { "markdownDescription": "The URL target (new tab, new window, same tab) for the table link configuration.", "title": "Target", "type": "string" } }, "required": [ "Content", "Target" ], "type": "object" }, "AWS::QuickSight::Template.TableFieldLinkContentConfiguration": { "additionalProperties": false, "properties": { "CustomIconContent": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomIconContent", "markdownDescription": "The custom icon content for the table link content configuration.", "title": "CustomIconContent" }, "CustomTextContent": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldCustomTextContent", "markdownDescription": "The custom text content (value, font configuration) for the table link content configuration.", "title": "CustomTextContent" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldOption": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label for a table field.", "title": "CustomLabel", "type": "string" }, "FieldId": { "markdownDescription": "The field ID for a table field.", "title": "FieldId", "type": "string" }, "URLStyling": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldURLConfiguration", "markdownDescription": "The URL configuration for a table field.", "title": "URLStyling" }, "Visibility": { "markdownDescription": "The visibility of a table field.", "title": "Visibility", "type": "string" }, "Width": { "markdownDescription": "The width for a table field.", "title": "Width", "type": "string" } }, "required": [ "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.TableFieldOptions": { "additionalProperties": false, "properties": { "Order": { "items": { "type": "string" }, "markdownDescription": "The order of the field IDs that are configured as field options for a table visual.", "title": "Order", "type": "array" }, "PinnedFieldOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TablePinnedFieldOptions", "markdownDescription": "The settings for the pinned columns of a table visual.", "title": "PinnedFieldOptions" }, "SelectedFieldOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldOption" }, "markdownDescription": "The field options to be configured to a table.", "title": "SelectedFieldOptions", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldURLConfiguration": { "additionalProperties": false, "properties": { "ImageConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldImageConfiguration", "markdownDescription": "The image configuration of a table field URL.", "title": "ImageConfiguration" }, "LinkConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TableFieldLinkConfiguration", "markdownDescription": "The link configuration of a table field URL.", "title": "LinkConfiguration" } }, "type": "object" }, "AWS::QuickSight::Template.TableFieldWells": { "additionalProperties": false, "properties": { "TableAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.TableAggregatedFieldWells", "markdownDescription": "The aggregated field well for the table.", "title": "TableAggregatedFieldWells" }, "TableUnaggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.TableUnaggregatedFieldWells", "markdownDescription": "The unaggregated field well for the table.", "title": "TableUnaggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.TableInlineVisualization": { "additionalProperties": false, "properties": { "DataBars": { "$ref": "#/definitions/AWS::QuickSight::Template.DataBarsOptions", "markdownDescription": "The configuration of the inline visualization of the data bars within a chart.", "title": "DataBars" } }, "type": "object" }, "AWS::QuickSight::Template.TableOptions": { "additionalProperties": false, "properties": { "CellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of table cells.", "title": "CellStyle" }, "HeaderStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "The table cell style of a table header.", "title": "HeaderStyle" }, "Orientation": { "markdownDescription": "The orientation (vertical, horizontal) for a table.", "title": "Orientation", "type": "string" }, "RowAlternateColorOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.RowAlternateColorOptions", "markdownDescription": "The row alternate color options (widget status, row alternate colors) for a table.", "title": "RowAlternateColorOptions" } }, "type": "object" }, "AWS::QuickSight::Template.TablePaginatedReportOptions": { "additionalProperties": false, "properties": { "OverflowColumnHeaderVisibility": { "markdownDescription": "The visibility of repeating header rows on each page.", "title": "OverflowColumnHeaderVisibility", "type": "string" }, "VerticalOverflowVisibility": { "markdownDescription": "The visibility of printing table overflow across pages.", "title": "VerticalOverflowVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TablePinnedFieldOptions": { "additionalProperties": false, "properties": { "PinnedLeftFields": { "items": { "type": "string" }, "markdownDescription": "A list of columns to be pinned to the left of a table visual.", "title": "PinnedLeftFields", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableRowConditionalFormatting": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the background for a table row.", "title": "BackgroundColor" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting color (solid, gradient) of the text for a table row.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.TableSideBorderOptions": { "additionalProperties": false, "properties": { "Bottom": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the bottom border.", "title": "Bottom" }, "InnerHorizontal": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the inner horizontal border.", "title": "InnerHorizontal" }, "InnerVertical": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the inner vertical border.", "title": "InnerVertical" }, "Left": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the left border.", "title": "Left" }, "Right": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the right border.", "title": "Right" }, "Top": { "$ref": "#/definitions/AWS::QuickSight::Template.TableBorderOptions", "markdownDescription": "The table border options of the top border.", "title": "Top" } }, "type": "object" }, "AWS::QuickSight::Template.TableSortConfiguration": { "additionalProperties": false, "properties": { "PaginationConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.PaginationConfiguration", "markdownDescription": "The pagination configuration (page size, page number) for the table.", "title": "PaginationConfiguration" }, "RowSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The field sort options for rows in the table.", "title": "RowSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableStyleTarget": { "additionalProperties": false, "properties": { "CellType": { "markdownDescription": "The cell type of the table style target.", "title": "CellType", "type": "string" } }, "required": [ "CellType" ], "type": "object" }, "AWS::QuickSight::Template.TableUnaggregatedFieldWells": { "additionalProperties": false, "properties": { "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.UnaggregatedField" }, "markdownDescription": "The values field well for a pivot table. Values are unaggregated for an unaggregated table.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TableVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TableConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ConditionalFormatting": { "$ref": "#/definitions/AWS::QuickSight::Template.TableConditionalFormatting", "markdownDescription": "The conditional formatting for a `PivotTableVisual` .", "title": "ConditionalFormatting" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.TemplateError": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "Description of the error type.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "Type of error.", "title": "Type", "type": "string" }, "ViolatedEntities": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Entity" }, "markdownDescription": "An error path that shows which entities caused the template error.", "title": "ViolatedEntities", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TemplateSourceAnalysis": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" }, "DataSetReferences": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataSetReference" }, "markdownDescription": "A structure containing information about the dataset references used as placeholders in the template.", "title": "DataSetReferences", "type": "array" } }, "required": [ "Arn", "DataSetReferences" ], "type": "object" }, "AWS::QuickSight::Template.TemplateSourceEntity": { "additionalProperties": false, "properties": { "SourceAnalysis": { "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceAnalysis", "markdownDescription": "The source analysis, if it is based on an analysis.", "title": "SourceAnalysis" }, "SourceTemplate": { "$ref": "#/definitions/AWS::QuickSight::Template.TemplateSourceTemplate", "markdownDescription": "The source template, if it is based on an template.", "title": "SourceTemplate" } }, "type": "object" }, "AWS::QuickSight::Template.TemplateSourceTemplate": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::QuickSight::Template.TemplateVersion": { "additionalProperties": false, "properties": { "CreatedTime": { "markdownDescription": "The time that this template version was created.", "title": "CreatedTime", "type": "string" }, "DataSetConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" }, "markdownDescription": "Schema of the dataset identified by the placeholder. Any dashboard created from this template should be bound to new datasets matching the same schema described through this API operation.", "title": "DataSetConfigurations", "type": "array" }, "Description": { "markdownDescription": "The description of the template.", "title": "Description", "type": "string" }, "Errors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TemplateError" }, "markdownDescription": "Errors associated with this template version.", "title": "Errors", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.Sheet" }, "markdownDescription": "A list of the associated sheets with the unique identifier and name of each sheet.", "title": "Sheets", "type": "array" }, "SourceEntityArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an analysis or template that was used to create this template.", "title": "SourceEntityArn", "type": "string" }, "Status": { "markdownDescription": "The status that is associated with the template.\n\n- `CREATION_IN_PROGRESS`\n- `CREATION_SUCCESSFUL`\n- `CREATION_FAILED`\n- `UPDATE_IN_PROGRESS`\n- `UPDATE_SUCCESSFUL`\n- `UPDATE_FAILED`\n- `DELETED`", "title": "Status", "type": "string" }, "ThemeArn": { "markdownDescription": "The ARN of the theme associated with this version of the template.", "title": "ThemeArn", "type": "string" }, "VersionNumber": { "markdownDescription": "The version number of the template version.", "title": "VersionNumber", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.TemplateVersionDefinition": { "additionalProperties": false, "properties": { "AnalysisDefaults": { "$ref": "#/definitions/AWS::QuickSight::Template.AnalysisDefaults", "markdownDescription": "", "title": "AnalysisDefaults" }, "CalculatedFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.CalculatedField" }, "markdownDescription": "An array of calculated field definitions for the template.", "title": "CalculatedFields", "type": "array" }, "ColumnConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnConfiguration" }, "markdownDescription": "An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template.", "title": "ColumnConfigurations", "type": "array" }, "DataSetConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataSetConfiguration" }, "markdownDescription": "An array of dataset configurations. These configurations define the required columns for each dataset used within a template.", "title": "DataSetConfigurations", "type": "array" }, "FilterGroups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FilterGroup" }, "markdownDescription": "Filter definitions for a template.\n\nFor more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon QuickSight User Guide* .", "title": "FilterGroups", "type": "array" }, "Options": { "$ref": "#/definitions/AWS::QuickSight::Template.AssetOptions", "markdownDescription": "An array of option definitions for a template.", "title": "Options" }, "ParameterDeclarations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ParameterDeclaration" }, "markdownDescription": "An array of parameter declarations for a template.\n\n*Parameters* are named variables that can transfer a value for use by an action or an object.\n\nFor more information, see [Parameters in Amazon QuickSight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon QuickSight User Guide* .", "title": "ParameterDeclarations", "type": "array" }, "Sheets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetDefinition" }, "markdownDescription": "An array of sheet definitions for a template.", "title": "Sheets", "type": "array" } }, "required": [ "DataSetConfigurations" ], "type": "object" }, "AWS::QuickSight::Template.TextAreaControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text area control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.TextConditionalFormat": { "additionalProperties": false, "properties": { "BackgroundColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text background color.", "title": "BackgroundColor" }, "Icon": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingIcon", "markdownDescription": "The conditional formatting for the icon.", "title": "Icon" }, "TextColor": { "$ref": "#/definitions/AWS::QuickSight::Template.ConditionalFormattingColor", "markdownDescription": "The conditional formatting for the text color.", "title": "TextColor" } }, "type": "object" }, "AWS::QuickSight::Template.TextControlPlaceholderOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility configuration of the placeholder options in a text control.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TextFieldControlDisplayOptions": { "additionalProperties": false, "properties": { "InfoIconLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.SheetControlInfoIconLabelOptions", "markdownDescription": "The configuration of info icon label options.", "title": "InfoIconLabelOptions" }, "PlaceholderOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.TextControlPlaceholderOptions", "markdownDescription": "The configuration of the placeholder options in a text field control.", "title": "PlaceholderOptions" }, "TitleOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.LabelOptions", "markdownDescription": "The options to configure the title visibility, name, and font size.", "title": "TitleOptions" } }, "type": "object" }, "AWS::QuickSight::Template.ThousandSeparatorOptions": { "additionalProperties": false, "properties": { "Symbol": { "markdownDescription": "Determines the thousands separator symbol.", "title": "Symbol", "type": "string" }, "Visibility": { "markdownDescription": "Determines the visibility of the thousands separator.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TimeBasedForecastProperties": { "additionalProperties": false, "properties": { "LowerBoundary": { "markdownDescription": "The lower boundary setup of a forecast computation.", "title": "LowerBoundary", "type": "number" }, "PeriodsBackward": { "markdownDescription": "The periods backward setup of a forecast computation.", "title": "PeriodsBackward", "type": "number" }, "PeriodsForward": { "markdownDescription": "The periods forward setup of a forecast computation.", "title": "PeriodsForward", "type": "number" }, "PredictionInterval": { "markdownDescription": "The prediction interval setup of a forecast computation.", "title": "PredictionInterval", "type": "number" }, "Seasonality": { "markdownDescription": "The seasonality setup of a forecast computation. Choose one of the following options:\n\n- `NULL` : The input is set to `NULL` .\n- `NON_NULL` : The input is set to a custom value.", "title": "Seasonality", "type": "number" }, "UpperBoundary": { "markdownDescription": "The upper boundary setup of a forecast computation.", "title": "UpperBoundary", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Template.TimeEqualityFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.\n\nThis field is mutually exclusive to `Value` and `RollingDate` .", "title": "ParameterName", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", "markdownDescription": "The rolling date input for the `TimeEquality` filter.\n\nThis field is mutually exclusive to `Value` and `ParameterName` .", "title": "RollingDate" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" }, "Value": { "markdownDescription": "The value of a `TimeEquality` filter.\n\nThis field is mutually exclusive to `RollingDate` and `ParameterName` .", "title": "Value", "type": "string" } }, "required": [ "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Template.TimeRangeDrillDownFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "RangeMaximum": { "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximum", "type": "string" }, "RangeMinimum": { "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimum", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "RangeMaximum", "RangeMinimum", "TimeGranularity" ], "type": "object" }, "AWS::QuickSight::Template.TimeRangeFilter": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "ExcludePeriodConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ExcludePeriodConfiguration", "markdownDescription": "The exclude period of the time range filter.", "title": "ExcludePeriodConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "IncludeMaximum": { "markdownDescription": "Determines whether the maximum value in the filter value range should be included in the filtered results.", "title": "IncludeMaximum", "type": "boolean" }, "IncludeMinimum": { "markdownDescription": "Determines whether the minimum value in the filter value range should be included in the filtered results.", "title": "IncludeMinimum", "type": "boolean" }, "NullOption": { "markdownDescription": "This option determines how null values should be treated when filtering data.\n\n- `ALL_VALUES` : Include null values in filtered results.\n- `NULLS_ONLY` : Only include null values in filtered results.\n- `NON_NULLS_ONLY` : Exclude null values from filtered results.", "title": "NullOption", "type": "string" }, "RangeMaximumValue": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", "markdownDescription": "The maximum value for the filter value range.", "title": "RangeMaximumValue" }, "RangeMinimumValue": { "$ref": "#/definitions/AWS::QuickSight::Template.TimeRangeFilterValue", "markdownDescription": "The minimum value for the filter value range.", "title": "RangeMinimumValue" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "Column", "FilterId", "NullOption" ], "type": "object" }, "AWS::QuickSight::Template.TimeRangeFilterValue": { "additionalProperties": false, "properties": { "Parameter": { "markdownDescription": "The parameter type input value.", "title": "Parameter", "type": "string" }, "RollingDate": { "$ref": "#/definitions/AWS::QuickSight::Template.RollingDateConfiguration", "markdownDescription": "The rolling date input value.", "title": "RollingDate" }, "StaticValue": { "markdownDescription": "The static input value.", "title": "StaticValue", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TooltipItem": { "additionalProperties": false, "properties": { "ColumnTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnTooltipItem", "markdownDescription": "The tooltip item for the columns that are not part of a field well.", "title": "ColumnTooltipItem" }, "FieldTooltipItem": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldTooltipItem", "markdownDescription": "The tooltip item for the fields.", "title": "FieldTooltipItem" } }, "type": "object" }, "AWS::QuickSight::Template.TooltipOptions": { "additionalProperties": false, "properties": { "FieldBasedTooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldBasedTooltip", "markdownDescription": "The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type.", "title": "FieldBasedTooltip" }, "SelectedTooltipType": { "markdownDescription": "The selected type for the tooltip. Choose one of the following options:\n\n- `BASIC` : A basic tooltip.\n- `DETAILED` : A detailed tooltip.", "title": "SelectedTooltipType", "type": "string" }, "TooltipVisibility": { "markdownDescription": "Determines whether or not the tooltip is visible.", "title": "TooltipVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TopBottomFilter": { "additionalProperties": false, "properties": { "AggregationSortConfigurations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.AggregationSortConfiguration" }, "markdownDescription": "The aggregation and sort configuration of the top bottom filter.", "title": "AggregationSortConfigurations", "type": "array" }, "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that the filter is applied to.", "title": "Column" }, "DefaultFilterControlConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.DefaultFilterControlConfiguration", "markdownDescription": "The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets.", "title": "DefaultFilterControlConfiguration" }, "FilterId": { "markdownDescription": "An identifier that uniquely identifies a filter within a dashboard, analysis, or template.", "title": "FilterId", "type": "string" }, "Limit": { "markdownDescription": "The number of items to include in the top bottom filter results.", "title": "Limit", "type": "number" }, "ParameterName": { "markdownDescription": "The parameter whose value should be used for the filter value.", "title": "ParameterName", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "AggregationSortConfigurations", "Column", "FilterId" ], "type": "object" }, "AWS::QuickSight::Template.TopBottomMoversComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "MoverSize": { "markdownDescription": "The mover size setup of the top and bottom movers computation.", "title": "MoverSize", "type": "number" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "SortOrder": { "markdownDescription": "The sort order setup of the top and bottom movers computation.", "title": "SortOrder", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The time field that is used in a computation.", "title": "Time" }, "Type": { "markdownDescription": "The computation type. Choose from the following options:\n\n- TOP: Top movers computation.\n- BOTTOM: Bottom movers computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Template.TopBottomRankedComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "ResultSize": { "markdownDescription": "The result size of a top and bottom ranked computation.", "title": "ResultSize", "type": "number" }, "Type": { "markdownDescription": "The computation type. Choose one of the following options:\n\n- TOP: A top ranked computation.\n- BOTTOM: A bottom ranked computation.", "title": "Type", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId", "Type" ], "type": "object" }, "AWS::QuickSight::Template.TotalAggregationComputation": { "additionalProperties": false, "properties": { "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField", "markdownDescription": "The value field that is used in a computation.", "title": "Value" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.TotalAggregationFunction": { "additionalProperties": false, "properties": { "SimpleTotalAggregationFunction": { "markdownDescription": "A built in aggregation function for total values.", "title": "SimpleTotalAggregationFunction", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TotalAggregationOption": { "additionalProperties": false, "properties": { "FieldId": { "markdownDescription": "The field id that's associated with the total aggregation option.", "title": "FieldId", "type": "string" }, "TotalAggregationFunction": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationFunction", "markdownDescription": "The total aggregation function that you want to set for a specified field id.", "title": "TotalAggregationFunction" } }, "required": [ "FieldId", "TotalAggregationFunction" ], "type": "object" }, "AWS::QuickSight::Template.TotalOptions": { "additionalProperties": false, "properties": { "CustomLabel": { "markdownDescription": "The custom label string for the total cells.", "title": "CustomLabel", "type": "string" }, "Placement": { "markdownDescription": "The placement (start, end) for the total cells.", "title": "Placement", "type": "string" }, "ScrollStatus": { "markdownDescription": "The scroll status (pinned, scrolled) for the total cells.", "title": "ScrollStatus", "type": "string" }, "TotalAggregationOptions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.TotalAggregationOption" }, "markdownDescription": "The total aggregation settings for each value field.", "title": "TotalAggregationOptions", "type": "array" }, "TotalCellStyle": { "$ref": "#/definitions/AWS::QuickSight::Template.TableCellStyle", "markdownDescription": "Cell styling options for the total cells.", "title": "TotalCellStyle" }, "TotalsVisibility": { "markdownDescription": "The visibility configuration for the total cells.", "title": "TotalsVisibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.TreeMapAggregatedFieldWells": { "additionalProperties": false, "properties": { "Colors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The color field well of a tree map. Values are grouped by aggregations based on group by fields.", "title": "Colors", "type": "array" }, "Groups": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The group by field well of a tree map. Values are grouped based on group by fields.", "title": "Groups", "type": "array" }, "Sizes": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The size field well of a tree map. Values are aggregated based on group by fields.", "title": "Sizes", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TreeMapConfiguration": { "additionalProperties": false, "properties": { "ColorLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) for the colors displayed in a tree map.", "title": "ColorLabelOptions" }, "ColorScale": { "$ref": "#/definitions/AWS::QuickSight::Template.ColorScale", "markdownDescription": "The color options (gradient color, point of divergence) of a tree map.", "title": "ColorScale" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The options that determine if visual data labels are displayed.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "GroupLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the groups that are displayed in a tree map.", "title": "GroupLabelOptions" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend display setup of the visual.", "title": "Legend" }, "SizeLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility) of the sizes that are displayed in a tree map.", "title": "SizeLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapSortConfiguration", "markdownDescription": "The sort configuration of a tree map.", "title": "SortConfiguration" }, "Tooltip": { "$ref": "#/definitions/AWS::QuickSight::Template.TooltipOptions", "markdownDescription": "The tooltip display setup of the visual.", "title": "Tooltip" } }, "type": "object" }, "AWS::QuickSight::Template.TreeMapFieldWells": { "additionalProperties": false, "properties": { "TreeMapAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a tree map.", "title": "TreeMapAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.TreeMapSortConfiguration": { "additionalProperties": false, "properties": { "TreeMapGroupItemsLimitConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed.", "title": "TreeMapGroupItemsLimitConfiguration" }, "TreeMapSort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "TreeMapSort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.TreeMapVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.TrendArrowOptions": { "additionalProperties": false, "properties": { "Visibility": { "markdownDescription": "The visibility of the trend arrows.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.UnaggregatedField": { "additionalProperties": false, "properties": { "Column": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnIdentifier", "markdownDescription": "The column that is used in the `UnaggregatedField` .", "title": "Column" }, "FieldId": { "markdownDescription": "The custom field ID.", "title": "FieldId", "type": "string" }, "FormatConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.FormatConfiguration", "markdownDescription": "The format configuration of the field.", "title": "FormatConfiguration" } }, "required": [ "Column", "FieldId" ], "type": "object" }, "AWS::QuickSight::Template.UniqueValuesComputation": { "additionalProperties": false, "properties": { "Category": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField", "markdownDescription": "The category field that is used in a computation.", "title": "Category" }, "ComputationId": { "markdownDescription": "The ID for a computation.", "title": "ComputationId", "type": "string" }, "Name": { "markdownDescription": "The name of a computation.", "title": "Name", "type": "string" } }, "required": [ "ComputationId" ], "type": "object" }, "AWS::QuickSight::Template.ValidationStrategy": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::QuickSight::Template.VisibleRangeOptions": { "additionalProperties": false, "properties": { "PercentRange": { "$ref": "#/definitions/AWS::QuickSight::Template.PercentVisibleRange", "markdownDescription": "The percent range in the visible range.", "title": "PercentRange" } }, "type": "object" }, "AWS::QuickSight::Template.Visual": { "additionalProperties": false, "properties": { "BarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.BarChartVisual", "markdownDescription": "A bar chart.\n\nFor more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon QuickSight User Guide* .", "title": "BarChartVisual" }, "BoxPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.BoxPlotVisual", "markdownDescription": "A box plot.\n\nFor more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon QuickSight User Guide* .", "title": "BoxPlotVisual" }, "ComboChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.ComboChartVisual", "markdownDescription": "A combo chart.\n\nFor more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon QuickSight User Guide* .", "title": "ComboChartVisual" }, "CustomContentVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomContentVisual", "markdownDescription": "A visual that contains custom content.\n\nFor more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "CustomContentVisual" }, "EmptyVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.EmptyVisual", "markdownDescription": "An empty visual.", "title": "EmptyVisual" }, "FilledMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.FilledMapVisual", "markdownDescription": "A filled map.\n\nFor more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon QuickSight User Guide* .", "title": "FilledMapVisual" }, "FunnelChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.FunnelChartVisual", "markdownDescription": "A funnel chart.\n\nFor more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon QuickSight User Guide* .", "title": "FunnelChartVisual" }, "GaugeChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.GaugeChartVisual", "markdownDescription": "A gauge chart.\n\nFor more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon QuickSight User Guide* .", "title": "GaugeChartVisual" }, "GeospatialMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.GeospatialMapVisual", "markdownDescription": "A geospatial map or a points on map visual.\n\nFor more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon QuickSight User Guide* .", "title": "GeospatialMapVisual" }, "HeatMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.HeatMapVisual", "markdownDescription": "A heat map.\n\nFor more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon QuickSight User Guide* .", "title": "HeatMapVisual" }, "HistogramVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.HistogramVisual", "markdownDescription": "A histogram.\n\nFor more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon QuickSight User Guide* .", "title": "HistogramVisual" }, "InsightVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.InsightVisual", "markdownDescription": "An insight visual.\n\nFor more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon QuickSight User Guide* .", "title": "InsightVisual" }, "KPIVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.KPIVisual", "markdownDescription": "A key performance indicator (KPI).\n\nFor more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon QuickSight User Guide* .", "title": "KPIVisual" }, "LineChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.LineChartVisual", "markdownDescription": "A line chart.\n\nFor more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon QuickSight User Guide* .", "title": "LineChartVisual" }, "PieChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.PieChartVisual", "markdownDescription": "A pie or donut chart.\n\nFor more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon QuickSight User Guide* .", "title": "PieChartVisual" }, "PivotTableVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.PivotTableVisual", "markdownDescription": "A pivot table.\n\nFor more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon QuickSight User Guide* .", "title": "PivotTableVisual" }, "RadarChartVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.RadarChartVisual", "markdownDescription": "A radar chart visual.\n\nFor more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon QuickSight User Guide* .", "title": "RadarChartVisual" }, "SankeyDiagramVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.SankeyDiagramVisual", "markdownDescription": "A sankey diagram.\n\nFor more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon QuickSight User Guide* .", "title": "SankeyDiagramVisual" }, "ScatterPlotVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.ScatterPlotVisual", "markdownDescription": "A scatter plot.\n\nFor more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon QuickSight User Guide* .", "title": "ScatterPlotVisual" }, "TableVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.TableVisual", "markdownDescription": "A table visual.\n\nFor more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon QuickSight User Guide* .", "title": "TableVisual" }, "TreeMapVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.TreeMapVisual", "markdownDescription": "A tree map.\n\nFor more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon QuickSight User Guide* .", "title": "TreeMapVisual" }, "WaterfallVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallVisual", "markdownDescription": "A waterfall chart.\n\nFor more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon QuickSight User Guide* .", "title": "WaterfallVisual" }, "WordCloudVisual": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudVisual", "markdownDescription": "A word cloud.\n\nFor more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon QuickSight User Guide* .", "title": "WordCloudVisual" } }, "type": "object" }, "AWS::QuickSight::Template.VisualCustomAction": { "additionalProperties": false, "properties": { "ActionOperations": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomActionOperation" }, "markdownDescription": "A list of `VisualCustomActionOperations` .\n\nThis is a union type structure. For this structure to be valid, only one of the attributes can be defined.", "title": "ActionOperations", "type": "array" }, "CustomActionId": { "markdownDescription": "The ID of the `VisualCustomAction` .", "title": "CustomActionId", "type": "string" }, "Name": { "markdownDescription": "The name of the `VisualCustomAction` .", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "The status of the `VisualCustomAction` .", "title": "Status", "type": "string" }, "Trigger": { "markdownDescription": "The trigger of the `VisualCustomAction` .\n\nValid values are defined as follows:\n\n- `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point.\n- `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu.", "title": "Trigger", "type": "string" } }, "required": [ "ActionOperations", "CustomActionId", "Name", "Trigger" ], "type": "object" }, "AWS::QuickSight::Template.VisualCustomActionOperation": { "additionalProperties": false, "properties": { "FilterOperation": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionFilterOperation", "markdownDescription": "The filter operation that filters data included in a visual or in an entire sheet.", "title": "FilterOperation" }, "NavigationOperation": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionNavigationOperation", "markdownDescription": "The navigation operation that navigates between different sheets in the same analysis.", "title": "NavigationOperation" }, "SetParametersOperation": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionSetParametersOperation", "markdownDescription": "The set parameter operation that sets parameters in custom action.", "title": "SetParametersOperation" }, "URLOperation": { "$ref": "#/definitions/AWS::QuickSight::Template.CustomActionURLOperation", "markdownDescription": "The URL operation that opens a link to another webpage.", "title": "URLOperation" } }, "type": "object" }, "AWS::QuickSight::Template.VisualPalette": { "additionalProperties": false, "properties": { "ChartColor": { "markdownDescription": "The chart color options for the visual palette.", "title": "ChartColor", "type": "string" }, "ColorMap": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DataPathColor" }, "markdownDescription": "The color map options for the visual palette.", "title": "ColorMap", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.VisualSubtitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Template.LongFormatText", "markdownDescription": "The long text format of the subtitle label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the subtitle label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.VisualTitleLabelOptions": { "additionalProperties": false, "properties": { "FormatText": { "$ref": "#/definitions/AWS::QuickSight::Template.ShortFormatText", "markdownDescription": "The short text format of the title label, such as plain text or rich text.", "title": "FormatText" }, "Visibility": { "markdownDescription": "The visibility of the title label.", "title": "Visibility", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells": { "additionalProperties": false, "properties": { "Breakdowns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The breakdown field wells of a waterfall visual.", "title": "Breakdowns", "type": "array" }, "Categories": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The category field wells of a waterfall visual.", "title": "Categories", "type": "array" }, "Values": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The value field wells of a waterfall visual.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallChartConfiguration": { "additionalProperties": false, "properties": { "CategoryAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the category axis.", "title": "CategoryAxisDisplayOptions" }, "CategoryAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the category axis label.", "title": "CategoryAxisLabelOptions" }, "DataLabels": { "$ref": "#/definitions/AWS::QuickSight::Template.DataLabelOptions", "markdownDescription": "The data label configuration of a waterfall visual.", "title": "DataLabels" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "FieldWells" }, "Legend": { "$ref": "#/definitions/AWS::QuickSight::Template.LegendOptions", "markdownDescription": "The legend configuration of a waterfall visual.", "title": "Legend" }, "PrimaryYAxisDisplayOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.AxisDisplayOptions", "markdownDescription": "The options that determine the presentation of the y-axis.", "title": "PrimaryYAxisDisplayOptions" }, "PrimaryYAxisLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The options that determine the presentation of the y-axis label.", "title": "PrimaryYAxisLabelOptions" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartSortConfiguration", "markdownDescription": "The sort configuration of a waterfall visual.", "title": "SortConfiguration" }, "VisualPalette": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualPalette", "markdownDescription": "The visual palette configuration of a waterfall visual.", "title": "VisualPalette" }, "WaterfallChartOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartOptions", "markdownDescription": "The options that determine the presentation of a waterfall visual.", "title": "WaterfallChartOptions" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallChartFieldWells": { "additionalProperties": false, "properties": { "WaterfallChartAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartAggregatedFieldWells", "markdownDescription": "The field well configuration of a waterfall visual.", "title": "WaterfallChartAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallChartOptions": { "additionalProperties": false, "properties": { "TotalBarLabel": { "markdownDescription": "This option determines the total bar label of a waterfall visual.", "title": "TotalBarLabel", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallChartSortConfiguration": { "additionalProperties": false, "properties": { "BreakdownItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of bar groups that are displayed.", "title": "BreakdownItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of the category fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.WaterfallVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.WaterfallChartConfiguration", "markdownDescription": "The configuration for a waterfall visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Template.WhatIfPointScenario": { "additionalProperties": false, "properties": { "Date": { "markdownDescription": "The date that you need the forecast results for.", "title": "Date", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date.", "title": "Value", "type": "number" } }, "required": [ "Date", "Value" ], "type": "object" }, "AWS::QuickSight::Template.WhatIfRangeScenario": { "additionalProperties": false, "properties": { "EndDate": { "markdownDescription": "The end date in the date range that you need the forecast results for.", "title": "EndDate", "type": "string" }, "StartDate": { "markdownDescription": "The start date in the date range that you need the forecast results for.", "title": "StartDate", "type": "string" }, "Value": { "markdownDescription": "The target value that you want to meet for the provided date range.", "title": "Value", "type": "number" } }, "required": [ "EndDate", "StartDate", "Value" ], "type": "object" }, "AWS::QuickSight::Template.WordCloudAggregatedFieldWells": { "additionalProperties": false, "properties": { "GroupBy": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.DimensionField" }, "markdownDescription": "The group by field well of a word cloud. Values are grouped by group by fields.", "title": "GroupBy", "type": "array" }, "Size": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.MeasureField" }, "markdownDescription": "The size field well of a word cloud. Values are aggregated based on group by fields.", "title": "Size", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.WordCloudChartConfiguration": { "additionalProperties": false, "properties": { "CategoryLabelOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.ChartAxisLabelOptions", "markdownDescription": "The label options (label text, label visibility, and sort icon visibility) for the word cloud category.", "title": "CategoryLabelOptions" }, "FieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudFieldWells", "markdownDescription": "The field wells of the visual.", "title": "FieldWells" }, "SortConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudSortConfiguration", "markdownDescription": "The sort configuration of a word cloud visual.", "title": "SortConfiguration" }, "WordCloudOptions": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudOptions", "markdownDescription": "The options for a word cloud visual.", "title": "WordCloudOptions" } }, "type": "object" }, "AWS::QuickSight::Template.WordCloudFieldWells": { "additionalProperties": false, "properties": { "WordCloudAggregatedFieldWells": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudAggregatedFieldWells", "markdownDescription": "The aggregated field wells of a word cloud.", "title": "WordCloudAggregatedFieldWells" } }, "type": "object" }, "AWS::QuickSight::Template.WordCloudOptions": { "additionalProperties": false, "properties": { "CloudLayout": { "markdownDescription": "The cloud layout options (fluid, normal) of a word cloud.", "title": "CloudLayout", "type": "string" }, "MaximumStringLength": { "markdownDescription": "The length limit of each word from 1-100.", "title": "MaximumStringLength", "type": "number" }, "WordCasing": { "markdownDescription": "The word casing options (lower_case, existing_case) for the words in a word cloud.", "title": "WordCasing", "type": "string" }, "WordOrientation": { "markdownDescription": "The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud.", "title": "WordOrientation", "type": "string" }, "WordPadding": { "markdownDescription": "The word padding options (none, small, medium, large) for the words in a word cloud.", "title": "WordPadding", "type": "string" }, "WordScaling": { "markdownDescription": "The word scaling options (emphasize, normal) for the words in a word cloud.", "title": "WordScaling", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Template.WordCloudSortConfiguration": { "additionalProperties": false, "properties": { "CategoryItemsLimit": { "$ref": "#/definitions/AWS::QuickSight::Template.ItemsLimitConfiguration", "markdownDescription": "The limit on the number of groups that are displayed in a word cloud.", "title": "CategoryItemsLimit" }, "CategorySort": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.FieldSortOptions" }, "markdownDescription": "The sort configuration of group by fields.", "title": "CategorySort", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Template.WordCloudVisual": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualCustomAction" }, "markdownDescription": "The list of custom actions that are configured for a visual.", "title": "Actions", "type": "array" }, "ChartConfiguration": { "$ref": "#/definitions/AWS::QuickSight::Template.WordCloudChartConfiguration", "markdownDescription": "The configuration settings of the visual.", "title": "ChartConfiguration" }, "ColumnHierarchies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Template.ColumnHierarchy" }, "markdownDescription": "The column hierarchy that is used during drill-downs and drill-ups.", "title": "ColumnHierarchies", "type": "array" }, "Subtitle": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualSubtitleLabelOptions", "markdownDescription": "The subtitle that is displayed on the visual.", "title": "Subtitle" }, "Title": { "$ref": "#/definitions/AWS::QuickSight::Template.VisualTitleLabelOptions", "markdownDescription": "The title that is displayed on the visual.", "title": "Title" }, "VisualId": { "markdownDescription": "The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers..", "title": "VisualId", "type": "string" } }, "required": [ "VisualId" ], "type": "object" }, "AWS::QuickSight::Theme": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The ID of the AWS account where you want to store the new theme.", "title": "AwsAccountId", "type": "string" }, "BaseThemeId": { "markdownDescription": "The ID of the theme that a custom theme will inherit from. All themes inherit from one of the starting themes defined by Amazon QuickSight. For a list of the starting themes, use `ListThemes` or choose *Themes* from within an analysis.", "title": "BaseThemeId", "type": "string" }, "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", "markdownDescription": "The theme configuration, which contains the theme display properties.", "title": "Configuration" }, "Name": { "markdownDescription": "A display name for the theme.", "title": "Name", "type": "string" }, "Permissions": { "items": { "$ref": "#/definitions/AWS::QuickSight::Theme.ResourcePermission" }, "markdownDescription": "A valid grouping of resource permissions to apply to the new theme.", "title": "Permissions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map of the key-value pairs for the resource tag or tags that you want to add to the resource.", "title": "Tags", "type": "array" }, "ThemeId": { "markdownDescription": "An ID for the theme that you want to create. The theme ID is unique per AWS Region in each AWS account.", "title": "ThemeId", "type": "string" }, "VersionDescription": { "markdownDescription": "A description of the first version of the theme that you're creating. Every time `UpdateTheme` is called, a new version is created. Each version of the theme has a description of the version in the `VersionDescription` field.", "title": "VersionDescription", "type": "string" } }, "required": [ "AwsAccountId", "BaseThemeId", "Configuration", "Name", "ThemeId" ], "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::Theme" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::QuickSight::Theme.BorderStyle": { "additionalProperties": false, "properties": { "Show": { "markdownDescription": "The option to enable display of borders for visuals.", "title": "Show", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Theme.DataColorPalette": { "additionalProperties": false, "properties": { "Colors": { "items": { "type": "string" }, "markdownDescription": "The hexadecimal codes for the colors.", "title": "Colors", "type": "array" }, "EmptyFillColor": { "markdownDescription": "The hexadecimal code of a color that applies to charts where a lack of data is highlighted.", "title": "EmptyFillColor", "type": "string" }, "MinMaxGradient": { "items": { "type": "string" }, "markdownDescription": "The minimum and maximum hexadecimal codes that describe a color gradient.", "title": "MinMaxGradient", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Theme.Font": { "additionalProperties": false, "properties": { "FontFamily": { "markdownDescription": "Determines the font family settings.", "title": "FontFamily", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Theme.GutterStyle": { "additionalProperties": false, "properties": { "Show": { "markdownDescription": "This Boolean value controls whether to display a gutter space between sheet tiles.", "title": "Show", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Theme.MarginStyle": { "additionalProperties": false, "properties": { "Show": { "markdownDescription": "This Boolean value controls whether to display sheet margins.", "title": "Show", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Theme.ResourcePermission": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "The IAM action to grant or revoke permissions on.", "title": "Actions", "type": "array" }, "Principal": { "markdownDescription": "The Amazon Resource Name (ARN) of the principal. This can be one of the following:\n\n- The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)\n- The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)\n- The ARN of an AWS account root: This is an IAM ARN rather than a Amazon QuickSight ARN. Use this option only to share resources (templates) across AWS accounts . (This is less common.)", "title": "Principal", "type": "string" } }, "required": [ "Actions", "Principal" ], "type": "object" }, "AWS::QuickSight::Theme.SheetStyle": { "additionalProperties": false, "properties": { "Tile": { "$ref": "#/definitions/AWS::QuickSight::Theme.TileStyle", "markdownDescription": "The display options for tiles.", "title": "Tile" }, "TileLayout": { "$ref": "#/definitions/AWS::QuickSight::Theme.TileLayoutStyle", "markdownDescription": "The layout options for tiles.", "title": "TileLayout" } }, "type": "object" }, "AWS::QuickSight::Theme.ThemeConfiguration": { "additionalProperties": false, "properties": { "DataColorPalette": { "$ref": "#/definitions/AWS::QuickSight::Theme.DataColorPalette", "markdownDescription": "Color properties that apply to chart data colors.", "title": "DataColorPalette" }, "Sheet": { "$ref": "#/definitions/AWS::QuickSight::Theme.SheetStyle", "markdownDescription": "Display options related to sheets.", "title": "Sheet" }, "Typography": { "$ref": "#/definitions/AWS::QuickSight::Theme.Typography", "markdownDescription": "", "title": "Typography" }, "UIColorPalette": { "$ref": "#/definitions/AWS::QuickSight::Theme.UIColorPalette", "markdownDescription": "Color properties that apply to the UI and to charts, excluding the colors that apply to data.", "title": "UIColorPalette" } }, "type": "object" }, "AWS::QuickSight::Theme.ThemeError": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "The error message.", "title": "Message", "type": "string" }, "Type": { "markdownDescription": "The type of error.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Theme.ThemeVersion": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource.", "title": "Arn", "type": "string" }, "BaseThemeId": { "markdownDescription": "The Amazon QuickSight-defined ID of the theme that a custom theme inherits from. All themes initially inherit from a default Amazon QuickSight theme.", "title": "BaseThemeId", "type": "string" }, "Configuration": { "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeConfiguration", "markdownDescription": "The theme configuration, which contains all the theme display properties.", "title": "Configuration" }, "CreatedTime": { "markdownDescription": "The date and time that this theme version was created.", "title": "CreatedTime", "type": "string" }, "Description": { "markdownDescription": "The description of the theme.", "title": "Description", "type": "string" }, "Errors": { "items": { "$ref": "#/definitions/AWS::QuickSight::Theme.ThemeError" }, "markdownDescription": "Errors associated with the theme.", "title": "Errors", "type": "array" }, "Status": { "markdownDescription": "The status of the theme version.", "title": "Status", "type": "string" }, "VersionNumber": { "markdownDescription": "The version number of the theme.", "title": "VersionNumber", "type": "number" } }, "type": "object" }, "AWS::QuickSight::Theme.TileLayoutStyle": { "additionalProperties": false, "properties": { "Gutter": { "$ref": "#/definitions/AWS::QuickSight::Theme.GutterStyle", "markdownDescription": "The gutter settings that apply between tiles.", "title": "Gutter" }, "Margin": { "$ref": "#/definitions/AWS::QuickSight::Theme.MarginStyle", "markdownDescription": "The margin settings that apply around the outside edge of sheets.", "title": "Margin" } }, "type": "object" }, "AWS::QuickSight::Theme.TileStyle": { "additionalProperties": false, "properties": { "Border": { "$ref": "#/definitions/AWS::QuickSight::Theme.BorderStyle", "markdownDescription": "The border around a tile.", "title": "Border" } }, "type": "object" }, "AWS::QuickSight::Theme.Typography": { "additionalProperties": false, "properties": { "FontFamilies": { "items": { "$ref": "#/definitions/AWS::QuickSight::Theme.Font" }, "markdownDescription": "Determines the list of font families.", "title": "FontFamilies", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Theme.UIColorPalette": { "additionalProperties": false, "properties": { "Accent": { "markdownDescription": "This color is that applies to selected states and buttons.", "title": "Accent", "type": "string" }, "AccentForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the accent color.", "title": "AccentForeground", "type": "string" }, "Danger": { "markdownDescription": "The color that applies to error messages.", "title": "Danger", "type": "string" }, "DangerForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the error color.", "title": "DangerForeground", "type": "string" }, "Dimension": { "markdownDescription": "The color that applies to the names of fields that are identified as dimensions.", "title": "Dimension", "type": "string" }, "DimensionForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the dimension color.", "title": "DimensionForeground", "type": "string" }, "Measure": { "markdownDescription": "The color that applies to the names of fields that are identified as measures.", "title": "Measure", "type": "string" }, "MeasureForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the measure color.", "title": "MeasureForeground", "type": "string" }, "PrimaryBackground": { "markdownDescription": "The background color that applies to visuals and other high emphasis UI.", "title": "PrimaryBackground", "type": "string" }, "PrimaryForeground": { "markdownDescription": "The color of text and other foreground elements that appear over the primary background regions, such as grid lines, borders, table banding, icons, and so on.", "title": "PrimaryForeground", "type": "string" }, "SecondaryBackground": { "markdownDescription": "The background color that applies to the sheet background and sheet controls.", "title": "SecondaryBackground", "type": "string" }, "SecondaryForeground": { "markdownDescription": "The foreground color that applies to any sheet title, sheet control text, or UI that appears over the secondary background.", "title": "SecondaryForeground", "type": "string" }, "Success": { "markdownDescription": "The color that applies to success messages, for example the check mark for a successful download.", "title": "Success", "type": "string" }, "SuccessForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the success color.", "title": "SuccessForeground", "type": "string" }, "Warning": { "markdownDescription": "This color that applies to warning and informational messages.", "title": "Warning", "type": "string" }, "WarningForeground": { "markdownDescription": "The foreground color that applies to any text or other elements that appear over the warning color.", "title": "WarningForeground", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The ID of the AWS account that you want to create a topic in.", "title": "AwsAccountId", "type": "string" }, "DataSets": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.DatasetMetadata" }, "markdownDescription": "The data sets that the topic is associated with.", "title": "DataSets", "type": "array" }, "Description": { "markdownDescription": "The description of the topic.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the topic.", "title": "Name", "type": "string" }, "TopicId": { "markdownDescription": "The ID for the topic. This ID is unique per AWS Region for each AWS account.", "title": "TopicId", "type": "string" }, "UserExperienceVersion": { "markdownDescription": "The user experience version of the topic.", "title": "UserExperienceVersion", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::Topic" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::Topic.CellValueSynonym": { "additionalProperties": false, "properties": { "CellValue": { "markdownDescription": "The cell value.", "title": "CellValue", "type": "string" }, "Synonyms": { "items": { "type": "string" }, "markdownDescription": "Other names or aliases for the cell value.", "title": "Synonyms", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Topic.CollectiveConstant": { "additionalProperties": false, "properties": { "ValueList": { "items": { "type": "string" }, "markdownDescription": "A list of values for the collective constant.", "title": "ValueList", "type": "array" } }, "type": "object" }, "AWS::QuickSight::Topic.ComparativeOrder": { "additionalProperties": false, "properties": { "SpecifedOrder": { "items": { "type": "string" }, "markdownDescription": "The list of columns to be used in the ordering.", "title": "SpecifedOrder", "type": "array" }, "TreatUndefinedSpecifiedValues": { "markdownDescription": "The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` .", "title": "TreatUndefinedSpecifiedValues", "type": "string" }, "UseOrdering": { "markdownDescription": "The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` .", "title": "UseOrdering", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.DataAggregation": { "additionalProperties": false, "properties": { "DatasetRowDateGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "DatasetRowDateGranularity", "type": "string" }, "DefaultDateColumnName": { "markdownDescription": "The column name for the default date.", "title": "DefaultDateColumnName", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.DatasetMetadata": { "additionalProperties": false, "properties": { "CalculatedFields": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCalculatedField" }, "markdownDescription": "The list of calculated field definitions.", "title": "CalculatedFields", "type": "array" }, "Columns": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicColumn" }, "markdownDescription": "The list of column definitions.", "title": "Columns", "type": "array" }, "DataAggregation": { "$ref": "#/definitions/AWS::QuickSight::Topic.DataAggregation", "markdownDescription": "The definition of a data aggregation.", "title": "DataAggregation" }, "DatasetArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the dataset.", "title": "DatasetArn", "type": "string" }, "DatasetDescription": { "markdownDescription": "The description of the dataset.", "title": "DatasetDescription", "type": "string" }, "DatasetName": { "markdownDescription": "The name of the dataset.", "title": "DatasetName", "type": "string" }, "Filters": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicFilter" }, "markdownDescription": "The list of filter definitions.", "title": "Filters", "type": "array" }, "NamedEntities": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNamedEntity" }, "markdownDescription": "The list of named entities definitions.", "title": "NamedEntities", "type": "array" } }, "required": [ "DatasetArn" ], "type": "object" }, "AWS::QuickSight::Topic.DefaultFormatting": { "additionalProperties": false, "properties": { "DisplayFormat": { "markdownDescription": "The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` .", "title": "DisplayFormat", "type": "string" }, "DisplayFormatOptions": { "$ref": "#/definitions/AWS::QuickSight::Topic.DisplayFormatOptions", "markdownDescription": "The additional options for display formatting.", "title": "DisplayFormatOptions" } }, "type": "object" }, "AWS::QuickSight::Topic.DisplayFormatOptions": { "additionalProperties": false, "properties": { "BlankCellFormat": { "markdownDescription": "Determines the blank cell format.", "title": "BlankCellFormat", "type": "string" }, "CurrencySymbol": { "markdownDescription": "The currency symbol, such as `USD` .", "title": "CurrencySymbol", "type": "string" }, "DateFormat": { "markdownDescription": "Determines the `DateTime` format.", "title": "DateFormat", "type": "string" }, "DecimalSeparator": { "markdownDescription": "Determines the decimal separator.", "title": "DecimalSeparator", "type": "string" }, "FractionDigits": { "markdownDescription": "Determines the number of fraction digits.", "title": "FractionDigits", "type": "number" }, "GroupingSeparator": { "markdownDescription": "Determines the grouping separator.", "title": "GroupingSeparator", "type": "string" }, "NegativeFormat": { "$ref": "#/definitions/AWS::QuickSight::Topic.NegativeFormat", "markdownDescription": "The negative format.", "title": "NegativeFormat" }, "Prefix": { "markdownDescription": "The prefix value for a display format.", "title": "Prefix", "type": "string" }, "Suffix": { "markdownDescription": "The suffix value for a display format.", "title": "Suffix", "type": "string" }, "UnitScaler": { "markdownDescription": "The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` .", "title": "UnitScaler", "type": "string" }, "UseBlankCellFormat": { "markdownDescription": "A Boolean value that indicates whether to use blank cell format.", "title": "UseBlankCellFormat", "type": "boolean" }, "UseGrouping": { "markdownDescription": "A Boolean value that indicates whether to use grouping.", "title": "UseGrouping", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Topic.NamedEntityDefinition": { "additionalProperties": false, "properties": { "FieldName": { "markdownDescription": "The name of the entity.", "title": "FieldName", "type": "string" }, "Metric": { "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinitionMetric", "markdownDescription": "The definition of a metric.", "title": "Metric" }, "PropertyName": { "markdownDescription": "The property name to be used for the named entity.", "title": "PropertyName", "type": "string" }, "PropertyRole": { "markdownDescription": "The property role. Valid values for this structure are `PRIMARY` and `ID` .", "title": "PropertyRole", "type": "string" }, "PropertyUsage": { "markdownDescription": "The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` .", "title": "PropertyUsage", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.NamedEntityDefinitionMetric": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` .", "title": "Aggregation", "type": "string" }, "AggregationFunctionParameters": { "additionalProperties": true, "markdownDescription": "The additional parameters for an aggregation function.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AggregationFunctionParameters", "type": "object" } }, "type": "object" }, "AWS::QuickSight::Topic.NegativeFormat": { "additionalProperties": false, "properties": { "Prefix": { "markdownDescription": "The prefix for a negative format.", "title": "Prefix", "type": "string" }, "Suffix": { "markdownDescription": "The suffix for a negative format.", "title": "Suffix", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.RangeConstant": { "additionalProperties": false, "properties": { "Maximum": { "markdownDescription": "The maximum value for a range constant.", "title": "Maximum", "type": "string" }, "Minimum": { "markdownDescription": "The minimum value for a range constant.", "title": "Minimum", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.SemanticEntityType": { "additionalProperties": false, "properties": { "SubTypeName": { "markdownDescription": "The semantic entity sub type name.", "title": "SubTypeName", "type": "string" }, "TypeName": { "markdownDescription": "The semantic entity type name.", "title": "TypeName", "type": "string" }, "TypeParameters": { "additionalProperties": true, "markdownDescription": "The semantic entity type parameters.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TypeParameters", "type": "object" } }, "type": "object" }, "AWS::QuickSight::Topic.SemanticType": { "additionalProperties": false, "properties": { "FalseyCellValue": { "markdownDescription": "The semantic type falsey cell value.", "title": "FalseyCellValue", "type": "string" }, "FalseyCellValueSynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the false cell value.", "title": "FalseyCellValueSynonyms", "type": "array" }, "SubTypeName": { "markdownDescription": "The semantic type sub type name.", "title": "SubTypeName", "type": "string" }, "TruthyCellValue": { "markdownDescription": "The semantic type truthy cell value.", "title": "TruthyCellValue", "type": "string" }, "TruthyCellValueSynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the true cell value.", "title": "TruthyCellValueSynonyms", "type": "array" }, "TypeName": { "markdownDescription": "The semantic type name.", "title": "TypeName", "type": "string" }, "TypeParameters": { "additionalProperties": true, "markdownDescription": "The semantic type parameters.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "TypeParameters", "type": "object" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicCalculatedField": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` .", "title": "Aggregation", "type": "string" }, "AllowedAggregations": { "items": { "type": "string" }, "markdownDescription": "The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", "title": "AllowedAggregations", "type": "array" }, "CalculatedFieldDescription": { "markdownDescription": "The calculated field description.", "title": "CalculatedFieldDescription", "type": "string" }, "CalculatedFieldName": { "markdownDescription": "The calculated field name.", "title": "CalculatedFieldName", "type": "string" }, "CalculatedFieldSynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the calculated field.", "title": "CalculatedFieldSynonyms", "type": "array" }, "CellValueSynonyms": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" }, "markdownDescription": "The other names or aliases for the calculated field cell value.", "title": "CellValueSynonyms", "type": "array" }, "ColumnDataRole": { "markdownDescription": "The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` .", "title": "ColumnDataRole", "type": "string" }, "ComparativeOrder": { "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", "markdownDescription": "The order in which data is displayed for the calculated field when it's used in a comparative context.", "title": "ComparativeOrder" }, "DefaultFormatting": { "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", "markdownDescription": "The default formatting definition.", "title": "DefaultFormatting" }, "Expression": { "markdownDescription": "The calculated field expression.", "title": "Expression", "type": "string" }, "IsIncludedInTopic": { "markdownDescription": "A boolean value that indicates if a calculated field is included in the topic.", "title": "IsIncludedInTopic", "type": "boolean" }, "NeverAggregateInFilter": { "markdownDescription": "A Boolean value that indicates whether to never aggregate calculated field in filters.", "title": "NeverAggregateInFilter", "type": "boolean" }, "NonAdditive": { "markdownDescription": "The non additive for the table style target.", "title": "NonAdditive", "type": "boolean" }, "NotAllowedAggregations": { "items": { "type": "string" }, "markdownDescription": "The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", "title": "NotAllowedAggregations", "type": "array" }, "SemanticType": { "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", "markdownDescription": "The semantic type.", "title": "SemanticType" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "CalculatedFieldName", "Expression" ], "type": "object" }, "AWS::QuickSight::Topic.TopicCategoryFilter": { "additionalProperties": false, "properties": { "CategoryFilterFunction": { "markdownDescription": "The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` .", "title": "CategoryFilterFunction", "type": "string" }, "CategoryFilterType": { "markdownDescription": "The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter.", "title": "CategoryFilterType", "type": "string" }, "Constant": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilterConstant", "markdownDescription": "The constant used in a category filter.", "title": "Constant" }, "Inverse": { "markdownDescription": "A Boolean value that indicates if the filter is inverse.", "title": "Inverse", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicCategoryFilterConstant": { "additionalProperties": false, "properties": { "CollectiveConstant": { "$ref": "#/definitions/AWS::QuickSight::Topic.CollectiveConstant", "markdownDescription": "A collective constant used in a category filter. This element is used to specify a list of values for the constant.", "title": "CollectiveConstant" }, "ConstantType": { "markdownDescription": "The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` .", "title": "ConstantType", "type": "string" }, "SingularConstant": { "markdownDescription": "A singular constant used in a category filter. This element is used to specify a single value for the constant.", "title": "SingularConstant", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicColumn": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "The type of aggregation that is performed on the column data when it's queried.", "title": "Aggregation", "type": "string" }, "AllowedAggregations": { "items": { "type": "string" }, "markdownDescription": "The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", "title": "AllowedAggregations", "type": "array" }, "CellValueSynonyms": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.CellValueSynonym" }, "markdownDescription": "The other names or aliases for the column cell value.", "title": "CellValueSynonyms", "type": "array" }, "ColumnDataRole": { "markdownDescription": "The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` .", "title": "ColumnDataRole", "type": "string" }, "ColumnDescription": { "markdownDescription": "A description of the column and its contents.", "title": "ColumnDescription", "type": "string" }, "ColumnFriendlyName": { "markdownDescription": "A user-friendly name for the column.", "title": "ColumnFriendlyName", "type": "string" }, "ColumnName": { "markdownDescription": "The name of the column.", "title": "ColumnName", "type": "string" }, "ColumnSynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the column.", "title": "ColumnSynonyms", "type": "array" }, "ComparativeOrder": { "$ref": "#/definitions/AWS::QuickSight::Topic.ComparativeOrder", "markdownDescription": "The order in which data is displayed for the column when it's used in a comparative context.", "title": "ComparativeOrder" }, "DefaultFormatting": { "$ref": "#/definitions/AWS::QuickSight::Topic.DefaultFormatting", "markdownDescription": "The default formatting used for values in the column.", "title": "DefaultFormatting" }, "IsIncludedInTopic": { "markdownDescription": "A Boolean value that indicates whether the column is included in the query results.", "title": "IsIncludedInTopic", "type": "boolean" }, "NeverAggregateInFilter": { "markdownDescription": "A Boolean value that indicates whether to aggregate the column data when it's used in a filter context.", "title": "NeverAggregateInFilter", "type": "boolean" }, "NonAdditive": { "markdownDescription": "The non additive value for the column.", "title": "NonAdditive", "type": "boolean" }, "NotAllowedAggregations": { "items": { "type": "string" }, "markdownDescription": "The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` .", "title": "NotAllowedAggregations", "type": "array" }, "SemanticType": { "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticType", "markdownDescription": "The semantic type of data contained in the column.", "title": "SemanticType" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "required": [ "ColumnName" ], "type": "object" }, "AWS::QuickSight::Topic.TopicDateRangeFilter": { "additionalProperties": false, "properties": { "Constant": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", "markdownDescription": "The constant used in a date range filter.", "title": "Constant" }, "Inclusive": { "markdownDescription": "A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them.", "title": "Inclusive", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicFilter": { "additionalProperties": false, "properties": { "CategoryFilter": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicCategoryFilter", "markdownDescription": "The category filter that is associated with this filter.", "title": "CategoryFilter" }, "DateRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicDateRangeFilter", "markdownDescription": "The date range filter.", "title": "DateRangeFilter" }, "FilterClass": { "markdownDescription": "The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` .", "title": "FilterClass", "type": "string" }, "FilterDescription": { "markdownDescription": "A description of the filter used to select items for a topic.", "title": "FilterDescription", "type": "string" }, "FilterName": { "markdownDescription": "The name of the filter.", "title": "FilterName", "type": "string" }, "FilterSynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the filter.", "title": "FilterSynonyms", "type": "array" }, "FilterType": { "markdownDescription": "The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` .", "title": "FilterType", "type": "string" }, "NumericEqualityFilter": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericEqualityFilter", "markdownDescription": "The numeric equality filter.", "title": "NumericEqualityFilter" }, "NumericRangeFilter": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicNumericRangeFilter", "markdownDescription": "The numeric range filter.", "title": "NumericRangeFilter" }, "OperandFieldName": { "markdownDescription": "The name of the field that the filter operates on.", "title": "OperandFieldName", "type": "string" }, "RelativeDateFilter": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRelativeDateFilter", "markdownDescription": "The relative date filter.", "title": "RelativeDateFilter" } }, "required": [ "FilterName", "OperandFieldName" ], "type": "object" }, "AWS::QuickSight::Topic.TopicNamedEntity": { "additionalProperties": false, "properties": { "Definition": { "items": { "$ref": "#/definitions/AWS::QuickSight::Topic.NamedEntityDefinition" }, "markdownDescription": "The definition of a named entity.", "title": "Definition", "type": "array" }, "EntityDescription": { "markdownDescription": "The description of the named entity.", "title": "EntityDescription", "type": "string" }, "EntityName": { "markdownDescription": "The name of the named entity.", "title": "EntityName", "type": "string" }, "EntitySynonyms": { "items": { "type": "string" }, "markdownDescription": "The other names or aliases for the named entity.", "title": "EntitySynonyms", "type": "array" }, "SemanticEntityType": { "$ref": "#/definitions/AWS::QuickSight::Topic.SemanticEntityType", "markdownDescription": "The type of named entity that a topic represents.", "title": "SemanticEntityType" } }, "required": [ "EntityName" ], "type": "object" }, "AWS::QuickSight::Topic.TopicNumericEqualityFilter": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", "title": "Aggregation", "type": "string" }, "Constant": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", "markdownDescription": "The constant used in a numeric equality filter.", "title": "Constant" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicNumericRangeFilter": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` .", "title": "Aggregation", "type": "string" }, "Constant": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicRangeFilterConstant", "markdownDescription": "The constant used in a numeric range filter.", "title": "Constant" }, "Inclusive": { "markdownDescription": "A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter.", "title": "Inclusive", "type": "boolean" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicRangeFilterConstant": { "additionalProperties": false, "properties": { "ConstantType": { "markdownDescription": "The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` .", "title": "ConstantType", "type": "string" }, "RangeConstant": { "$ref": "#/definitions/AWS::QuickSight::Topic.RangeConstant", "markdownDescription": "The value of the constant that is used to specify the endpoints of a range filter.", "title": "RangeConstant" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicRelativeDateFilter": { "additionalProperties": false, "properties": { "Constant": { "$ref": "#/definitions/AWS::QuickSight::Topic.TopicSingularFilterConstant", "markdownDescription": "The constant used in a relative date filter.", "title": "Constant" }, "RelativeDateFilterFunction": { "markdownDescription": "The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` .", "title": "RelativeDateFilterFunction", "type": "string" }, "TimeGranularity": { "markdownDescription": "The level of time precision that is used to aggregate `DateTime` values.", "title": "TimeGranularity", "type": "string" } }, "type": "object" }, "AWS::QuickSight::Topic.TopicSingularFilterConstant": { "additionalProperties": false, "properties": { "ConstantType": { "markdownDescription": "The type of the singular filter constant. Valid values for this structure are `SINGULAR` .", "title": "ConstantType", "type": "string" }, "SingularConstant": { "markdownDescription": "The value of the singular filter constant.", "title": "SingularConstant", "type": "string" } }, "type": "object" }, "AWS::QuickSight::VPCConnection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailabilityStatus": { "markdownDescription": "The availability status of the VPC connection.", "title": "AvailabilityStatus", "type": "string" }, "AwsAccountId": { "markdownDescription": "The AWS account ID of the account where you want to create a new VPC connection.", "title": "AwsAccountId", "type": "string" }, "DnsResolvers": { "items": { "type": "string" }, "markdownDescription": "A list of IP addresses of DNS resolver endpoints for the VPC connection.", "title": "DnsResolvers", "type": "array" }, "Name": { "markdownDescription": "The display name for the VPC connection.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role associated with the VPC connection.", "title": "RoleArn", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 security group IDs associated with the VPC connection.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs for the VPC connection.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A map of the key-value pairs for the resource tag or tags assigned to the VPC connection.", "title": "Tags", "type": "array" }, "VPCConnectionId": { "markdownDescription": "The ID of the VPC connection that you're creating. This ID is a unique identifier for each AWS Region in an AWS account.", "title": "VPCConnectionId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::QuickSight::VPCConnection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::QuickSight::VPCConnection.NetworkInterface": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The availability zone that the network interface resides in.", "title": "AvailabilityZone", "type": "string" }, "ErrorMessage": { "markdownDescription": "An error message.", "title": "ErrorMessage", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The network interface ID.", "title": "NetworkInterfaceId", "type": "string" }, "Status": { "markdownDescription": "The status of the network interface.", "title": "Status", "type": "string" }, "SubnetId": { "markdownDescription": "The subnet ID associated with the network interface.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::RAM::Permission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Specifies the name of the customer managed permission. The name must be unique within the AWS Region .", "title": "Name", "type": "string" }, "PolicyTemplate": { "markdownDescription": "A string in JSON format string that contains the following elements of a resource-based policy:\n\n- *Effect* : must be set to `ALLOW` .\n- *Action* : specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see [Actions, resources, and condition keys for AWS services](https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html) in the *AWS Identity and Access Management User Guide* .\n- *Condition* : (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see [IAM policies: Condition element](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) in the *AWS Identity and Access Management User Guide* .\n\nThis template can't include either the `Resource` or `Principal` elements. Those are both filled in by AWS RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The `Resource` comes from the ARN of the specific resource that you are sharing. The `Principal` comes from the list of identities added to the resource share.", "title": "PolicyTemplate", "type": "object" }, "ResourceType": { "markdownDescription": "Specifies the name of the resource type that this customer managed permission applies to.\n\nThe format is `** : **` and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string `ec2:subnet` . To see the list of valid values for this parameter, query the [ListResourceTypes](https://docs.aws.amazon.com/ram/latest/APIReference/API_ListResourceTypes.html) operation.", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies a list of one or more tag key and value pairs to attach to the permission.", "title": "Tags", "type": "array" } }, "required": [ "Name", "PolicyTemplate", "ResourceType" ], "type": "object" }, "Type": { "enum": [ "AWS::RAM::Permission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RAM::ResourceShare": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowExternalPrincipals": { "markdownDescription": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are *not* in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true` .", "title": "AllowExternalPrincipals", "type": "boolean" }, "Name": { "markdownDescription": "Specifies the name of the resource share.", "title": "Name", "type": "string" }, "PermissionArns": { "items": { "type": "string" }, "markdownDescription": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.", "title": "PermissionArns", "type": "array" }, "Principals": { "items": { "type": "string" }, "markdownDescription": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n- An ARN of an organizational unit (OU) in AWS Organizations\n- An ARN of an IAM role\n- An ARN of an IAM user\n\n> Not all resource types can be shared with IAM roles and users. For more information, see the column *Can share with IAM roles and users* in the tables on [Shareable AWS resources](https://docs.aws.amazon.com/ram/latest/userguide/shareable.html) in the *AWS Resource Access Manager User Guide* .", "title": "Principals", "type": "array" }, "ResourceArns": { "items": { "type": "string" }, "markdownDescription": "Specifies a list of one or more ARNs of the resources to associate with the resource share.", "title": "ResourceArns", "type": "array" }, "Sources": { "items": { "type": "string" }, "markdownDescription": "", "title": "Sources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::RAM::ResourceShare" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::CustomDBEngineVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatabaseInstallationFilesS3BucketName": { "markdownDescription": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files` .", "title": "DatabaseInstallationFilesS3BucketName", "type": "string" }, "DatabaseInstallationFilesS3Prefix": { "markdownDescription": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1` . If this setting isn't specified, no prefix is assumed.", "title": "DatabaseInstallationFilesS3Prefix", "type": "string" }, "Description": { "markdownDescription": "An optional description of your CEV.", "title": "Description", "type": "string" }, "Engine": { "markdownDescription": "The database engine to use for your custom engine version (CEV).\n\nValid values:\n\n- `custom-oracle-ee`\n- `custom-oracle-ee-cdb`", "title": "Engine", "type": "string" }, "EngineVersion": { "markdownDescription": "The name of your CEV. The name format is `major version.customized_string` . For example, a valid CEV name is `19.my_cev1` . This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of `Engine` and `EngineVersion` is unique per customer per Region.\n\n*Constraints:* Minimum length is 1. Maximum length is 60.\n\n*Pattern:* `^[a-z0-9_.-]{1,60$` }", "title": "EngineVersion", "type": "string" }, "ImageId": { "markdownDescription": "A value that indicates the ID of the AMI.", "title": "ImageId", "type": "string" }, "KMSKeyId": { "markdownDescription": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n\nIf you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *AWS Key Management Service Developer Guide* .\n\nYou can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.", "title": "KMSKeyId", "type": "string" }, "Manifest": { "markdownDescription": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n\nThe following JSON fields are valid:\n\n- **MediaImportTemplateVersion** - Version of the CEV manifest. The date is in the format `YYYY-MM-DD` .\n- **databaseInstallationFileNames** - Ordered list of installation files for the CEV.\n- **opatchFileNames** - Ordered list of OPatch installers used for the Oracle DB engine.\n- **psuRuPatchFileNames** - The PSU and RU patches for this CEV.\n- **OtherPatchFileNames** - The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches.\n\nFor more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide* .", "title": "Manifest", "type": "string" }, "SourceCustomDbEngineVersionIdentifier": { "markdownDescription": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either `Source` or `UseAwsProvidedLatestImage` . You can't specify a different JSON manifest when you specify `SourceCustomDbEngineVersionIdentifier` .", "title": "SourceCustomDbEngineVersionIdentifier", "type": "string" }, "Status": { "markdownDescription": "A value that indicates the status of a custom engine version (CEV).", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*", "title": "Tags", "type": "array" }, "UseAwsProvidedLatestImage": { "markdownDescription": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify `UseAwsProvidedLatestImage` , you can't also specify `ImageId` .", "title": "UseAwsProvidedLatestImage", "type": "boolean" } }, "required": [ "Engine", "EngineVersion" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::CustomDBEngineVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocatedStorage": { "markdownDescription": "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nThis setting is required to create a Multi-AZ DB cluster.", "title": "AllocatedStorage", "type": "number" }, "AssociatedRoles": { "items": { "$ref": "#/definitions/AWS::RDS::DBCluster.DBClusterRole" }, "markdownDescription": "Provides a list of the AWS Identity and Access Management (IAM) roles that are associated with the DB cluster. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other Amazon Web Services on your behalf.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "AssociatedRoles", "type": "array" }, "AutoMinorVersionUpgrade": { "markdownDescription": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n\nValid for Cluster Type: Multi-AZ DB clusters only", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AvailabilityZones": { "items": { "type": "string" }, "markdownDescription": "A list of Availability Zones (AZs) where instances in the DB cluster can be created. For information on AWS Regions and Availability Zones, see [Choosing the Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "title": "AvailabilityZones", "type": "array" }, "BacktrackWindow": { "markdownDescription": "The target backtrack window, in seconds. To disable backtracking, set this value to 0.\n\n> Currently, Backtrack is only supported for Aurora MySQL DB clusters. \n\nDefault: 0\n\nConstraints:\n\n- If specified, this value must be set to a number from 0 to 259,200 (72 hours).\n\nValid for: Aurora MySQL DB clusters only", "title": "BacktrackWindow", "type": "number" }, "BackupRetentionPeriod": { "markdownDescription": "The number of days for which automated backups are retained.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 1 to 35\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "BackupRetentionPeriod", "type": "number" }, "CopyTagsToSnapshot": { "markdownDescription": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "CopyTagsToSnapshot", "type": "boolean" }, "DBClusterIdentifier": { "markdownDescription": "The DB cluster identifier. This parameter is stored as a lowercase string.\n\nConstraints:\n\n- Must contain from 1 to 63 letters, numbers, or hyphens.\n- First character must be a letter.\n- Can't end with a hyphen or contain two consecutive hyphens.\n\nExample: `my-cluster1`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "DBClusterIdentifier", "type": "string" }, "DBClusterInstanceClass": { "markdownDescription": "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example `db.m6gd.xlarge` . Not all DB instance classes are available in all AWS Regions , or for all database engines.\n\nFor the full list of DB instance classes and availability for your engine, see [DB instance class](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only", "title": "DBClusterInstanceClass", "type": "string" }, "DBClusterParameterGroupName": { "markdownDescription": "The name of the DB cluster parameter group to associate with this DB cluster.\n\n> If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n> \n> If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started. \n\nTo list all of the available DB cluster parameter group names, use the following command:\n\n`aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "DBClusterParameterGroupName", "type": "string" }, "DBInstanceParameterGroupName": { "markdownDescription": "The name of the DB parameter group to apply to all instances of the DB cluster.\n\n> When you apply a parameter group using the `DBInstanceParameterGroupName` parameter, the DB cluster isn't rebooted automatically. Also, parameter changes are applied immediately rather than during the next maintenance window. \n\nValid for Cluster Type: Aurora DB clusters only\n\nDefault: The existing name setting\n\nConstraints:\n\n- The DB parameter group must be in the same DB parameter group family as this DB cluster.\n- The `DBInstanceParameterGroupName` parameter is valid in combination with the `AllowMajorVersionUpgrade` parameter for a major version upgrade only.", "title": "DBInstanceParameterGroupName", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "A DB subnet group that you want to associate with this DB cluster.\n\nIf you are restoring a DB cluster to a point in time with `RestoreType` set to `copy-on-write` , and don't specify a DB subnet group name, then the DB cluster is restored with a default DB subnet group.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "DBSubnetGroupName", "type": "string" }, "DBSystemId": { "markdownDescription": "Reserved for future use.", "title": "DBSystemId", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "DatabaseName", "type": "string" }, "DeletionProtection": { "markdownDescription": "A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "DeletionProtection", "type": "boolean" }, "Domain": { "markdownDescription": "Indicates the directory ID of the Active Directory to create the DB cluster.\n\nFor Amazon Aurora DB clusters, Amazon RDS can use Kerberos authentication to authenticate users that connect to the DB cluster.\n\nFor more information, see [Kerberos authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "title": "Domain", "type": "string" }, "DomainIAMRoleName": { "markdownDescription": "Specifies the name of the IAM role to use when making API calls to the Directory Service.\n\nValid for: Aurora DB clusters only", "title": "DomainIAMRoleName", "type": "string" }, "EnableCloudwatchLogsExports": { "items": { "type": "string" }, "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Aurora User Guide* .\n\n*Aurora MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Aurora PostgreSQL*\n\nValid values: `postgresql`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "EnableCloudwatchLogsExports", "type": "array" }, "EnableGlobalWriteForwarding": { "markdownDescription": "Specifies whether to enable this DB cluster to forward write operations to the primary cluster of a global cluster (Aurora global database). By default, write operations are not allowed on Aurora DB clusters that are secondary clusters in an Aurora global database.\n\nYou can set this value only on Aurora DB clusters that are members of an Aurora global database. With this parameter enabled, a secondary cluster can forward writes to the current primary cluster, and the resulting changes are replicated back to this cluster. For the primary DB cluster of an Aurora global database, this value is used immediately if the primary is demoted by a global cluster API operation, but it does nothing until then.\n\nValid for Cluster Type: Aurora DB clusters only", "title": "EnableGlobalWriteForwarding", "type": "boolean" }, "EnableHttpEndpoint": { "markdownDescription": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n\nWhen enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n\nRDS Data API is supported with the following DB clusters:\n\n- Aurora PostgreSQL Serverless v2 and provisioned\n- Aurora PostgreSQL and Aurora MySQL Serverless v1\n\nFor more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide* .\n\nValid for Cluster Type: Aurora DB clusters only", "title": "EnableHttpEndpoint", "type": "boolean" }, "EnableIAMDatabaseAuthentication": { "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nFor more information, see [IAM Database Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", "title": "EnableIAMDatabaseAuthentication", "type": "boolean" }, "Engine": { "markdownDescription": "The name of the database engine to be used for this DB cluster.\n\nValid Values:\n\n- `aurora-mysql`\n- `aurora-postgresql`\n- `mysql`\n- `postgres`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "Engine", "type": "string" }, "EngineMode": { "markdownDescription": "The DB engine mode of the DB cluster, either `provisioned` or `serverless` .\n\nThe `serverless` engine mode only applies for Aurora Serverless v1 DB clusters. Aurora Serverless v2 DB clusters use the `provisioned` engine mode.\n\nFor information about limitations and requirements for Serverless DB clusters, see the following sections in the *Amazon Aurora User Guide* :\n\n- [Limitations of Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)\n- [Requirements for Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html)\n\nValid for Cluster Type: Aurora DB clusters only", "title": "EngineMode", "type": "string" }, "EngineVersion": { "markdownDescription": "The version number of the database engine to use.\n\nTo list all of the available engine versions for Aurora MySQL version 2 (5.7-compatible) and version 3 (8.0-compatible), use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nYou can supply either `5.7` or `8.0` to use the default engine version for Aurora MySQL version 2 or version 3, respectively.\n\nTo list all of the available engine versions for Aurora PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for MySQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine mysql --query \"DBEngineVersions[].EngineVersion\"`\n\nTo list all of the available engine versions for RDS for PostgreSQL, use the following command:\n\n`aws rds describe-db-engine-versions --engine postgres --query \"DBEngineVersions[].EngineVersion\"`\n\n*Aurora MySQL*\n\nFor information, see [Database engine updates for Amazon Aurora MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.html) in the *Amazon Aurora User Guide* .\n\n*Aurora PostgreSQL*\n\nFor information, see [Amazon Aurora PostgreSQL releases and engine versions](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraPostgreSQL.Updates.20180305.html) in the *Amazon Aurora User Guide* .\n\n*MySQL*\n\nFor information, see [Amazon RDS for MySQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide* .\n\n*PostgreSQL*\n\nFor information, see [Amazon RDS for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts) in the *Amazon RDS User Guide* .\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "EngineVersion", "type": "string" }, "GlobalClusterIdentifier": { "markdownDescription": "If you are configuring an Aurora global database cluster and want your Aurora DB cluster to be a secondary member in the global database cluster, specify the global cluster ID of the global database cluster. To define the primary database cluster of the global cluster, use the [AWS::RDS::GlobalCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-globalcluster.html) resource.\n\nIf you aren't configuring a global database cluster, don't specify this property.\n\n> To remove the DB cluster from a global database cluster, specify an empty value for the `GlobalClusterIdentifier` property. \n\nFor information about Aurora global databases, see [Working with Amazon Aurora Global Databases](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html) in the *Amazon Aurora User Guide* .\n\nValid for: Aurora DB clusters only", "title": "GlobalClusterIdentifier", "type": "string" }, "Iops": { "markdownDescription": "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster.\n\nFor information about valid IOPS values, see [Provisioned IOPS storage](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nConstraints:\n\n- Must be a multiple between .5 and 50 of the storage amount for the DB cluster.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the `StorageEncrypted` property but don't specify this property, the default KMS key is used. If you specify this property, you must set the `StorageEncrypted` property to `true` .\n\nIf you specify the `SnapshotIdentifier` property, the `StorageEncrypted` property value is inherited from the snapshot, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create a read replica of an encrypted DB cluster in another AWS Region, make sure to set `KmsKeyId` to a KMS key identifier that is valid in the destination AWS Region. This KMS key is used to encrypt the read replica in that AWS Region.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "KmsKeyId", "type": "string" }, "ManageMasterUserPassword": { "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", "title": "ManageMasterUserPassword", "type": "boolean" }, "MasterUserPassword": { "markdownDescription": "The master password for the DB instance.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "MasterUserPassword", "type": "string" }, "MasterUserSecret": { "$ref": "#/definitions/AWS::RDS::DBCluster.MasterUserSecret", "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*", "title": "MasterUserSecret" }, "MasterUsername": { "markdownDescription": "The name of the master user for the DB cluster.\n\n> If you specify the `SourceDBClusterIdentifier` , `SnapshotIdentifier` , or `GlobalClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "MasterUsername", "type": "string" }, "MonitoringInterval": { "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify `0` .\n\nIf `MonitoringRoleArn` is specified, also set `MonitoringInterval` to a value other than `0` .\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nValid Values: `0 | 1 | 5 | 10 | 15 | 30 | 60`\n\nDefault: `0`", "title": "MonitoringInterval", "type": "number" }, "MonitoringRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , supply a `MonitoringRoleArn` value.\n\nValid for Cluster Type: Multi-AZ DB clusters only", "title": "MonitoringRoleArn", "type": "string" }, "NetworkType": { "markdownDescription": "The network type of the DB cluster.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB cluster. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon Aurora User Guide.*\n\nValid for: Aurora DB clusters only", "title": "NetworkType", "type": "string" }, "PerformanceInsightsEnabled": { "markdownDescription": "Specifies whether to turn on Performance Insights for the DB cluster.\n\nFor more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nValid for Cluster Type: Multi-AZ DB clusters only", "title": "PerformanceInsightsEnabled", "type": "boolean" }, "PerformanceInsightsKmsKeyId": { "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you don't specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account . Your AWS account has a different default KMS key for each AWS Region .\n\nValid for Cluster Type: Multi-AZ DB clusters only", "title": "PerformanceInsightsKmsKeyId", "type": "string" }, "PerformanceInsightsRetentionPeriod": { "markdownDescription": "The number of days to retain Performance Insights data.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS issues an error.", "title": "PerformanceInsightsRetentionPeriod", "type": "number" }, "Port": { "markdownDescription": "The port number on which the DB instances in the DB cluster accept connections.\n\nDefault:\n\n- When `EngineMode` is `provisioned` , `3306` (for both Aurora MySQL and Aurora PostgreSQL)\n- When `EngineMode` is `serverless` :\n\n- `3306` when `Engine` is `aurora` or `aurora-mysql`\n- `5432` when `Engine` is `aurora-postgresql`\n\n> The `No interruption` on update behavior only applies to DB clusters. If you are updating a DB instance, see [Port](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-port) for the AWS::RDS::DBInstance resource. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "Port", "type": "number" }, "PreferredBackupWindow": { "markdownDescription": "The daily time range during which automated backups are created. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.Backups.BackupWindow) in the *Amazon Aurora User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.*\n\nValid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n\nConstraints: Minimum 30-minute window.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "PreferredMaintenanceWindow", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "Specifies whether the DB cluster is publicly accessible.\n\nWhen the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it.\n\nWhen the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address.\n\nValid for Cluster Type: Multi-AZ DB clusters only\n\nDefault: The default behavior varies depending on whether `DBSubnetGroupName` is specified.\n\nIf `DBSubnetGroupName` isn't specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public.\n\nIf `DBSubnetGroupName` is specified, and `PubliclyAccessible` isn't specified, the following applies:\n\n- If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB cluster is private.\n- If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public.", "title": "PubliclyAccessible", "type": "boolean" }, "ReplicationSourceIdentifier": { "markdownDescription": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n\nValid for: Aurora DB clusters only", "title": "ReplicationSourceIdentifier", "type": "string" }, "RestoreToTime": { "markdownDescription": "The date and time to restore the DB cluster to.\n\nValid Values: Value must be a time in Universal Coordinated Time (UTC) format\n\nConstraints:\n\n- Must be before the latest restorable time for the DB instance\n- Must be specified if `UseLatestRestorableTime` parameter isn't provided\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled\n- Can't be specified if the `RestoreType` parameter is `copy-on-write`\n\nThis property must be used with `SourceDBClusterIdentifier` property. The resulting cluster will have the identifier that matches the value of the `DBclusterIdentifier` property.\n\nExample: `2015-03-07T23:45:00Z`\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "RestoreToTime", "type": "string" }, "RestoreType": { "markdownDescription": "The type of restore to be performed. You can specify one of the following values:\n\n- `full-copy` - The new DB cluster is restored as a full copy of the source DB cluster.\n- `copy-on-write` - The new DB cluster is restored as a clone of the source DB cluster.\n\nIf you don't specify a `RestoreType` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "RestoreType", "type": "string" }, "ScalingConfiguration": { "$ref": "#/definitions/AWS::RDS::DBCluster.ScalingConfiguration", "markdownDescription": "The scaling configuration of an Aurora Serverless v1 DB cluster.\n\nThis property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the `ServerlessV2ScalingConfiguration` property.\n\nValid for: Aurora Serverless v1 DB clusters only", "title": "ScalingConfiguration" }, "ServerlessV2ScalingConfiguration": { "$ref": "#/definitions/AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration", "markdownDescription": "The scaling configuration of an Aurora Serverless V2 DB cluster.\n\nThis property is only supported for Aurora Serverless v2. For Aurora Serverless v1, Use the `ScalingConfiguration` property.\n\nValid for: Aurora Serverless v2 DB clusters only", "title": "ServerlessV2ScalingConfiguration" }, "SnapshotIdentifier": { "markdownDescription": "The identifier for the DB snapshot or DB cluster snapshot to restore from.\n\nYou can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot.\n\nAfter you restore a DB cluster with a `SnapshotIdentifier` property, you must specify the same `SnapshotIdentifier` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the snapshot again, and the data in the database is not changed. However, if you don't specify the `SnapshotIdentifier` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified `SnapshotIdentifier` property, and the original DB cluster is deleted.\n\nIf you specify the `SnapshotIdentifier` property to restore a DB cluster (as opposed to specifying it for DB cluster updates), then don't specify the following properties:\n\n- `GlobalClusterIdentifier`\n- `MasterUsername`\n- `MasterUserPassword`\n- `ReplicationSourceIdentifier`\n- `RestoreType`\n- `SourceDBClusterIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `UseLatestRestorableTime`\n\nConstraints:\n\n- Must match the identifier of an existing Snapshot.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "SnapshotIdentifier", "type": "string" }, "SourceDBClusterIdentifier": { "markdownDescription": "When restoring a DB cluster to a point in time, the identifier of the source DB cluster from which to restore.\n\nConstraints:\n\n- Must match the identifier of an existing DBCluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "SourceDBClusterIdentifier", "type": "string" }, "SourceRegion": { "markdownDescription": "The AWS Region which contains the source DB cluster when replicating a DB cluster. For example, `us-east-1` .\n\nValid for: Aurora DB clusters only", "title": "SourceRegion", "type": "string" }, "StorageEncrypted": { "markdownDescription": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBClusterIdentifier` property, don't specify this property. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot is encrypted, don't specify this property. The value is inherited from the snapshot, and the specified `KmsKeyId` property is used.\n\nIf you specify the `SnapshotIdentifier` and the specified snapshot isn't encrypted, you can use this property to specify that the restored DB cluster is encrypted. Specify the `KmsKeyId` property for the KMS key to use for encryption. If you don't want the restored DB cluster to be encrypted, then don't set this property or set it to `false` .\n\n> If you specify both the `StorageEncrypted` and `SnapshotIdentifier` properties without specifying the `KmsKeyId` property, then the restored DB cluster inherits the encryption settings from the DB snapshot that provide. \n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "StorageEncrypted", "type": "boolean" }, "StorageType": { "markdownDescription": "The storage type to associate with the DB cluster.\n\nFor information on storage types for Aurora DB clusters, see [Storage configurations for Amazon Aurora DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Overview.StorageReliability.html#aurora-storage-type) . For information on storage types for Multi-AZ DB clusters, see [Settings for creating Multi-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html#create-multi-az-db-cluster-settings) .\n\nThis setting is required to create a Multi-AZ DB cluster.\n\nWhen specified for a Multi-AZ DB cluster, a value for the `Iops` parameter is required.\n\nValid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n\nValid Values:\n\n- Aurora DB clusters - `aurora | aurora-iopt1`\n- Multi-AZ DB clusters - `io1 | io2 | gp3`\n\nDefault:\n\n- Aurora DB clusters - `aurora`\n- Multi-AZ DB clusters - `io1`\n\n> When you create an Aurora DB cluster with the storage type set to `aurora-iopt1` , the storage type is returned in the response. The storage type isn't returned when you set it to `aurora` .", "title": "StorageType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB cluster.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "Tags", "type": "array" }, "UseLatestRestorableTime": { "markdownDescription": "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster is not restored to the latest restorable backup time.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "UseLatestRestorableTime", "type": "boolean" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of EC2 VPC security groups to associate with this DB cluster.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nValid for: Aurora DB clusters and Multi-AZ DB clusters", "title": "VpcSecurityGroupIds", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::RDS::DBCluster.DBClusterRole": { "additionalProperties": false, "properties": { "FeatureName": { "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", "title": "FeatureName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster.", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "AWS::RDS::DBCluster.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "Specifies the connection endpoint for the primary instance of the DB cluster.", "title": "Address", "type": "string" }, "Port": { "markdownDescription": "Specifies the port that the database engine is listening on.", "title": "Port", "type": "string" } }, "type": "object" }, "AWS::RDS::DBCluster.MasterUserSecret": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", "title": "KmsKeyId", "type": "string" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", "title": "SecretArn", "type": "string" } }, "type": "object" }, "AWS::RDS::DBCluster.ReadEndpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The host address of the reader endpoint.", "title": "Address", "type": "string" } }, "type": "object" }, "AWS::RDS::DBCluster.ScalingConfiguration": { "additionalProperties": false, "properties": { "AutoPause": { "markdownDescription": "Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in `serverless` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections).\n\n> If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it.", "title": "AutoPause", "type": "boolean" }, "MaxCapacity": { "markdownDescription": "The maximum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe maximum capacity must be greater than or equal to the minimum capacity.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum capacity for an Aurora DB cluster in `serverless` DB engine mode.\n\nFor Aurora MySQL, valid capacity values are `1` , `2` , `4` , `8` , `16` , `32` , `64` , `128` , and `256` .\n\nFor Aurora PostgreSQL, valid capacity values are `2` , `4` , `8` , `16` , `32` , `64` , `192` , and `384` .\n\nThe minimum capacity must be less than or equal to the maximum capacity.", "title": "MinCapacity", "type": "number" }, "SecondsBeforeTimeout": { "markdownDescription": "The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300.\n\nSpecify a value between 60 and 600 seconds.", "title": "SecondsBeforeTimeout", "type": "number" }, "SecondsUntilAutoPause": { "markdownDescription": "The time, in seconds, before an Aurora DB cluster in `serverless` mode is paused.\n\nSpecify a value between 300 and 86,400 seconds.", "title": "SecondsUntilAutoPause", "type": "number" }, "TimeoutAction": { "markdownDescription": "The action to take when the timeout is reached, either `ForceApplyCapacityChange` or `RollbackCapacityChange` .\n\n`ForceApplyCapacityChange` sets the capacity to the specified value as soon as possible.\n\n`RollbackCapacityChange` , the default, ignores the capacity change if a scaling point isn't found in the timeout period.\n\n> If you specify `ForceApplyCapacityChange` , connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. \n\nFor more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide* .", "title": "TimeoutAction", "type": "string" } }, "type": "object" }, "AWS::RDS::DBCluster.ServerlessV2ScalingConfiguration": { "additionalProperties": false, "properties": { "MaxCapacity": { "markdownDescription": "The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128.\n\nThe maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide* .\n\nAurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the `ParameterApplyStatus` value for the DB instance changes to `pending-reboot` . You can update the parameter values by rebooting the DB instance after changing the capacity range.", "title": "MaxCapacity", "type": "number" }, "MinCapacity": { "markdownDescription": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0.5.", "title": "MinCapacity", "type": "number" } }, "type": "object" }, "AWS::RDS::DBClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBClusterParameterGroupName": { "markdownDescription": "The name of the DB cluster parameter group.\n\nConstraints:\n\n- Must not match the name of an existing DB cluster parameter group.\n\nIf you don't specify a value for `DBClusterParameterGroupName` property, a name is automatically created for the DB cluster parameter group.\n\n> This value is stored as a lowercase string.", "title": "DBClusterParameterGroupName", "type": "string" }, "Description": { "markdownDescription": "A friendly description for this DB cluster parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a DB engine and engine version compatible with that DB cluster parameter group family.\n\n> The DB cluster parameter group family can't be changed when updating a DB cluster parameter group. \n\nTo list all of the available parameter group families, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"`\n\nThe output contains duplicates.\n\nFor more information, see `[CreateDBClusterParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBClusterParameterGroup.html)` .", "title": "Family", "type": "string" }, "Parameters": { "markdownDescription": "Provides a list of parameters for the DB cluster parameter group.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB cluster parameter group.", "title": "Tags", "type": "array" } }, "required": [ "Description", "Family", "Parameters" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBClusterParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocatedStorage": { "markdownDescription": "The amount of storage in gibibytes (GiB) to be initially allocated for the database instance.\n\n> If any value is set in the `Iops` parameter, `AllocatedStorage` must be at least 100 GiB, which corresponds to the minimum Iops value of 1,000. If you increase the `Iops` value (in 1,000 IOPS increments), then you must also increase the `AllocatedStorage` value (in 100-GiB increments). \n\n*Amazon Aurora*\n\nNot applicable. Aurora cluster volumes automatically grow as the amount of data in your database increases, though you are only charged for the space that you use in an Aurora cluster volume.\n\n*Db2*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp3): Must be an integer from 20 to 64000.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 64000.\n\n*MySQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*MariaDB*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*PostgreSQL*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 5 to 3072.\n\n*Oracle*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2): Must be an integer from 20 to 65536.\n- Provisioned IOPS storage (io1): Must be an integer from 100 to 65536.\n- Magnetic storage (standard): Must be an integer from 10 to 3072.\n\n*SQL Server*\n\nConstraints to the amount of storage for each storage type are the following:\n\n- General Purpose (SSD) storage (gp2):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Provisioned IOPS storage (io1):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 16384.\n- Web and Express editions: Must be an integer from 20 to 16384.\n- Magnetic storage (standard):\n\n- Enterprise and Standard editions: Must be an integer from 20 to 1024.\n- Web and Express editions: Must be an integer from 20 to 1024.", "title": "AllocatedStorage", "type": "string" }, "AllowMajorVersionUpgrade": { "markdownDescription": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n\nConstraints: Major version upgrades must be allowed when specifying a value for the `EngineVersion` parameter that is a different major version than the DB instance's current version.", "title": "AllowMajorVersionUpgrade", "type": "boolean" }, "AssociatedRoles": { "items": { "$ref": "#/definitions/AWS::RDS::DBInstance.DBInstanceRole" }, "markdownDescription": "The AWS Identity and Access Management (IAM) roles associated with the DB instance.\n\n*Amazon Aurora*\n\nNot applicable. The associated roles are managed by the DB cluster.", "title": "AssociatedRoles", "type": "array" }, "AutoMinorVersionUpgrade": { "markdownDescription": "A value that indicates whether minor engine upgrades are applied automatically to the DB instance during the maintenance window. By default, minor engine upgrades are applied automatically.", "title": "AutoMinorVersionUpgrade", "type": "boolean" }, "AutomaticBackupReplicationKmsKeyId": { "markdownDescription": "The AWS KMS key identifier for encryption of the replicated automated backups. The KMS key ID is the Amazon Resource Name (ARN) for the KMS encryption key in the destination AWS Region , for example, `arn:aws:kms:us-east-1:123456789012:key/AKIAIOSFODNN7EXAMPLE` .", "title": "AutomaticBackupReplicationKmsKeyId", "type": "string" }, "AutomaticBackupReplicationRegion": { "markdownDescription": "", "title": "AutomaticBackupReplicationRegion", "type": "string" }, "AvailabilityZone": { "markdownDescription": "The Availability Zone (AZ) where the database will be created. For information on AWS Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html) .\n\nFor Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n\nDefault: A random, system-chosen Availability Zone in the endpoint's AWS Region .\n\nConstraints:\n\n- The `AvailabilityZone` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n- The specified Availability Zone must be in the same AWS Region as the current endpoint.\n\nExample: `us-east-1d`", "title": "AvailabilityZone", "type": "string" }, "BackupRetentionPeriod": { "markdownDescription": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n\n*Amazon Aurora*\n\nNot applicable. The retention period for automated backups is managed by the DB cluster.\n\nDefault: 1\n\nConstraints:\n\n- Must be a value from 0 to 35\n- Can't be set to 0 if the DB instance is a source to read replicas", "title": "BackupRetentionPeriod", "type": "number" }, "CACertificateIdentifier": { "markdownDescription": "The identifier of the CA certificate for this DB instance.\n\nFor more information, see [Using SSL/TLS to encrypt a connection to a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html) in the *Amazon RDS User Guide* and [Using SSL/TLS to encrypt a connection to a DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL.html) in the *Amazon Aurora User Guide* .", "title": "CACertificateIdentifier", "type": "string" }, "CertificateDetails": { "$ref": "#/definitions/AWS::RDS::DBInstance.CertificateDetails", "markdownDescription": "The details of the DB instance's server certificate.", "title": "CertificateDetails" }, "CertificateRotationRestart": { "markdownDescription": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n\nBy default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n\n> Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance. \n\nIf you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n\n- For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.*\n- For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", "title": "CertificateRotationRestart", "type": "boolean" }, "CharacterSetName": { "markdownDescription": "For supported engines, indicates that the DB instance should be associated with the specified character set.\n\n*Amazon Aurora*\n\nNot applicable. The character set is managed by the DB cluster. For more information, see [AWS::RDS::DBCluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html) .", "title": "CharacterSetName", "type": "string" }, "CopyTagsToSnapshot": { "markdownDescription": "Specifies whether to copy tags from the DB instance to snapshots of the DB instance. By default, tags are not copied.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Copying tags to snapshots is managed by the DB cluster. Setting this value for an Aurora DB instance has no effect on the DB cluster setting.", "title": "CopyTagsToSnapshot", "type": "boolean" }, "CustomIAMInstanceProfile": { "markdownDescription": "The instance profile associated with the underlying Amazon EC2 instance of an RDS Custom DB instance.\n\nThis setting is required for RDS Custom.\n\nConstraints:\n\n- The profile must exist in your account.\n- The profile must have an IAM role that Amazon EC2 has permissions to assume.\n- The instance profile name and the associated IAM role name must start with the prefix `AWSRDSCustom` .\n\nFor the list of permissions required for the IAM role, see [Configure IAM and your VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-setup-orcl.html#custom-setup-orcl.iam-vpc) in the *Amazon RDS User Guide* .", "title": "CustomIAMInstanceProfile", "type": "string" }, "DBClusterIdentifier": { "markdownDescription": "The identifier of the DB cluster that the instance will belong to.", "title": "DBClusterIdentifier", "type": "string" }, "DBClusterSnapshotIdentifier": { "markdownDescription": "The identifier for the Multi-AZ DB cluster snapshot to restore from.\n\nFor more information on Multi-AZ DB clusters, see [Multi-AZ DB cluster deployments](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/multi-az-db-clusters-concepts.html) in the *Amazon RDS User Guide* .\n\nConstraints:\n\n- Must match the identifier of an existing Multi-AZ DB cluster snapshot.\n- Can't be specified when `DBSnapshotIdentifier` is specified.\n- Must be specified when `DBSnapshotIdentifier` isn't specified.\n- If you are restoring from a shared manual Multi-AZ DB cluster snapshot, the `DBClusterSnapshotIdentifier` must be the ARN of the shared snapshot.\n- Can't be the identifier of an Aurora DB cluster snapshot.", "title": "DBClusterSnapshotIdentifier", "type": "string" }, "DBInstanceClass": { "markdownDescription": "The compute and memory capacity of the DB instance, for example `db.m5.large` . Not all DB instance classes are available in all AWS Regions , or for all database engines. For the full list of DB instance classes, and availability for your engine, see [DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html) in the *Amazon RDS User Guide* or [Aurora DB instance classes](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.DBInstanceClass.html) in the *Amazon Aurora User Guide* .", "title": "DBInstanceClass", "type": "string" }, "DBInstanceIdentifier": { "markdownDescription": "A name for the DB instance. If you specify a name, AWS CloudFormation converts it to lowercase. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the DB instance. For more information, see [Name Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "DBInstanceIdentifier", "type": "string" }, "DBName": { "markdownDescription": "The meaning of this parameter differs according to the database engine you use.\n\n> If you specify the `[DBSnapshotIdentifier](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsnapshotidentifier)` property, this property only applies to RDS for Oracle. \n\n*Amazon Aurora*\n\nNot applicable. The database name is managed by the DB cluster.\n\n*Db2*\n\nThe name of the database to create when the DB instance is created. If this parameter isn't specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Can't be a word reserved by the specified database engine.\n\n*MySQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*MariaDB*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, no database is created in the DB instance.\n\nConstraints:\n\n- Must contain 1 to 64 letters or numbers.\n- Can't be a word reserved by the specified database engine\n\n*PostgreSQL*\n\nThe name of the database to create when the DB instance is created. If this parameter is not specified, the default `postgres` database is created in the DB instance.\n\nConstraints:\n\n- Must begin with a letter. Subsequent characters can be letters, underscores, or digits (0-9).\n- Must contain 1 to 63 characters.\n- Can't be a word reserved by the specified database engine\n\n*Oracle*\n\nThe Oracle System ID (SID) of the created DB instance. If you specify `null` , the default value `ORCL` is used. You can't specify the string NULL, or any other reserved word, for `DBName` .\n\nDefault: `ORCL`\n\nConstraints:\n\n- Can't be longer than 8 characters\n\n*SQL Server*\n\nNot applicable. Must be null.", "title": "DBName", "type": "string" }, "DBParameterGroupName": { "markdownDescription": "The name of an existing DB parameter group or a reference to an [AWS::RDS::DBParameterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html) resource created in the template.\n\nTo list all of the available DB parameter group names, use the following command:\n\n`aws rds describe-db-parameter-groups --query \"DBParameterGroups[].DBParameterGroupName\" --output text`\n\n> If any of the data members of the referenced parameter group are changed during an update, the DB instance might need to be restarted, which causes some interruption. If the parameter group contains static parameters, whether they were changed or not, an update triggers a reboot. \n\nIf you don't specify a value for `DBParameterGroupName` property, the default DB parameter group for the specified engine and engine version is used.", "title": "DBParameterGroupName", "type": "string" }, "DBSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of the DB security groups to assign to the DB instance. The list can include both the name of existing DB security groups or references to AWS::RDS::DBSecurityGroup resources created in the template.\n\nIf you set DBSecurityGroups, you must not set VPCSecurityGroups, and vice versa. Also, note that the DBSecurityGroups property exists only for backwards compatibility with older regions and is no longer recommended for providing security information to an RDS DB instance. Instead, use VPCSecurityGroups.\n\n> If you specify this property, AWS CloudFormation sends only the following properties (if specified) to Amazon RDS during create operations:\n> \n> - `AllocatedStorage`\n> - `AutoMinorVersionUpgrade`\n> - `AvailabilityZone`\n> - `BackupRetentionPeriod`\n> - `CharacterSetName`\n> - `DBInstanceClass`\n> - `DBName`\n> - `DBParameterGroupName`\n> - `DBSecurityGroups`\n> - `DBSubnetGroupName`\n> - `Engine`\n> - `EngineVersion`\n> - `Iops`\n> - `LicenseModel`\n> - `MasterUsername`\n> - `MasterUserPassword`\n> - `MultiAZ`\n> - `OptionGroupName`\n> - `PreferredBackupWindow`\n> - `PreferredMaintenanceWindow`\n> \n> All other properties are ignored. Specify a virtual private cloud (VPC) security group if you want to submit other properties, such as `StorageType` , `StorageEncrypted` , or `KmsKeyId` . If you're already using the `DBSecurityGroups` property, you can't use these other properties by updating your DB instance to use a VPC security group. You must recreate the DB instance.", "title": "DBSecurityGroups", "type": "array" }, "DBSnapshotIdentifier": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n\nBy specifying this property, you can create a DB instance from the specified DB snapshot. If the `DBSnapshotIdentifier` property is an empty string or the `AWS::RDS::DBInstance` declaration has no `DBSnapshotIdentifier` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n\nSome DB instance properties aren't valid when you restore from a snapshot, such as the `MasterUsername` and `MasterUserPassword` properties. For information about the properties that you can specify, see the `RestoreDBInstanceFromDBSnapshot` action in the *Amazon RDS API Reference* .\n\nAfter you restore a DB instance with a `DBSnapshotIdentifier` property, you must specify the same `DBSnapshotIdentifier` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the `DBSnapshotIdentifier` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified `DBSnapshotIdentifier` property, and the original DB instance is deleted.\n\nIf you specify the `DBSnapshotIdentifier` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n\n- `CharacterSetName`\n- `DBClusterIdentifier`\n- `DBName`\n- `DeleteAutomatedBackups`\n- `EnablePerformanceInsights`\n- `KmsKeyId`\n- `MasterUsername`\n- `MasterUserPassword`\n- `PerformanceInsightsKMSKeyId`\n- `PerformanceInsightsRetentionPeriod`\n- `PromotionTier`\n- `SourceDBInstanceIdentifier`\n- `SourceRegion`\n- `StorageEncrypted` (for an encrypted snapshot)\n- `Timezone`\n\n*Amazon Aurora*\n\nNot applicable. Snapshot restore is managed by the DB cluster.", "title": "DBSnapshotIdentifier", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC.\n\nIf there's no DB subnet group, then the DB instance isn't a VPC DB instance.\n\nFor more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", "title": "DBSubnetGroupName", "type": "string" }, "DedicatedLogVolume": { "markdownDescription": "Indicates whether the DB instance has a dedicated log volume (DLV) enabled.", "title": "DedicatedLogVolume", "type": "boolean" }, "DeleteAutomatedBackups": { "markdownDescription": "A value that indicates whether to remove automated backups immediately after the DB instance is deleted. This parameter isn't case-sensitive. The default is to remove automated backups immediately after the DB instance is deleted.\n\n*Amazon Aurora*\n\nNot applicable. When you delete a DB cluster, all automated backups for that DB cluster are deleted and can't be recovered. Manual DB cluster snapshots of the DB cluster are not deleted.", "title": "DeleteAutomatedBackups", "type": "boolean" }, "DeletionProtection": { "markdownDescription": "A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html) .\n\n*Amazon Aurora*\n\nNot applicable. You can enable or disable deletion protection for the DB cluster. For more information, see `CreateDBCluster` . DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.", "title": "DeletionProtection", "type": "boolean" }, "Domain": { "markdownDescription": "The Active Directory directory ID to create the DB instance in. Currently, only Db2, MySQL, Microsoft SQL Server, Oracle, and PostgreSQL DB instances can be created in an Active Directory Domain.\n\nFor more information, see [Kerberos Authentication](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html) in the *Amazon RDS User Guide* .", "title": "Domain", "type": "string" }, "DomainAuthSecretArn": { "markdownDescription": "The ARN for the Secrets Manager secret with the credentials for the user joining the domain.\n\nExample: `arn:aws:secretsmanager:region:account-number:secret:myselfmanagedADtestsecret-123456`", "title": "DomainAuthSecretArn", "type": "string" }, "DomainDnsIps": { "items": { "type": "string" }, "markdownDescription": "The IPv4 DNS IP addresses of your primary and secondary Active Directory domain controllers.\n\nConstraints:\n\n- Two IP addresses must be provided. If there isn't a secondary domain controller, use the IP address of the primary domain controller for both entries in the list.\n\nExample: `123.124.125.126,234.235.236.237`", "title": "DomainDnsIps", "type": "array" }, "DomainFqdn": { "markdownDescription": "The fully qualified domain name (FQDN) of an Active Directory domain.\n\nConstraints:\n\n- Can't be longer than 64 characters.\n\nExample: `mymanagedADtest.mymanagedAD.mydomain`", "title": "DomainFqdn", "type": "string" }, "DomainIAMRoleName": { "markdownDescription": "The name of the IAM role to use when making API calls to the Directory Service.\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (The domain is managed by the DB cluster.)\n- RDS Custom", "title": "DomainIAMRoleName", "type": "string" }, "DomainOu": { "markdownDescription": "The Active Directory organizational unit for your DB instance to join.\n\nConstraints:\n\n- Must be in the distinguished name format.\n- Can't be longer than 64 characters.\n\nExample: `OU=mymanagedADtestOU,DC=mymanagedADtest,DC=mymanagedAD,DC=mydomain`", "title": "DomainOu", "type": "string" }, "EnableCloudwatchLogsExports": { "items": { "type": "string" }, "markdownDescription": "The list of log types that need to be enabled for exporting to CloudWatch Logs. The values in the list depend on the DB engine being used. For more information, see [Publishing Database Logs to Amazon CloudWatch Logs](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch) in the *Amazon Relational Database Service User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. CloudWatch Logs exports are managed by the DB cluster.\n\n*Db2*\n\nValid values: `diag.log` , `notify.log`\n\n*MariaDB*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Microsoft SQL Server*\n\nValid values: `agent` , `error`\n\n*MySQL*\n\nValid values: `audit` , `error` , `general` , `slowquery`\n\n*Oracle*\n\nValid values: `alert` , `audit` , `listener` , `trace` , `oemagent`\n\n*PostgreSQL*\n\nValid values: `postgresql` , `upgrade`", "title": "EnableCloudwatchLogsExports", "type": "array" }, "EnableIAMDatabaseAuthentication": { "markdownDescription": "A value that indicates whether to enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts. By default, mapping is disabled.\n\nThis property is supported for RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL. For more information, see [IAM Database Authentication for MariaDB, MySQL, and PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html) in the *Amazon RDS User Guide.*\n\n*Amazon Aurora*\n\nNot applicable. Mapping AWS IAM accounts to database accounts is managed by the DB cluster.", "title": "EnableIAMDatabaseAuthentication", "type": "boolean" }, "EnablePerformanceInsights": { "markdownDescription": "Specifies whether to enable Performance Insights for the DB instance. For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.", "title": "EnablePerformanceInsights", "type": "boolean" }, "Endpoint": { "$ref": "#/definitions/AWS::RDS::DBInstance.Endpoint", "markdownDescription": "The connection endpoint for the DB instance.\n\n> The endpoint might not be shown for instances with the status of `creating` .", "title": "Endpoint" }, "Engine": { "markdownDescription": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n\nThis property is required when creating a DB instance.\n\n> You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the `Engine` value in your templates from `oracle-ee` to `oracle-ee-cdb` or from `oracle-se2` to `oracle-se2-cdb` . Converting to the CDB architecture requires an interruption. \n\nValid Values:\n\n- `aurora-mysql` (for Aurora MySQL DB instances)\n- `aurora-postgresql` (for Aurora PostgreSQL DB instances)\n- `custom-oracle-ee` (for RDS Custom for Oracle DB instances)\n- `custom-oracle-ee-cdb` (for RDS Custom for Oracle DB instances)\n- `custom-sqlserver-ee` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-se` (for RDS Custom for SQL Server DB instances)\n- `custom-sqlserver-web` (for RDS Custom for SQL Server DB instances)\n- `db2-ae`\n- `db2-se`\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", "title": "Engine", "type": "string" }, "EngineVersion": { "markdownDescription": "The version number of the database engine to use.\n\nFor a list of valid engine versions, use the `DescribeDBEngineVersions` action.\n\nThe following are the database engines and links to information about the major and minor versions that are available with Amazon RDS. Not every database engine is available for every AWS Region.\n\n*Amazon Aurora*\n\nNot applicable. The version number of the database engine to be used by the DB instance is managed by the DB cluster.\n\n*Db2*\n\nSee [Amazon RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Db2.html#Db2.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*MariaDB*\n\nSee [MariaDB on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Microsoft SQL Server*\n\nSee [Microsoft SQL Server Versions on Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport) in the *Amazon RDS User Guide.*\n\n*MySQL*\n\nSee [MySQL on Amazon RDS Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt) in the *Amazon RDS User Guide.*\n\n*Oracle*\n\nSee [Oracle Database Engine Release Notes](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html) in the *Amazon RDS User Guide.*\n\n*PostgreSQL*\n\nSee [Supported PostgreSQL Database Versions](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions) in the *Amazon RDS User Guide.*", "title": "EngineVersion", "type": "string" }, "Iops": { "markdownDescription": "The number of I/O operations per second (IOPS) that the database provisions. The value must be equal to or greater than 1000.\n\nIf you specify this property, you must follow the range of allowed ratios of your requested IOPS rate to the amount of storage that you allocate (IOPS to allocated storage). For example, you can provision an Oracle database instance with 1000 IOPS and 200 GiB of storage (a ratio of 5:1), or specify 2000 IOPS with 200 GiB of storage (a ratio of 10:1). For more information, see [Amazon RDS Provisioned IOPS Storage to Improve Performance](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/CHAP_Storage.html#USER_PIOPS) in the *Amazon RDS User Guide* .\n\n> If you specify `io1` for the `StorageType` property, then you must also specify the `Iops` property. \n\nConstraints:\n\n- For RDS for Db2, MariaDB, MySQL, Oracle, and PostgreSQL - Must be a multiple between .5 and 50 of the storage amount for the DB instance.\n- For RDS for SQL Server - Must be a multiple between 1 and 50 of the storage amount for the DB instance.", "title": "Iops", "type": "number" }, "KmsKeyId": { "markdownDescription": "The ARN of the AWS KMS key that's used to encrypt the DB instance, such as `arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef` . If you enable the StorageEncrypted property but don't specify this property, AWS CloudFormation uses the default KMS key. If you specify this property, you must set the StorageEncrypted property to true.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used. However, if the source DB instance is in a different AWS Region, you must specify a KMS key ID.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup, and if the automated backup is encrypted, the specified `KmsKeyId` property is used.\n\nIf you create an encrypted read replica in a different AWS Region, then you must specify a KMS key for the destination AWS Region. KMS encryption keys are specific to the region that they're created in, and you can't use encryption keys from one region in another region.\n\nIf you specify the `DBSnapshotIdentifier` property, don't specify this property. The `StorageEncrypted` property value is inherited from the snapshot. If the DB instance is encrypted, the specified `KmsKeyId` property is also inherited from the snapshot.\n\nIf you specify `DBSecurityGroups` , AWS CloudFormation ignores this property. To specify both a security group and this property, you must use a VPC security group. For more information about Amazon RDS and VPC, see [Using Amazon RDS with Amazon VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. The KMS key identifier is managed by the DB cluster.", "title": "KmsKeyId", "type": "string" }, "LicenseModel": { "markdownDescription": "License model information for this DB instance.\n\nValid Values:\n\n- Aurora MySQL - `general-public-license`\n- Aurora PostgreSQL - `postgresql-license`\n- RDS for Db2 - `bring-your-own-license` . For more information about RDS for Db2 licensing, see [](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-licensing.html) in the *Amazon RDS User Guide.*\n- RDS for MariaDB - `general-public-license`\n- RDS for Microsoft SQL Server - `license-included`\n- RDS for MySQL - `general-public-license`\n- RDS for Oracle - `bring-your-own-license` or `license-included`\n- RDS for PostgreSQL - `postgresql-license`\n\n> If you've specified `DBSecurityGroups` and then you update the license model, AWS CloudFormation replaces the underlying DB instance. This will incur some interruptions to database availability.", "title": "LicenseModel", "type": "string" }, "ManageMasterUserPassword": { "markdownDescription": "Specifies whether to manage the master user password with AWS Secrets Manager.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Can't manage the master user password with AWS Secrets Manager if `MasterUserPassword` is specified.", "title": "ManageMasterUserPassword", "type": "boolean" }, "MasterUserPassword": { "markdownDescription": "The password for the master user. The password can include any printable ASCII character except \"/\", \"\"\", or \"@\".\n\n*Amazon Aurora*\n\nNot applicable. The password for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nMust contain from 8 to 255 characters.\n\n*RDS for MariaDB*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Microsoft SQL Server*\n\nConstraints: Must contain from 8 to 128 characters.\n\n*RDS for MySQL*\n\nConstraints: Must contain from 8 to 41 characters.\n\n*RDS for Oracle*\n\nConstraints: Must contain from 8 to 30 characters.\n\n*RDS for PostgreSQL*\n\nConstraints: Must contain from 8 to 128 characters.", "title": "MasterUserPassword", "type": "string" }, "MasterUserSecret": { "$ref": "#/definitions/AWS::RDS::DBInstance.MasterUserSecret", "markdownDescription": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n\nFor more information, see [Password management with AWS Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*", "title": "MasterUserSecret" }, "MasterUsername": { "markdownDescription": "The master user name for the DB instance.\n\n> If you specify the `SourceDBInstanceIdentifier` or `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n> \n> When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name. \n\n*Amazon Aurora*\n\nNot applicable. The name for the master user is managed by the DB cluster.\n\n*RDS for Db2*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MariaDB*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Microsoft SQL Server*\n\nConstraints:\n\n- Must be 1 to 128 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for MySQL*\n\nConstraints:\n\n- Must be 1 to 16 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for Oracle*\n\nConstraints:\n\n- Must be 1 to 30 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.\n\n*RDS for PostgreSQL*\n\nConstraints:\n\n- Must be 1 to 63 letters or numbers.\n- First character must be a letter.\n- Can't be a reserved word for the chosen database engine.", "title": "MasterUsername", "type": "string" }, "MaxAllocatedStorage": { "markdownDescription": "The upper limit in gibibytes (GiB) to which Amazon RDS can automatically scale the storage of the DB instance.\n\nFor more information about this setting, including limitations that apply to it, see [Managing capacity automatically with Amazon RDS storage autoscaling](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling) in the *Amazon RDS User Guide* .\n\nThis setting doesn't apply to the following DB instances:\n\n- Amazon Aurora (Storage is managed by the DB cluster.)\n- RDS Custom", "title": "MaxAllocatedStorage", "type": "number" }, "MonitoringInterval": { "markdownDescription": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.\n\nIf `MonitoringRoleArn` is specified, then you must set `MonitoringInterval` to a value other than 0.\n\nThis setting doesn't apply to RDS Custom.\n\nValid Values: `0, 1, 5, 10, 15, 30, 60`", "title": "MonitoringInterval", "type": "number" }, "MonitoringRoleArn": { "markdownDescription": "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to Amazon CloudWatch Logs. For example, `arn:aws:iam:123456789012:role/emaccess` . For information on creating a monitoring role, see [Setting Up and Enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide* .\n\nIf `MonitoringInterval` is set to a value other than `0` , then you must supply a `MonitoringRoleArn` value.\n\nThis setting doesn't apply to RDS Custom DB instances.", "title": "MonitoringRoleArn", "type": "string" }, "MultiAZ": { "markdownDescription": "Specifies whether the database instance is a Multi-AZ DB instance deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to true.\n\nFor more information, see [Multi-AZ deployments for high availability](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html) in the *Amazon RDS User Guide* .\n\n*Amazon Aurora*\n\nNot applicable. Amazon Aurora storage is replicated across all of the Availability Zones and doesn't require the `MultiAZ` option to be set.", "title": "MultiAZ", "type": "boolean" }, "NcharCharacterSetName": { "markdownDescription": "The name of the NCHAR character set for the Oracle DB instance.\n\nThis setting doesn't apply to RDS Custom DB instances.", "title": "NcharCharacterSetName", "type": "string" }, "NetworkType": { "markdownDescription": "The network type of the DB instance.\n\nValid values:\n\n- `IPV4`\n- `DUAL`\n\nThe network type is determined by the `DBSubnetGroup` specified for the DB instance. A `DBSubnetGroup` can support only the IPv4 protocol or the IPv4 and IPv6 protocols ( `DUAL` ).\n\nFor more information, see [Working with a DB instance in a VPC](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html) in the *Amazon RDS User Guide.*", "title": "NetworkType", "type": "string" }, "OptionGroupName": { "markdownDescription": "Indicates that the DB instance should be associated with the specified option group.\n\nPermanent options, such as the TDE option for Oracle Advanced Security TDE, can't be removed from an option group. Also, that option group can't be removed from a DB instance once it is associated with a DB instance.", "title": "OptionGroupName", "type": "string" }, "PerformanceInsightsKMSKeyId": { "markdownDescription": "The AWS KMS key identifier for encryption of Performance Insights data.\n\nThe KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n\nIf you do not specify a value for `PerformanceInsightsKMSKeyId` , then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS account. Your AWS account has a different default KMS key for each AWS Region.\n\nFor information about enabling Performance Insights, see [EnablePerformanceInsights](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-enableperformanceinsights) .", "title": "PerformanceInsightsKMSKeyId", "type": "string" }, "PerformanceInsightsRetentionPeriod": { "markdownDescription": "The number of days to retain Performance Insights data.\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nValid Values:\n\n- `7`\n- *month* * 31, where *month* is a number of months from 1-23. Examples: `93` (3 months * 31), `341` (11 months * 31), `589` (19 months * 31)\n- `731`\n\nDefault: `7` days\n\nIf you specify a retention period that isn't valid, such as `94` , Amazon RDS returns an error.", "title": "PerformanceInsightsRetentionPeriod", "type": "number" }, "Port": { "markdownDescription": "The port number on which the database accepts connections.\n\n*Amazon Aurora*\n\nNot applicable. The port number is managed by the DB cluster.\n\n*Db2*\n\nDefault value: `50000`", "title": "Port", "type": "string" }, "PreferredBackupWindow": { "markdownDescription": "The daily time range during which automated backups are created if automated backups are enabled, using the `BackupRetentionPeriod` parameter. For more information, see [Backup Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow) in the *Amazon RDS User Guide.*\n\nConstraints:\n\n- Must be in the format `hh24:mi-hh24:mi` .\n- Must be in Universal Coordinated Time (UTC).\n- Must not conflict with the preferred maintenance window.\n- Must be at least 30 minutes.\n\n*Amazon Aurora*\n\nNot applicable. The daily time range for creating automated backups is managed by the DB cluster.", "title": "PreferredBackupWindow", "type": "string" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nThe default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.*\n\n> This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately. \n\nConstraints: Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "ProcessorFeatures": { "items": { "$ref": "#/definitions/AWS::RDS::DBInstance.ProcessorFeature" }, "markdownDescription": "The number of CPU cores and the number of threads per core for the DB instance class of the DB instance.\n\nThis setting doesn't apply to Amazon Aurora or RDS Custom DB instances.", "title": "ProcessorFeatures", "type": "array" }, "PromotionTier": { "markdownDescription": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide* .\n\nThis setting doesn't apply to RDS Custom DB instances.\n\nDefault: `1`\n\nValid Values: `0 - 15`", "title": "PromotionTier", "type": "number" }, "PubliclyAccessible": { "markdownDescription": "Indicates whether the DB instance is an internet-facing instance. If you specify true, AWS CloudFormation creates an instance with a publicly resolvable DNS name, which resolves to a public IP address. If you specify false, AWS CloudFormation creates an internal instance with a DNS name that resolves to a private IP address.\n\nThe default behavior value depends on your VPC setup and the database subnet group. For more information, see the `PubliclyAccessible` parameter in the [CreateDBInstance](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html) in the *Amazon RDS API Reference* .", "title": "PubliclyAccessible", "type": "boolean" }, "ReplicaMode": { "markdownDescription": "The open mode of an Oracle read replica. For more information, see [Working with Oracle Read Replicas for Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html) in the *Amazon RDS User Guide* .\n\nThis setting is only supported in RDS for Oracle.\n\nDefault: `open-read-only`\n\nValid Values: `open-read-only` or `mounted`", "title": "ReplicaMode", "type": "string" }, "RestoreTime": { "markdownDescription": "The date and time to restore from.\n\nConstraints:\n\n- Must be a time in Universal Coordinated Time (UTC) format.\n- Must be before the latest restorable time for the DB instance.\n- Can't be specified if the `UseLatestRestorableTime` parameter is enabled.\n\nExample: `2009-09-07T23:45:00Z`", "title": "RestoreTime", "type": "string" }, "SourceDBClusterIdentifier": { "markdownDescription": "The identifier of the Multi-AZ DB cluster that will act as the source for the read replica. Each DB cluster can have up to 15 read replicas.\n\nConstraints:\n\n- Must be the identifier of an existing Multi-AZ DB cluster.\n- Can't be specified if the `SourceDBInstanceIdentifier` parameter is also specified.\n- The specified DB cluster must have automatic backups enabled, that is, its backup retention period must be greater than 0.\n- The source DB cluster must be in the same AWS Region as the read replica. Cross-Region replication isn't supported.", "title": "SourceDBClusterIdentifier", "type": "string" }, "SourceDBInstanceAutomatedBackupsArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the replicated automated backups from which to restore, for example, `arn:aws:rds:us-east-1:123456789012:auto-backup:ab-L2IJCEXJP7XQ7HOJ4SIEXAMPLE` .\n\nThis setting doesn't apply to RDS Custom.", "title": "SourceDBInstanceAutomatedBackupsArn", "type": "string" }, "SourceDBInstanceIdentifier": { "markdownDescription": "If you want to create a read replica DB instance, specify the ID of the source DB instance. Each DB instance can have a limited number of read replicas. For more information, see [Working with Read Replicas](https://docs.aws.amazon.com/AmazonRDS/latest/DeveloperGuide/USER_ReadRepl.html) in the *Amazon RDS User Guide* .\n\nFor information about constraints that apply to DB instance identifiers, see [Naming constraints in Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon RDS User Guide* .\n\nThe `SourceDBInstanceIdentifier` property determines whether a DB instance is a read replica. If you remove the `SourceDBInstanceIdentifier` property from your template and then update your stack, AWS CloudFormation promotes the read replica to a standalone DB instance.\n\nIf you specify the `UseLatestRestorableTime` or `RestoreTime` properties in conjunction with the `SourceDBInstanceIdentifier` property, RDS restores the DB instance to the requested point in time, thereby creating a new DB instance.\n\n> - If you specify a source DB instance that uses VPC security groups, we recommend that you specify the `VPCSecurityGroups` property. If you don't specify the property, the read replica inherits the value of the `VPCSecurityGroups` property from the source DB when you create the replica. However, if you update the stack, AWS CloudFormation reverts the replica's `VPCSecurityGroups` property to the default value because it's not defined in the stack's template. This change might cause unexpected issues.\n> - Read replicas don't support deletion policies. AWS CloudFormation ignores any deletion policy that's associated with a read replica.\n> - If you specify `SourceDBInstanceIdentifier` , don't specify the `DBSnapshotIdentifier` property. You can't create a read replica from a snapshot.\n> - Don't set the `BackupRetentionPeriod` , `DBName` , `MasterUsername` , `MasterUserPassword` , and `PreferredBackupWindow` properties. The database attributes are inherited from the source DB instance, and backups are disabled for read replicas.\n> - If the source DB instance is in a different region than the read replica, specify the source region in `SourceRegion` , and specify an ARN for a valid DB instance in `SourceDBInstanceIdentifier` . For more information, see [Constructing a Amazon RDS Amazon Resource Name (ARN)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html#USER_Tagging.ARN) in the *Amazon RDS User Guide* .\n> - For DB instances in Amazon Aurora clusters, don't specify this property. Amazon RDS automatically assigns writer and reader DB instances.", "title": "SourceDBInstanceIdentifier", "type": "string" }, "SourceDbiResourceId": { "markdownDescription": "The resource ID of the source DB instance from which to restore.", "title": "SourceDbiResourceId", "type": "string" }, "SourceRegion": { "markdownDescription": "The ID of the region that contains the source DB instance for the read replica.", "title": "SourceRegion", "type": "string" }, "StorageEncrypted": { "markdownDescription": "A value that indicates whether the DB instance is encrypted. By default, it isn't encrypted.\n\nIf you specify the `KmsKeyId` property, then you must enable encryption.\n\nIf you specify the `SourceDBInstanceIdentifier` or `SourceDbiResourceId` property, don't specify this property. The value is inherited from the source DB instance, and if the DB instance is encrypted, the specified `KmsKeyId` property is used.\n\nIf you specify the `SourceDBInstanceAutomatedBackupsArn` property, don't specify this property. The value is inherited from the source DB instance automated backup.\n\nIf you specify `DBSnapshotIdentifier` property, don't specify this property. The value is inherited from the snapshot.\n\n*Amazon Aurora*\n\nNot applicable. The encryption for DB instances is managed by the DB cluster.", "title": "StorageEncrypted", "type": "boolean" }, "StorageThroughput": { "markdownDescription": "Specifies the storage throughput value for the DB instance. This setting applies only to the `gp3` storage type.\n\nThis setting doesn't apply to RDS Custom or Amazon Aurora.", "title": "StorageThroughput", "type": "number" }, "StorageType": { "markdownDescription": "The storage type to associate with the DB instance.\n\nIf you specify `io1` , `io2` , or `gp3` , you must also include a value for the `Iops` parameter.\n\nThis setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n\nValid Values: `gp2 | gp3 | io1 | io2 | standard`\n\nDefault: `io1` , if the `Iops` parameter is specified. Otherwise, `gp2` .", "title": "StorageType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB instance.", "title": "Tags", "type": "array" }, "Timezone": { "markdownDescription": "The time zone of the DB instance. The time zone parameter is currently supported only by [RDS for Db2](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/db2-time-zone) and [RDS for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone) .", "title": "Timezone", "type": "string" }, "UseDefaultProcessorFeatures": { "markdownDescription": "Specifies whether the DB instance class of the DB instance uses its default processor features.\n\nThis setting doesn't apply to RDS Custom DB instances.", "title": "UseDefaultProcessorFeatures", "type": "boolean" }, "UseLatestRestorableTime": { "markdownDescription": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time.\n\nConstraints:\n\n- Can't be specified if the `RestoreTime` parameter is provided.", "title": "UseLatestRestorableTime", "type": "boolean" }, "VPCSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of the VPC security group IDs to assign to the DB instance. The list can include both the physical IDs of existing VPC security groups and references to [AWS::EC2::SecurityGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html) resources created in the template.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.\n\nIf you set `VPCSecurityGroups` , you must not set [`DBSecurityGroups`](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) , and vice versa.\n\n> You can migrate a DB instance in your stack from an RDS DB security group to a VPC security group, but keep the following in mind:\n> \n> - You can't revert to using an RDS security group after you establish a VPC security group membership.\n> - When you migrate your DB instance to VPC security groups, if your stack update rolls back because the DB instance update fails or because an update fails in another AWS CloudFormation resource, the rollback fails because it can't revert to an RDS security group.\n> - To use the properties that are available when you use a VPC security group, you must recreate the DB instance. If you don't, AWS CloudFormation submits only the property values that are listed in the [`DBSecurityGroups`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-dbsecuritygroups) property. \n\nTo avoid this situation, migrate your DB instance to using VPC security groups only when that is the only change in your stack template.\n\n*Amazon Aurora*\n\nNot applicable. The associated list of EC2 VPC security groups is managed by the DB cluster. If specified, the setting must match the DB cluster setting.", "title": "VPCSecurityGroups", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::RDS::DBInstance.CertificateDetails": { "additionalProperties": false, "properties": { "CAIdentifier": { "markdownDescription": "The CA identifier of the CA certificate used for the DB instance's server certificate.", "title": "CAIdentifier", "type": "string" }, "ValidTill": { "markdownDescription": "The expiration date of the DB instance\u2019s server certificate.", "title": "ValidTill", "type": "string" } }, "type": "object" }, "AWS::RDS::DBInstance.DBInstanceRole": { "additionalProperties": false, "properties": { "FeatureName": { "markdownDescription": "The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the `SupportedFeatureNames` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference* .", "title": "FeatureName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance.", "title": "RoleArn", "type": "string" } }, "required": [ "FeatureName", "RoleArn" ], "type": "object" }, "AWS::RDS::DBInstance.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "Specifies the DNS address of the DB instance.", "title": "Address", "type": "string" }, "HostedZoneId": { "markdownDescription": "Specifies the ID that Amazon Route 53 assigns when you create a hosted zone.", "title": "HostedZoneId", "type": "string" }, "Port": { "markdownDescription": "Specifies the port that the database engine is listening on.", "title": "Port", "type": "string" } }, "type": "object" }, "AWS::RDS::DBInstance.MasterUserSecret": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS KMS key identifier that is used to encrypt the secret.", "title": "KmsKeyId", "type": "string" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the secret.", "title": "SecretArn", "type": "string" } }, "type": "object" }, "AWS::RDS::DBInstance.ProcessorFeature": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the processor feature. Valid names are `coreCount` and `threadsPerCore` .", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of a processor feature.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::RDS::DBParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBParameterGroupName": { "markdownDescription": "The name of the DB parameter group.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens.\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nIf you don't specify a value for `DBParameterGroupName` property, a name is automatically created for the DB parameter group.\n\n> This value is stored as a lowercase string.", "title": "DBParameterGroupName", "type": "string" }, "Description": { "markdownDescription": "Provides the customer-specified description for this DB parameter group.", "title": "Description", "type": "string" }, "Family": { "markdownDescription": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a DB engine and engine version compatible with that DB parameter group family.\n\n> The DB parameter group family can't be changed when updating a DB parameter group. \n\nTo list all of the available parameter group families, use the following command:\n\n`aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"`\n\nThe output contains duplicates.\n\nFor more information, see `[CreateDBParameterGroup](https://docs.aws.amazon.com//AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html)` .", "title": "Family", "type": "string" }, "Parameters": { "markdownDescription": "An array of parameter names and values for the parameter update. At least one parameter name and value must be supplied. Subsequent arguments are optional.\n\nRDS for Db2 requires you to bring your own Db2 license. You must enter your IBM customer ID ( `rds.ibm_customer_id` ) and site number ( `rds.ibm_site_id` ) before starting a Db2 instance.\n\nFor more information about DB parameters and DB parameter groups for Amazon RDS DB engines, see [Working with DB Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide* .\n\nFor more information about DB cluster and DB instance parameters and parameter groups for Amazon Aurora DB engines, see [Working with DB Parameter Groups and DB Cluster Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide* .\n\n> AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.", "title": "Parameters", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB parameter group.\n\n> Currently, this is the only property that supports drift detection.", "title": "Tags", "type": "array" } }, "required": [ "Description", "Family" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBProxy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Auth": { "items": { "$ref": "#/definitions/AWS::RDS::DBProxy.AuthFormat" }, "markdownDescription": "The authorization mechanism that the proxy uses.", "title": "Auth", "type": "array" }, "DBProxyName": { "markdownDescription": "The identifier for the proxy. This name must be unique for all proxies owned by your AWS account in the specified AWS Region . An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens; it can't end with a hyphen or contain two consecutive hyphens.", "title": "DBProxyName", "type": "string" }, "DebugLogging": { "markdownDescription": "Specifies whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.", "title": "DebugLogging", "type": "boolean" }, "EngineFamily": { "markdownDescription": "The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify `MYSQL` . For Aurora PostgreSQL and RDS for PostgreSQL databases, specify `POSTGRESQL` . For RDS for Microsoft SQL Server, specify `SQLSERVER` .\n\n*Valid Values* : `MYSQL` | `POSTGRESQL` | `SQLSERVER`", "title": "EngineFamily", "type": "string" }, "IdleClientTimeout": { "markdownDescription": "The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.", "title": "IdleClientTimeout", "type": "number" }, "RequireTLS": { "markdownDescription": "Specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.", "title": "RequireTLS", "type": "boolean" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::RDS::DBProxy.TagFormat" }, "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", "title": "Tags", "type": "array" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "One or more VPC security group IDs to associate with the new proxy.\n\nIf you plan to update the resource, don't specify VPC security groups in a shared VPC.", "title": "VpcSecurityGroupIds", "type": "array" }, "VpcSubnetIds": { "items": { "type": "string" }, "markdownDescription": "One or more VPC subnet IDs to associate with the new proxy.", "title": "VpcSubnetIds", "type": "array" } }, "required": [ "Auth", "DBProxyName", "EngineFamily", "RoleArn", "VpcSubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBProxy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBProxy.AuthFormat": { "additionalProperties": false, "properties": { "AuthScheme": { "markdownDescription": "The type of authentication that the proxy uses for connections from the proxy to the underlying database.\n\nValid Values: `SECRETS`", "title": "AuthScheme", "type": "string" }, "ClientPasswordAuthType": { "markdownDescription": "Specifies the details of authentication used by a proxy to log in as a specific database user.", "title": "ClientPasswordAuthType", "type": "string" }, "Description": { "markdownDescription": "A user-specified description about the authentication used by a proxy to log in as a specific database user.", "title": "Description", "type": "string" }, "IAMAuth": { "markdownDescription": "Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. The `ENABLED` value is valid only for proxies with RDS for Microsoft SQL Server.\n\nValid Values: `ENABLED | DISABLED | REQUIRED`", "title": "IAMAuth", "type": "string" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.", "title": "SecretArn", "type": "string" } }, "type": "object" }, "AWS::RDS::DBProxy.TagFormat": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A key is the required name of the tag. The string value can be 1-128 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-]*)$\").", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "A value is the optional value of the tag. The string value can be 1-256 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-]*)$\").", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::RDS::DBProxyEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBProxyEndpointName": { "markdownDescription": "The name of the DB proxy endpoint to create.", "title": "DBProxyEndpointName", "type": "string" }, "DBProxyName": { "markdownDescription": "The name of the DB proxy associated with the DB proxy endpoint that you create.", "title": "DBProxyName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint.TagFormat" }, "markdownDescription": "An optional set of key-value pairs to associate arbitrary data of your choosing with the proxy.", "title": "Tags", "type": "array" }, "TargetRole": { "markdownDescription": "A value that indicates whether the DB proxy endpoint can be used for read/write or read-only operations.\n\nValid Values: `READ_WRITE | READ_ONLY`", "title": "TargetRole", "type": "string" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs for the DB proxy endpoint that you create. You can specify a different set of security group IDs than for the original DB proxy. The default is the default security group for the VPC.", "title": "VpcSecurityGroupIds", "type": "array" }, "VpcSubnetIds": { "items": { "type": "string" }, "markdownDescription": "The VPC subnet IDs for the DB proxy endpoint that you create. You can specify a different set of subnet IDs than for the original DB proxy.", "title": "VpcSubnetIds", "type": "array" } }, "required": [ "DBProxyEndpointName", "DBProxyName", "VpcSubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBProxyEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBProxyEndpoint.TagFormat": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A value is the optional value of the tag. The string value can be 1-256 Unicode characters in length and can't be prefixed with `aws:` . The string can contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-]*)$\").", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "Metadata assigned to a DB instance consisting of a key-value pair.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::RDS::DBProxyTargetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionPoolConfigurationInfo": { "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat", "markdownDescription": "Settings that control the size and behavior of the connection pool associated with a `DBProxyTargetGroup` .", "title": "ConnectionPoolConfigurationInfo" }, "DBClusterIdentifiers": { "items": { "type": "string" }, "markdownDescription": "One or more DB cluster identifiers.", "title": "DBClusterIdentifiers", "type": "array" }, "DBInstanceIdentifiers": { "items": { "type": "string" }, "markdownDescription": "One or more DB instance identifiers.", "title": "DBInstanceIdentifiers", "type": "array" }, "DBProxyName": { "markdownDescription": "The identifier of the `DBProxy` that is associated with the `DBProxyTargetGroup` .", "title": "DBProxyName", "type": "string" }, "TargetGroupName": { "markdownDescription": "The identifier for the target group.\n\n> Currently, this property must be set to `default` .", "title": "TargetGroupName", "type": "string" } }, "required": [ "DBProxyName", "TargetGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBProxyTargetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBProxyTargetGroup.ConnectionPoolConfigurationInfoFormat": { "additionalProperties": false, "properties": { "ConnectionBorrowTimeout": { "markdownDescription": "The number of seconds for a proxy to wait for a connection to become available in the connection pool. This setting only applies when the proxy has opened its maximum number of connections and all connections are busy with client sessions. For an unlimited wait time, specify `0` .\n\nDefault: `120`\n\nConstraints:\n\n- Must be between 0 and 3600.", "title": "ConnectionBorrowTimeout", "type": "number" }, "InitQuery": { "markdownDescription": "One or more SQL statements for the proxy to run when opening each new database connection. Typically used with `SET` statements to make sure that each connection has identical settings such as time zone and character set. For multiple statements, use semicolons as the separator. You can also include multiple variables in a single `SET` statement, such as `SET x=1, y=2` .\n\nDefault: no initialization query", "title": "InitQuery", "type": "string" }, "MaxConnectionsPercent": { "markdownDescription": "The maximum size of the connection pool for each target in a target group. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group.\n\nIf you specify `MaxIdleConnectionsPercent` , then you must also include a value for this parameter.\n\nDefault: `10` for RDS for Microsoft SQL Server, and `100` for all other engines\n\nConstraints:\n\n- Must be between 1 and 100.", "title": "MaxConnectionsPercent", "type": "number" }, "MaxIdleConnectionsPercent": { "markdownDescription": "A value that controls how actively the proxy closes idle database connections in the connection pool. The value is expressed as a percentage of the `max_connections` setting for the RDS DB instance or Aurora DB cluster used by the target group. With a high value, the proxy leaves a high percentage of idle database connections open. A low value causes the proxy to close more idle connections and return them to the database.\n\nIf you specify this parameter, then you must also include a value for `MaxConnectionsPercent` .\n\nDefault: The default value is half of the value of `MaxConnectionsPercent` . For example, if `MaxConnectionsPercent` is 80, then the default value of `MaxIdleConnectionsPercent` is 40. If the value of `MaxConnectionsPercent` isn't specified, then for SQL Server, `MaxIdleConnectionsPercent` is `5` , and for all other engines, the default is `50` .\n\nConstraints:\n\n- Must be between 0 and the value of `MaxConnectionsPercent` .", "title": "MaxIdleConnectionsPercent", "type": "number" }, "SessionPinningFilters": { "items": { "type": "string" }, "markdownDescription": "Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. Including an item in the list exempts that class of SQL operations from the pinning behavior.\n\nDefault: no session pinning filters", "title": "SessionPinningFilters", "type": "array" } }, "type": "object" }, "AWS::RDS::DBSecurityGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBSecurityGroupIngress": { "items": { "$ref": "#/definitions/AWS::RDS::DBSecurityGroup.Ingress" }, "markdownDescription": "Ingress rules to be applied to the DB security group.", "title": "DBSecurityGroupIngress", "type": "array" }, "EC2VpcId": { "markdownDescription": "The identifier of an Amazon VPC. This property indicates the VPC that this DB security group belongs to.\n\n> The `EC2VpcId` property is for backward compatibility with older regions, and is no longer recommended for providing security information to an RDS DB instance.", "title": "EC2VpcId", "type": "string" }, "GroupDescription": { "markdownDescription": "Provides the description of the DB security group.", "title": "GroupDescription", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB security group.", "title": "Tags", "type": "array" } }, "required": [ "DBSecurityGroupIngress", "GroupDescription" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBSecurityGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBSecurityGroup.Ingress": { "additionalProperties": false, "properties": { "CIDRIP": { "markdownDescription": "The IP range to authorize.", "title": "CIDRIP", "type": "string" }, "EC2SecurityGroupId": { "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupId", "type": "string" }, "EC2SecurityGroupName": { "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupName", "type": "string" }, "EC2SecurityGroupOwnerId": { "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "type": "object" }, "AWS::RDS::DBSecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CIDRIP": { "markdownDescription": "The IP range to authorize.", "title": "CIDRIP", "type": "string" }, "DBSecurityGroupName": { "markdownDescription": "The name of the DB security group to add authorization to.", "title": "DBSecurityGroupName", "type": "string" }, "EC2SecurityGroupId": { "markdownDescription": "Id of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupId", "type": "string" }, "EC2SecurityGroupName": { "markdownDescription": "Name of the EC2 security group to authorize. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupName", "type": "string" }, "EC2SecurityGroupOwnerId": { "markdownDescription": "AWS account number of the owner of the EC2 security group specified in the `EC2SecurityGroupName` parameter. The AWS access key ID isn't an acceptable value. For VPC DB security groups, `EC2SecurityGroupId` must be provided. Otherwise, `EC2SecurityGroupOwnerId` and either `EC2SecurityGroupName` or `EC2SecurityGroupId` must be provided.", "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "required": [ "DBSecurityGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBSecurityGroupIngress" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::DBSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DBSubnetGroupDescription": { "markdownDescription": "The description for the DB subnet group.", "title": "DBSubnetGroupDescription", "type": "string" }, "DBSubnetGroupName": { "markdownDescription": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be \"Default\".\n\nExample: `mysubnetgroup`", "title": "DBSubnetGroupName", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The EC2 Subnet IDs for the DB subnet group.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this DB subnet group.", "title": "Tags", "type": "array" } }, "required": [ "DBSubnetGroupDescription", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::DBSubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Specifies whether to activate the subscription. If the event notification subscription isn't activated, the subscription is created but not active.", "title": "Enabled", "type": "boolean" }, "EventCategories": { "items": { "type": "string" }, "markdownDescription": "A list of event categories for a particular source type ( `SourceType` ) that you want to subscribe to. You can see a list of the categories for a given source type in the \"Amazon RDS event categories and event messages\" section of the [*Amazon RDS User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.Messages.html) or the [*Amazon Aurora User Guide*](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Events.Messages.html) . You can also see this list by using the `DescribeEventCategories` operation.", "title": "EventCategories", "type": "array" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the SNS topic created for event notification. SNS automatically creates the ARN when you create a topic and subscribe to it.\n\n> RDS doesn't support FIFO (first in, first out) topics. For more information, see [Message ordering and deduplication (FIFO topics)](https://docs.aws.amazon.com/sns/latest/dg/sns-fifo-topics.html) in the *Amazon Simple Notification Service Developer Guide* .", "title": "SnsTopicArn", "type": "string" }, "SourceIds": { "items": { "type": "string" }, "markdownDescription": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n\nConstraints:\n\n- If a `SourceIds` value is supplied, `SourceType` must also be provided.\n- If the source type is a DB instance, a `DBInstanceIdentifier` value must be supplied.\n- If the source type is a DB cluster, a `DBClusterIdentifier` value must be supplied.\n- If the source type is a DB parameter group, a `DBParameterGroupName` value must be supplied.\n- If the source type is a DB security group, a `DBSecurityGroupName` value must be supplied.\n- If the source type is a DB snapshot, a `DBSnapshotIdentifier` value must be supplied.\n- If the source type is a DB cluster snapshot, a `DBClusterSnapshotIdentifier` value must be supplied.", "title": "SourceIds", "type": "array" }, "SourceType": { "markdownDescription": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, set this parameter to `db-instance` . If this value isn't specified, all events are returned.\n\nValid values: `db-instance` | `db-cluster` | `db-parameter-group` | `db-security-group` | `db-snapshot` | `db-cluster-snapshot`", "title": "SourceType", "type": "string" }, "SubscriptionName": { "markdownDescription": "The name of the subscription.\n\nConstraints: The name must be less than 255 characters.", "title": "SubscriptionName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this subscription.", "title": "Tags", "type": "array" } }, "required": [ "SnsTopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::EventSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::GlobalCluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeletionProtection": { "markdownDescription": "Specifies whether to enable deletion protection for the new global database cluster. The global database can't be deleted when deletion protection is enabled.", "title": "DeletionProtection", "type": "boolean" }, "Engine": { "markdownDescription": "The database engine to use for this global database cluster.\n\nValid Values: `aurora-mysql | aurora-postgresql`\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine of the source DB cluster.", "title": "Engine", "type": "string" }, "EngineVersion": { "markdownDescription": "The engine version to use for this global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the engine version of the source DB cluster.", "title": "EngineVersion", "type": "string" }, "GlobalClusterIdentifier": { "markdownDescription": "The cluster identifier for this global database cluster. This parameter is stored as a lowercase string.", "title": "GlobalClusterIdentifier", "type": "string" }, "SourceDBClusterIdentifier": { "markdownDescription": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database.\n\nIf you provide a value for this parameter, don't specify values for the following settings because Amazon Aurora uses the values from the specified source DB cluster:\n\n- `DatabaseName`\n- `Engine`\n- `EngineVersion`\n- `StorageEncrypted`", "title": "SourceDBClusterIdentifier", "type": "string" }, "StorageEncrypted": { "markdownDescription": "Specifies whether to enable storage encryption for the new global database cluster.\n\nConstraints:\n\n- Can't be specified if `SourceDBClusterIdentifier` is specified. In this case, Amazon Aurora uses the setting from the source DB cluster.", "title": "StorageEncrypted", "type": "boolean" } }, "type": "object" }, "Type": { "enum": [ "AWS::RDS::GlobalCluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::RDS::Integration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalEncryptionContext": { "additionalProperties": true, "markdownDescription": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data. For more information, see [Encryption context](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context) in the *AWS Key Management Service Developer Guide* .\n\nYou can only include this parameter if you specify the `KMSKeyId` parameter.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalEncryptionContext", "type": "object" }, "DataFilter": { "markdownDescription": "Data filters for the integration. These filters determine which tables from the source database are sent to the target Amazon Redshift data warehouse.", "title": "DataFilter", "type": "string" }, "Description": { "markdownDescription": "A description of the integration.", "title": "Description", "type": "string" }, "IntegrationName": { "markdownDescription": "The name of the integration.", "title": "IntegrationName", "type": "string" }, "KMSKeyId": { "markdownDescription": "The AWS Key Management System ( AWS KMS) key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, RDS uses a default AWS owned key.", "title": "KMSKeyId", "type": "string" }, "SourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the database to use as the source for replication.", "title": "SourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.* .", "title": "Tags", "type": "array" }, "TargetArn": { "markdownDescription": "The ARN of the Redshift data warehouse to use as the target for replication.", "title": "TargetArn", "type": "string" } }, "required": [ "SourceArn", "TargetArn" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::Integration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::OptionGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EngineName": { "markdownDescription": "Specifies the name of the engine that this option group should be associated with.\n\nValid Values:\n\n- `mariadb`\n- `mysql`\n- `oracle-ee`\n- `oracle-ee-cdb`\n- `oracle-se2`\n- `oracle-se2-cdb`\n- `postgres`\n- `sqlserver-ee`\n- `sqlserver-se`\n- `sqlserver-ex`\n- `sqlserver-web`", "title": "EngineName", "type": "string" }, "MajorEngineVersion": { "markdownDescription": "Specifies the major version of the engine that this option group should be associated with.", "title": "MajorEngineVersion", "type": "string" }, "OptionConfigurations": { "items": { "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionConfiguration" }, "markdownDescription": "A list of options and the settings for each option.", "title": "OptionConfigurations", "type": "array" }, "OptionGroupDescription": { "markdownDescription": "The description of the option group.", "title": "OptionGroupDescription", "type": "string" }, "OptionGroupName": { "markdownDescription": "The name of the option group to be created.\n\nConstraints:\n\n- Must be 1 to 255 letters, numbers, or hyphens\n- First character must be a letter\n- Can't end with a hyphen or contain two consecutive hyphens\n\nExample: `myoptiongroup`\n\nIf you don't specify a value for `OptionGroupName` property, a name is automatically created for the option group.\n\n> This value is stored as a lowercase string.", "title": "OptionGroupName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An optional array of key-value pairs to apply to this option group.", "title": "Tags", "type": "array" } }, "required": [ "EngineName", "MajorEngineVersion", "OptionGroupDescription" ], "type": "object" }, "Type": { "enum": [ "AWS::RDS::OptionGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RDS::OptionGroup.OptionConfiguration": { "additionalProperties": false, "properties": { "DBSecurityGroupMemberships": { "items": { "type": "string" }, "markdownDescription": "A list of DBSecurityGroupMembership name strings used for this option.", "title": "DBSecurityGroupMemberships", "type": "array" }, "OptionName": { "markdownDescription": "The configuration of options to include in a group.", "title": "OptionName", "type": "string" }, "OptionSettings": { "items": { "$ref": "#/definitions/AWS::RDS::OptionGroup.OptionSetting" }, "markdownDescription": "The option settings to include in an option group.", "title": "OptionSettings", "type": "array" }, "OptionVersion": { "markdownDescription": "The version for the option.", "title": "OptionVersion", "type": "string" }, "Port": { "markdownDescription": "The optional port for the option.", "title": "Port", "type": "number" }, "VpcSecurityGroupMemberships": { "items": { "type": "string" }, "markdownDescription": "A list of VpcSecurityGroupMembership name strings used for this option.", "title": "VpcSecurityGroupMemberships", "type": "array" } }, "required": [ "OptionName" ], "type": "object" }, "AWS::RDS::OptionGroup.OptionSetting": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the option that has settings that you can set.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The current value of the option setting.", "title": "Value", "type": "string" } }, "type": "object" }, "AWS::RUM::AppMonitor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppMonitorConfiguration": { "$ref": "#/definitions/AWS::RUM::AppMonitor.AppMonitorConfiguration", "markdownDescription": "A structure that contains much of the configuration data for the app monitor. If you are using Amazon Cognito for authorization, you must include this structure in your request, and it must include the ID of the Amazon Cognito identity pool to use for authorization. If you don't include `AppMonitorConfiguration` , you must set up your own authorization method. For more information, see [Authorize your application to send data to AWS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-RUM-get-started-authorization.html) .\n\nIf you omit this argument, the sample rate used for CloudWatch RUM is set to 10% of the user sessions.", "title": "AppMonitorConfiguration" }, "CustomEvents": { "$ref": "#/definitions/AWS::RUM::AppMonitor.CustomEvents", "markdownDescription": "Specifies whether this app monitor allows the web client to define and send custom events. If you omit this parameter, custom events are `DISABLED` .", "title": "CustomEvents" }, "CwLogEnabled": { "markdownDescription": "Data collected by CloudWatch RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether CloudWatch RUM sends a copy of this telemetry data to Amazon CloudWatch Logs in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur Amazon CloudWatch Logs charges.\n\nIf you omit this parameter, the default is `false` .", "title": "CwLogEnabled", "type": "boolean" }, "Domain": { "markdownDescription": "The top-level internet domain name for which your application has administrative authority. This parameter is required.", "title": "Domain", "type": "string" }, "Name": { "markdownDescription": "A name for the app monitor. This parameter is required.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Assigns one or more tags (key-value pairs) to the app monitor.\n\nTags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.\n\nTags don't have any semantic meaning to AWS and are interpreted strictly as strings of characters.\n\nYou can associate as many as 50 tags with an app monitor.\n\nFor more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) .", "title": "Tags", "type": "array" } }, "required": [ "Domain", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::RUM::AppMonitor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RUM::AppMonitor.AppMonitorConfiguration": { "additionalProperties": false, "properties": { "AllowCookies": { "markdownDescription": "If you set this to `true` , the CloudWatch RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the CloudWatch RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page.", "title": "AllowCookies", "type": "boolean" }, "EnableXRay": { "markdownDescription": "If you set this to `true` , CloudWatch RUM sends client-side traces to X-Ray for each sampled session. You can then see traces and segments from these user sessions in the RUM dashboard and the CloudWatch ServiceLens console. For more information, see [What is AWS X-Ray ?](https://docs.aws.amazon.com/xray/latest/devguide/aws-xray.html)", "title": "EnableXRay", "type": "boolean" }, "ExcludedPages": { "items": { "type": "string" }, "markdownDescription": "A list of URLs in your website or application to exclude from RUM data collection.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", "title": "ExcludedPages", "type": "array" }, "FavoritePages": { "items": { "type": "string" }, "markdownDescription": "A list of pages in your application that are to be displayed with a \"favorite\" icon in the CloudWatch RUM console.", "title": "FavoritePages", "type": "array" }, "GuestRoleArn": { "markdownDescription": "The ARN of the guest IAM role that is attached to the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", "title": "GuestRoleArn", "type": "string" }, "IdentityPoolId": { "markdownDescription": "The ID of the Amazon Cognito identity pool that is used to authorize the sending of data to CloudWatch RUM.", "title": "IdentityPoolId", "type": "string" }, "IncludedPages": { "items": { "type": "string" }, "markdownDescription": "If this app monitor is to collect data from only certain pages in your application, this structure lists those pages.\n\nYou can't include both `ExcludedPages` and `IncludedPages` in the same app monitor.", "title": "IncludedPages", "type": "array" }, "MetricDestinations": { "items": { "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDestination" }, "markdownDescription": "An array of structures that each define a destination that this app monitor will send extended metrics to.", "title": "MetricDestinations", "type": "array" }, "SessionSampleRate": { "markdownDescription": "Specifies the portion of user sessions to use for CloudWatch RUM data collection. Choosing a higher portion gives you more data but also incurs more costs.\n\nThe range for this value is 0 to 1 inclusive. Setting this to 1 means that 100% of user sessions are sampled, and setting it to 0.1 means that 10% of user sessions are sampled.\n\nIf you omit this parameter, the default of 0.1 is used, and 10% of sessions will be sampled.", "title": "SessionSampleRate", "type": "number" }, "Telemetries": { "items": { "type": "string" }, "markdownDescription": "An array that lists the types of telemetry data that this app monitor is to collect.\n\n- `errors` indicates that RUM collects data about unhandled JavaScript errors raised by your application.\n- `performance` indicates that RUM collects performance data about how your application and its resources are loaded and rendered. This includes Core Web Vitals.\n- `http` indicates that RUM collects data about HTTP errors thrown by your application.", "title": "Telemetries", "type": "array" } }, "type": "object" }, "AWS::RUM::AppMonitor.CustomEvents": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Set this to `ENABLED` to allow the web client to send custom events for this app monitor.\n\nValid values are `ENABLED` and `DISABLED` .", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::RUM::AppMonitor.MetricDefinition": { "additionalProperties": false, "properties": { "DimensionKeys": { "additionalProperties": true, "markdownDescription": "This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch . The value of this field is used only if the metric destination is `CloudWatch` . If the metric destination is `Evidently` , the value of `DimensionKeys` is ignored.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "DimensionKeys", "type": "object" }, "EventPattern": { "markdownDescription": "The pattern that defines the metric. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination.\n\nIf the metrics destination is `CloudWatch` and the event also matches a value in `DimensionKeys` , then the metric is published with the specified dimensions.", "title": "EventPattern", "type": "string" }, "Name": { "markdownDescription": "The name of the metric that is defined in this structure.", "title": "Name", "type": "string" }, "Namespace": { "markdownDescription": "If you are creating a custom metric instead of an extended metrics, use this parameter to define the metric namespace for that custom metric. Do not specify this parameter if you are creating an extended metric.\n\nYou can't use any string that starts with `AWS/` for your namespace.", "title": "Namespace", "type": "string" }, "UnitLabel": { "markdownDescription": "Use this field only if you are sending this metric to CloudWatch . It defines the CloudWatch metric unit that this metric is measured in.", "title": "UnitLabel", "type": "string" }, "ValueKey": { "markdownDescription": "The field within the event object that the metric value is sourced from.", "title": "ValueKey", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::RUM::AppMonitor.MetricDestination": { "additionalProperties": false, "properties": { "Destination": { "markdownDescription": "Defines the destination to send the metrics to. Valid values are `CloudWatch` and `Evidently` . If you specify `Evidently` , you must also specify the ARN of the CloudWatch Evidently experiment that is to be the destination and an IAM role that has permission to write to the experiment.", "title": "Destination", "type": "string" }, "DestinationArn": { "markdownDescription": "Use this parameter only if `Destination` is `Evidently` . This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics.", "title": "DestinationArn", "type": "string" }, "IamRoleArn": { "markdownDescription": "This parameter is required if `Destination` is `Evidently` . If `Destination` is `CloudWatch` , do not use this parameter.\n\nThis parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment.", "title": "IamRoleArn", "type": "string" }, "MetricDefinitions": { "items": { "$ref": "#/definitions/AWS::RUM::AppMonitor.MetricDefinition" }, "markdownDescription": "An array of structures which define the metrics that you want to send.", "title": "MetricDefinitions", "type": "array" } }, "required": [ "Destination" ], "type": "object" }, "AWS::Redshift::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowVersionUpgrade": { "markdownDescription": "If `true` , major version upgrades can be applied during the maintenance window to the Amazon Redshift engine that is running on the cluster.\n\nWhen a new major version of the Amazon Redshift engine is released, you can request that the service automatically apply upgrades during the maintenance window to the Amazon Redshift engine that is running on your cluster.\n\nDefault: `true`", "title": "AllowVersionUpgrade", "type": "boolean" }, "AquaConfigurationStatus": { "markdownDescription": "This parameter is retired. It does not set the AQUA configuration status. Amazon Redshift automatically determines whether to use AQUA (Advanced Query Accelerator).", "title": "AquaConfigurationStatus", "type": "string" }, "AutomatedSnapshotRetentionPeriod": { "markdownDescription": "The number of days that automated snapshots are retained. If the value is 0, automated snapshots are disabled. Even if automated snapshots are disabled, you can still create manual snapshots when you want with [CreateClusterSnapshot](https://docs.aws.amazon.com/redshift/latest/APIReference/API_CreateClusterSnapshot.html) in the *Amazon Redshift API Reference* .\n\nDefault: `1`\n\nConstraints: Must be a value from 0 to 35.", "title": "AutomatedSnapshotRetentionPeriod", "type": "number" }, "AvailabilityZone": { "markdownDescription": "The EC2 Availability Zone (AZ) in which you want Amazon Redshift to provision the cluster. For example, if you have several EC2 instances running in a specific Availability Zone, then you might want the cluster to be provisioned in the same zone in order to decrease network latency.\n\nDefault: A random, system-chosen Availability Zone in the region that is specified by the endpoint.\n\nExample: `us-east-2d`\n\nConstraint: The specified Availability Zone must be in the same region as the current endpoint.", "title": "AvailabilityZone", "type": "string" }, "AvailabilityZoneRelocation": { "markdownDescription": "The option to enable relocation for an Amazon Redshift cluster between Availability Zones after the cluster is created.", "title": "AvailabilityZoneRelocation", "type": "boolean" }, "AvailabilityZoneRelocationStatus": { "markdownDescription": "Describes the status of the Availability Zone relocation operation.", "title": "AvailabilityZoneRelocationStatus", "type": "string" }, "Classic": { "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", "title": "Classic", "type": "boolean" }, "ClusterIdentifier": { "markdownDescription": "A unique identifier for the cluster. You use this identifier to refer to the cluster for any subsequent cluster operations such as deleting or modifying. The identifier also appears in the Amazon Redshift console.\n\nConstraints:\n\n- Must contain from 1 to 63 alphanumeric characters or hyphens.\n- Alphabetic characters must be lowercase.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.\n- Must be unique for all clusters within an AWS account .\n\nExample: `myexamplecluster`", "title": "ClusterIdentifier", "type": "string" }, "ClusterParameterGroupName": { "markdownDescription": "The name of the parameter group to be associated with this cluster.\n\nDefault: The default Amazon Redshift cluster parameter group. For information about the default parameter group, go to [Working with Amazon Redshift Parameter Groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)\n\nConstraints:\n\n- Must be 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", "title": "ClusterParameterGroupName", "type": "string" }, "ClusterSecurityGroups": { "items": { "type": "string" }, "markdownDescription": "A list of security groups to be associated with this cluster.\n\nDefault: The default cluster security group for Amazon Redshift.", "title": "ClusterSecurityGroups", "type": "array" }, "ClusterSubnetGroupName": { "markdownDescription": "The name of a cluster subnet group to be associated with this cluster.\n\nIf this parameter is not provided the resulting cluster will be deployed outside virtual private cloud (VPC).", "title": "ClusterSubnetGroupName", "type": "string" }, "ClusterType": { "markdownDescription": "The type of the cluster. When cluster type is specified as\n\n- `single-node` , the *NumberOfNodes* parameter is not required.\n- `multi-node` , the *NumberOfNodes* parameter is required.\n\nValid Values: `multi-node` | `single-node`\n\nDefault: `multi-node`", "title": "ClusterType", "type": "string" }, "ClusterVersion": { "markdownDescription": "The version of the Amazon Redshift engine software that you want to deploy on the cluster.\n\nThe version selected runs on all the nodes in the cluster.\n\nConstraints: Only version 1.0 is currently available.\n\nExample: `1.0`", "title": "ClusterVersion", "type": "string" }, "DBName": { "markdownDescription": "The name of the first database to be created when the cluster is created.\n\nTo create additional databases after the cluster is created, connect to the cluster with a SQL client and use SQL commands to create a database. For more information, go to [Create a Database](https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html) in the Amazon Redshift Database Developer Guide.\n\nDefault: `dev`\n\nConstraints:\n\n- Must contain 1 to 64 alphanumeric characters.\n- Must contain only lowercase letters.\n- Cannot be a word that is reserved by the service. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", "title": "DBName", "type": "string" }, "DeferMaintenance": { "markdownDescription": "A Boolean indicating whether to enable the deferred maintenance window.", "title": "DeferMaintenance", "type": "boolean" }, "DeferMaintenanceDuration": { "markdownDescription": "An integer indicating the duration of the maintenance window in days. If you specify a duration, you can't specify an end time. The duration must be 45 days or less.", "title": "DeferMaintenanceDuration", "type": "number" }, "DeferMaintenanceEndTime": { "markdownDescription": "A timestamp for the end of the time period when we defer maintenance.", "title": "DeferMaintenanceEndTime", "type": "string" }, "DeferMaintenanceStartTime": { "markdownDescription": "A timestamp indicating the start time for the deferred maintenance window.", "title": "DeferMaintenanceStartTime", "type": "string" }, "DestinationRegion": { "markdownDescription": "The destination region that snapshots are automatically copied to when cross-region snapshot copy is enabled.", "title": "DestinationRegion", "type": "string" }, "ElasticIp": { "markdownDescription": "The Elastic IP (EIP) address for the cluster.\n\nConstraints: The cluster must be provisioned in EC2-VPC and publicly-accessible through an Internet gateway. Don't specify the Elastic IP address for a publicly accessible cluster with availability zone relocation turned on. For more information about provisioning clusters in EC2-VPC, go to [Supported Platforms to Launch Your Cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms) in the Amazon Redshift Cluster Management Guide.", "title": "ElasticIp", "type": "string" }, "Encrypted": { "markdownDescription": "If `true` , the data in the cluster is encrypted at rest.\n\nDefault: false", "title": "Encrypted", "type": "boolean" }, "Endpoint": { "$ref": "#/definitions/AWS::Redshift::Cluster.Endpoint", "markdownDescription": "The connection endpoint.", "title": "Endpoint" }, "EnhancedVpcRouting": { "markdownDescription": "An option that specifies whether to create the cluster with enhanced VPC routing enabled. To create a cluster that uses enhanced VPC routing, the cluster must be in a VPC. For more information, see [Enhanced VPC Routing](https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html) in the Amazon Redshift Cluster Management Guide.\n\nIf this option is `true` , enhanced VPC routing is enabled.\n\nDefault: false", "title": "EnhancedVpcRouting", "type": "boolean" }, "HsmClientCertificateIdentifier": { "markdownDescription": "Specifies the name of the HSM client certificate the Amazon Redshift cluster uses to retrieve the data encryption keys stored in an HSM.", "title": "HsmClientCertificateIdentifier", "type": "string" }, "HsmConfigurationIdentifier": { "markdownDescription": "Specifies the name of the HSM configuration that contains the information the Amazon Redshift cluster can use to retrieve and store keys in an HSM.", "title": "HsmConfigurationIdentifier", "type": "string" }, "IamRoles": { "items": { "type": "string" }, "markdownDescription": "A list of AWS Identity and Access Management (IAM) roles that can be used by the cluster to access other AWS services. You must supply the IAM roles in their Amazon Resource Name (ARN) format.\n\nThe maximum number of IAM roles that you can associate is subject to a quota. For more information, go to [Quotas and limits](https://docs.aws.amazon.com/redshift/latest/mgmt/amazon-redshift-limits.html) in the *Amazon Redshift Cluster Management Guide* .", "title": "IamRoles", "type": "array" }, "KmsKeyId": { "markdownDescription": "The AWS Key Management Service (KMS) key ID of the encryption key that you want to use to encrypt data in the cluster.", "title": "KmsKeyId", "type": "string" }, "LoggingProperties": { "$ref": "#/definitions/AWS::Redshift::Cluster.LoggingProperties", "markdownDescription": "Specifies logging information, such as queries and connection attempts, for the specified Amazon Redshift cluster.", "title": "LoggingProperties" }, "MaintenanceTrackName": { "markdownDescription": "An optional parameter for the name of the maintenance track for the cluster. If you don't provide a maintenance track name, the cluster is assigned to the `current` track.", "title": "MaintenanceTrackName", "type": "string" }, "ManageMasterPassword": { "markdownDescription": "If `true` , Amazon Redshift uses AWS Secrets Manager to manage this cluster's admin credentials. You can't use `MasterUserPassword` if `ManageMasterPassword` is true. If `ManageMasterPassword` is false or not set, Amazon Redshift uses `MasterUserPassword` for the admin user account's password.", "title": "ManageMasterPassword", "type": "boolean" }, "ManualSnapshotRetentionPeriod": { "markdownDescription": "The default number of days to retain a manual snapshot. If the value is -1, the snapshot is retained indefinitely. This setting doesn't change the retention period of existing snapshots.\n\nThe value must be either -1 or an integer between 1 and 3,653.", "title": "ManualSnapshotRetentionPeriod", "type": "number" }, "MasterPasswordSecretKmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if `ManageMasterPassword` is true.", "title": "MasterPasswordSecretKmsKeyId", "type": "string" }, "MasterUserPassword": { "markdownDescription": "The password associated with the admin user account for the cluster that is being created.\n\nYou can't use `MasterUserPassword` if `ManageMasterPassword` is `true` .\n\nConstraints:\n\n- Must be between 8 and 64 characters in length.\n- Must contain at least one uppercase letter.\n- Must contain at least one lowercase letter.\n- Must contain one number.\n- Can be any printable ASCII character (ASCII code 33-126) except `'` (single quote), `\"` (double quote), `\\` , `/` , or `@` .", "title": "MasterUserPassword", "type": "string" }, "MasterUsername": { "markdownDescription": "The user name associated with the admin user account for the cluster that is being created.\n\nConstraints:\n\n- Must be 1 - 128 alphanumeric characters or hyphens. The user name can't be `PUBLIC` .\n- Must contain only lowercase letters, numbers, underscore, plus sign, period (dot), at symbol (@), or hyphen.\n- The first character must be a letter.\n- Must not contain a colon (:) or a slash (/).\n- Cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", "title": "MasterUsername", "type": "string" }, "MultiAZ": { "markdownDescription": "A boolean indicating whether Amazon Redshift should deploy the cluster in two Availability Zones. The default is false.", "title": "MultiAZ", "type": "boolean" }, "NamespaceResourcePolicy": { "markdownDescription": "The policy that is attached to a resource.", "title": "NamespaceResourcePolicy", "type": "object" }, "NodeType": { "markdownDescription": "The node type to be provisioned for the cluster. For information about node types, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nValid Values: `dc2.large` | `dc2.8xlarge` | `ra3.xlplus` | `ra3.4xlarge` | `ra3.16xlarge`", "title": "NodeType", "type": "string" }, "NumberOfNodes": { "markdownDescription": "The number of compute nodes in the cluster. This parameter is required when the *ClusterType* parameter is specified as `multi-node` .\n\nFor information about determining how many nodes you need, go to [Working with Clusters](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes) in the *Amazon Redshift Cluster Management Guide* .\n\nIf you don't specify this parameter, you get a single-node cluster. When requesting a multi-node cluster, you must specify the number of nodes that you want in the cluster.\n\nDefault: `1`\n\nConstraints: Value must be at least 1 and no more than 100.", "title": "NumberOfNodes", "type": "number" }, "OwnerAccount": { "markdownDescription": "The AWS account used to create or copy the snapshot. Required if you are restoring a snapshot you do not own, optional if you own the snapshot.", "title": "OwnerAccount", "type": "string" }, "Port": { "markdownDescription": "The port number on which the cluster accepts incoming connections.\n\nThe cluster is accessible only via the JDBC and ODBC connection strings. Part of the connection string requires the port on which the cluster will listen for incoming connections.\n\nDefault: `5439`\n\nValid Values:\n\n- For clusters with ra3 nodes - Select a port within the ranges `5431-5455` or `8191-8215` . (If you have an existing cluster with ra3 nodes, it isn't required that you change the port to these ranges.)\n- For clusters with dc2 nodes - Select a port within the range `1150-65535` .", "title": "Port", "type": "number" }, "PreferredMaintenanceWindow": { "markdownDescription": "The weekly time range (in UTC) during which automated cluster maintenance can occur.\n\nFormat: `ddd:hh24:mi-ddd:hh24:mi`\n\nDefault: A 30-minute window selected at random from an 8-hour block of time per region, occurring on a random day of the week. For more information about the time blocks for each region, see [Maintenance Windows](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows) in Amazon Redshift Cluster Management Guide.\n\nValid Days: Mon | Tue | Wed | Thu | Fri | Sat | Sun\n\nConstraints: Minimum 30-minute window.", "title": "PreferredMaintenanceWindow", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "If `true` , the cluster can be accessed from a public network.", "title": "PubliclyAccessible", "type": "boolean" }, "ResourceAction": { "markdownDescription": "The Amazon Redshift operation to be performed. Supported operations are `pause-cluster` , `resume-cluster` , and `failover-primary-compute` .", "title": "ResourceAction", "type": "string" }, "RevisionTarget": { "markdownDescription": "Describes a `RevisionTarget` object.", "title": "RevisionTarget", "type": "string" }, "RotateEncryptionKey": { "markdownDescription": "Rotates the encryption keys for a cluster.", "title": "RotateEncryptionKey", "type": "boolean" }, "SnapshotClusterIdentifier": { "markdownDescription": "The name of the cluster the source snapshot was created from. This parameter is required if your user or role has a policy containing a snapshot resource element that specifies anything other than * for the cluster name.", "title": "SnapshotClusterIdentifier", "type": "string" }, "SnapshotCopyGrantName": { "markdownDescription": "The name of the snapshot copy grant.", "title": "SnapshotCopyGrantName", "type": "string" }, "SnapshotCopyManual": { "markdownDescription": "Indicates whether to apply the snapshot retention period to newly copied manual snapshots instead of automated snapshots.", "title": "SnapshotCopyManual", "type": "boolean" }, "SnapshotCopyRetentionPeriod": { "markdownDescription": "The number of days to retain automated snapshots in the destination AWS Region after they are copied from the source AWS Region .\n\nBy default, this only changes the retention period of copied automated snapshots.\n\nIf you decrease the retention period for automated snapshots that are copied to a destination AWS Region , Amazon Redshift deletes any existing automated snapshots that were copied to the destination AWS Region and that fall outside of the new retention period.\n\nConstraints: Must be at least 1 and no more than 35 for automated snapshots.\n\nIf you specify the `manual` option, only newly copied manual snapshots will have the new retention period.\n\nIf you specify the value of -1 newly copied manual snapshots are retained indefinitely.\n\nConstraints: The number of days must be either -1 or an integer between 1 and 3,653 for manual snapshots.", "title": "SnapshotCopyRetentionPeriod", "type": "number" }, "SnapshotIdentifier": { "markdownDescription": "The name of the snapshot from which to create the new cluster. This parameter isn't case sensitive. You must specify this parameter or `snapshotArn` , but not both.\n\nExample: `my-snapshot-id`", "title": "SnapshotIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tag instances.", "title": "Tags", "type": "array" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of Virtual Private Cloud (VPC) security groups to be associated with the cluster.\n\nDefault: The default VPC security group is associated with the cluster.", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "ClusterType", "DBName", "MasterUsername", "NodeType" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::Cluster.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The DNS address of the cluster. This property is read only.", "title": "Address", "type": "string" }, "Port": { "markdownDescription": "The port that the database engine is listening on. This property is read only.", "title": "Port", "type": "string" } }, "type": "object" }, "AWS::Redshift::Cluster.LoggingProperties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of an existing S3 bucket where the log files are to be stored.\n\nConstraints:\n\n- Must be in the same region as the cluster\n- The cluster must have read bucket and put object permissions", "title": "BucketName", "type": "string" }, "S3KeyPrefix": { "markdownDescription": "The prefix applied to the log file names.\n\nConstraints:\n\n- Cannot exceed 512 characters\n- Cannot contain spaces( ), double quotes (\"), single quotes ('), a backslash (\\), or control characters. The hexadecimal codes for invalid characters are:\n\n- x00 to x20\n- x22\n- x27\n- x5c\n- x7f or larger", "title": "S3KeyPrefix", "type": "string" } }, "type": "object" }, "AWS::Redshift::ClusterParameterGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the parameter group.", "title": "Description", "type": "string" }, "ParameterGroupFamily": { "markdownDescription": "The name of the cluster parameter group family that this cluster parameter group is compatible with. You can create a custom parameter group and then associate your cluster with it. For more information, see [Amazon Redshift parameter groups](https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html) .", "title": "ParameterGroupFamily", "type": "string" }, "ParameterGroupName": { "markdownDescription": "The name of the cluster parameter group.", "title": "ParameterGroupName", "type": "string" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup.Parameter" }, "markdownDescription": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.\n\nFor each parameter to be modified, you must supply at least the parameter name and parameter value; other name-value pairs of the parameter are optional.\n\nFor the workload management (WLM) configuration, you must supply all the name-value pairs in the wlm_json_configuration parameter.", "title": "Parameters", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tags for the cluster parameter group.", "title": "Tags", "type": "array" } }, "required": [ "Description", "ParameterGroupFamily" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::ClusterParameterGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::ClusterParameterGroup.Parameter": { "additionalProperties": false, "properties": { "ParameterName": { "markdownDescription": "The name of the parameter.", "title": "ParameterName", "type": "string" }, "ParameterValue": { "markdownDescription": "The value of the parameter. If `ParameterName` is `wlm_json_configuration` , then the maximum size of `ParameterValue` is 8000 characters.", "title": "ParameterValue", "type": "string" } }, "required": [ "ParameterName", "ParameterValue" ], "type": "object" }, "AWS::Redshift::ClusterSecurityGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the security group.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this security group. Use tags to manage your resources.", "title": "Tags", "type": "array" } }, "required": [ "Description" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::ClusterSecurityGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::ClusterSecurityGroupIngress": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CIDRIP": { "markdownDescription": "The IP range to be added the Amazon Redshift security group.", "title": "CIDRIP", "type": "string" }, "ClusterSecurityGroupName": { "markdownDescription": "The name of the security group to which the ingress rule is added.", "title": "ClusterSecurityGroupName", "type": "string" }, "EC2SecurityGroupName": { "markdownDescription": "The EC2 security group to be added the Amazon Redshift security group.", "title": "EC2SecurityGroupName", "type": "string" }, "EC2SecurityGroupOwnerId": { "markdownDescription": "The AWS account number of the owner of the security group specified by the *EC2SecurityGroupName* parameter. The AWS Access Key ID is not an acceptable value.\n\nExample: `111122223333`\n\nConditional. If you specify the `EC2SecurityGroupName` property, you must specify this property.", "title": "EC2SecurityGroupOwnerId", "type": "string" } }, "required": [ "ClusterSecurityGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::ClusterSecurityGroupIngress" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::ClusterSubnetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the subnet group.", "title": "Description", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "An array of VPC subnet IDs. A maximum of 20 subnets can be modified in a single request.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Specifies an arbitrary set of tags (key\u2013value pairs) to associate with this subnet group. Use tags to manage your resources.", "title": "Tags", "type": "array" } }, "required": [ "Description", "SubnetIds" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::ClusterSubnetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::EndpointAccess": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterIdentifier": { "markdownDescription": "The cluster identifier of the cluster associated with the endpoint.", "title": "ClusterIdentifier", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint.", "title": "EndpointName", "type": "string" }, "ResourceOwner": { "markdownDescription": "The AWS account ID of the owner of the cluster.", "title": "ResourceOwner", "type": "string" }, "SubnetGroupName": { "markdownDescription": "The subnet group name where Amazon Redshift chooses to deploy the endpoint.", "title": "SubnetGroupName", "type": "string" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The security group that defines the ports, protocols, and sources for inbound traffic that you are authorizing into your endpoint.", "title": "VpcSecurityGroupIds", "type": "array" } }, "required": [ "ClusterIdentifier", "EndpointName", "SubnetGroupName", "VpcSecurityGroupIds" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::EndpointAccess" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::EndpointAccess.NetworkInterface": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The Availability Zone.", "title": "AvailabilityZone", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The network interface identifier.", "title": "NetworkInterfaceId", "type": "string" }, "PrivateIpAddress": { "markdownDescription": "The IPv4 address of the network interface within the subnet.", "title": "PrivateIpAddress", "type": "string" }, "SubnetId": { "markdownDescription": "The subnet identifier.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::Redshift::EndpointAccess.VpcEndpoint": { "additionalProperties": false, "properties": { "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::Redshift::EndpointAccess.NetworkInterface" }, "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", "title": "NetworkInterfaces", "type": "array" }, "VpcEndpointId": { "markdownDescription": "The connection endpoint ID for connecting an Amazon Redshift cluster through the proxy.", "title": "VpcEndpointId", "type": "string" }, "VpcId": { "markdownDescription": "The VPC identifier that the endpoint is associated.", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::Redshift::EndpointAccess.VpcSecurityGroup": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The status of the endpoint.", "title": "Status", "type": "string" }, "VpcSecurityGroupId": { "markdownDescription": "The identifier of the VPC security group.", "title": "VpcSecurityGroupId", "type": "string" } }, "type": "object" }, "AWS::Redshift::EndpointAuthorization": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Account": { "markdownDescription": "The AWS account ID of either the cluster owner (grantor) or grantee. If `Grantee` parameter is true, then the `Account` value is of the grantor.", "title": "Account", "type": "string" }, "ClusterIdentifier": { "markdownDescription": "The cluster identifier.", "title": "ClusterIdentifier", "type": "string" }, "Force": { "markdownDescription": "Indicates whether to force the revoke action. If true, the Redshift-managed VPC endpoints associated with the endpoint authorization are also deleted.", "title": "Force", "type": "boolean" }, "VpcIds": { "items": { "type": "string" }, "markdownDescription": "The virtual private cloud (VPC) identifiers to grant access to.", "title": "VpcIds", "type": "array" } }, "required": [ "Account", "ClusterIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::EndpointAuthorization" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::EventSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "A boolean value; set to `true` to activate the subscription, and set to `false` to create the subscription but not activate it.", "title": "Enabled", "type": "boolean" }, "EventCategories": { "items": { "type": "string" }, "markdownDescription": "Specifies the Amazon Redshift event categories to be published by the event notification subscription.\n\nValues: configuration, management, monitoring, security, pending", "title": "EventCategories", "type": "array" }, "Severity": { "markdownDescription": "Specifies the Amazon Redshift event severity to be published by the event notification subscription.\n\nValues: ERROR, INFO", "title": "Severity", "type": "string" }, "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic used to transmit the event notifications. The ARN is created by Amazon SNS when you create a topic and subscribe to it.", "title": "SnsTopicArn", "type": "string" }, "SourceIds": { "items": { "type": "string" }, "markdownDescription": "A list of one or more identifiers of Amazon Redshift source objects. All of the objects must be of the same type as was specified in the source type parameter. The event subscription will return only events generated by the specified objects. If not specified, then events are returned for all objects within the source type specified.\n\nExample: my-cluster-1, my-cluster-2\n\nExample: my-snapshot-20131010", "title": "SourceIds", "type": "array" }, "SourceType": { "markdownDescription": "The type of source that will be generating the events. For example, if you want to be notified of events generated by a cluster, you would set this parameter to cluster. If this value is not specified, events are returned for all Amazon Redshift objects in your AWS account . You must specify a source type in order to specify source IDs.\n\nValid values: cluster, cluster-parameter-group, cluster-security-group, cluster-snapshot, and scheduled-action.", "title": "SourceType", "type": "string" }, "SubscriptionName": { "markdownDescription": "The name of the event subscription to be created.\n\nConstraints:\n\n- Cannot be null, empty, or blank.\n- Must contain from 1 to 255 alphanumeric characters or hyphens.\n- First character must be a letter.\n- Cannot end with a hyphen or contain two consecutive hyphens.", "title": "SubscriptionName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tag instances.", "title": "Tags", "type": "array" } }, "required": [ "SubscriptionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::EventSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::ScheduledAction": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enable": { "markdownDescription": "If true, the schedule is enabled. If false, the scheduled action does not trigger. For more information about `state` of the scheduled action, see `ScheduledAction` .", "title": "Enable", "type": "boolean" }, "EndTime": { "markdownDescription": "The end time in UTC when the schedule is no longer active. After this time, the scheduled action does not trigger.", "title": "EndTime", "type": "string" }, "IamRole": { "markdownDescription": "The IAM role to assume to run the scheduled action. This IAM role must have permission to run the Amazon Redshift API operation in the scheduled action. This IAM role must allow the Amazon Redshift scheduler (Principal scheduler.redshift.amazonaws.com) to assume permissions on your behalf. For more information about the IAM role to use with the Amazon Redshift scheduler, see [Using Identity-Based Policies for Amazon Redshift](https://docs.aws.amazon.com/redshift/latest/mgmt/redshift-iam-access-control-identity-based.html) in the *Amazon Redshift Cluster Management Guide* .", "title": "IamRole", "type": "string" }, "Schedule": { "markdownDescription": "The schedule for a one-time (at format) or recurring (cron format) scheduled action. Schedule invocations must be separated by at least one hour.\n\nFormat of at expressions is \" `at(yyyy-mm-ddThh:mm:ss)` \". For example, \" `at(2016-03-04T17:27:00)` \".\n\nFormat of cron expressions is \" `cron(Minutes Hours Day-of-month Month Day-of-week Year)` \". For example, \" `cron(0 10 ? * MON *)` \". For more information, see [Cron Expressions](https://docs.aws.amazon.com//AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) in the *Amazon CloudWatch Events User Guide* .", "title": "Schedule", "type": "string" }, "ScheduledActionDescription": { "markdownDescription": "The description of the scheduled action.", "title": "ScheduledActionDescription", "type": "string" }, "ScheduledActionName": { "markdownDescription": "The name of the scheduled action.", "title": "ScheduledActionName", "type": "string" }, "StartTime": { "markdownDescription": "The start time in UTC when the schedule is active. Before this time, the scheduled action does not trigger.", "title": "StartTime", "type": "string" }, "TargetAction": { "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ScheduledActionType", "markdownDescription": "A JSON format string of the Amazon Redshift API operation with input parameters.\n\n\" `{\\\"ResizeCluster\\\":{\\\"NodeType\\\":\\\"ra3.4xlarge\\\",\\\"ClusterIdentifier\\\":\\\"my-test-cluster\\\",\\\"NumberOfNodes\\\":3}}` \".", "title": "TargetAction" } }, "required": [ "ScheduledActionName" ], "type": "object" }, "Type": { "enum": [ "AWS::Redshift::ScheduledAction" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Redshift::ScheduledAction.PauseClusterMessage": { "additionalProperties": false, "properties": { "ClusterIdentifier": { "markdownDescription": "The identifier of the cluster to be paused.", "title": "ClusterIdentifier", "type": "string" } }, "required": [ "ClusterIdentifier" ], "type": "object" }, "AWS::Redshift::ScheduledAction.ResizeClusterMessage": { "additionalProperties": false, "properties": { "Classic": { "markdownDescription": "A boolean value indicating whether the resize operation is using the classic resize process. If you don't provide this parameter or set the value to `false` , the resize type is elastic.", "title": "Classic", "type": "boolean" }, "ClusterIdentifier": { "markdownDescription": "The unique identifier for the cluster to resize.", "title": "ClusterIdentifier", "type": "string" }, "ClusterType": { "markdownDescription": "The new cluster type for the specified cluster.", "title": "ClusterType", "type": "string" }, "NodeType": { "markdownDescription": "The new node type for the nodes you are adding. If not specified, the cluster's current node type is used.", "title": "NodeType", "type": "string" }, "NumberOfNodes": { "markdownDescription": "The new number of nodes for the cluster. If not specified, the cluster's current number of nodes is used.", "title": "NumberOfNodes", "type": "number" } }, "required": [ "ClusterIdentifier" ], "type": "object" }, "AWS::Redshift::ScheduledAction.ResumeClusterMessage": { "additionalProperties": false, "properties": { "ClusterIdentifier": { "markdownDescription": "The identifier of the cluster to be resumed.", "title": "ClusterIdentifier", "type": "string" } }, "required": [ "ClusterIdentifier" ], "type": "object" }, "AWS::Redshift::ScheduledAction.ScheduledActionType": { "additionalProperties": false, "properties": { "PauseCluster": { "$ref": "#/definitions/AWS::Redshift::ScheduledAction.PauseClusterMessage", "markdownDescription": "An action that runs a `PauseCluster` API operation.", "title": "PauseCluster" }, "ResizeCluster": { "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResizeClusterMessage", "markdownDescription": "An action that runs a `ResizeCluster` API operation.", "title": "ResizeCluster" }, "ResumeCluster": { "$ref": "#/definitions/AWS::Redshift::ScheduledAction.ResumeClusterMessage", "markdownDescription": "An action that runs a `ResumeCluster` API operation.", "title": "ResumeCluster" } }, "type": "object" }, "AWS::RedshiftServerless::Namespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdminPasswordSecretKmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret. You can only use this parameter if `ManageAdminPassword` is `true` .", "title": "AdminPasswordSecretKmsKeyId", "type": "string" }, "AdminUserPassword": { "markdownDescription": "The password of the administrator for the primary database created in the namespace.", "title": "AdminUserPassword", "type": "string" }, "AdminUsername": { "markdownDescription": "The username of the administrator for the primary database created in the namespace.", "title": "AdminUsername", "type": "string" }, "DbName": { "markdownDescription": "The name of the primary database created in the namespace.", "title": "DbName", "type": "string" }, "DefaultIamRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", "title": "DefaultIamRoleArn", "type": "string" }, "FinalSnapshotName": { "markdownDescription": "The name of the snapshot to be created before the namespace is deleted.", "title": "FinalSnapshotName", "type": "string" }, "FinalSnapshotRetentionPeriod": { "markdownDescription": "How long to retain the final snapshot.", "title": "FinalSnapshotRetentionPeriod", "type": "number" }, "IamRoles": { "items": { "type": "string" }, "markdownDescription": "A list of IAM roles to associate with the namespace.", "title": "IamRoles", "type": "array" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", "title": "KmsKeyId", "type": "string" }, "LogExports": { "items": { "type": "string" }, "markdownDescription": "The types of logs the namespace can export. Available export types are `userlog` , `connectionlog` , and `useractivitylog` .", "title": "LogExports", "type": "array" }, "ManageAdminPassword": { "markdownDescription": "If true, Amazon Redshift uses AWS Secrets Manager to manage the namespace's admin credentials. You can't use `AdminUserPassword` if `ManageAdminPassword` is true. If `ManageAdminPassword` is `false` or not set, Amazon Redshift uses `AdminUserPassword` for the admin user account's password.", "title": "ManageAdminPassword", "type": "boolean" }, "NamespaceName": { "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", "title": "NamespaceName", "type": "string" }, "NamespaceResourcePolicy": { "markdownDescription": "The resource policy that will be attached to the namespace.", "title": "NamespaceResourcePolicy", "type": "object" }, "RedshiftIdcApplicationArn": { "markdownDescription": "The ARN for the Redshift application that integrates with IAM Identity Center.", "title": "RedshiftIdcApplicationArn", "type": "string" }, "SnapshotCopyConfigurations": { "items": { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration" }, "markdownDescription": "", "title": "SnapshotCopyConfigurations", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The map of the key-value pairs used to tag the namespace.", "title": "Tags", "type": "array" } }, "required": [ "NamespaceName" ], "type": "object" }, "Type": { "enum": [ "AWS::RedshiftServerless::Namespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RedshiftServerless::Namespace.Namespace": { "additionalProperties": false, "properties": { "AdminPasswordSecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the namespace's admin user credentials secret.", "title": "AdminPasswordSecretArn", "type": "string" }, "AdminPasswordSecretKmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service (KMS) key used to encrypt and store the namespace's admin credentials secret.", "title": "AdminPasswordSecretKmsKeyId", "type": "string" }, "AdminUsername": { "markdownDescription": "The username of the administrator for the first database created in the namespace.", "title": "AdminUsername", "type": "string" }, "CreationDate": { "markdownDescription": "The date of when the namespace was created.", "title": "CreationDate", "type": "string" }, "DbName": { "markdownDescription": "The name of the first database created in the namespace.", "title": "DbName", "type": "string" }, "DefaultIamRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to set as a default in the namespace.", "title": "DefaultIamRoleArn", "type": "string" }, "IamRoles": { "items": { "type": "string" }, "markdownDescription": "A list of IAM roles to associate with the namespace.", "title": "IamRoles", "type": "array" }, "KmsKeyId": { "markdownDescription": "The ID of the AWS Key Management Service key used to encrypt your data.", "title": "KmsKeyId", "type": "string" }, "LogExports": { "items": { "type": "string" }, "markdownDescription": "The types of logs the namespace can export. Available export types are User log, Connection log, and User activity log.", "title": "LogExports", "type": "array" }, "NamespaceArn": { "markdownDescription": "The Amazon Resource Name (ARN) associated with a namespace.", "title": "NamespaceArn", "type": "string" }, "NamespaceId": { "markdownDescription": "The unique identifier of a namespace.", "title": "NamespaceId", "type": "string" }, "NamespaceName": { "markdownDescription": "The name of the namespace. Must be between 3-64 alphanumeric characters in lowercase, and it cannot be a reserved word. A list of reserved words can be found in [Reserved Words](https://docs.aws.amazon.com//redshift/latest/dg/r_pg_keywords.html) in the Amazon Redshift Database Developer Guide.", "title": "NamespaceName", "type": "string" }, "Status": { "markdownDescription": "The status of the namespace.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::RedshiftServerless::Namespace.SnapshotCopyConfiguration": { "additionalProperties": false, "properties": { "DestinationKmsKeyId": { "markdownDescription": "The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region .", "title": "DestinationKmsKeyId", "type": "string" }, "DestinationRegion": { "markdownDescription": "The destination AWS Region to copy snapshots to.", "title": "DestinationRegion", "type": "string" }, "SnapshotRetentionPeriod": { "markdownDescription": "The retention period of snapshots that are copied to the destination AWS Region .", "title": "SnapshotRetentionPeriod", "type": "number" } }, "required": [ "DestinationRegion" ], "type": "object" }, "AWS::RedshiftServerless::Workgroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BaseCapacity": { "markdownDescription": "The base compute capacity of the workgroup in Redshift Processing Units (RPUs).", "title": "BaseCapacity", "type": "number" }, "ConfigParameters": { "items": { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" }, "markdownDescription": "A list of parameters to set for finer control over a database. Available options are `datestyle` , `enable_user_activity_logging` , `query_group` , `search_path` , `max_query_execution_time` , and `require_ssl` .", "title": "ConfigParameters", "type": "array" }, "EnhancedVpcRouting": { "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", "title": "EnhancedVpcRouting", "type": "boolean" }, "MaxCapacity": { "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", "title": "MaxCapacity", "type": "number" }, "NamespaceName": { "markdownDescription": "The namespace the workgroup is associated with.", "title": "NamespaceName", "type": "string" }, "Port": { "markdownDescription": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.", "title": "Port", "type": "number" }, "PubliclyAccessible": { "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", "title": "PubliclyAccessible", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security group IDs to associate with the workgroup.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs the workgroup is associated with.", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The map of the key-value pairs used to tag the workgroup.", "title": "Tags", "type": "array" }, "WorkgroupName": { "markdownDescription": "The name of the workgroup.", "title": "WorkgroupName", "type": "string" } }, "required": [ "WorkgroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::RedshiftServerless::Workgroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RedshiftServerless::Workgroup.ConfigParameter": { "additionalProperties": false, "properties": { "ParameterKey": { "markdownDescription": "The key of the parameter. The options are `datestyle` , `enable_user_activity_logging` , `query_group` , `search_path` , `max_query_execution_time` , and `require_ssl` .", "title": "ParameterKey", "type": "string" }, "ParameterValue": { "markdownDescription": "The value of the parameter to set.", "title": "ParameterValue", "type": "string" } }, "type": "object" }, "AWS::RedshiftServerless::Workgroup.Endpoint": { "additionalProperties": false, "properties": { "Address": { "markdownDescription": "The DNS address of the VPC endpoint.", "title": "Address", "type": "string" }, "Port": { "markdownDescription": "The port that Amazon Redshift Serverless listens on.", "title": "Port", "type": "number" }, "VpcEndpoints": { "items": { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.VpcEndpoint" }, "markdownDescription": "An array of `VpcEndpoint` objects.", "title": "VpcEndpoints", "type": "array" } }, "type": "object" }, "AWS::RedshiftServerless::Workgroup.NetworkInterface": { "additionalProperties": false, "properties": { "AvailabilityZone": { "markdownDescription": "The availability Zone.", "title": "AvailabilityZone", "type": "string" }, "NetworkInterfaceId": { "markdownDescription": "The unique identifier of the network interface.", "title": "NetworkInterfaceId", "type": "string" }, "PrivateIpAddress": { "markdownDescription": "The IPv4 address of the network interface within the subnet.", "title": "PrivateIpAddress", "type": "string" }, "SubnetId": { "markdownDescription": "The unique identifier of the subnet.", "title": "SubnetId", "type": "string" } }, "type": "object" }, "AWS::RedshiftServerless::Workgroup.VpcEndpoint": { "additionalProperties": false, "properties": { "NetworkInterfaces": { "items": { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.NetworkInterface" }, "markdownDescription": "One or more network interfaces of the endpoint. Also known as an interface endpoint.", "title": "NetworkInterfaces", "type": "array" }, "VpcEndpointId": { "markdownDescription": "The connection endpoint ID for connecting to Amazon Redshift Serverless.", "title": "VpcEndpointId", "type": "string" }, "VpcId": { "markdownDescription": "The VPC identifier that the endpoint is associated with.", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::RedshiftServerless::Workgroup.Workgroup": { "additionalProperties": false, "properties": { "BaseCapacity": { "markdownDescription": "The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs).", "title": "BaseCapacity", "type": "number" }, "ConfigParameters": { "items": { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.ConfigParameter" }, "markdownDescription": "An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) .", "title": "ConfigParameters", "type": "array" }, "CreationDate": { "markdownDescription": "The creation date of the workgroup.", "title": "CreationDate", "type": "string" }, "Endpoint": { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup.Endpoint", "markdownDescription": "The endpoint that is created from the workgroup.", "title": "Endpoint" }, "EnhancedVpcRouting": { "markdownDescription": "The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC.", "title": "EnhancedVpcRouting", "type": "boolean" }, "MaxCapacity": { "markdownDescription": "The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs.", "title": "MaxCapacity", "type": "number" }, "NamespaceName": { "markdownDescription": "The namespace the workgroup is associated with.", "title": "NamespaceName", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "A value that specifies whether the workgroup can be accessible from a public network.", "title": "PubliclyAccessible", "type": "boolean" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "An array of security group IDs to associate with the workgroup.", "title": "SecurityGroupIds", "type": "array" }, "Status": { "markdownDescription": "The status of the workgroup.", "title": "Status", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "An array of subnet IDs the workgroup is associated with.", "title": "SubnetIds", "type": "array" }, "WorkgroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) that links to the workgroup.", "title": "WorkgroupArn", "type": "string" }, "WorkgroupId": { "markdownDescription": "The unique identifier of the workgroup.", "title": "WorkgroupId", "type": "string" }, "WorkgroupName": { "markdownDescription": "The name of the workgroup.", "title": "WorkgroupName", "type": "string" } }, "type": "object" }, "AWS::RefactorSpaces::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApiGatewayProxy": { "$ref": "#/definitions/AWS::RefactorSpaces::Application.ApiGatewayProxyInput", "markdownDescription": "The endpoint URL of the Amazon API Gateway proxy.", "title": "ApiGatewayProxy" }, "EnvironmentIdentifier": { "markdownDescription": "The unique identifier of the environment.", "title": "EnvironmentIdentifier", "type": "string" }, "Name": { "markdownDescription": "The name of the application.", "title": "Name", "type": "string" }, "ProxyType": { "markdownDescription": "The proxy type of the proxy created within the application.", "title": "ProxyType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the application.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the virtual private cloud (VPC).", "title": "VpcId", "type": "string" } }, "required": [ "EnvironmentIdentifier", "Name", "ProxyType", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::RefactorSpaces::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RefactorSpaces::Application.ApiGatewayProxyInput": { "additionalProperties": false, "properties": { "EndpointType": { "markdownDescription": "The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default.\n\nIf the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) .", "title": "EndpointType", "type": "string" }, "StageName": { "markdownDescription": "The name of the API Gateway stage. The name defaults to `prod` .", "title": "StageName", "type": "string" } }, "type": "object" }, "AWS::RefactorSpaces::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the environment.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the environment.", "title": "Name", "type": "string" }, "NetworkFabricType": { "markdownDescription": "The network fabric type of the environment.", "title": "NetworkFabricType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the environment.", "title": "Tags", "type": "array" } }, "required": [ "Name", "NetworkFabricType" ], "type": "object" }, "Type": { "enum": [ "AWS::RefactorSpaces::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RefactorSpaces::Route": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationIdentifier": { "markdownDescription": "The unique identifier of the application.", "title": "ApplicationIdentifier", "type": "string" }, "DefaultRoute": { "$ref": "#/definitions/AWS::RefactorSpaces::Route.DefaultRouteInput", "markdownDescription": "Configuration for the default route type.", "title": "DefaultRoute" }, "EnvironmentIdentifier": { "markdownDescription": "The unique identifier of the environment.", "title": "EnvironmentIdentifier", "type": "string" }, "RouteType": { "markdownDescription": "The route type of the route.", "title": "RouteType", "type": "string" }, "ServiceIdentifier": { "markdownDescription": "The unique identifier of the service.", "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the route.", "title": "Tags", "type": "array" }, "UriPathRoute": { "$ref": "#/definitions/AWS::RefactorSpaces::Route.UriPathRouteInput", "markdownDescription": "The configuration for the URI path route type.", "title": "UriPathRoute" } }, "required": [ "ApplicationIdentifier", "EnvironmentIdentifier", "RouteType", "ServiceIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::RefactorSpaces::Route" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RefactorSpaces::Route.DefaultRouteInput": { "additionalProperties": false, "properties": { "ActivationState": { "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", "title": "ActivationState", "type": "string" } }, "required": [ "ActivationState" ], "type": "object" }, "AWS::RefactorSpaces::Route.UriPathRouteInput": { "additionalProperties": false, "properties": { "ActivationState": { "markdownDescription": "If set to `ACTIVE` , traffic is forwarded to this route\u2019s service after the route is created.", "title": "ActivationState", "type": "string" }, "AppendSourcePath": { "markdownDescription": "If set to `true` , this option appends the source path to the service URL endpoint.", "title": "AppendSourcePath", "type": "boolean" }, "IncludeChildPaths": { "markdownDescription": "Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service.", "title": "IncludeChildPaths", "type": "boolean" }, "Methods": { "items": { "type": "string" }, "markdownDescription": "A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route\u2019s service.", "title": "Methods", "type": "array" }, "SourcePath": { "markdownDescription": "This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'.", "title": "SourcePath", "type": "string" } }, "required": [ "ActivationState" ], "type": "object" }, "AWS::RefactorSpaces::Service": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationIdentifier": { "markdownDescription": "The unique identifier of the application.", "title": "ApplicationIdentifier", "type": "string" }, "Description": { "markdownDescription": "A description of the service.", "title": "Description", "type": "string" }, "EndpointType": { "markdownDescription": "The endpoint type of the service.", "title": "EndpointType", "type": "string" }, "EnvironmentIdentifier": { "markdownDescription": "The unique identifier of the environment.", "title": "EnvironmentIdentifier", "type": "string" }, "LambdaEndpoint": { "$ref": "#/definitions/AWS::RefactorSpaces::Service.LambdaEndpointInput", "markdownDescription": "A summary of the configuration for the AWS Lambda endpoint type.", "title": "LambdaEndpoint" }, "Name": { "markdownDescription": "The name of the service.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags assigned to the service.", "title": "Tags", "type": "array" }, "UrlEndpoint": { "$ref": "#/definitions/AWS::RefactorSpaces::Service.UrlEndpointInput", "markdownDescription": "The summary of the configuration for the URL endpoint type.", "title": "UrlEndpoint" }, "VpcId": { "markdownDescription": "The ID of the virtual private cloud (VPC).", "title": "VpcId", "type": "string" } }, "required": [ "ApplicationIdentifier", "EndpointType", "EnvironmentIdentifier", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::RefactorSpaces::Service" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RefactorSpaces::Service.LambdaEndpointInput": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lambda function or alias.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::RefactorSpaces::Service.UrlEndpointInput": { "additionalProperties": false, "properties": { "HealthUrl": { "markdownDescription": "The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL.", "title": "HealthUrl", "type": "string" }, "Url": { "markdownDescription": "The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) .", "title": "Url", "type": "string" } }, "required": [ "Url" ], "type": "object" }, "AWS::Rekognition::Collection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CollectionId": { "markdownDescription": "ID for the collection that you are creating.", "title": "CollectionId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the collection.", "title": "Tags", "type": "array" } }, "required": [ "CollectionId" ], "type": "object" }, "Type": { "enum": [ "AWS::Rekognition::Collection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Rekognition::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ProjectName": { "markdownDescription": "The name of the project to create.", "title": "ProjectName", "type": "string" } }, "required": [ "ProjectName" ], "type": "object" }, "Type": { "enum": [ "AWS::Rekognition::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Rekognition::StreamProcessor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BoundingBoxRegionsOfInterest": { "items": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.BoundingBox" }, "markdownDescription": "List of BoundingBox objects, each of which denotes a region of interest on screen. For more information, see the BoundingBox field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", "title": "BoundingBoxRegionsOfInterest", "type": "array" }, "ConnectedHomeSettings": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.ConnectedHomeSettings", "markdownDescription": "Connected home settings to use on a streaming video. You can use a stream processor for connected home features and select what you want the stream processor to detect, such as people or pets. When the stream processor has started, one notification is sent for each object class specified. For more information, see the ConnectedHome section of [StreamProcessorSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorSettings) .", "title": "ConnectedHomeSettings" }, "DataSharingPreference": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.DataSharingPreference", "markdownDescription": "Allows you to opt in or opt out to share data with Rekognition to improve model performance. You can choose this option at the account level or on a per-stream basis. Note that if you opt out at the account level this setting is ignored on individual streams. For more information, see [StreamProcessorDataSharingPreference](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorDataSharingPreference) .", "title": "DataSharingPreference" }, "FaceSearchSettings": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.FaceSearchSettings", "markdownDescription": "The input parameters used to recognize faces in a streaming video analyzed by an Amazon Rekognition stream processor. For more information regarding the contents of the parameters, see [FaceSearchSettings](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_FaceSearchSettings) .", "title": "FaceSearchSettings" }, "KinesisDataStream": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisDataStream", "markdownDescription": "Amazon Rekognition's Video Stream Processor takes a Kinesis video stream as input. This is the Amazon Kinesis Data Streams instance to which the Amazon Rekognition stream processor streams the analysis results. This must be created within the constraints specified at [KinesisDataStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisDataStream) .", "title": "KinesisDataStream" }, "KinesisVideoStream": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.KinesisVideoStream", "markdownDescription": "The Kinesis video stream that provides the source of the streaming video for an Amazon Rekognition Video stream processor. For more information, see [KinesisVideoStream](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_KinesisVideoStream) .", "title": "KinesisVideoStream" }, "KmsKeyId": { "markdownDescription": "The identifier for your Amazon Key Management Service key (Amazon KMS key). Optional parameter for connected home stream processors used to encrypt results and data published to your Amazon S3 bucket. For more information, see the KMSKeyId section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The Name attribute specifies the name of the stream processor and it must be within the constraints described in the Name section of [StreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessor) . If you don't specify a name, Amazon CloudFormation generates a unique ID and uses that ID for the stream processor name.", "title": "Name", "type": "string" }, "NotificationChannel": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.NotificationChannel", "markdownDescription": "The Amazon Simple Notification Service topic to which Amazon Rekognition publishes the object detection results and completion status of a video analysis operation. Amazon Rekognition publishes a notification the first time an object of interest or a person is detected in the video stream. Amazon Rekognition also publishes an end-of-session notification with a summary when the stream processing session is complete. For more information, see [StreamProcessorNotificationChannel](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorNotificationChannel) .", "title": "NotificationChannel" }, "PolygonRegionsOfInterest": { "markdownDescription": "A set of ordered lists of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. Each entry of the set contains a polygon denoting a region of interest on the screen. Each polygon is an ordered list of [Point](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_Point) objects. For more information, see the Polygon field of [RegionOfInterest](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_RegionOfInterest) .", "title": "PolygonRegionsOfInterest", "type": "object" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that allows access to the stream processor. The IAM role provides Rekognition read permissions to the Kinesis stream. It also provides write permissions to an Amazon S3 bucket and Amazon Simple Notification Service topic for a connected home stream processor. This is required for both face search and connected home stream processors. For information about constraints, see the RoleArn section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", "title": "RoleArn", "type": "string" }, "S3Destination": { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor.S3Destination", "markdownDescription": "The Amazon S3 bucket location to which Amazon Rekognition publishes the detailed inference results of a video analysis operation. For more information, see the S3Destination section of [StreamProcessorOutput](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_StreamProcessorOutput) .", "title": "S3Destination" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A set of tags (key-value pairs) that you want to attach to the stream processor. For more information, see the Tags section of [CreateStreamProcessor](https://docs.aws.amazon.com/rekognition/latest/APIReference/API_CreateStreamProcessor) .", "title": "Tags", "type": "array" } }, "required": [ "KinesisVideoStream", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Rekognition::StreamProcessor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.BoundingBox": { "additionalProperties": false, "properties": { "Height": { "markdownDescription": "Height of the bounding box as a ratio of the overall image height.", "title": "Height", "type": "number" }, "Left": { "markdownDescription": "Left coordinate of the bounding box as a ratio of overall image width.", "title": "Left", "type": "number" }, "Top": { "markdownDescription": "Top coordinate of the bounding box as a ratio of overall image height.", "title": "Top", "type": "number" }, "Width": { "markdownDescription": "Width of the bounding box as a ratio of the overall image width.", "title": "Width", "type": "number" } }, "required": [ "Height", "Left", "Top", "Width" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.ConnectedHomeSettings": { "additionalProperties": false, "properties": { "Labels": { "items": { "type": "string" }, "markdownDescription": "Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: \"PERSON\", \"PET\", \"PACKAGE\", and \"ALL\".", "title": "Labels", "type": "array" }, "MinConfidence": { "markdownDescription": "The minimum confidence required to label an object in the video.", "title": "MinConfidence", "type": "number" } }, "required": [ "Labels" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.DataSharingPreference": { "additionalProperties": false, "properties": { "OptIn": { "markdownDescription": "Describes the opt-in status applied to a stream processor's data sharing policy.", "title": "OptIn", "type": "boolean" } }, "required": [ "OptIn" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.FaceSearchSettings": { "additionalProperties": false, "properties": { "CollectionId": { "markdownDescription": "The ID of a collection that contains faces that you want to search for.", "title": "CollectionId", "type": "string" }, "FaceMatchThreshold": { "markdownDescription": "Minimum face match confidence score that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted, and values lower than 80 are set to 80.", "title": "FaceMatchThreshold", "type": "number" } }, "required": [ "CollectionId" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.KinesisDataStream": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "ARN of the output Amazon Kinesis Data Streams stream.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.KinesisVideoStream": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "ARN of the Kinesis video stream stream that streams the source video.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.NotificationChannel": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The ARN of the SNS topic that receives notifications.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::Rekognition::StreamProcessor.S3Destination": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) bucket name of a stream processor's exports.", "title": "BucketName", "type": "string" }, "ObjectKeyPrefix": { "markdownDescription": "Describes the destination Amazon Simple Storage Service (Amazon S3) object keys of a stream processor's exports.", "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::ResilienceHub::App": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppAssessmentSchedule": { "markdownDescription": "Assessment execution schedule with 'Daily' or 'Disabled' values.", "title": "AppAssessmentSchedule", "type": "string" }, "AppTemplateBody": { "markdownDescription": "A JSON string that provides information about your application structure. To learn more about the `appTemplateBody` template, see the sample template in [Sample appTemplateBody template](https://docs.aws.amazon.com//resilience-hub/latest/APIReference/API_PutDraftAppVersionTemplate.html#API_PutDraftAppVersionTemplate_Examples) .\n\nThe `appTemplateBody` JSON string has the following structure:\n\n- *`resources`*\n\nThe list of logical resources that needs to be included in the AWS Resilience Hub application.\n\nType: Array\n\n> Don't add the resources that you want to exclude. \n\nEach `resources` array item includes the following fields:\n\n- *`logicalResourceId`*\n\nThe logical identifier of the resource.\n\nType: Object\n\nEach `logicalResourceId` object includes the following fields:\n\n- `identifier`\n\nIdentifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`type`*\n\nThe type of resource.\n\nType: string\n- *`name`*\n\nName of the resource.\n\nType: String\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`appComponents`*\n\nThe list of Application Components (AppComponent) that this resource belongs to. If an AppComponent is not part of the AWS Resilience Hub application, it will be added.\n\nType: Array\n\nEach `appComponents` array item includes the following fields:\n\n- `name`\n\nName of the AppComponent.\n\nType: String\n- `type`\n\nThe type of AppComponent. For more information about the types of AppComponent, see [Grouping resources in an AppComponent](https://docs.aws.amazon.com/resilience-hub/latest/userguide/AppComponent.grouping.html) .\n\nType: String\n- `resourceNames`\n\nThe list of included resources that are assigned to the AppComponent.\n\nType: Array of strings\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`\n- *`excludedResources`*\n\nThe list of logical resource identifiers to be excluded from the application.\n\nType: Array\n\n> Don't add the resources that you want to include. \n\nEach `excludedResources` array item includes the following fields:\n\n- *`logicalResourceIds`*\n\nThe logical identifier of the resource.\n\nType: Object\n\n> You can configure only one of the following fields:\n> \n> - `logicalStackName`\n> - `resourceGroupName`\n> - `terraformSourceName`\n> - `eksSourceName` \n\nEach `logicalResourceIds` object includes the following fields:\n\n- `identifier`\n\nThe identifier of the resource.\n\nType: String\n- `logicalStackName`\n\nName of the AWS CloudFormation stack this resource belongs to.\n\nType: String\n- `resourceGroupName`\n\nName of the resource group this resource belongs to.\n\nType: String\n- `terraformSourceName`\n\nName of the Terraform S3 state file this resource belongs to.\n\nType: String\n- `eksSourceName`\n\nName of the Amazon Elastic Kubernetes Service cluster and namespace this resource belongs to.\n\n> This parameter accepts values in \"eks-cluster/namespace\" format. \n\nType: String\n- *`version`*\n\nThe AWS Resilience Hub application version.\n- `additionalInfo`\n\nAdditional configuration parameters for an AWS Resilience Hub application. If you want to implement `additionalInfo` through the AWS Resilience Hub console rather than using an API call, see [Configure the application configuration parameters](https://docs.aws.amazon.com//resilience-hub/latest/userguide/app-config-param.html) .\n\n> Currently, this parameter accepts a key-value mapping (in a string format) of only one failover region and one associated account.\n> \n> Key: `\"failover-regions\"`\n> \n> Value: `\"[{\"region\":\"\", \"accounts\":[{\"id\":\"\"}]}]\"`", "title": "AppTemplateBody", "type": "string" }, "Description": { "markdownDescription": "Optional description for an application.", "title": "Description", "type": "string" }, "EventSubscriptions": { "items": { "$ref": "#/definitions/AWS::ResilienceHub::App.EventSubscription" }, "markdownDescription": "The list of events you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* and *Scheduled assessment failure* events.", "title": "EventSubscriptions", "type": "array" }, "Name": { "markdownDescription": "Name for the application.", "title": "Name", "type": "string" }, "PermissionModel": { "$ref": "#/definitions/AWS::ResilienceHub::App.PermissionModel", "markdownDescription": "Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment.", "title": "PermissionModel" }, "ResiliencyPolicyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resiliency policy.", "title": "ResiliencyPolicyArn", "type": "string" }, "ResourceMappings": { "items": { "$ref": "#/definitions/AWS::ResilienceHub::App.ResourceMapping" }, "markdownDescription": "An array of `ResourceMapping` objects.", "title": "ResourceMappings", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "AppTemplateBody", "Name", "ResourceMappings" ], "type": "object" }, "Type": { "enum": [ "AWS::ResilienceHub::App" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResilienceHub::App.EventSubscription": { "additionalProperties": false, "properties": { "EventType": { "markdownDescription": "The type of event you would like to subscribe and get notification for. Currently, AWS Resilience Hub supports notifications only for *Drift detected* ( `DriftDetected` ) and *Scheduled assessment failure* ( `ScheduledAssessmentFailure` ) events.", "title": "EventType", "type": "string" }, "Name": { "markdownDescription": "Unique name to identify an event subscription.", "title": "Name", "type": "string" }, "SnsTopicArn": { "markdownDescription": "Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. The format for this ARN is: `arn:partition:sns:region:account:topic-name` . For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* guide.", "title": "SnsTopicArn", "type": "string" } }, "required": [ "EventType", "Name" ], "type": "object" }, "AWS::ResilienceHub::App.PermissionModel": { "additionalProperties": false, "properties": { "CrossAccountRoleArns": { "items": { "type": "string" }, "markdownDescription": "Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application.\n\n> - These ARNs are required only when your resources are in other accounts and you have different role name in these accounts. Else, the invoker role name will be used in the other accounts.\n> - These roles must have a trust policy with `iam:AssumeRole` permission to the invoker role in the primary account.", "title": "CrossAccountRoleArns", "type": "array" }, "InvokerRoleName": { "markdownDescription": "Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment.\n\n> - You must have `iam:passRole` permission for this role while creating or updating the application.\n> - Currently, `invokerRoleName` accepts only `[A-Za-z0-9_+=,.@-]` characters.", "title": "InvokerRoleName", "type": "string" }, "Type": { "markdownDescription": "Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ResilienceHub::App.PhysicalResourceId": { "additionalProperties": false, "properties": { "AwsAccountId": { "markdownDescription": "The AWS account that owns the physical resource.", "title": "AwsAccountId", "type": "string" }, "AwsRegion": { "markdownDescription": "The AWS Region that the physical resource is located in.", "title": "AwsRegion", "type": "string" }, "Identifier": { "markdownDescription": "Identifier of the physical resource.", "title": "Identifier", "type": "string" }, "Type": { "markdownDescription": "Specifies the type of physical resource identifier.\n\n- **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources:\n\n- `AWS::ECS::Service`\n- `AWS::EFS::FileSystem`\n- `AWS::ElasticLoadBalancingV2::LoadBalancer`\n- `AWS::Lambda::Function`\n- `AWS::SNS::Topic`\n- **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources:\n\n- `AWS::ApiGateway::RestApi`\n- `AWS::ApiGatewayV2::Api`\n- `AWS::AutoScaling::AutoScalingGroup`\n- `AWS::DocDB::DBCluster`\n- `AWS::DocDB::DBGlobalCluster`\n- `AWS::DocDB::DBInstance`\n- `AWS::DynamoDB::GlobalTable`\n- `AWS::DynamoDB::Table`\n- `AWS::EC2::EC2Fleet`\n- `AWS::EC2::Instance`\n- `AWS::EC2::NatGateway`\n- `AWS::EC2::Volume`\n- `AWS::ElasticLoadBalancing::LoadBalancer`\n- `AWS::RDS::DBCluster`\n- `AWS::RDS::DBInstance`\n- `AWS::RDS::GlobalCluster`\n- `AWS::Route53::RecordSet`\n- `AWS::S3::Bucket`\n- `AWS::SQS::Queue`", "title": "Type", "type": "string" } }, "required": [ "Identifier", "Type" ], "type": "object" }, "AWS::ResilienceHub::App.ResourceMapping": { "additionalProperties": false, "properties": { "EksSourceName": { "markdownDescription": "Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` .\n\n> This parameter accepts values in \"eks-cluster/namespace\" format.", "title": "EksSourceName", "type": "string" }, "LogicalStackName": { "markdownDescription": "Name of the AWS CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` .", "title": "LogicalStackName", "type": "string" }, "MappingType": { "markdownDescription": "Specifies the type of resource mapping.", "title": "MappingType", "type": "string" }, "PhysicalResourceId": { "$ref": "#/definitions/AWS::ResilienceHub::App.PhysicalResourceId", "markdownDescription": "Identifier of the physical resource.", "title": "PhysicalResourceId" }, "ResourceName": { "markdownDescription": "Name of the resource that this resource is mapped to when the `mappingType` is `Resource` .", "title": "ResourceName", "type": "string" }, "TerraformSourceName": { "markdownDescription": "Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` .", "title": "TerraformSourceName", "type": "string" } }, "required": [ "MappingType", "PhysicalResourceId" ], "type": "object" }, "AWS::ResilienceHub::ResiliencyPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataLocationConstraint": { "markdownDescription": "Specifies a high-level geographical location constraint for where your resilience policy data can be stored.", "title": "DataLocationConstraint", "type": "string" }, "Policy": { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.PolicyMap", "markdownDescription": "The resiliency policy.", "title": "Policy" }, "PolicyDescription": { "markdownDescription": "The description for the policy.", "title": "PolicyDescription", "type": "string" }, "PolicyName": { "markdownDescription": "The name of the policy", "title": "PolicyName", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tags assigned to the resource. A tag is a label that you assign to an AWS resource. Each tag consists of a key/value pair.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Tier": { "markdownDescription": "The tier for this resiliency policy, ranging from the highest severity ( `MissionCritical` ) to lowest ( `NonCritical` ).", "title": "Tier", "type": "string" } }, "required": [ "Policy", "PolicyName", "Tier" ], "type": "object" }, "Type": { "enum": [ "AWS::ResilienceHub::ResiliencyPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy": { "additionalProperties": false, "properties": { "RpoInSecs": { "markdownDescription": "Recovery Point Objective (RPO) in seconds.", "title": "RpoInSecs", "type": "number" }, "RtoInSecs": { "markdownDescription": "Recovery Time Objective (RTO) in seconds.", "title": "RtoInSecs", "type": "number" } }, "required": [ "RpoInSecs", "RtoInSecs" ], "type": "object" }, "AWS::ResilienceHub::ResiliencyPolicy.PolicyMap": { "additionalProperties": false, "properties": { "AZ": { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", "markdownDescription": "Defines the RTO and RPO targets for Availability Zone disruption.", "title": "AZ" }, "Hardware": { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", "markdownDescription": "Defines the RTO and RPO targets for hardware disruption.", "title": "Hardware" }, "Region": { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", "markdownDescription": "Defines the RTO and RPO targets for Regional disruption.", "title": "Region" }, "Software": { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy.FailurePolicy", "markdownDescription": "Defines the RTO and RPO targets for software disruption.", "title": "Software" } }, "required": [ "AZ", "Hardware", "Software" ], "type": "object" }, "AWS::ResourceExplorer2::DefaultViewAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ViewArn": { "markdownDescription": "The ARN of the view to set as the default for the AWS Region and AWS account in which you call this operation. The specified view must already exist in the specified Region.", "title": "ViewArn", "type": "string" } }, "required": [ "ViewArn" ], "type": "object" }, "Type": { "enum": [ "AWS::ResourceExplorer2::DefaultViewAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResourceExplorer2::Index": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Tags": { "additionalProperties": true, "markdownDescription": "The specified tags are attached to only the index created in this AWS Region . The tags don't attach to any of the resources listed in the index.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Type": { "markdownDescription": "Specifies the type of the index in this Region. For information about the aggregator index and how it differs from a local index, see [Turning on cross-Region search by creating an aggregator index](https://docs.aws.amazon.com/resource-explorer/latest/userguide/manage-aggregator-region.html) in the *AWS Resource Explorer User Guide.* .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::ResourceExplorer2::Index" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResourceExplorer2::View": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Filters": { "$ref": "#/definitions/AWS::ResourceExplorer2::View.SearchFilter", "markdownDescription": "An array of strings that include search keywords, prefixes, and operators that filter the results that are returned for queries made using this view. When you use this view in a [Search](https://docs.aws.amazon.com/resource-explorer/latest/apireference/API_Search.html) operation, the filter string is combined with the search's `QueryString` parameter using a logical `AND` operator.\n\nFor information about the supported syntax, see [Search query reference for Resource Explorer](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", "title": "Filters" }, "IncludedProperties": { "items": { "$ref": "#/definitions/AWS::ResourceExplorer2::View.IncludedProperty" }, "markdownDescription": "A list of fields that provide additional information about the view.", "title": "IncludedProperties", "type": "array" }, "Scope": { "markdownDescription": "The root ARN of the account, an organizational unit (OU), or an organization ARN. If left empty, the default is account.", "title": "Scope", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Tag key and value pairs that are attached to the view.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "ViewName": { "markdownDescription": "The name of the new view.", "title": "ViewName", "type": "string" } }, "required": [ "ViewName" ], "type": "object" }, "Type": { "enum": [ "AWS::ResourceExplorer2::View" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResourceExplorer2::View.IncludedProperty": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the property that is included in this view.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::ResourceExplorer2::View.SearchFilter": { "additionalProperties": false, "properties": { "FilterString": { "markdownDescription": "The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation.\n\nFor information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* .\n\n> This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` .", "title": "FilterString", "type": "string" } }, "required": [ "FilterString" ], "type": "object" }, "AWS::ResourceGroups::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "items": { "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationItem" }, "markdownDescription": "The service configuration currently associated with the resource group and in effect for the members of the resource group. A `Configuration` consists of one or more `ConfigurationItem` entries. For information about service configurations for resource groups and how to construct them, see [Service configurations for resource groups](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html) in the *AWS Resource Groups User Guide* .\n\n> You can include either a `Configuration` or a `ResourceQuery` , but not both.", "title": "Configuration", "type": "array" }, "Description": { "markdownDescription": "The description of the resource group.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of a resource group. The name must be unique within the AWS Region in which you create the resource. To create multiple resource groups based on the same CloudFormation stack, you must generate unique names for each.", "title": "Name", "type": "string" }, "ResourceQuery": { "$ref": "#/definitions/AWS::ResourceGroups::Group.ResourceQuery", "markdownDescription": "The resource query structure that is used to dynamically determine which AWS resources are members of the associated resource group. For more information about queries and how to construct them, see [Build queries and groups in AWS Resource Groups](https://docs.aws.amazon.com//ARG/latest/userguide/gettingstarted-query.html) in the *AWS Resource Groups User Guide*\n\n> - You can include either a `ResourceQuery` or a `Configuration` , but not both.\n> - You can specify the group's membership either by using a `ResourceQuery` or by using a list of `Resources` , but not both.", "title": "ResourceQuery" }, "Resources": { "items": { "type": "string" }, "markdownDescription": "A list of the Amazon Resource Names (ARNs) of AWS resources that you want to add to the specified group.\n\n> - You can specify the group membership either by using a list of `Resources` or by using a `ResourceQuery` , but not both.\n> - You can include a `Resources` property only if you also specify a `Configuration` property.", "title": "Resources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tag key and value pairs that are attached to the resource group.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ResourceGroups::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ResourceGroups::Group.ConfigurationItem": { "additionalProperties": false, "properties": { "Parameters": { "items": { "$ref": "#/definitions/AWS::ResourceGroups::Group.ConfigurationParameter" }, "markdownDescription": "A collection of parameters for this configuration item. For the list of parameters that you can use with each configuration item `Type` , see [Supported resource types and parameters](https://docs.aws.amazon.com/ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", "title": "Parameters", "type": "array" }, "Type": { "markdownDescription": "Specifies the type of configuration item. Each item must have a unique value for type. For the list of the types that you can specify for a configuration item, see [Supported resource types and parameters](https://docs.aws.amazon.com/ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::ResourceGroups::Group.ConfigurationParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the group configuration parameter. For the list of parameters that you can use with each configuration item type, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) in the *AWS Resource Groups User Guide* .", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The value or values to be used for the specified parameter. For the list of values you can use with each parameter, see [Supported resource types and parameters](https://docs.aws.amazon.com//ARG/latest/APIReference/about-slg.html#about-slg-types) .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::ResourceGroups::Group.Query": { "additionalProperties": false, "properties": { "ResourceTypeFilters": { "items": { "type": "string" }, "markdownDescription": "Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `[\"AWS::EC2::Instance\", \"AWS::DynamoDB::Table\"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `[\"AWS::AllSupported\"]` .", "title": "ResourceTypeFilters", "type": "array" }, "StackIdentifier": { "markdownDescription": "Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped.\n\nYou can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.`", "title": "StackIdentifier", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::ResourceGroups::Group.TagFilter" }, "markdownDescription": "A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` .\n\nA resource must have a tag that matches every filter that is provided in the `TagFilters` list.", "title": "TagFilters", "type": "array" } }, "type": "object" }, "AWS::ResourceGroups::Group.ResourceQuery": { "additionalProperties": false, "properties": { "Query": { "$ref": "#/definitions/AWS::ResourceGroups::Group.Query", "markdownDescription": "The query that defines the membership of the group. This is a structure with properties that depend on the `Type` .\n\nThe `Query` structure must be included in the following scenarios:\n\n- When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group.\n- When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing.", "title": "Query" }, "Type": { "markdownDescription": "Specifies the type of resource query that determines this group's membership. There are two valid query types:\n\n- `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query.\n- `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::ResourceGroups::Group.TagFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group.\n\nThis field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key.", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member.", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::RoboMaker::Fleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the fleet.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "The list of all tags added to the fleet.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::Fleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::RoboMaker::Robot": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Architecture": { "markdownDescription": "The architecture of the robot.", "title": "Architecture", "type": "string" }, "Fleet": { "markdownDescription": "The Amazon Resource Name (ARN) of the fleet to which the robot will be registered.", "title": "Fleet", "type": "string" }, "GreengrassGroupId": { "markdownDescription": "The Greengrass group associated with the robot.", "title": "GreengrassGroupId", "type": "string" }, "Name": { "markdownDescription": "The name of the robot.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Architecture", "GreengrassGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::Robot" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RoboMaker::RobotApplication": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CurrentRevisionId": { "markdownDescription": "The current revision id.", "title": "CurrentRevisionId", "type": "string" }, "Environment": { "markdownDescription": "The environment of the robot application.", "title": "Environment", "type": "string" }, "Name": { "markdownDescription": "The name of the robot application.", "title": "Name", "type": "string" }, "RobotSoftwareSuite": { "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.RobotSoftwareSuite", "markdownDescription": "The robot software suite used by the robot application.", "title": "RobotSoftwareSuite" }, "Sources": { "items": { "$ref": "#/definitions/AWS::RoboMaker::RobotApplication.SourceConfig" }, "markdownDescription": "The sources of the robot application.", "title": "Sources", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "A map that contains tag keys and tag values that are attached to the robot application.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "RobotSoftwareSuite" ], "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::RobotApplication" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RoboMaker::RobotApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", "title": "Version", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::RoboMaker::RobotApplication.SourceConfig": { "additionalProperties": false, "properties": { "Architecture": { "markdownDescription": "The target processor architecture for the application.", "title": "Architecture", "type": "string" }, "S3Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The s3 object key.", "title": "S3Key", "type": "string" } }, "required": [ "Architecture", "S3Bucket", "S3Key" ], "type": "object" }, "AWS::RoboMaker::RobotApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Application": { "markdownDescription": "The application information for the robot application.", "title": "Application", "type": "string" }, "CurrentRevisionId": { "markdownDescription": "The current revision id for the robot application. If you provide a value and it matches the latest revision ID, a new version will be created.", "title": "CurrentRevisionId", "type": "string" } }, "required": [ "Application" ], "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::RobotApplicationVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RoboMaker::SimulationApplication": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CurrentRevisionId": { "markdownDescription": "The current revision id.", "title": "CurrentRevisionId", "type": "string" }, "Environment": { "markdownDescription": "The environment of the simulation application.", "title": "Environment", "type": "string" }, "Name": { "markdownDescription": "The name of the simulation application.", "title": "Name", "type": "string" }, "RenderingEngine": { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RenderingEngine", "markdownDescription": "The rendering engine for the simulation application.", "title": "RenderingEngine" }, "RobotSoftwareSuite": { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite", "markdownDescription": "The robot software suite used by the simulation application.", "title": "RobotSoftwareSuite" }, "SimulationSoftwareSuite": { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite", "markdownDescription": "The simulation software suite used by the simulation application.", "title": "SimulationSoftwareSuite" }, "Sources": { "items": { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication.SourceConfig" }, "markdownDescription": "The sources of the simulation application.", "title": "Sources", "type": "array" }, "Tags": { "additionalProperties": true, "markdownDescription": "A map that contains tag keys and tag values that are attached to the simulation application.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "RobotSoftwareSuite", "SimulationSoftwareSuite" ], "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::SimulationApplication" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RoboMaker::SimulationApplication.RenderingEngine": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the rendering engine.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version of the rendering engine.", "title": "Version", "type": "string" } }, "required": [ "Name", "Version" ], "type": "object" }, "AWS::RoboMaker::SimulationApplication.RobotSoftwareSuite": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the robot software suite. `General` is the only supported value.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version of the robot software suite. Not applicable for General software suite.", "title": "Version", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::RoboMaker::SimulationApplication.SimulationSoftwareSuite": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the simulation software suite. `SimulationRuntime` is the only supported value.", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The version of the simulation software suite. Not applicable for `SimulationRuntime` .", "title": "Version", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::RoboMaker::SimulationApplication.SourceConfig": { "additionalProperties": false, "properties": { "Architecture": { "markdownDescription": "The target processor architecture for the application.", "title": "Architecture", "type": "string" }, "S3Bucket": { "markdownDescription": "The Amazon S3 bucket name.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The s3 object key.", "title": "S3Key", "type": "string" } }, "required": [ "Architecture", "S3Bucket", "S3Key" ], "type": "object" }, "AWS::RoboMaker::SimulationApplicationVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Application": { "markdownDescription": "The application information for the simulation application.", "title": "Application", "type": "string" }, "CurrentRevisionId": { "markdownDescription": "The current revision id for the simulation application. If you provide a value and it matches the latest revision ID, a new version will be created.", "title": "CurrentRevisionId", "type": "string" } }, "required": [ "Application" ], "type": "object" }, "Type": { "enum": [ "AWS::RoboMaker::SimulationApplicationVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RolesAnywhere::CRL": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CrlData": { "markdownDescription": "The x509 v3 specified certificate revocation list (CRL).", "title": "CrlData", "type": "string" }, "Enabled": { "markdownDescription": "Specifies whether the certificate revocation list (CRL) is enabled.", "title": "Enabled", "type": "boolean" }, "Name": { "markdownDescription": "The name of the certificate revocation list (CRL).", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to attach to the certificate revocation list (CRL).", "title": "Tags", "type": "array" }, "TrustAnchorArn": { "markdownDescription": "The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.", "title": "TrustAnchorArn", "type": "string" } }, "required": [ "CrlData", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::RolesAnywhere::CRL" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RolesAnywhere::Profile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DurationSeconds": { "markdownDescription": "The number of seconds vended session credentials will be valid for", "title": "DurationSeconds", "type": "number" }, "Enabled": { "markdownDescription": "The enabled status of the resource.", "title": "Enabled", "type": "boolean" }, "ManagedPolicyArns": { "items": { "type": "string" }, "markdownDescription": "A list of managed policy ARNs. Managed policies identified by this list will be applied to the vended session credentials.", "title": "ManagedPolicyArns", "type": "array" }, "Name": { "markdownDescription": "The customer specified name of the resource.", "title": "Name", "type": "string" }, "RequireInstanceProperties": { "markdownDescription": "Specifies whether instance properties are required in CreateSession requests with this profile.", "title": "RequireInstanceProperties", "type": "boolean" }, "RoleArns": { "items": { "type": "string" }, "markdownDescription": "A list of IAM role ARNs that can be assumed when this profile is specified in a CreateSession request.", "title": "RoleArns", "type": "array" }, "SessionPolicy": { "markdownDescription": "A session policy that will applied to the trust boundary of the vended session credentials.", "title": "SessionPolicy", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of Tags.", "title": "Tags", "type": "array" } }, "required": [ "Name", "RoleArns" ], "type": "object" }, "Type": { "enum": [ "AWS::RolesAnywhere::Profile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RolesAnywhere::TrustAnchor": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether the trust anchor is enabled.", "title": "Enabled", "type": "boolean" }, "Name": { "markdownDescription": "The name of the trust anchor.", "title": "Name", "type": "string" }, "NotificationSettings": { "items": { "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.NotificationSetting" }, "markdownDescription": "A list of notification settings to be associated to the trust anchor.", "title": "NotificationSettings", "type": "array" }, "Source": { "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.Source", "markdownDescription": "The trust anchor type and its related certificate data.", "title": "Source" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to attach to the trust anchor.", "title": "Tags", "type": "array" } }, "required": [ "Name", "Source" ], "type": "object" }, "Type": { "enum": [ "AWS::RolesAnywhere::TrustAnchor" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::RolesAnywhere::TrustAnchor.NotificationSetting": { "additionalProperties": false, "properties": { "Channel": { "markdownDescription": "The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and AWS Health Dashboard to notify for an event.\n\n> In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels.", "title": "Channel", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether the notification setting is enabled.", "title": "Enabled", "type": "boolean" }, "Event": { "markdownDescription": "The event to which this notification setting is applied.", "title": "Event", "type": "string" }, "Threshold": { "markdownDescription": "The number of days before a notification event. This value is required for a notification setting that is enabled.", "title": "Threshold", "type": "number" } }, "required": [ "Enabled", "Event" ], "type": "object" }, "AWS::RolesAnywhere::TrustAnchor.Source": { "additionalProperties": false, "properties": { "SourceData": { "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor.SourceData", "markdownDescription": "A union object representing the data field of the TrustAnchor depending on its type", "title": "SourceData" }, "SourceType": { "markdownDescription": "The type of the TrustAnchor.", "title": "SourceType", "type": "string" } }, "type": "object" }, "AWS::RolesAnywhere::TrustAnchor.SourceData": { "additionalProperties": false, "properties": { "AcmPcaArn": { "markdownDescription": "The root certificate of the AWS Private Certificate Authority specified by this ARN is used in trust validation for temporary credential requests. Included for trust anchors of type `AWS_ACM_PCA` .\n\n> This field is not supported in your region.", "title": "AcmPcaArn", "type": "string" }, "X509CertificateData": { "markdownDescription": "The PEM-encoded data for the certificate anchor. Included for trust anchors of type `CERTIFICATE_BUNDLE` .", "title": "X509CertificateData", "type": "string" } }, "type": "object" }, "AWS::Route53::CidrCollection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Locations": { "items": { "$ref": "#/definitions/AWS::Route53::CidrCollection.Location" }, "markdownDescription": "A complex type that contains information about the list of CIDR locations.", "title": "Locations", "type": "array" }, "Name": { "markdownDescription": "The name of a CIDR collection.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53::CidrCollection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53::CidrCollection.Location": { "additionalProperties": false, "properties": { "CidrList": { "items": { "type": "string" }, "markdownDescription": "List of CIDR blocks.", "title": "CidrList", "type": "array" }, "LocationName": { "markdownDescription": "The CIDR collection location name.", "title": "LocationName", "type": "string" } }, "required": [ "CidrList", "LocationName" ], "type": "object" }, "AWS::Route53::DNSSEC": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HostedZoneId": { "markdownDescription": "A unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", "title": "HostedZoneId", "type": "string" } }, "required": [ "HostedZoneId" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53::DNSSEC" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53::HealthCheck": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HealthCheckConfig": { "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckConfig", "markdownDescription": "A complex type that contains detailed information about one health check.\n\nFor the values to enter for `HealthCheckConfig` , see [HealthCheckConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_HealthCheckConfig.html)", "title": "HealthCheckConfig" }, "HealthCheckTags": { "items": { "$ref": "#/definitions/AWS::Route53::HealthCheck.HealthCheckTag" }, "markdownDescription": "The `HealthCheckTags` property describes key-value pairs that are associated with an `AWS::Route53::HealthCheck` resource.", "title": "HealthCheckTags", "type": "array" } }, "required": [ "HealthCheckConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53::HealthCheck" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53::HealthCheck.AlarmIdentifier": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy.\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.", "title": "Name", "type": "string" }, "Region": { "markdownDescription": "For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in.\n\nFor the current list of CloudWatch regions, see [Amazon CloudWatch endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/cw_region.html) in the *Amazon Web Services General Reference* .", "title": "Region", "type": "string" } }, "required": [ "Name", "Region" ], "type": "object" }, "AWS::Route53::HealthCheck.HealthCheckConfig": { "additionalProperties": false, "properties": { "AlarmIdentifier": { "$ref": "#/definitions/AWS::Route53::HealthCheck.AlarmIdentifier", "markdownDescription": "A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy.", "title": "AlarmIdentifier" }, "ChildHealthChecks": { "items": { "type": "string" }, "markdownDescription": "(CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check.", "title": "ChildHealthChecks", "type": "array" }, "EnableSNI": { "markdownDescription": "Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate.\n\nSome endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid.\n\nThe SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message.", "title": "EnableSNI", "type": "boolean" }, "FailureThreshold": { "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .\n\nIf you don't specify a value for `FailureThreshold` , the default value is three health checks.", "title": "FailureThreshold", "type": "number" }, "FullyQualifiedDomainName": { "markdownDescription": "Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` .\n\n*If you specify a value for* `IPAddress` :\n\nAmazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks.\n\nWhen Route 53 checks the health of an endpoint, here is how it constructs the `Host` header:\n\n- If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header.\n- If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header.\n- If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header.\n\nIf you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases.\n\n*If you don't specify a value for `IPAddress`* :\n\nRoute 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint.\n\n> If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a \"DNS resolution failed\" error. \n\nIf you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com).\n\n> In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. \n\nIn addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header.", "title": "FullyQualifiedDomainName", "type": "string" }, "HealthThreshold": { "markdownDescription": "The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element.\n\nNote the following:\n\n- If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy.\n- If you specify `0` , Route 53 always considers this health check to be healthy.", "title": "HealthThreshold", "type": "number" }, "IPAddress": { "markdownDescription": "The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint.\n\nUse one of the following formats for the value of `IPAddress` :\n\n- *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` .\n- *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` .\n\nIf the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change.\n\nFor more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) .\n\nConstraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents:\n\n- [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735)\n- [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598)\n- [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156)\n\nWhen the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` .", "title": "IPAddress", "type": "string" }, "InsufficientDataHealthStatus": { "markdownDescription": "When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check:\n\n- `Healthy` : Route 53 considers the health check to be healthy.\n- `Unhealthy` : Route 53 considers the health check to be unhealthy.\n- `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy.", "title": "InsufficientDataHealthStatus", "type": "string" }, "Inverted": { "markdownDescription": "Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy.", "title": "Inverted", "type": "boolean" }, "MeasureLatency": { "markdownDescription": "Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console.\n\n> You can't change the value of `MeasureLatency` after you create a health check.", "title": "MeasureLatency", "type": "boolean" }, "Port": { "markdownDescription": "The port on the endpoint that you want Amazon Route 53 to perform health checks on.\n\n> Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` .", "title": "Port", "type": "number" }, "Regions": { "items": { "type": "string" }, "markdownDescription": "A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint.\n\nIf you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* .\n\nIf you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions).", "title": "Regions", "type": "array" }, "RequestInterval": { "markdownDescription": "The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval.\n\n> You can't change the value of `RequestInterval` after you create a health check. \n\nIf you don't specify a value for `RequestInterval` , the default value is `30` seconds.", "title": "RequestInterval", "type": "number" }, "ResourcePath": { "markdownDescription": "The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` .", "title": "ResourcePath", "type": "string" }, "RoutingControlArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control.\n\nFor more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) .", "title": "RoutingControlArn", "type": "string" }, "SearchString": { "markdownDescription": "If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy.\n\nRoute 53 considers case when searching for `SearchString` in the response body.", "title": "SearchString", "type": "string" }, "Type": { "markdownDescription": "The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` .\n- *TCP* : Route 53 tries to establish a TCP connection.\n- *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` .\n\n> Route 53 supports CloudWatch alarms with the following features:\n> \n> - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* .\n> - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported.\n- *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` .\n- *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy.\n\nFor more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53::HealthCheck.HealthCheckTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Route53::HostedZone": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HostedZoneConfig": { "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneConfig", "markdownDescription": "A complex type that contains an optional comment.\n\nIf you don't want to specify a comment, omit the `HostedZoneConfig` and `Comment` elements.", "title": "HostedZoneConfig" }, "HostedZoneTags": { "items": { "$ref": "#/definitions/AWS::Route53::HostedZone.HostedZoneTag" }, "markdownDescription": "Adds, edits, or deletes tags for a health check or a hosted zone.\n\nFor information about using tags for cost allocation, see [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) in the *AWS Billing and Cost Management User Guide* .", "title": "HostedZoneTags", "type": "array" }, "Name": { "markdownDescription": "The name of the domain. Specify a fully qualified domain name, for example, *www.example.com* . The trailing dot is optional; Amazon Route 53 assumes that the domain name is fully qualified. This means that Route 53 treats *www.example.com* (without a trailing dot) and *www.example.com.* (with a trailing dot) as identical.\n\nIf you're creating a public hosted zone, this is the name you have registered with your DNS registrar. If your domain name is registered with a registrar other than Route 53, change the name servers for your domain to the set of `NameServers` that are returned by the `Fn::GetAtt` intrinsic function.", "title": "Name", "type": "string" }, "QueryLoggingConfig": { "$ref": "#/definitions/AWS::Route53::HostedZone.QueryLoggingConfig", "markdownDescription": "Creates a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.\n\nDNS query logs contain information about the queries that Route 53 receives for a specified public hosted zone, such as the following:\n\n- Route 53 edge location that responded to the DNS query\n- Domain or subdomain that was requested\n- DNS record type, such as A or AAAA\n- DNS response code, such as `NoError` or `ServFail`\n\n- **Log Group and Resource Policy** - Before you create a query logging configuration, perform the following operations.\n\n> If you create a query logging configuration using the Route 53 console, Route 53 performs these operations automatically. \n\n- Create a CloudWatch Logs log group, and make note of the ARN, which you specify when you create a query logging configuration. Note the following:\n\n- You must create the log group in the us-east-1 region.\n- You must use the same AWS account to create the log group and the hosted zone that you want to configure query logging for.\n- When you create log groups for query logging, we recommend that you use a consistent prefix, for example:\n\n`/aws/route53/ *hosted zone name*`\n\nIn the next step, you'll create a resource policy, which controls access to one or more log groups and the associated AWS resources, such as Route 53 hosted zones. There's a limit on the number of resource policies that you can create, so we recommend that you use a consistent prefix so you can use the same resource policy for all the log groups that you create for query logging.\n- Create a CloudWatch Logs resource policy, and give it the permissions that Route 53 needs to create log streams and to send query logs to log streams. You must create the CloudWatch Logs resource policy in the us-east-1 region. For the value of `Resource` , specify the ARN for the log group that you created in the previous step. To use the same resource policy for all the CloudWatch Logs log groups that you created for query logging configurations, replace the hosted zone name with `*` , for example:\n\n`arn:aws:logs:us-east-1:123412341234:log-group:/aws/route53/*`\n\nTo avoid the confused deputy problem, a security issue where an entity without a permission for an action can coerce a more-privileged entity to perform it, you can optionally limit the permissions that a service has to a resource in a resource-based policy by supplying the following values:\n\n- For `aws:SourceArn` , supply the hosted zone ARN used in creating the query logging configuration. For example, `aws:SourceArn: arn:aws:route53:::hostedzone/hosted zone ID` .\n- For `aws:SourceAccount` , supply the account ID for the account that creates the query logging configuration. For example, `aws:SourceAccount:111111111111` .\n\nFor more information, see [The confused deputy problem](https://docs.aws.amazon.com/IAM/latest/UserGuide/confused-deputy.html) in the *AWS IAM User Guide* .\n\n> You can't use the CloudWatch console to create or edit a resource policy. You must use the CloudWatch API, one of the AWS SDKs, or the AWS CLI .\n- **Log Streams and Edge Locations** - When Route 53 finishes creating the configuration for DNS query logging, it does the following:\n\n- Creates a log stream for an edge location the first time that the edge location responds to DNS queries for the specified hosted zone. That log stream is used to log all queries that Route 53 responds to for that edge location.\n- Begins to send query logs to the applicable log stream.\n\nThe name of each log stream is in the following format:\n\n`*hosted zone ID* / *edge location code*`\n\nThe edge location code is a three-letter code and an arbitrarily assigned number, for example, DFW3. The three-letter code typically corresponds with the International Air Transport Association airport code for an airport near the edge location. (These abbreviations might change in the future.) For a list of edge locations, see \"The Route 53 Global Network\" on the [Route 53 Product Details](https://docs.aws.amazon.com/route53/details/) page.\n- **Queries That Are Logged** - Query logs contain only the queries that DNS resolvers forward to Route 53. If a DNS resolver has already cached the response to a query (such as the IP address for a load balancer for example.com), the resolver will continue to return the cached response. It doesn't forward another query to Route 53 until the TTL for the corresponding resource record set expires. Depending on how many DNS queries are submitted for a resource record set, and depending on the TTL for that resource record set, query logs might contain information about only one query out of every several thousand queries that are submitted to DNS. For more information about how DNS works, see [Routing Internet Traffic to Your Website or Web Application](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/welcome-dns-service.html) in the *Amazon Route 53 Developer Guide* .\n- **Log File Format** - For a list of the values in each query log and the format of each value, see [Logging DNS Queries](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/query-logs.html) in the *Amazon Route 53 Developer Guide* .\n- **Pricing** - For information about charges for query logs, see [Amazon CloudWatch Pricing](https://docs.aws.amazon.com/cloudwatch/pricing/) .\n- **How to Stop Logging** - If you want Route 53 to stop sending query logs to CloudWatch Logs, delete the query logging configuration. For more information, see [DeleteQueryLoggingConfig](https://docs.aws.amazon.com/Route53/latest/APIReference/API_DeleteQueryLoggingConfig.html) .", "title": "QueryLoggingConfig" }, "VPCs": { "items": { "$ref": "#/definitions/AWS::Route53::HostedZone.VPC" }, "markdownDescription": "*Private hosted zones:* A complex type that contains information about the VPCs that are associated with the specified hosted zone.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", "title": "VPCs", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53::HostedZone" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53::HostedZone.HostedZoneConfig": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "Any comments that you want to include about the hosted zone.", "title": "Comment", "type": "string" } }, "type": "object" }, "AWS::Route53::HostedZone.HostedZoneTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The value of `Key` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Key` is the name that you want to give the new tag.\n- *Edit a tag* : `Key` is the name of the tag that you want to change the `Value` for.\n- *Delete a key* : `Key` is the name of the tag you want to remove.\n- *Give a name to a health check* : Edit the default `Name` tag. In the Amazon Route 53 console, the list of your health checks includes a *Name* column that lets you see the name that you've given to each health check.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of `Value` depends on the operation that you want to perform:\n\n- *Add a tag to a health check or hosted zone* : `Value` is the value that you want to give the new tag.\n- *Edit a tag* : `Value` is the new value that you want to assign the tag.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Route53::HostedZone.QueryLoggingConfig": { "additionalProperties": false, "properties": { "CloudWatchLogsLogGroupArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to.", "title": "CloudWatchLogsLogGroupArn", "type": "string" } }, "required": [ "CloudWatchLogsLogGroupArn" ], "type": "object" }, "AWS::Route53::HostedZone.VPC": { "additionalProperties": false, "properties": { "VPCId": { "markdownDescription": "*Private hosted zones only:* The ID of an Amazon VPC.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", "title": "VPCId", "type": "string" }, "VPCRegion": { "markdownDescription": "*Private hosted zones only:* The region that an Amazon VPC was created in.\n\n> For public hosted zones, omit `VPCs` , `VPCId` , and `VPCRegion` .", "title": "VPCRegion", "type": "string" } }, "required": [ "VPCId", "VPCRegion" ], "type": "object" }, "AWS::Route53::KeySigningKey": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HostedZoneId": { "markdownDescription": "The unique string (ID) that is used to identify a hosted zone. For example: `Z00001111A1ABCaaABC11` .", "title": "HostedZoneId", "type": "string" }, "KeyManagementServiceArn": { "markdownDescription": "The Amazon resource name (ARN) for a customer managed customer master key (CMK) in AWS Key Management Service ( AWS KMS ). The `KeyManagementServiceArn` must be unique for each key-signing key (KSK) in a single hosted zone. For example: `arn:aws:kms:us-east-1:111122223333:key/111a2222-a11b-1ab1-2ab2-1ab21a2b3a111` .", "title": "KeyManagementServiceArn", "type": "string" }, "Name": { "markdownDescription": "A string used to identify a key-signing key (KSK). `Name` can include numbers, letters, and underscores (_). `Name` must be unique for each key-signing key in the same hosted zone.", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "A string that represents the current key-signing key (KSK) status.\n\nStatus can have one of the following values:\n\n- **ACTIVE** - The KSK is being used for signing.\n- **INACTIVE** - The KSK is not being used for signing.\n- **DELETING** - The KSK is in the process of being deleted.\n- **ACTION_NEEDED** - There is a problem with the KSK that requires you to take action to resolve. For example, the customer managed key might have been deleted, or the permissions for the customer managed key might have been changed.\n- **INTERNAL_FAILURE** - There was an error during a request. Before you can continue to work with DNSSEC signing, including actions that involve this KSK, you must correct the problem. For example, you may need to activate or deactivate the KSK.", "title": "Status", "type": "string" } }, "required": [ "HostedZoneId", "KeyManagementServiceArn", "Name", "Status" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53::KeySigningKey" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53::RecordSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AliasTarget": { "$ref": "#/definitions/AWS::Route53::RecordSet.AliasTarget", "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", "title": "AliasTarget" }, "CidrRoutingConfig": { "$ref": "#/definitions/AWS::Route53::RecordSet.CidrRoutingConfig", "markdownDescription": "The object that is specified in resource record set object when you are linking a resource record set to a CIDR location.\n\nA `LocationName` with an asterisk \u201c*\u201d can be used to create a default CIDR record. `CollectionId` is still required for default record.", "title": "CidrRoutingConfig" }, "Comment": { "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", "title": "Comment", "type": "string" }, "Failover": { "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", "title": "Failover", "type": "string" }, "GeoLocation": { "$ref": "#/definitions/AWS::Route53::RecordSet.GeoLocation", "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", "title": "GeoLocation" }, "GeoProximityLocation": { "$ref": "#/definitions/AWS::Route53::RecordSet.GeoProximityLocation", "markdownDescription": "*GeoproximityLocation resource record sets only:* A complex type that lets you control how Route\u00a053 responds to DNS queries based on the geographic origin of the query and your resources.", "title": "GeoProximityLocation" }, "HealthCheckId": { "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", "title": "HealthCheckId", "type": "string" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", "title": "HostedZoneId", "type": "string" }, "HostedZoneName": { "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an AWS::Route53::RecordSet that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the HostedZoneName. If AWS CloudFormation cannot find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", "title": "HostedZoneName", "type": "string" }, "MultiValueAnswer": { "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", "title": "MultiValueAnswer", "type": "boolean" }, "Name": { "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", "title": "Name", "type": "string" }, "Region": { "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", "title": "Region", "type": "string" }, "ResourceRecords": { "items": { "type": "string" }, "markdownDescription": "One or more values that correspond with the value that you specified for the `Type` property. For example, if you specified `A` for `Type` , you specify one or more IP addresses in IPv4 format for `ResourceRecords` . For information about the format of values for each record type, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nNote the following:\n\n- You can specify more than one value for all record types except CNAME and SOA.\n- The maximum length of a value is 4000 characters.\n- If you're creating an alias record, omit `ResourceRecords` .", "title": "ResourceRecords", "type": "array" }, "SetIdentifier": { "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", "title": "SetIdentifier", "type": "string" }, "TTL": { "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", "title": "TTL", "type": "string" }, "Type": { "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", "title": "Type", "type": "string" }, "Weight": { "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", "title": "Weight", "type": "number" } }, "required": [ "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53::RecordSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53::RecordSet.AliasTarget": { "additionalProperties": false, "properties": { "DNSName": { "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", "title": "DNSName", "type": "string" }, "EvaluateTargetHealth": { "markdownDescription": "*Applies only to alias, failover alias, geolocation alias, latency alias, and weighted alias resource record sets:* When `EvaluateTargetHealth` is `true` , an alias resource record set inherits the health of the referenced AWS resource, such as an ELB load balancer or another resource record set in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", "title": "EvaluateTargetHealth", "type": "boolean" }, "HostedZoneId": { "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing Endpoints and Quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", "title": "HostedZoneId", "type": "string" } }, "required": [ "DNSName", "HostedZoneId" ], "type": "object" }, "AWS::Route53::RecordSet.CidrRoutingConfig": { "additionalProperties": false, "properties": { "CollectionId": { "markdownDescription": "The CIDR collection ID.", "title": "CollectionId", "type": "string" }, "LocationName": { "markdownDescription": "The CIDR collection location name.", "title": "LocationName", "type": "string" } }, "required": [ "CollectionId", "LocationName" ], "type": "object" }, "AWS::Route53::RecordSet.Coordinates": { "additionalProperties": false, "properties": { "Latitude": { "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", "title": "Latitude", "type": "string" }, "Longitude": { "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", "title": "Longitude", "type": "string" } }, "required": [ "Latitude", "Longitude" ], "type": "object" }, "AWS::Route53::RecordSet.GeoLocation": { "additionalProperties": false, "properties": { "ContinentCode": { "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", "title": "ContinentCode", "type": "string" }, "CountryCode": { "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", "title": "CountryCode", "type": "string" }, "SubdivisionCode": { "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", "title": "SubdivisionCode", "type": "string" } }, "type": "object" }, "AWS::Route53::RecordSet.GeoProximityLocation": { "additionalProperties": false, "properties": { "AWSRegion": { "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", "title": "AWSRegion", "type": "string" }, "Bias": { "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", "title": "Bias", "type": "number" }, "Coordinates": { "$ref": "#/definitions/AWS::Route53::RecordSet.Coordinates", "markdownDescription": "Contains the longitude and latitude for a geographic region.", "title": "Coordinates" }, "LocalZoneGroup": { "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", "title": "LocalZoneGroup", "type": "string" } }, "type": "object" }, "AWS::Route53::RecordSetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Comment": { "markdownDescription": "*Optional:* Any comments you want to include about a change batch request.", "title": "Comment", "type": "string" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", "title": "HostedZoneId", "type": "string" }, "HostedZoneName": { "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", "title": "HostedZoneName", "type": "string" }, "RecordSets": { "items": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.RecordSet" }, "markdownDescription": "A complex type that contains one `RecordSet` element for each record that you want to create.", "title": "RecordSets", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53::RecordSetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53::RecordSetGroup.AliasTarget": { "additionalProperties": false, "properties": { "DNSName": { "markdownDescription": "*Alias records only:* The value that you specify depends on where you want to route queries:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the applicable domain name for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalDomainName` .\n- For edge-optimized APIs, specify the value of `distributionDomainName` . This is the name of the associated CloudFront distribution, such as `da1b2c3d4e5.cloudfront.net` .\n\n> The name of the record that you're creating must match a custom domain name for your API, such as `api.example.com` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Enter the API endpoint for the interface endpoint, such as `vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com` . For edge-optimized APIs, this is the domain name for the corresponding CloudFront distribution. You can get the value of `DnsName` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify the domain name that CloudFront assigned when you created your distribution.\n\nYour CloudFront distribution must include an alternate domain name that matches the name of the record. For example, if the name of the record is *acme.example.com* , your CloudFront distribution must include *acme.example.com* as one of the alternate domain names. For more information, see [Using Alternate Domain Names (CNAMEs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html) in the *Amazon CloudFront Developer Guide* .\n\nYou can't create a record in a private hosted zone to route traffic to a CloudFront distribution.\n\n> For failover alias records, you can't specify a CloudFront distribution for both the primary and secondary records. A distribution must include an alternate domain name that matches the name of the record. However, the primary and secondary records have the same name, and you can't include the same alternate domain name in more than one distribution.\n- **Elastic Beanstalk environment** - If the domain name for your Elastic Beanstalk environment includes the region that you deployed the environment in, you can create an alias record that routes traffic to the environment. For example, the domain name `my-environment. *us-west-2* .elasticbeanstalk.com` is a regionalized domain name.\n\n> For environments that were created before early 2016, the domain name doesn't include the region. To route traffic to these environments, you must create a CNAME record instead of an alias record. Note that you can't create a CNAME record for the root domain name. For example, if your domain name is example.com, you can create a record that routes traffic for acme.example.com to your Elastic Beanstalk environment, but you can't create a record that routes traffic for example.com to your Elastic Beanstalk environment. \n\nFor Elastic Beanstalk environments that have regionalized subdomains, specify the `CNAME` attribute for the environment. You can use the following methods to get the value of the CNAME attribute:\n\n- *AWS Management Console* : For information about how to get the value by using the console, see [Using Custom Domains with AWS Elastic Beanstalk](https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html) in the *AWS Elastic Beanstalk Developer Guide* .\n- *Elastic Beanstalk API* : Use the `DescribeEnvironments` action to get the value of the `CNAME` attribute. For more information, see [DescribeEnvironments](https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html) in the *AWS Elastic Beanstalk API Reference* .\n- *AWS CLI* : Use the `describe-environments` command to get the value of the `CNAME` attribute. For more information, see [describe-environments](https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html) in the *AWS CLI* .\n- **ELB load balancer** - Specify the DNS name that is associated with the load balancer. Get the DNS name by using the AWS Management Console , the ELB API, or the AWS CLI .\n\n- *AWS Management Console* : Go to the EC2 page, choose *Load Balancers* in the navigation pane, choose the load balancer, choose the *Description* tab, and get the value of the *DNS name* field.\n\nIf you're routing traffic to a Classic Load Balancer, get the value that begins with *dualstack* . If you're routing traffic to another type of load balancer, get the value that applies to the record type, A or AAAA.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)\n- Application and Network Load Balancers: [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the value of `DNSName` :\n\n- [Classic Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- [Application and Network Load Balancers](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the value of `DNSName` . For more information, see the applicable guide:\n\n- Classic Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)\n- Application and Network Load Balancers: [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)\n- **Global Accelerator accelerator** - Specify the DNS name for your accelerator:\n\n- *Global Accelerator API* : To get the DNS name, use [DescribeAccelerator](https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html) .\n- *AWS CLI* : To get the DNS name, use [describe-accelerator](https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html) .\n- **Amazon S3 bucket that is configured as a static website** - Specify the domain name of the Amazon S3 website endpoint that you created the bucket in, for example, `s3-website.us-east-2.amazonaws.com` . For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* . For more information about using S3 buckets for websites, see [Getting Started with Amazon Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html) in the *Amazon Route 53 Developer Guide.*\n- **Another Route 53 record** - Specify the value of the `Name` element for a record in the current hosted zone.\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't specify the domain name for a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record that you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", "title": "DNSName", "type": "string" }, "EvaluateTargetHealth": { "markdownDescription": "*Applies only to alias records with any routing policy:* When `EvaluateTargetHealth` is `true` , an alias record inherits the health of the referenced AWS resource, such as an ELB load balancer or another record in the hosted zone.\n\nNote the following:\n\n- **CloudFront distributions** - You can't set `EvaluateTargetHealth` to `true` when the alias target is a CloudFront distribution.\n- **Elastic Beanstalk environments that have regionalized subdomains** - If you specify an Elastic Beanstalk environment in `DNSName` and the environment contains an ELB load balancer, Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. (An environment automatically contains an ELB load balancer if it includes more than one Amazon EC2 instance.) If you set `EvaluateTargetHealth` to `true` and either no Amazon EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other available resources that are healthy, if any.\n\nIf the environment contains a single Amazon EC2 instance, there are no special requirements.\n- **ELB load balancers** - Health checking behavior depends on the type of load balancer:\n\n- *Classic Load Balancers* : If you specify an ELB Classic Load Balancer in `DNSName` , Elastic Load Balancing routes queries only to the healthy Amazon EC2 instances that are registered with the load balancer. If you set `EvaluateTargetHealth` to `true` and either no EC2 instances are healthy or the load balancer itself is unhealthy, Route 53 routes queries to other resources.\n- *Application and Network Load Balancers* : If you specify an ELB Application or Network Load Balancer and you set `EvaluateTargetHealth` to `true` , Route 53 routes queries to the load balancer based on the health of the target groups that are associated with the load balancer:\n\n- For an Application or Network Load Balancer to be considered healthy, every target group that contains targets must contain at least one healthy target. If any target group contains only unhealthy targets, the load balancer is considered unhealthy, and Route 53 routes queries to other resources.\n- A target group that has no registered targets is considered unhealthy.\n\n> When you create a load balancer, you configure settings for Elastic Load Balancing health checks; they're not Route 53 health checks, but they perform a similar function. Do not create Route 53 health checks for the EC2 instances that you register with an ELB load balancer.\n- **S3 buckets** - There are no special requirements for setting `EvaluateTargetHealth` to `true` when the alias target is an S3 bucket.\n- **Other records in the same hosted zone** - If the AWS resource that you specify in `DNSName` is a record or a group of records (for example, a group of weighted records) but is not another alias record, we recommend that you associate a health check with all of the records in the alias target. For more information, see [What Happens When You Omit Health Checks?](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting) in the *Amazon Route 53 Developer Guide* .\n\nFor more information and examples, see [Amazon Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html) in the *Amazon Route 53 Developer Guide* .", "title": "EvaluateTargetHealth", "type": "boolean" }, "HostedZoneId": { "markdownDescription": "*Alias resource records sets only* : The value used depends on where you want to route traffic:\n\n- **Amazon API Gateway custom regional APIs and edge-optimized APIs** - Specify the hosted zone ID for your API. You can get the applicable value using the AWS CLI command [get-domain-names](https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html) :\n\n- For regional APIs, specify the value of `regionalHostedZoneId` .\n- For edge-optimized APIs, specify the value of `distributionHostedZoneId` .\n- **Amazon Virtual Private Cloud interface VPC endpoint** - Specify the hosted zone ID for your interface endpoint. You can get the value of `HostedZoneId` using the AWS CLI command [describe-vpc-endpoints](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html) .\n- **CloudFront distribution** - Specify `Z2FDTNDATAQYW2` . This is always the hosted zone ID when you create an alias record that routes traffic to a CloudFront distribution.\n\n> Alias records for CloudFront can't be created in a private zone.\n- **Elastic Beanstalk environment** - Specify the hosted zone ID for the region that you created the environment in. The environment must have a regionalized subdomain. For a list of regions and the corresponding hosted zone IDs, see [AWS Elastic Beanstalk endpoints and quotas](https://docs.aws.amazon.com/general/latest/gr/elasticbeanstalk.html) in the *Amazon Web Services General Reference* .\n- **ELB load balancer** - Specify the value of the hosted zone ID for the load balancer. Use the following methods to get the hosted zone ID:\n\n- [Service Endpoints](https://docs.aws.amazon.com/general/latest/gr/elb.html) table in the \"Elastic Load Balancing endpoints and quotas\" topic in the *Amazon Web Services General Reference* : Use the value that corresponds with the region that you created your load balancer in. Note that there are separate columns for Application and Classic Load Balancers and for Network Load Balancers.\n- *AWS Management Console* : Go to the Amazon EC2 page, choose *Load Balancers* in the navigation pane, select the load balancer, and get the value of the *Hosted zone* field on the *Description* tab.\n- *Elastic Load Balancing API* : Use `DescribeLoadBalancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) to get the value of `CanonicalHostedZoneID` .\n- *CloudFormation Fn::GetAtt intrinsic function* : Use the [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html) intrinsic function to get the applicable value:\n\n- Classic Load Balancers: Get [CanonicalHostedZoneNameID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-elb.html#aws-properties-ec2-elb-return-values) .\n- Application and Network Load Balancers: Get [CanonicalHostedZoneID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values) .\n- *AWS CLI* : Use `describe-load-balancers` to get the applicable value. For more information, see the applicable guide:\n\n- Classic Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html) to get the value of `CanonicalHostedZoneNameID` .\n- Application and Network Load Balancers: Use [describe-load-balancers](https://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html) to get the value of `CanonicalHostedZoneID` .\n- **Global Accelerator accelerator** - Specify `Z2BJ6XQ5FK7U4H` .\n- **An Amazon S3 bucket configured as a static website** - Specify the hosted zone ID for the region that you created the bucket in. For more information about valid values, see the table [Amazon S3 Website Endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints) in the *Amazon Web Services General Reference* .\n- **Another Route 53 record in your hosted zone** - Specify the hosted zone ID of your hosted zone. (An alias record can't reference a record in a different hosted zone.)", "title": "HostedZoneId", "type": "string" } }, "required": [ "DNSName", "HostedZoneId" ], "type": "object" }, "AWS::Route53::RecordSetGroup.CidrRoutingConfig": { "additionalProperties": false, "properties": { "CollectionId": { "markdownDescription": "The CIDR collection ID.", "title": "CollectionId", "type": "string" }, "LocationName": { "markdownDescription": "The CIDR collection location name.", "title": "LocationName", "type": "string" } }, "required": [ "CollectionId", "LocationName" ], "type": "object" }, "AWS::Route53::RecordSetGroup.Coordinates": { "additionalProperties": false, "properties": { "Latitude": { "markdownDescription": "Specifies a coordinate of the north\u2013south position of a geographic point on the surface of the Earth (-90 - 90).", "title": "Latitude", "type": "string" }, "Longitude": { "markdownDescription": "Specifies a coordinate of the east\u2013west position of a geographic point on the surface of the Earth (-180 - 180).", "title": "Longitude", "type": "string" } }, "required": [ "Latitude", "Longitude" ], "type": "object" }, "AWS::Route53::RecordSetGroup.GeoLocation": { "additionalProperties": false, "properties": { "ContinentCode": { "markdownDescription": "For geolocation resource record sets, a two-letter abbreviation that identifies a continent. Route 53 supports the following continent codes:\n\n- *AF* : Africa\n- *AN* : Antarctica\n- *AS* : Asia\n- *EU* : Europe\n- *OC* : Oceania\n- *NA* : North America\n- *SA* : South America\n\nConstraint: Specifying `ContinentCode` with either `CountryCode` or `SubdivisionCode` returns an `InvalidInput` error.", "title": "ContinentCode", "type": "string" }, "CountryCode": { "markdownDescription": "For geolocation resource record sets, the two-letter code for a country.\n\nRoute 53 uses the two-letter country codes that are specified in [ISO standard 3166-1 alpha-2](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) .", "title": "CountryCode", "type": "string" }, "SubdivisionCode": { "markdownDescription": "For geolocation resource record sets, the two-letter code for a state of the United States. Route 53 doesn't support any other values for `SubdivisionCode` . For a list of state abbreviations, see [Appendix B: Two\u2013Letter State and Possession Abbreviations](https://docs.aws.amazon.com/https://pe.usps.com/text/pub28/28apb.htm) on the United States Postal Service website.\n\nIf you specify `subdivisioncode` , you must also specify `US` for `CountryCode` .", "title": "SubdivisionCode", "type": "string" } }, "type": "object" }, "AWS::Route53::RecordSetGroup.GeoProximityLocation": { "additionalProperties": false, "properties": { "AWSRegion": { "markdownDescription": "The AWS Region the resource you are directing DNS traffic to, is in.", "title": "AWSRegion", "type": "string" }, "Bias": { "markdownDescription": "The bias increases or decreases the size of the geographic region from which Route\u00a053 routes traffic to a resource.\n\nTo use `Bias` to change the size of the geographic region, specify the applicable value for the bias:\n\n- To expand the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a positive integer from 1 to 99 for the bias. Route\u00a053 shrinks the size of adjacent regions.\n- To shrink the size of the geographic region from which Route\u00a053 routes traffic to a resource, specify a negative bias of -1 to -99. Route\u00a053 expands the size of adjacent regions.", "title": "Bias", "type": "number" }, "Coordinates": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.Coordinates", "markdownDescription": "Contains the longitude and latitude for a geographic region.", "title": "Coordinates" }, "LocalZoneGroup": { "markdownDescription": "Specifies an AWS Local Zone Group.\n\nA local Zone Group is usually the Local Zone code without the ending character. For example, if the Local Zone is `us-east-1-bue-1a` the Local Zone Group is `us-east-1-bue-1` .\n\nYou can identify the Local Zones Group for a specific Local Zone by using the [describe-availability-zones](https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-availability-zones.html) CLI command:\n\nThis command returns: `\"GroupName\": \"us-west-2-den-1\"` , specifying that the Local Zone `us-west-2-den-1a` belongs to the Local Zone Group `us-west-2-den-1` .", "title": "LocalZoneGroup", "type": "string" } }, "type": "object" }, "AWS::Route53::RecordSetGroup.RecordSet": { "additionalProperties": false, "properties": { "AliasTarget": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.AliasTarget", "markdownDescription": "*Alias resource record sets only:* Information about the AWS resource, such as a CloudFront distribution or an Amazon S3 bucket, that you want to route traffic to.\n\nIf you're creating resource records sets for a private hosted zone, note the following:\n\n- You can't create an alias resource record set in a private hosted zone to route traffic to a CloudFront distribution.\n- For information about creating failover resource record sets in a private hosted zone, see [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html) in the *Amazon Route 53 Developer Guide* .", "title": "AliasTarget" }, "CidrRoutingConfig": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.CidrRoutingConfig", "markdownDescription": "", "title": "CidrRoutingConfig" }, "Failover": { "markdownDescription": "*Failover resource record sets only:* To configure failover, you add the `Failover` element to two resource record sets. For one resource record set, you specify `PRIMARY` as the value for `Failover` ; for the other resource record set, you specify `SECONDARY` . In addition, you include the `HealthCheckId` element and specify the health check that you want Amazon Route 53 to perform for each resource record set.\n\nExcept where noted, the following failover behaviors assume that you have included the `HealthCheckId` element in both resource record sets:\n\n- When the primary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the secondary resource record set.\n- When the primary resource record set is unhealthy and the secondary resource record set is healthy, Route 53 responds to DNS queries with the applicable value from the secondary resource record set.\n- When the secondary resource record set is unhealthy, Route 53 responds to DNS queries with the applicable value from the primary resource record set regardless of the health of the primary resource record set.\n- If you omit the `HealthCheckId` element for the secondary resource record set, and if the primary resource record set is unhealthy, Route 53 always responds to DNS queries with the applicable value from the secondary resource record set. This is true regardless of the health of the associated endpoint.\n\nYou can't create non-failover resource record sets that have the same values for the `Name` and `Type` elements as failover resource record sets.\n\nFor failover alias resource record sets, you must also include the `EvaluateTargetHealth` element and set the value to true.\n\nFor more information about configuring failover for Route 53, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)", "title": "Failover", "type": "string" }, "GeoLocation": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoLocation", "markdownDescription": "*Geolocation resource record sets only:* A complex type that lets you control how Amazon Route 53 responds to DNS queries based on the geographic origin of the query. For example, if you want all queries from Africa to be routed to a web server with an IP address of `192.0.2.111` , create a resource record set with a `Type` of `A` and a `ContinentCode` of `AF` .\n\nIf you create separate resource record sets for overlapping geographic regions (for example, one resource record set for a continent and one for a country on the same continent), priority goes to the smallest geographic region. This allows you to route most queries for a continent to one resource and to route queries for a country on that continent to a different resource.\n\nYou can't create two geolocation resource record sets that specify the same geographic location.\n\nThe value `*` in the `CountryCode` element matches all geographic locations that aren't specified in other geolocation resource record sets that have the same values for the `Name` and `Type` elements.\n\n> Geolocation works by mapping IP addresses to locations. However, some IP addresses aren't mapped to geographic locations, so even if you create geolocation resource record sets that cover all seven continents, Route 53 will receive some DNS queries from locations that it can't identify. We recommend that you create a resource record set for which the value of `CountryCode` is `*` . Two groups of queries are routed to the resource that you specify in this record: queries that come from locations for which you haven't created geolocation resource record sets and queries from IP addresses that aren't mapped to a location. If you don't create a `*` resource record set, Route 53 returns a \"no answer\" response for queries from those locations. \n\nYou can't create non-geolocation resource record sets that have the same values for the `Name` and `Type` elements as geolocation resource record sets.", "title": "GeoLocation" }, "GeoProximityLocation": { "$ref": "#/definitions/AWS::Route53::RecordSetGroup.GeoProximityLocation", "markdownDescription": "A complex type that contains information about a geographic location.", "title": "GeoProximityLocation" }, "HealthCheckId": { "markdownDescription": "If you want Amazon Route 53 to return this resource record set in response to a DNS query only when the status of a health check is healthy, include the `HealthCheckId` element and specify the ID of the applicable health check.\n\nRoute 53 determines whether a resource record set is healthy based on one of the following:\n\n- By periodically sending a request to the endpoint that is specified in the health check\n- By aggregating the status of a specified group of health checks (calculated health checks)\n- By determining the current state of a CloudWatch alarm (CloudWatch metric health checks)\n\n> Route 53 doesn't check the health of the endpoint that is specified in the resource record set, for example, the endpoint specified by the IP address in the `Value` element. When you add a `HealthCheckId` element to a resource record set, Route 53 checks the health of the endpoint that you specified in the health check. \n\nFor more information, see the following topics in the *Amazon Route 53 Developer Guide* :\n\n- [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)\n- [Route 53 Health Checks and DNS Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)\n- [Configuring Failover in a Private Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)\n\n*When to Specify HealthCheckId*\n\nSpecifying a value for `HealthCheckId` is useful only when Route 53 is choosing between two or more resource record sets to respond to a DNS query, and you want Route 53 to base the choice in part on the status of a health check. Configuring health checks makes sense only in the following configurations:\n\n- *Non-alias resource record sets* : You're checking the health of a group of non-alias resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A) and you specify health check IDs for all the resource record sets.\n\nIf the health check status for a resource record set is healthy, Route 53 includes the record among the records that it responds to DNS queries with.\n\nIf the health check status for a resource record set is unhealthy, Route 53 stops responding to DNS queries using the value for that resource record set.\n\nIf the health check status for all resource record sets in the group is unhealthy, Route 53 considers all resource record sets in the group healthy and responds to DNS queries accordingly.\n- *Alias resource record sets* : You specify the following settings:\n\n- You set `EvaluateTargetHealth` to true for an alias resource record set in a group of resource record sets that have the same routing policy, name, and type (such as multiple weighted records named www.example.com with a type of A).\n- You configure the alias resource record set to route traffic to a non-alias resource record set in the same hosted zone.\n- You specify a health check ID for the non-alias resource record set.\n\nIf the health check status is healthy, Route 53 considers the alias resource record set to be healthy and includes the alias record among the records that it responds to DNS queries with.\n\nIf the health check status is unhealthy, Route 53 stops responding to DNS queries using the alias resource record set.\n\n> The alias resource record set can also route traffic to a *group* of non-alias resource record sets that have the same routing policy, name, and type. In that configuration, associate health checks with all of the resource record sets in the group of non-alias resource record sets.\n\n*Geolocation Routing*\n\nFor geolocation resource record sets, if an endpoint is unhealthy, Route 53 looks for a resource record set for the larger, associated geographic region. For example, suppose you have resource record sets for a state in the United States, for the entire United States, for North America, and a resource record set that has `*` for `CountryCode` is `*` , which applies to all locations. If the endpoint for the state resource record set is unhealthy, Route 53 checks for healthy resource record sets in the following order until it finds a resource record set for which the endpoint is healthy:\n\n- The United States\n- North America\n- The default resource record set\n\n*Specifying the Health Check Endpoint by Domain Name*\n\nIf your health checks specify the endpoint only by domain name, we recommend that you create a separate health check for each endpoint. For example, create a health check for each `HTTP` server that is serving content for `www.example.com` . For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as `us-east-2-www.example.com` ), not the name of the resource record sets ( `www.example.com` ).\n\n> Health check results will be unpredictable if you do the following:\n> \n> - Create a health check that has the same value for `FullyQualifiedDomainName` as the name of a resource record set.\n> - Associate that health check with the resource record set.", "title": "HealthCheckId", "type": "string" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone that you want to create records in.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .\n\nDo not provide the `HostedZoneId` if it is already defined in `AWS::Route53::RecordSetGroup` . The creation fails if `HostedZoneId` is defined in both.", "title": "HostedZoneId", "type": "string" }, "HostedZoneName": { "markdownDescription": "The name of the hosted zone that you want to create records in. You must include a trailing dot (for example, `www.example.com.` ) as part of the `HostedZoneName` .\n\nWhen you create a stack using an `AWS::Route53::RecordSet` that specifies `HostedZoneName` , AWS CloudFormation attempts to find a hosted zone whose name matches the `HostedZoneName` . If AWS CloudFormation can't find a hosted zone with a matching domain name, or if there is more than one hosted zone with the specified domain name, AWS CloudFormation will not create the stack.\n\nSpecify either `HostedZoneName` or `HostedZoneId` , but not both. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId` .", "title": "HostedZoneName", "type": "string" }, "MultiValueAnswer": { "markdownDescription": "*Multivalue answer resource record sets only* : To route traffic approximately randomly to multiple resources, such as web servers, create one multivalue answer record for each resource and specify `true` for `MultiValueAnswer` . Note the following:\n\n- If you associate a health check with a multivalue answer resource record set, Amazon Route 53 responds to DNS queries with the corresponding IP address only when the health check is healthy.\n- If you don't associate a health check with a multivalue answer record, Route 53 always considers the record to be healthy.\n- Route 53 responds to DNS queries with up to eight healthy records; if you have eight or fewer healthy records, Route 53 responds to all DNS queries with all the healthy records.\n- If you have more than eight healthy records, Route 53 responds to different DNS resolvers with different combinations of healthy records.\n- When all records are unhealthy, Route 53 responds to DNS queries with up to eight unhealthy records.\n- If a resource becomes unavailable after a resolver caches a response, client software typically tries another of the IP addresses in the response.\n\nYou can't create multivalue answer alias records.", "title": "MultiValueAnswer", "type": "boolean" }, "Name": { "markdownDescription": "For `ChangeResourceRecordSets` requests, the name of the record that you want to create, update, or delete. For `ListResourceRecordSets` responses, the name of a record in the specified hosted zone.\n\n*ChangeResourceRecordSets Only*\n\nEnter a fully qualified domain name, for example, `www.example.com` . You can optionally include a trailing dot. If you omit the trailing dot, Amazon Route 53 assumes that the domain name that you specify is fully qualified. This means that Route 53 treats `www.example.com` (without a trailing dot) and `www.example.com.` (with a trailing dot) as identical.\n\nFor information about how to specify characters other than `a-z` , `0-9` , and `-` (hyphen) and how to specify internationalized domain names, see [DNS Domain Name Format](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DomainNameFormat.html) in the *Amazon Route 53 Developer Guide* .\n\nYou can use the asterisk (*) wildcard to replace the leftmost label in a domain name, for example, `*.example.com` . Note the following:\n\n- The * must replace the entire label. For example, you can't specify `*prod.example.com` or `prod*.example.com` .\n- The * can't replace any of the middle labels, for example, marketing.*.example.com.\n- If you include * in any position other than the leftmost label in a domain name, DNS treats it as an * character (ASCII 42), not as a wildcard.\n\n> You can't use the * wildcard for resource records sets that have a type of NS.", "title": "Name", "type": "string" }, "Region": { "markdownDescription": "*Latency-based resource record sets only:* The Amazon EC2 Region where you created the resource that this resource record set refers to. The resource typically is an AWS resource, such as an EC2 instance or an ELB load balancer, and is referred to by an IP address or a DNS domain name, depending on the record type.\n\nWhen Amazon Route 53 receives a DNS query for a domain name and type for which you have created latency resource record sets, Route 53 selects the latency resource record set that has the lowest latency between the end user and the associated Amazon EC2 Region. Route 53 then returns the value that is associated with the selected resource record set.\n\nNote the following:\n\n- You can only specify one `ResourceRecord` per latency resource record set.\n- You can only create one latency resource record set for each Amazon EC2 Region.\n- You aren't required to create latency resource record sets for all Amazon EC2 Regions. Route 53 will choose the region with the best latency from among the regions that you create latency resource record sets for.\n- You can't create non-latency resource record sets that have the same values for the `Name` and `Type` elements as latency resource record sets.", "title": "Region", "type": "string" }, "ResourceRecords": { "items": { "type": "string" }, "markdownDescription": "Information about the records that you want to create. Each record should be in the format appropriate for the record type specified by the `Type` property. For information about different record types and their record formats, see [Values That You Specify When You Create or Edit Amazon Route 53 Records](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values.html) in the *Amazon Route 53 Developer Guide* .", "title": "ResourceRecords", "type": "array" }, "SetIdentifier": { "markdownDescription": "*Resource record sets that have a routing policy other than simple:* An identifier that differentiates among multiple resource record sets that have the same combination of name and type, such as multiple weighted resource record sets named acme.example.com that have a type of A. In a group of resource record sets that have the same name and type, the value of `SetIdentifier` must be unique for each resource record set.\n\nFor information about routing policies, see [Choosing a Routing Policy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html) in the *Amazon Route 53 Developer Guide* .", "title": "SetIdentifier", "type": "string" }, "TTL": { "markdownDescription": "The resource record cache time to live (TTL), in seconds. Note the following:\n\n- If you're creating or updating an alias resource record set, omit `TTL` . Amazon Route 53 uses the value of `TTL` for the alias target.\n- If you're associating this resource record set with a health check (if you're adding a `HealthCheckId` element), we recommend that you specify a `TTL` of 60 seconds or less so clients respond quickly to changes in health status.\n- All of the resource record sets in a group of weighted resource record sets must have the same value for `TTL` .\n- If a group of weighted resource record sets includes one or more weighted alias resource record sets for which the alias target is an ELB load balancer, we recommend that you specify a `TTL` of 60 seconds for all of the non-alias weighted resource record sets that have the same name and type. Values other than 60 seconds (the TTL for load balancers) will change the effect of the values that you specify for `Weight` .", "title": "TTL", "type": "string" }, "Type": { "markdownDescription": "The DNS record type. For information about different record types and how data is encoded for them, see [Supported DNS Resource Record Types](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html) in the *Amazon Route 53 Developer Guide* .\n\nValid values for basic resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `DS` | `MX` | `NAPTR` | `NS` | `PTR` | `SOA` | `SPF` | `SRV` | `TXT`\n\nValues for weighted, latency, geolocation, and failover resource record sets: `A` | `AAAA` | `CAA` | `CNAME` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` . When creating a group of weighted, latency, geolocation, or failover resource record sets, specify the same value for all of the resource record sets in the group.\n\nValid values for multivalue answer resource record sets: `A` | `AAAA` | `MX` | `NAPTR` | `PTR` | `SPF` | `SRV` | `TXT` | `CAA`\n\n> SPF records were formerly used to verify the identity of the sender of email messages. However, we no longer recommend that you create resource record sets for which the value of `Type` is `SPF` . RFC 7208, *Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1* , has been updated to say, \"...[I]ts existence and mechanism defined in [RFC4408] have led to some interoperability issues. Accordingly, its use is no longer appropriate for SPF version 1; implementations are not to use it.\" In RFC 7208, see section 14.1, [The SPF DNS Record Type](https://docs.aws.amazon.com/http://tools.ietf.org/html/rfc7208#section-14.1) . \n\nValues for alias resource record sets:\n\n- *Amazon API Gateway custom regional APIs and edge-optimized APIs:* `A`\n- *CloudFront distributions:* `A`\n\nIf IPv6 is enabled for the distribution, create two resource record sets to route traffic to your distribution, one with a value of `A` and one with a value of `AAAA` .\n- *Amazon API Gateway environment that has a regionalized subdomain* : `A`\n- *ELB load balancers:* `A` | `AAAA`\n- *Amazon S3 buckets:* `A`\n- *Amazon Virtual Private Cloud interface VPC endpoints* `A`\n- *Another resource record set in this hosted zone:* Specify the type of the resource record set that you're creating the alias for. All values are supported except `NS` and `SOA` .\n\n> If you're creating an alias record that has the same name as the hosted zone (known as the zone apex), you can't route traffic to a record for which the value of `Type` is `CNAME` . This is because the alias record must have the same type as the record you're routing traffic to, and creating a CNAME record for the zone apex isn't supported even for an alias record.", "title": "Type", "type": "string" }, "Weight": { "markdownDescription": "*Weighted resource record sets only:* Among resource record sets that have the same combination of DNS name and type, a value that determines the proportion of DNS queries that Amazon Route 53 responds to using the current resource record set. Route 53 calculates the sum of the weights for the resource record sets that have the same combination of DNS name and type. Route 53 then responds to queries based on the ratio of a resource's weight to the total. Note the following:\n\n- You must specify a value for the `Weight` element for every weighted resource record set.\n- You can only specify one `ResourceRecord` per weighted resource record set.\n- You can't create latency, failover, or geolocation resource record sets that have the same values for the `Name` and `Type` elements as weighted resource record sets.\n- You can create a maximum of 100 weighted resource record sets that have the same values for the `Name` and `Type` elements.\n- For weighted (but not weighted alias) resource record sets, if you set `Weight` to `0` for a resource record set, Route 53 never responds to queries with the applicable value for that resource record set. However, if you set `Weight` to `0` for all resource record sets that have the same combination of DNS name and type, traffic is routed to all resources with equal probability.\n\nThe effect of setting `Weight` to `0` is different when you associate health checks with weighted resource record sets. For more information, see [Options for Configuring Route 53 Active-Active and Active-Passive Failover](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html) in the *Amazon Route 53 Developer Guide* .", "title": "Weight", "type": "number" } }, "required": [ "Name", "Type" ], "type": "object" }, "AWS::Route53Profiles::Profile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the Profile.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of the tag keys and values that you want to associate with the profile.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Profiles::Profile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Profiles::ProfileAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the profile association to a VPC.", "title": "Arn", "type": "string" }, "Name": { "markdownDescription": "Name of the Profile association.", "title": "Name", "type": "string" }, "ProfileId": { "markdownDescription": "ID of the Profile.", "title": "ProfileId", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the VPC.", "title": "ResourceId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Name", "ProfileId", "ResourceId" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Profiles::ProfileAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Profiles::ProfileResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the Profile resource association.", "title": "Name", "type": "string" }, "ProfileId": { "markdownDescription": "Profile ID of the Profile that the resources are associated with.", "title": "ProfileId", "type": "string" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource association.", "title": "ResourceArn", "type": "string" }, "ResourceProperties": { "markdownDescription": "If the DNS resource is a DNS Firewall rule group, this indicates the priority.", "title": "ResourceProperties", "type": "string" } }, "required": [ "Name", "ProfileId", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Profiles::ProfileResourceAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryControl::Cluster": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of the cluster. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon).", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the cluster.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryControl::Cluster" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryControl::Cluster.ClusterEndpoint": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "A cluster endpoint URL for one of the five redundant clusters that you specify to set or retrieve a routing control state.", "title": "Endpoint", "type": "string" }, "Region": { "markdownDescription": "The AWS Region for a cluster endpoint.", "title": "Region", "type": "string" } }, "type": "object" }, "AWS::Route53RecoveryControl::ControlPanel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the cluster for the control panel.", "title": "ClusterArn", "type": "string" }, "Name": { "markdownDescription": "The name of the control panel. You can use any non-white space character in the name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the control panel.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryControl::ControlPanel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryControl::RoutingControl": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClusterArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the cluster that hosts the routing control.", "title": "ClusterArn", "type": "string" }, "ControlPanelArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the control panel that includes the routing control.", "title": "ControlPanelArn", "type": "string" }, "Name": { "markdownDescription": "The name of the routing control. You can use any non-white space character in the name.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryControl::RoutingControl" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryControl::SafetyRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssertionRule": { "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.AssertionRule", "markdownDescription": "An assertion rule enforces that, when you change a routing control state, that the criteria that you set in the rule configuration is met. Otherwise, the change to the routing control is not accepted. For example, the criteria might be that at least one routing control state is `On` after the transaction so that traffic continues to flow to at least one cell for the application. This ensures that you avoid a fail-open scenario.", "title": "AssertionRule" }, "ControlPanelArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the control panel.", "title": "ControlPanelArn", "type": "string" }, "GatingRule": { "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.GatingRule", "markdownDescription": "A gating rule verifies that a gating routing control or set of gating routing controls, evaluates as true, based on a rule configuration that you specify, which allows a set of routing control state changes to complete.\n\nFor example, if you specify one gating routing control and you set the `Type` in the rule configuration to `OR` , that indicates that you must set the gating routing control to `On` for the rule to evaluate as true; that is, for the gating control switch to be On. When you do that, then you can update the routing control states for the target routing controls that you specify in the gating rule.", "title": "GatingRule" }, "Name": { "markdownDescription": "The name of the assertion rule. The name must be unique within a control panel. You can use any non-white space character in the name except the following: & > < ' (single quote) \" (double quote) ; (semicolon)", "title": "Name", "type": "string" }, "RuleConfig": { "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule.RuleConfig", "markdownDescription": "The criteria that you set for specific assertion controls (routing controls) that designate how many control states must be `ON` as the result of a transaction. For example, if you have three assertion controls, you might specify `ATLEAST 2` for your rule configuration. This means that at least two assertion controls must be `ON` , so that at least two AWS Regions have traffic flowing to them.", "title": "RuleConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with the safety rule.", "title": "Tags", "type": "array" } }, "required": [ "ControlPanelArn", "Name", "RuleConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryControl::SafetyRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryControl::SafetyRule.AssertionRule": { "additionalProperties": false, "properties": { "AssertedControls": { "items": { "type": "string" }, "markdownDescription": "The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions.", "title": "AssertedControls", "type": "array" }, "WaitPeriodMs": { "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", "title": "WaitPeriodMs", "type": "number" } }, "required": [ "AssertedControls", "WaitPeriodMs" ], "type": "object" }, "AWS::Route53RecoveryControl::SafetyRule.GatingRule": { "additionalProperties": false, "properties": { "GatingControls": { "items": { "type": "string" }, "markdownDescription": "An array of gating routing control Amazon Resource Names (ARNs). For a simple on-off switch, specify the ARN for one routing control. The gating routing controls are evaluated by the rule configuration that you specify to determine if the target routing control states can be changed.", "title": "GatingControls", "type": "array" }, "TargetControls": { "items": { "type": "string" }, "markdownDescription": "An array of target routing control Amazon Resource Names (ARNs) for which the states can only be updated if the rule configuration that you specify evaluates to true for the gating routing control. As a simple example, if you have a single gating control, it acts as an overall on-off switch for a set of target routing controls. You can use this to manually override automated failover, for example.", "title": "TargetControls", "type": "array" }, "WaitPeriodMs": { "markdownDescription": "An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent flapping of state. The wait period is 5000 ms by default, but you can choose a custom value.", "title": "WaitPeriodMs", "type": "number" } }, "required": [ "GatingControls", "TargetControls", "WaitPeriodMs" ], "type": "object" }, "AWS::Route53RecoveryControl::SafetyRule.RuleConfig": { "additionalProperties": false, "properties": { "Inverted": { "markdownDescription": "Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa.", "title": "Inverted", "type": "boolean" }, "Threshold": { "markdownDescription": "The value of N, when you specify an `ATLEAST` rule type. That is, `Threshold` is the number of controls that must be set when you specify an `ATLEAST` type.", "title": "Threshold", "type": "number" }, "Type": { "markdownDescription": "A rule can be one of the following: `ATLEAST` , `AND` , or `OR` .", "title": "Type", "type": "string" } }, "required": [ "Inverted", "Threshold", "Type" ], "type": "object" }, "AWS::Route53RecoveryReadiness::Cell": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CellName": { "markdownDescription": "The name of the cell to create.", "title": "CellName", "type": "string" }, "Cells": { "items": { "type": "string" }, "markdownDescription": "A list of cell Amazon Resource Names (ARNs) contained within this cell, for use in nested cells. For example, Availability Zones within specific AWS Regions .", "title": "Cells", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryReadiness::Cell" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53RecoveryReadiness::ReadinessCheck": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ReadinessCheckName": { "markdownDescription": "The name of the readiness check to create.", "title": "ReadinessCheckName", "type": "string" }, "ResourceSetName": { "markdownDescription": "The name of the resource set to check.", "title": "ResourceSetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryReadiness::ReadinessCheck" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53RecoveryReadiness::RecoveryGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Cells": { "items": { "type": "string" }, "markdownDescription": "A list of the cell Amazon Resource Names (ARNs) in the recovery group.", "title": "Cells", "type": "array" }, "RecoveryGroupName": { "markdownDescription": "The name of the recovery group to create.", "title": "RecoveryGroupName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A collection of tags associated with a resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryReadiness::RecoveryGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceSetName": { "markdownDescription": "The name of the resource set to create.", "title": "ResourceSetName", "type": "string" }, "ResourceSetType": { "markdownDescription": "The resource type of the resources in the resource set. Enter one of the following values for resource type:\n\nAWS::ApiGateway::Stage, AWS::ApiGatewayV2::Stage, AWS::AutoScaling::AutoScalingGroup, AWS::CloudWatch::Alarm, AWS::EC2::CustomerGateway, AWS::DynamoDB::Table, AWS::EC2::Volume, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::Lambda::Function, AWS::MSK::Cluster, AWS::RDS::DBCluster, AWS::Route53::HealthCheck, AWS::SQS::Queue, AWS::SNS::Topic, AWS::SNS::Subscription, AWS::EC2::VPC, AWS::EC2::VPNConnection, AWS::EC2::VPNGateway, AWS::Route53RecoveryReadiness::DNSTargetResource.\n\nNote that AWS::Route53RecoveryReadiness::DNSTargetResource is only used for this setting. It isn't an actual AWS CloudFormation resource type.", "title": "ResourceSetType", "type": "string" }, "Resources": { "items": { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.Resource" }, "markdownDescription": "A list of resource objects in the resource set.", "title": "Resources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A tag to associate with the parameters for a resource set.", "title": "Tags", "type": "array" } }, "required": [ "ResourceSetType", "Resources" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53RecoveryReadiness::ResourceSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The domain name that acts as an ingress point to a portion of the customer application.", "title": "DomainName", "type": "string" }, "HostedZoneArn": { "markdownDescription": "The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource.", "title": "HostedZoneArn", "type": "string" }, "RecordSetId": { "markdownDescription": "The Amazon Route 53 record set ID that uniquely identifies a DNS record, given a name and a type.", "title": "RecordSetId", "type": "string" }, "RecordType": { "markdownDescription": "The type of DNS record of the target resource.", "title": "RecordType", "type": "string" }, "TargetResource": { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.TargetResource", "markdownDescription": "The target resource that the Route 53 record points to.", "title": "TargetResource" } }, "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet.NLBResource": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Network Load Balancer resource Amazon Resource Name (ARN).", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The DNS target domain name.", "title": "DomainName", "type": "string" }, "RecordSetId": { "markdownDescription": "The Amazon Route 53 Resource Record Set ID.", "title": "RecordSetId", "type": "string" } }, "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet.Resource": { "additionalProperties": false, "properties": { "ComponentId": { "markdownDescription": "The component identifier of the resource, generated when DNS target resource is used.", "title": "ComponentId", "type": "string" }, "DnsTargetResource": { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.DNSTargetResource", "markdownDescription": "A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting.", "title": "DnsTargetResource" }, "ReadinessScopes": { "items": { "type": "string" }, "markdownDescription": "The recovery group Amazon Resource Name (ARN) or the cell ARN that the readiness checks for this resource set are scoped to.", "title": "ReadinessScopes", "type": "array" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS resource. This is a required setting for all `ResourceSet` `ResourceSetType` settings except `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set this when `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` .", "title": "ResourceArn", "type": "string" } }, "type": "object" }, "AWS::Route53RecoveryReadiness::ResourceSet.TargetResource": { "additionalProperties": false, "properties": { "NLBResource": { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.NLBResource", "markdownDescription": "The Network Load Balancer resource that a DNS target resource points to.", "title": "NLBResource" }, "R53Resource": { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet.R53ResourceRecord", "markdownDescription": "The Route 53 resource that a DNS target resource record points to.", "title": "R53Resource" } }, "type": "object" }, "AWS::Route53Resolver::FirewallDomainList": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainFileUrl": { "markdownDescription": "The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import.\n\nThe file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line.", "title": "DomainFileUrl", "type": "string" }, "Domains": { "items": { "type": "string" }, "markdownDescription": "A list of the domain lists that you have defined.", "title": "Domains", "type": "array" }, "Name": { "markdownDescription": "The name of the domain list.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of the tag keys and values that you want to associate with the domain list.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::FirewallDomainList" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53Resolver::FirewallRuleGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FirewallRules": { "items": { "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup.FirewallRule" }, "markdownDescription": "A list of the rules that you have defined.", "title": "FirewallRules", "type": "array" }, "Name": { "markdownDescription": "The name of the rule group.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::FirewallRuleGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53Resolver::FirewallRuleGroup.FirewallRule": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:\n\n- `ALLOW` - Permit the request to go through.\n- `ALERT` - Permit the request to go through but send an alert to the logs.\n- `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified.\n\nif `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified:\n\n- `BlockOverrideDnsType`\n- `BlockOverrideDomain`\n- `BlockOverrideTtl`", "title": "Action", "type": "string" }, "BlockOverrideDnsType": { "markdownDescription": "The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", "title": "BlockOverrideDnsType", "type": "string" }, "BlockOverrideDomain": { "markdownDescription": "The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", "title": "BlockOverrideDomain", "type": "string" }, "BlockOverrideTtl": { "markdownDescription": "The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` .", "title": "BlockOverrideTtl", "type": "number" }, "BlockResponse": { "markdownDescription": "The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` .\n\n- `NODATA` - Respond indicating that the query was successful, but no response is available for it.\n- `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist.\n- `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings.", "title": "BlockResponse", "type": "string" }, "FirewallDomainListId": { "markdownDescription": "The ID of the domain list that's used in the rule.", "title": "FirewallDomainListId", "type": "string" }, "Priority": { "markdownDescription": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.", "title": "Priority", "type": "number" }, "Qtype": { "markdownDescription": "The DNS query type you want the rule to evaluate. Allowed values are;\n\n- A: Returns an IPv4 address.\n- AAAA: Returns an Ipv6 address.\n- CAA: Restricts CAs that can create SSL/TLS certifications for the domain.\n- CNAME: Returns another domain name.\n- DS: Record that identifies the DNSSEC signing key of a delegated zone.\n- MX: Specifies mail servers.\n- NAPTR: Regular-expression-based rewriting of domain names.\n- NS: Authoritative name servers.\n- PTR: Maps an IP address to a domain name.\n- SOA: Start of authority record for the zone.\n- SPF: Lists the servers authorized to send emails from a domain.\n- SRV: Application specific values that identify servers.\n- TXT: Verifies email senders and application-specific values.\n- A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPE NUMBER , where the NUMBER can be 1-65334, for example, TYPE28. For more information, see [List of DNS record types](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/List_of_DNS_record_types) .", "title": "Qtype", "type": "string" } }, "required": [ "Action", "FirewallDomainListId", "Priority" ], "type": "object" }, "AWS::Route53Resolver::FirewallRuleGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FirewallRuleGroupId": { "markdownDescription": "The unique identifier of the firewall rule group.", "title": "FirewallRuleGroupId", "type": "string" }, "MutationProtection": { "markdownDescription": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.", "title": "MutationProtection", "type": "string" }, "Name": { "markdownDescription": "The name of the association.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.\n\nYou must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.\n\nThe allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).", "title": "Priority", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of the tag keys and values that you want to associate with the rule group.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The unique identifier of the VPC that is associated with the rule group.", "title": "VpcId", "type": "string" } }, "required": [ "FirewallRuleGroupId", "Priority", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::FirewallRuleGroupAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Resolver::OutpostResolver": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "Amazon EC2 instance count for the Resolver on the Outpost.", "title": "InstanceCount", "type": "number" }, "Name": { "markdownDescription": "Name of the Resolver.", "title": "Name", "type": "string" }, "OutpostArn": { "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", "title": "OutpostArn", "type": "string" }, "PreferredInstanceType": { "markdownDescription": "The Amazon EC2 instance type. If you specify this, you must also specify a value for the `OutpostArn` .", "title": "PreferredInstanceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A key value pair that helps you identify a Route\u00a053 Resolver .", "title": "Tags", "type": "array" } }, "required": [ "Name", "OutpostArn", "PreferredInstanceType" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::OutpostResolver" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Resolver::ResolverConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutodefinedReverseFlag": { "markdownDescription": "Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` .", "title": "AutodefinedReverseFlag", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for.", "title": "ResourceId", "type": "string" } }, "required": [ "AutodefinedReverseFlag", "ResourceId" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Resolver::ResolverDNSSECConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceId": { "markdownDescription": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.", "title": "ResourceId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverDNSSECConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53Resolver::ResolverEndpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Direction": { "markdownDescription": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:\n\n- `INBOUND` : allows DNS queries to your VPC from your network\n- `OUTBOUND` : allows DNS queries from your VPC to your network", "title": "Direction", "type": "string" }, "IpAddresses": { "items": { "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest" }, "markdownDescription": "The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.\n\n> Even though the minimum is 1, Route\u00a053 requires that you create at least two.", "title": "IpAddresses", "type": "array" }, "Name": { "markdownDescription": "A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.", "title": "Name", "type": "string" }, "OutpostArn": { "markdownDescription": "The ARN (Amazon Resource Name) for the Outpost.", "title": "OutpostArn", "type": "string" }, "PreferredInstanceType": { "markdownDescription": "The Amazon EC2 instance type.", "title": "PreferredInstanceType", "type": "string" }, "Protocols": { "items": { "type": "string" }, "markdownDescription": "Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", "title": "Protocols", "type": "array" }, "ResolverEndpointType": { "markdownDescription": "The Resolver endpoint IP address type.", "title": "ResolverEndpointType", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.", "title": "SecurityGroupIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Route 53 Resolver doesn't support updating tags through CloudFormation.", "title": "Tags", "type": "array" } }, "required": [ "Direction", "IpAddresses", "SecurityGroupIds" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverEndpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Resolver::ResolverEndpoint.IpAddressRequest": { "additionalProperties": false, "properties": { "Ip": { "markdownDescription": "The IPv4 address that you want to use for DNS queries.", "title": "Ip", "type": "string" }, "Ipv6": { "markdownDescription": "The IPv6 address that you want to use for DNS queries.", "title": "Ipv6", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet that contains the IP address.", "title": "SubnetId", "type": "string" } }, "required": [ "SubnetId" ], "type": "object" }, "AWS::Route53Resolver::ResolverQueryLoggingConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.", "title": "DestinationArn", "type": "string" }, "Name": { "markdownDescription": "The name of the query logging configuration.", "title": "Name", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverQueryLoggingConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResolverQueryLogConfigId": { "markdownDescription": "The ID of the query logging configuration that a VPC is associated with.", "title": "ResolverQueryLogConfigId", "type": "string" }, "ResourceId": { "markdownDescription": "The ID of the Amazon VPC that is associated with the query logging configuration.", "title": "ResourceId", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Route53Resolver::ResolverRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com).", "title": "DomainName", "type": "string" }, "Name": { "markdownDescription": "The name for the Resolver rule, which you specified when you created the Resolver rule.", "title": "Name", "type": "string" }, "ResolverEndpointId": { "markdownDescription": "The ID of the endpoint that the rule is associated with.", "title": "ResolverEndpointId", "type": "string" }, "RuleType": { "markdownDescription": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` .\n\nWhen you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` .\n\nFor example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` .\n\nCurrently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` .", "title": "RuleType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags help organize and categorize your Resolver rules. Each tag consists of a key and an optional value, both of which you define.", "title": "Tags", "type": "array" }, "TargetIps": { "items": { "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule.TargetAddress" }, "markdownDescription": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, these are the IP addresses of DNS resolvers on your network.", "title": "TargetIps", "type": "array" } }, "required": [ "DomainName", "RuleType" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Route53Resolver::ResolverRule.TargetAddress": { "additionalProperties": false, "properties": { "Ip": { "markdownDescription": "One IPv4 address that you want to forward DNS queries to.", "title": "Ip", "type": "string" }, "Ipv6": { "markdownDescription": "One IPv6 address that you want to forward DNS queries to.", "title": "Ipv6", "type": "string" }, "Port": { "markdownDescription": "The port at `Ip` that you want to forward DNS queries to.", "title": "Port", "type": "string" }, "Protocol": { "markdownDescription": "The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only.\n\nFor an inbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 and DoH-FIPS in combination.\n- Do53 alone.\n- DoH alone.\n- DoH-FIPS alone.\n- None, which is treated as Do53.\n\nFor an outbound endpoint you can apply the protocols as follows:\n\n- Do53 and DoH in combination.\n- Do53 alone.\n- DoH alone.\n- None, which is treated as Do53.", "title": "Protocol", "type": "string" } }, "type": "object" }, "AWS::Route53Resolver::ResolverRuleAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of an association between a Resolver rule and a VPC.", "title": "Name", "type": "string" }, "ResolverRuleId": { "markdownDescription": "The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` .", "title": "ResolverRuleId", "type": "string" }, "VPCId": { "markdownDescription": "The ID of the VPC that you associated the Resolver rule with.", "title": "VPCId", "type": "string" } }, "required": [ "ResolverRuleId", "VPCId" ], "type": "object" }, "Type": { "enum": [ "AWS::Route53Resolver::ResolverRuleAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::AccessGrant": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessGrantsLocationConfiguration": { "$ref": "#/definitions/AWS::S3::AccessGrant.AccessGrantsLocationConfiguration", "markdownDescription": "The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the `S3SubPrefix` field. The grant scope is the result of appending the subprefix to the location scope of the registered location.", "title": "AccessGrantsLocationConfiguration" }, "AccessGrantsLocationId": { "markdownDescription": "The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID `default` to the default location `s3://` and assigns an auto-generated ID to other locations that you register.", "title": "AccessGrantsLocationId", "type": "string" }, "ApplicationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.", "title": "ApplicationArn", "type": "string" }, "Grantee": { "$ref": "#/definitions/AWS::S3::AccessGrant.Grantee", "markdownDescription": "The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to AWS IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.", "title": "Grantee" }, "Permission": { "markdownDescription": "The type of access that you are granting to your S3 data, which can be set to one of the following values:\n\n- `READ` \u2013 Grant read-only access to the S3 data.\n- `WRITE` \u2013 Grant write-only access to the S3 data.\n- `READWRITE` \u2013 Grant both read and write access to the S3 data.", "title": "Permission", "type": "string" }, "S3PrefixType": { "markdownDescription": "The type of `S3SubPrefix` . The only possible value is `Object` . Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.", "title": "S3PrefixType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The AWS resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, "required": [ "AccessGrantsLocationId", "Grantee", "Permission" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::AccessGrant" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::AccessGrant.AccessGrantsLocationConfiguration": { "additionalProperties": false, "properties": { "S3SubPrefix": { "markdownDescription": "The `S3SubPrefix` is appended to the location scope creating the grant scope. Use this field to narrow the scope of the grant to a subset of the location scope. This field is required if the location scope is the default location `s3://` because you cannot create a grant for all of your S3 data in the Region and must narrow the scope. For example, if the location scope is the default location `s3://` , the `S3SubPrefx` can be a `/*` , so the full grant scope path would be `s3:///*` . Or the `S3SubPrefx` can be `/*` , so the full grant scope path would be `s3:///*` .\n\nIf the `S3SubPrefix` includes a prefix, append the wildcard character `*` after the prefix to indicate that you want to include all object key names in the bucket that start with that prefix.", "title": "S3SubPrefix", "type": "string" } }, "required": [ "S3SubPrefix" ], "type": "object" }, "AWS::S3::AccessGrant.Grantee": { "additionalProperties": false, "properties": { "GranteeIdentifier": { "markdownDescription": "The unique identifier of the `Grantee` . If the grantee type is `IAM` , the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format `a1b2c3d4-5678-90ab-cdef-EXAMPLE11111` . You can obtain this UUID from your AWS IAM Identity Center instance.", "title": "GranteeIdentifier", "type": "string" }, "GranteeType": { "markdownDescription": "The type of the grantee to which access has been granted. It can be one of the following values:\n\n- `IAM` - An IAM user or role.\n- `DIRECTORY_USER` - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.\n- `DIRECTORY_GROUP` - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.", "title": "GranteeType", "type": "string" } }, "required": [ "GranteeIdentifier", "GranteeType" ], "type": "object" }, "AWS::S3::AccessGrantsInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IdentityCenterArn": { "markdownDescription": "If you would like to associate your S3 Access Grants instance with an AWS IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the AWS IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center.", "title": "IdentityCenterArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::S3::AccessGrantsInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::S3::AccessGrantsLocation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IamRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.", "title": "IamRoleArn", "type": "string" }, "LocationScope": { "markdownDescription": "The S3 URI path to the location that you are registering. The location scope can be the default S3 location `s3://` , the S3 path to a bucket, or the S3 path to a bucket and prefix. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the `engineering/` prefix or object key names that start with the `marketing/campaigns/` prefix.", "title": "LocationScope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The AWS resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::S3::AccessGrantsLocation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::S3::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the bucket associated with this access point.", "title": "Bucket", "type": "string" }, "BucketAccountId": { "markdownDescription": "The AWS account ID associated with the S3 bucket associated with this access point.", "title": "BucketAccountId", "type": "string" }, "Name": { "markdownDescription": "The name of this access point. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the access point name.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The access point policy associated with this access point.", "title": "Policy", "type": "object" }, "PublicAccessBlockConfiguration": { "$ref": "#/definitions/AWS::S3::AccessPoint.PublicAccessBlockConfiguration", "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", "title": "PublicAccessBlockConfiguration" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::S3::AccessPoint.VpcConfiguration", "markdownDescription": "The Virtual Private Cloud (VPC) configuration for this access point, if one exists.", "title": "VpcConfiguration" } }, "required": [ "Bucket" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::AccessPoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", "title": "BlockPublicAcls", "type": "boolean" }, "BlockPublicPolicy": { "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", "title": "BlockPublicPolicy", "type": "boolean" }, "IgnorePublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", "title": "IgnorePublicAcls", "type": "boolean" }, "RestrictPublicBuckets": { "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", "title": "RestrictPublicBuckets", "type": "boolean" } }, "type": "object" }, "AWS::S3::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { "VpcId": { "markdownDescription": "If this field is specified, the access point will only allow connections from the specified VPC ID.", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccelerateConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.AccelerateConfiguration", "markdownDescription": "Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide* .", "title": "AccelerateConfiguration" }, "AccessControl": { "markdownDescription": "> This is a legacy property, and it is not recommended for most use cases. A majority of modern use cases in Amazon S3 no longer require the use of ACLs, and we recommend that you keep ACLs disabled. For more information, see [Controlling object ownership](https://docs.aws.amazon.com//AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide* . \n\nA canned access control list (ACL) that grants predefined permissions to the bucket. For more information about canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* .\n\nS3 buckets are created with ACLs disabled by default. Therefore, unless you explicitly set the [AWS::S3::OwnershipControls](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-ownershipcontrols.html) property to enable ACLs, your resource will fail to deploy with any value other than Private. Use cases requiring ACLs are uncommon.\n\nThe majority of access control configurations can be successfully and more easily achieved with bucket policies. For more information, see [AWS::S3::BucketPolicy](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html) . For examples of common policy configurations, including S3 Server Access Logs buckets and more, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) in the *Amazon S3 User Guide* .", "title": "AccessControl", "type": "string" }, "AnalyticsConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.AnalyticsConfiguration" }, "markdownDescription": "Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket.", "title": "AnalyticsConfigurations", "type": "array" }, "BucketEncryption": { "$ref": "#/definitions/AWS::S3::Bucket.BucketEncryption", "markdownDescription": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide* .", "title": "BucketEncryption" }, "BucketName": { "markdownDescription": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html) . For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "title": "BucketName", "type": "string" }, "CorsConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.CorsConfiguration", "markdownDescription": "Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide* .", "title": "CorsConfiguration" }, "IntelligentTieringConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.IntelligentTieringConfiguration" }, "markdownDescription": "Defines how Amazon S3 handles Intelligent-Tiering storage.", "title": "IntelligentTieringConfigurations", "type": "array" }, "InventoryConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.InventoryConfiguration" }, "markdownDescription": "Specifies the inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference* .", "title": "InventoryConfigurations", "type": "array" }, "LifecycleConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.LifecycleConfiguration", "markdownDescription": "Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide* .", "title": "LifecycleConfiguration" }, "LoggingConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.LoggingConfiguration", "markdownDescription": "Settings that define where logs are stored.", "title": "LoggingConfiguration" }, "MetricsConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.MetricsConfiguration" }, "markdownDescription": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) .", "title": "MetricsConfigurations", "type": "array" }, "NotificationConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.NotificationConfiguration", "markdownDescription": "Configuration that defines how Amazon S3 handles bucket notifications.", "title": "NotificationConfiguration" }, "ObjectLockConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockConfiguration", "markdownDescription": "> This operation is not supported by directory buckets. \n\nPlaces an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) .\n\n> - The `DefaultRetention` settings require both a mode and a period.\n> - The `DefaultRetention` period can be either `Days` or `Years` but you must select one. You cannot specify `Days` and `Years` at the same time.\n> - You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html) .", "title": "ObjectLockConfiguration" }, "ObjectLockEnabled": { "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", "title": "ObjectLockEnabled", "type": "boolean" }, "OwnershipControls": { "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControls", "markdownDescription": "Configuration that defines how Amazon S3 handles Object Ownership rules.", "title": "OwnershipControls" }, "PublicAccessBlockConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.PublicAccessBlockConfiguration", "markdownDescription": "Configuration that defines how Amazon S3 handles public access.", "title": "PublicAccessBlockConfiguration" }, "ReplicationConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationConfiguration", "markdownDescription": "Configuration for replicating objects in an S3 bucket. To enable replication, you must also enable versioning by using the `VersioningConfiguration` property.\n\nAmazon S3 can store replicated objects in a single destination bucket or multiple destination buckets. The destination bucket or buckets must already exist.", "title": "ReplicationConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An arbitrary set of tags (key-value pairs) for this S3 bucket.", "title": "Tags", "type": "array" }, "VersioningConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.VersioningConfiguration", "markdownDescription": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.", "title": "VersioningConfiguration" }, "WebsiteConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.WebsiteConfiguration", "markdownDescription": "Information used to configure the bucket as a static website. For more information, see [Hosting Websites on Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) .", "title": "WebsiteConfiguration" } }, "type": "object" }, "Type": { "enum": [ "AWS::S3::Bucket" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::S3::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { "DaysAfterInitiation": { "markdownDescription": "Specifies the number of days after which Amazon S3 stops an incomplete multipart upload.", "title": "DaysAfterInitiation", "type": "number" } }, "required": [ "DaysAfterInitiation" ], "type": "object" }, "AWS::S3::Bucket.AccelerateConfiguration": { "additionalProperties": false, "properties": { "AccelerationStatus": { "markdownDescription": "Specifies the transfer acceleration status of the bucket.", "title": "AccelerationStatus", "type": "string" } }, "required": [ "AccelerationStatus" ], "type": "object" }, "AWS::S3::Bucket.AccessControlTranslation": { "additionalProperties": false, "properties": { "Owner": { "markdownDescription": "Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference* .", "title": "Owner", "type": "string" } }, "required": [ "Owner" ], "type": "object" }, "AWS::S3::Bucket.AnalyticsConfiguration": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID that identifies the analytics configuration.", "title": "Id", "type": "string" }, "Prefix": { "markdownDescription": "The prefix that an object must have to be included in the analytics results.", "title": "Prefix", "type": "string" }, "StorageClassAnalysis": { "$ref": "#/definitions/AWS::S3::Bucket.StorageClassAnalysis", "markdownDescription": "Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes.", "title": "StorageClassAnalysis" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, "markdownDescription": "The tags to use when evaluating an analytics filter.\n\nThe analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis.", "title": "TagFilters", "type": "array" } }, "required": [ "Id", "StorageClassAnalysis" ], "type": "object" }, "AWS::S3::Bucket.BucketEncryption": { "additionalProperties": false, "properties": { "ServerSideEncryptionConfiguration": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionRule" }, "markdownDescription": "Specifies the default server-side-encryption configuration.", "title": "ServerSideEncryptionConfiguration", "type": "array" } }, "required": [ "ServerSideEncryptionConfiguration" ], "type": "object" }, "AWS::S3::Bucket.CorsConfiguration": { "additionalProperties": false, "properties": { "CorsRules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.CorsRule" }, "markdownDescription": "A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration.", "title": "CorsRules", "type": "array" } }, "required": [ "CorsRules" ], "type": "object" }, "AWS::S3::Bucket.CorsRule": { "additionalProperties": false, "properties": { "AllowedHeaders": { "items": { "type": "string" }, "markdownDescription": "Headers that are specified in the `Access-Control-Request-Headers` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed.", "title": "AllowedHeaders", "type": "array" }, "AllowedMethods": { "items": { "type": "string" }, "markdownDescription": "An HTTP method that you allow the origin to run.\n\n*Allowed values* : `GET` | `PUT` | `HEAD` | `POST` | `DELETE`", "title": "AllowedMethods", "type": "array" }, "AllowedOrigins": { "items": { "type": "string" }, "markdownDescription": "One or more origins you want customers to be able to access the bucket from.", "title": "AllowedOrigins", "type": "array" }, "ExposedHeaders": { "items": { "type": "string" }, "markdownDescription": "One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript `XMLHttpRequest` object).", "title": "ExposedHeaders", "type": "array" }, "Id": { "markdownDescription": "A unique identifier for this rule. The value must be no more than 255 characters.", "title": "Id", "type": "string" }, "MaxAge": { "markdownDescription": "The time in seconds that your browser is to cache the preflight response for the specified resource.", "title": "MaxAge", "type": "number" } }, "required": [ "AllowedMethods", "AllowedOrigins" ], "type": "object" }, "AWS::S3::Bucket.DataExport": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::S3::Bucket.Destination", "markdownDescription": "The place to store the data for an analysis.", "title": "Destination" }, "OutputSchemaVersion": { "markdownDescription": "The version of the output schema to use when exporting data. Must be `V_1` .", "title": "OutputSchemaVersion", "type": "string" } }, "required": [ "Destination", "OutputSchemaVersion" ], "type": "object" }, "AWS::S3::Bucket.DefaultRetention": { "additionalProperties": false, "properties": { "Days": { "markdownDescription": "The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", "title": "Days", "type": "number" }, "Mode": { "markdownDescription": "The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", "title": "Mode", "type": "string" }, "Years": { "markdownDescription": "The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify `Mode` and specify either `Days` or `Years` .", "title": "Years", "type": "number" } }, "type": "object" }, "AWS::S3::Bucket.DeleteMarkerReplication": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Indicates whether to replicate delete markers. Disabled by default.", "title": "Status", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket.Destination": { "additionalProperties": false, "properties": { "BucketAccountId": { "markdownDescription": "The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data.\n\n> Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes.", "title": "BucketAccountId", "type": "string" }, "BucketArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the bucket to which data is exported.", "title": "BucketArn", "type": "string" }, "Format": { "markdownDescription": "Specifies the file format used when exporting data to Amazon S3.\n\n*Allowed values* : `CSV` | `ORC` | `Parquet`", "title": "Format", "type": "string" }, "Prefix": { "markdownDescription": "The prefix to use when exporting data. The prefix is prepended to all results.", "title": "Prefix", "type": "string" } }, "required": [ "BucketArn", "Format" ], "type": "object" }, "AWS::S3::Bucket.EncryptionConfiguration": { "additionalProperties": false, "properties": { "ReplicaKmsKeyID": { "markdownDescription": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", "title": "ReplicaKmsKeyID", "type": "string" } }, "required": [ "ReplicaKmsKeyID" ], "type": "object" }, "AWS::S3::Bucket.EventBridgeConfiguration": { "additionalProperties": false, "properties": { "EventBridgeEnabled": { "markdownDescription": "Enables delivery of events to Amazon EventBridge.", "title": "EventBridgeEnabled", "type": "boolean" } }, "required": [ "EventBridgeEnabled" ], "type": "object" }, "AWS::S3::Bucket.FilterRule": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value that the filter searches for in object key names.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::S3::Bucket.IntelligentTieringConfiguration": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID used to identify the S3 Intelligent-Tiering configuration.", "title": "Id", "type": "string" }, "Prefix": { "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", "title": "Prefix", "type": "string" }, "Status": { "markdownDescription": "Specifies the status of the configuration.", "title": "Status", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, "markdownDescription": "A container for a key-value pair.", "title": "TagFilters", "type": "array" }, "Tierings": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.Tiering" }, "markdownDescription": "Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: `ARCHIVE_ACCESS` and `DEEP_ARCHIVE_ACCESS` .\n\n> You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers.", "title": "Tierings", "type": "array" } }, "required": [ "Id", "Status", "Tierings" ], "type": "object" }, "AWS::S3::Bucket.InventoryConfiguration": { "additionalProperties": false, "properties": { "Destination": { "$ref": "#/definitions/AWS::S3::Bucket.Destination", "markdownDescription": "Contains information about where to publish the inventory results.", "title": "Destination" }, "Enabled": { "markdownDescription": "Specifies whether the inventory is enabled or disabled. If set to `True` , an inventory list is generated. If set to `False` , no inventory list is generated.", "title": "Enabled", "type": "boolean" }, "Id": { "markdownDescription": "The ID used to identify the inventory configuration.", "title": "Id", "type": "string" }, "IncludedObjectVersions": { "markdownDescription": "Object versions to include in the inventory list. If set to `All` , the list includes all the object versions, which adds the version-related fields `VersionId` , `IsLatest` , and `DeleteMarker` to the list. If set to `Current` , the list does not contain these version-related fields.", "title": "IncludedObjectVersions", "type": "string" }, "OptionalFields": { "items": { "type": "string" }, "markdownDescription": "Contains the optional fields that are included in the inventory results.", "title": "OptionalFields", "type": "array" }, "Prefix": { "markdownDescription": "Specifies the inventory filter prefix.", "title": "Prefix", "type": "string" }, "ScheduleFrequency": { "markdownDescription": "Specifies the schedule for generating inventory results.", "title": "ScheduleFrequency", "type": "string" } }, "required": [ "Destination", "Enabled", "Id", "IncludedObjectVersions", "ScheduleFrequency" ], "type": "object" }, "AWS::S3::Bucket.LambdaConfiguration": { "additionalProperties": false, "properties": { "Event": { "markdownDescription": "The Amazon S3 bucket event for which to invoke the AWS Lambda function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "title": "Event", "type": "string" }, "Filter": { "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", "markdownDescription": "The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a `.jpg` extension invoke the function when they are added to the Amazon S3 bucket.", "title": "Filter" }, "Function": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 invokes when the specified event type occurs.", "title": "Function", "type": "string" } }, "required": [ "Event", "Function" ], "type": "object" }, "AWS::S3::Bucket.LifecycleConfiguration": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.Rule" }, "markdownDescription": "A lifecycle rule for individual objects in an Amazon S3 bucket.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::S3::Bucket.LoggingConfiguration": { "additionalProperties": false, "properties": { "DestinationBucketName": { "markdownDescription": "The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the `LoggingConfiguration` property is defined.", "title": "DestinationBucketName", "type": "string" }, "LogFilePrefix": { "markdownDescription": "A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket.", "title": "LogFilePrefix", "type": "string" }, "TargetObjectKeyFormat": { "$ref": "#/definitions/AWS::S3::Bucket.TargetObjectKeyFormat", "markdownDescription": "Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed.", "title": "TargetObjectKeyFormat" } }, "type": "object" }, "AWS::S3::Bucket.Metrics": { "additionalProperties": false, "properties": { "EventThreshold": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", "markdownDescription": "A container specifying the time threshold for emitting the `s3:Replication:OperationMissedThreshold` event.", "title": "EventThreshold" }, "Status": { "markdownDescription": "Specifies whether the replication metrics are enabled.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3::Bucket.MetricsConfiguration": { "additionalProperties": false, "properties": { "AccessPointArn": { "markdownDescription": "The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria.", "title": "AccessPointArn", "type": "string" }, "Id": { "markdownDescription": "The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration.", "title": "Id", "type": "string" }, "Prefix": { "markdownDescription": "The prefix that an object must have to be included in the metrics results.", "title": "Prefix", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, "markdownDescription": "Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria.", "title": "TagFilters", "type": "array" } }, "required": [ "Id" ], "type": "object" }, "AWS::S3::Bucket.NoncurrentVersionExpiration": { "additionalProperties": false, "properties": { "NewerNoncurrentVersions": { "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", "title": "NewerNoncurrentVersions", "type": "number" }, "NoncurrentDays": { "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", "title": "NoncurrentDays", "type": "number" } }, "required": [ "NoncurrentDays" ], "type": "object" }, "AWS::S3::Bucket.NoncurrentVersionTransition": { "additionalProperties": false, "properties": { "NewerNoncurrentVersions": { "markdownDescription": "Specifies how many noncurrent versions Amazon S3 will retain. If there are this many more recent noncurrent versions, Amazon S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide* .", "title": "NewerNoncurrentVersions", "type": "number" }, "StorageClass": { "markdownDescription": "The class of storage used to store the object.", "title": "StorageClass", "type": "string" }, "TransitionInDays": { "markdownDescription": "Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide* .", "title": "TransitionInDays", "type": "number" } }, "required": [ "StorageClass", "TransitionInDays" ], "type": "object" }, "AWS::S3::Bucket.NotificationConfiguration": { "additionalProperties": false, "properties": { "EventBridgeConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.EventBridgeConfiguration", "markdownDescription": "Enables delivery of events to Amazon EventBridge.", "title": "EventBridgeConfiguration" }, "LambdaConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.LambdaConfiguration" }, "markdownDescription": "Describes the AWS Lambda functions to invoke and the events for which to invoke them.", "title": "LambdaConfigurations", "type": "array" }, "QueueConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.QueueConfiguration" }, "markdownDescription": "The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages.", "title": "QueueConfigurations", "type": "array" }, "TopicConfigurations": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TopicConfiguration" }, "markdownDescription": "The topic to which notifications are sent and the events for which notifications are generated.", "title": "TopicConfigurations", "type": "array" } }, "type": "object" }, "AWS::S3::Bucket.NotificationFilter": { "additionalProperties": false, "properties": { "S3Key": { "$ref": "#/definitions/AWS::S3::Bucket.S3KeyFilter", "markdownDescription": "A container for object key name prefix and suffix filtering rules.", "title": "S3Key" } }, "required": [ "S3Key" ], "type": "object" }, "AWS::S3::Bucket.ObjectLockConfiguration": { "additionalProperties": false, "properties": { "ObjectLockEnabled": { "markdownDescription": "Indicates whether this bucket has an Object Lock configuration enabled. Enable `ObjectLockEnabled` when you apply `ObjectLockConfiguration` to a bucket.", "title": "ObjectLockEnabled", "type": "string" }, "Rule": { "$ref": "#/definitions/AWS::S3::Bucket.ObjectLockRule", "markdownDescription": "Specifies the Object Lock rule for the specified object. Enable this rule when you apply `ObjectLockConfiguration` to a bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", "title": "Rule" } }, "type": "object" }, "AWS::S3::Bucket.ObjectLockRule": { "additionalProperties": false, "properties": { "DefaultRetention": { "$ref": "#/definitions/AWS::S3::Bucket.DefaultRetention", "markdownDescription": "The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both `Mode` and a period of either `Days` or `Years` . You cannot specify `Days` and `Years` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html) .", "title": "DefaultRetention" } }, "type": "object" }, "AWS::S3::Bucket.OwnershipControls": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.OwnershipControlsRule" }, "markdownDescription": "Specifies the container element for Object Ownership rules.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::S3::Bucket.OwnershipControlsRule": { "additionalProperties": false, "properties": { "ObjectOwnership": { "markdownDescription": "Specifies an object ownership rule.", "title": "ObjectOwnership", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket.PartitionedPrefix": { "additionalProperties": false, "properties": { "PartitionDateSource": { "markdownDescription": "Specifies the partition date source for the partitioned prefix. `PartitionDateSource` can be `EventTime` or `DeliveryTime` .\n\nFor `DeliveryTime` , the time in the log file names corresponds to the delivery time for the log files.\n\nFor `EventTime` , The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.", "title": "PartitionDateSource", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", "title": "BlockPublicAcls", "type": "boolean" }, "BlockPublicPolicy": { "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", "title": "BlockPublicPolicy", "type": "boolean" }, "IgnorePublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", "title": "IgnorePublicAcls", "type": "boolean" }, "RestrictPublicBuckets": { "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", "title": "RestrictPublicBuckets", "type": "boolean" } }, "type": "object" }, "AWS::S3::Bucket.QueueConfiguration": { "additionalProperties": false, "properties": { "Event": { "markdownDescription": "The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "title": "Event", "type": "string" }, "Filter": { "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", "markdownDescription": "The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide* .", "title": "Filter" }, "Queue": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination.", "title": "Queue", "type": "string" } }, "required": [ "Event", "Queue" ], "type": "object" }, "AWS::S3::Bucket.RedirectAllRequestsTo": { "additionalProperties": false, "properties": { "HostName": { "markdownDescription": "Name of the host where requests are redirected.", "title": "HostName", "type": "string" }, "Protocol": { "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", "title": "Protocol", "type": "string" } }, "required": [ "HostName" ], "type": "object" }, "AWS::S3::Bucket.RedirectRule": { "additionalProperties": false, "properties": { "HostName": { "markdownDescription": "The host name to use in the redirect request.", "title": "HostName", "type": "string" }, "HttpRedirectCode": { "markdownDescription": "The HTTP redirect code to use on the response. Not required if one of the siblings is present.", "title": "HttpRedirectCode", "type": "string" }, "Protocol": { "markdownDescription": "Protocol to use when redirecting requests. The default is the protocol that is used in the original request.", "title": "Protocol", "type": "string" }, "ReplaceKeyPrefixWith": { "markdownDescription": "The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix `docs/` (objects in the `docs/` folder) to `documents/` , you can set a condition block with `KeyPrefixEquals` set to `docs/` and in the Redirect set `ReplaceKeyPrefixWith` to `/documents` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", "title": "ReplaceKeyPrefixWith", "type": "string" }, "ReplaceKeyWith": { "markdownDescription": "The specific object key to use in the redirect request. For example, redirect request to `error.html` . Not required if one of the siblings is present. Can be present only if `ReplaceKeyPrefixWith` is not provided.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", "title": "ReplaceKeyWith", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket.ReplicaModifications": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Specifies whether Amazon S3 replicates modifications on replicas.\n\n*Allowed values* : `Enabled` | `Disabled`", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3::Bucket.ReplicationConfiguration": { "additionalProperties": false, "properties": { "Role": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide* .", "title": "Role", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRule" }, "markdownDescription": "A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules.", "title": "Rules", "type": "array" } }, "required": [ "Role", "Rules" ], "type": "object" }, "AWS::S3::Bucket.ReplicationDestination": { "additionalProperties": false, "properties": { "AccessControlTranslation": { "$ref": "#/definitions/AWS::S3::Bucket.AccessControlTranslation", "markdownDescription": "Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS account that owns the source object.", "title": "AccessControlTranslation" }, "Account": { "markdownDescription": "Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS account that owns the destination bucket by specifying the `AccessControlTranslation` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide* .\n\nIf you specify the `AccessControlTranslation` property, the `Account` property is required.", "title": "Account", "type": "string" }, "Bucket": { "markdownDescription": "The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results.", "title": "Bucket", "type": "string" }, "EncryptionConfiguration": { "$ref": "#/definitions/AWS::S3::Bucket.EncryptionConfiguration", "markdownDescription": "Specifies encryption-related information.", "title": "EncryptionConfiguration" }, "Metrics": { "$ref": "#/definitions/AWS::S3::Bucket.Metrics", "markdownDescription": "A container specifying replication metrics-related settings enabling replication metrics and events.", "title": "Metrics" }, "ReplicationTime": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTime", "markdownDescription": "A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a `Metrics` block.", "title": "ReplicationTime" }, "StorageClass": { "markdownDescription": "The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica.\n\nFor valid values, see the `StorageClass` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference* .", "title": "StorageClass", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::S3::Bucket.ReplicationRule": { "additionalProperties": false, "properties": { "DeleteMarkerReplication": { "$ref": "#/definitions/AWS::S3::Bucket.DeleteMarkerReplication", "markdownDescription": "Specifies whether Amazon S3 replicates delete markers. If you specify a `Filter` in your replication configuration, you must also include a `DeleteMarkerReplication` element. If your `Filter` includes a `Tag` element, the `DeleteMarkerReplication` `Status` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config) .\n\nFor more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html) .\n\n> If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations) .", "title": "DeleteMarkerReplication" }, "Destination": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationDestination", "markdownDescription": "A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC).", "title": "Destination" }, "Filter": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleFilter", "markdownDescription": "A filter that identifies the subset of objects to which the replication rule applies. A `Filter` must specify exactly one `Prefix` , `TagFilter` , or an `And` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration.\n\n> V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.", "title": "Filter" }, "Id": { "markdownDescription": "A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as \"ID\".", "title": "Id", "type": "string" }, "Prefix": { "markdownDescription": "An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the `Prefix` directly as a child element of the `Rule` element.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", "title": "Prefix", "type": "string" }, "Priority": { "markdownDescription": "The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority.\n\nFor more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide* .", "title": "Priority", "type": "number" }, "SourceSelectionCriteria": { "$ref": "#/definitions/AWS::S3::Bucket.SourceSelectionCriteria", "markdownDescription": "A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects.", "title": "SourceSelectionCriteria" }, "Status": { "markdownDescription": "Specifies whether the rule is enabled.", "title": "Status", "type": "string" } }, "required": [ "Destination", "Status" ], "type": "object" }, "AWS::S3::Bucket.ReplicationRuleAndOperator": { "additionalProperties": false, "properties": { "Prefix": { "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.", "title": "Prefix", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, "markdownDescription": "An array of tags containing key and value pairs.", "title": "TagFilters", "type": "array" } }, "type": "object" }, "AWS::S3::Bucket.ReplicationRuleFilter": { "additionalProperties": false, "properties": { "And": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationRuleAndOperator", "markdownDescription": "A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example:\n\n- If you specify both a `Prefix` and a `TagFilter` , wrap these filters in an `And` tag.\n- If you specify a filter based on multiple tags, wrap the `TagFilter` elements in an `And` tag.", "title": "And" }, "Prefix": { "markdownDescription": "An object key name prefix that identifies the subset of objects to which the rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", "title": "Prefix", "type": "string" }, "TagFilter": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter", "markdownDescription": "A container for specifying a tag key and value.\n\nThe rule applies only to objects that have the tag in their tag set.", "title": "TagFilter" } }, "type": "object" }, "AWS::S3::Bucket.ReplicationTime": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Specifies whether the replication time is enabled.", "title": "Status", "type": "string" }, "Time": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicationTimeValue", "markdownDescription": "A container specifying the time by which replication should be complete for all objects and operations on objects.", "title": "Time" } }, "required": [ "Status", "Time" ], "type": "object" }, "AWS::S3::Bucket.ReplicationTimeValue": { "additionalProperties": false, "properties": { "Minutes": { "markdownDescription": "Contains an integer specifying time in minutes.\n\nValid value: 15", "title": "Minutes", "type": "number" } }, "required": [ "Minutes" ], "type": "object" }, "AWS::S3::Bucket.RoutingRule": { "additionalProperties": false, "properties": { "RedirectRule": { "$ref": "#/definitions/AWS::S3::Bucket.RedirectRule", "markdownDescription": "Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return.", "title": "RedirectRule" }, "RoutingRuleCondition": { "$ref": "#/definitions/AWS::S3::Bucket.RoutingRuleCondition", "markdownDescription": "A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the `/docs` folder, redirect to the `/documents` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error.", "title": "RoutingRuleCondition" } }, "required": [ "RedirectRule" ], "type": "object" }, "AWS::S3::Bucket.RoutingRuleCondition": { "additionalProperties": false, "properties": { "HttpErrorCodeReturnedEquals": { "markdownDescription": "The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied.\n\nRequired when parent element `Condition` is specified and sibling `KeyPrefixEquals` is not specified. If both are specified, then both must be true for the redirect to be applied.", "title": "HttpErrorCodeReturnedEquals", "type": "string" }, "KeyPrefixEquals": { "markdownDescription": "The object key name prefix when the redirect is applied. For example, to redirect requests for `ExamplePage.html` , the key prefix will be `ExamplePage.html` . To redirect request for all pages with the prefix `docs/` , the key prefix will be `/docs` , which identifies all objects in the docs/ folder.\n\nRequired when the parent element `Condition` is specified and sibling `HttpErrorCodeReturnedEquals` is not specified. If both conditions are specified, both must be true for the redirect to be applied.", "title": "KeyPrefixEquals", "type": "string" } }, "type": "object" }, "AWS::S3::Bucket.Rule": { "additionalProperties": false, "properties": { "AbortIncompleteMultipartUpload": { "$ref": "#/definitions/AWS::S3::Bucket.AbortIncompleteMultipartUpload", "markdownDescription": "Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket.", "title": "AbortIncompleteMultipartUpload" }, "ExpirationDate": { "markdownDescription": "Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", "title": "ExpirationDate", "type": "string" }, "ExpirationInDays": { "markdownDescription": "Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time.", "title": "ExpirationInDays", "type": "number" }, "ExpiredObjectDeleteMarker": { "markdownDescription": "Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with `ExpirationInDays` , `ExpirationDate` , or `TagFilters` .", "title": "ExpiredObjectDeleteMarker", "type": "boolean" }, "Id": { "markdownDescription": "Unique identifier for the rule. The value can't be longer than 255 characters.", "title": "Id", "type": "string" }, "NoncurrentVersionExpiration": { "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionExpiration", "markdownDescription": "Specifies when noncurrent object versions expire. Upon expiration, Amazon S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that Amazon S3 delete noncurrent object versions at a specific period in the object's lifetime.", "title": "NoncurrentVersionExpiration" }, "NoncurrentVersionExpirationInDays": { "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time.", "title": "NoncurrentVersionExpirationInDays", "type": "number" }, "NoncurrentVersionTransition": { "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition", "markdownDescription": "(Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransitions` property.", "title": "NoncurrentVersionTransition" }, "NoncurrentVersionTransitions": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.NoncurrentVersionTransition" }, "markdownDescription": "For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the `NoncurrentVersionTransition` property.", "title": "NoncurrentVersionTransitions", "type": "array" }, "ObjectSizeGreaterThan": { "markdownDescription": "Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", "title": "ObjectSizeGreaterThan", "type": "string" }, "ObjectSizeLessThan": { "markdownDescription": "Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* .", "title": "ObjectSizeLessThan", "type": "string" }, "Prefix": { "markdownDescription": "Object key prefix that identifies one or more objects to which this rule applies.\n\n> Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) .", "title": "Prefix", "type": "string" }, "Status": { "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", "title": "Status", "type": "string" }, "TagFilters": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.TagFilter" }, "markdownDescription": "Tags to use to identify a subset of objects to which the lifecycle rule applies.", "title": "TagFilters", "type": "array" }, "Transition": { "$ref": "#/definitions/AWS::S3::Bucket.Transition", "markdownDescription": "(Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transitions` property.", "title": "Transition" }, "Transitions": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.Transition" }, "markdownDescription": "One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the `Transition` property.", "title": "Transitions", "type": "array" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3::Bucket.S3KeyFilter": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.FilterRule" }, "markdownDescription": "A list of containers for the key-value pair that defines the criteria for the filter rule.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::S3::Bucket.ServerSideEncryptionByDefault": { "additionalProperties": false, "properties": { "KMSMasterKeyID": { "markdownDescription": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if `SSEAlgorithm` is set to `aws:kms` or `aws:kms:dsse` .\n\nYou can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key Alias: `alias/alias-name`\n\nIf you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log.\n\nIf you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy) .\n\n> Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *AWS Key Management Service Developer Guide* .", "title": "KMSMasterKeyID", "type": "string" }, "SSEAlgorithm": { "markdownDescription": "Server-side encryption algorithm to use for the default encryption.", "title": "SSEAlgorithm", "type": "string" } }, "required": [ "SSEAlgorithm" ], "type": "object" }, "AWS::S3::Bucket.ServerSideEncryptionRule": { "additionalProperties": false, "properties": { "BucketKeyEnabled": { "markdownDescription": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n\nFor more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide* .", "title": "BucketKeyEnabled", "type": "boolean" }, "ServerSideEncryptionByDefault": { "$ref": "#/definitions/AWS::S3::Bucket.ServerSideEncryptionByDefault", "markdownDescription": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.", "title": "ServerSideEncryptionByDefault" } }, "type": "object" }, "AWS::S3::Bucket.SourceSelectionCriteria": { "additionalProperties": false, "properties": { "ReplicaModifications": { "$ref": "#/definitions/AWS::S3::Bucket.ReplicaModifications", "markdownDescription": "A filter that you can specify for selection for modifications on replicas.", "title": "ReplicaModifications" }, "SseKmsEncryptedObjects": { "$ref": "#/definitions/AWS::S3::Bucket.SseKmsEncryptedObjects", "markdownDescription": "A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS.", "title": "SseKmsEncryptedObjects" } }, "type": "object" }, "AWS::S3::Bucket.SseKmsEncryptedObjects": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3::Bucket.StorageClassAnalysis": { "additionalProperties": false, "properties": { "DataExport": { "$ref": "#/definitions/AWS::S3::Bucket.DataExport", "markdownDescription": "Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported.", "title": "DataExport" } }, "type": "object" }, "AWS::S3::Bucket.TagFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The tag key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The tag value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::S3::Bucket.TargetObjectKeyFormat": { "additionalProperties": false, "properties": { "PartitionedPrefix": { "$ref": "#/definitions/AWS::S3::Bucket.PartitionedPrefix", "markdownDescription": "Partitioned S3 key for log objects.", "title": "PartitionedPrefix" }, "SimplePrefix": { "markdownDescription": "To use the simple format for S3 keys for log objects. To specify SimplePrefix format, set SimplePrefix to {}.", "title": "SimplePrefix", "type": "object" } }, "type": "object" }, "AWS::S3::Bucket.Tiering": { "additionalProperties": false, "properties": { "AccessTier": { "markdownDescription": "S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class.", "title": "AccessTier", "type": "string" }, "Days": { "markdownDescription": "The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days).", "title": "Days", "type": "number" } }, "required": [ "AccessTier", "Days" ], "type": "object" }, "AWS::S3::Bucket.TopicConfiguration": { "additionalProperties": false, "properties": { "Event": { "markdownDescription": "The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide* .", "title": "Event", "type": "string" }, "Filter": { "$ref": "#/definitions/AWS::S3::Bucket.NotificationFilter", "markdownDescription": "The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a `.jpg` extension are added to the bucket.", "title": "Filter" }, "Topic": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type.", "title": "Topic", "type": "string" } }, "required": [ "Event", "Topic" ], "type": "object" }, "AWS::S3::Bucket.Transition": { "additionalProperties": false, "properties": { "StorageClass": { "markdownDescription": "The storage class to which you want the object to transition.", "title": "StorageClass", "type": "string" }, "TransitionDate": { "markdownDescription": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC.", "title": "TransitionDate", "type": "string" }, "TransitionInDays": { "markdownDescription": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.", "title": "TransitionInDays", "type": "number" } }, "required": [ "StorageClass" ], "type": "object" }, "AWS::S3::Bucket.VersioningConfiguration": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The versioning state of the bucket.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3::Bucket.WebsiteConfiguration": { "additionalProperties": false, "properties": { "ErrorDocument": { "markdownDescription": "The name of the error document for the website.", "title": "ErrorDocument", "type": "string" }, "IndexDocument": { "markdownDescription": "The name of the index document for the website.", "title": "IndexDocument", "type": "string" }, "RedirectAllRequestsTo": { "$ref": "#/definitions/AWS::S3::Bucket.RedirectAllRequestsTo", "markdownDescription": "The redirect behavior for every request to this bucket's website endpoint.\n\n> If you specify this property, you can't specify any other property.", "title": "RedirectAllRequestsTo" }, "RoutingRules": { "items": { "$ref": "#/definitions/AWS::S3::Bucket.RoutingRule" }, "markdownDescription": "Rules that define when a redirect is applied and the redirect behavior.", "title": "RoutingRules", "type": "array" } }, "type": "object" }, "AWS::S3::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket to which the policy applies.", "title": "Bucket", "type": "string" }, "PolicyDocument": { "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", "title": "PolicyDocument", "type": "object" } }, "required": [ "Bucket", "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::BucketPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::MultiRegionAccessPoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the Multi-Region Access Point.", "title": "Name", "type": "string" }, "PublicAccessBlockConfiguration": { "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration", "markdownDescription": "The PublicAccessBlock configuration that you want to apply to this Multi-Region Access Point. You can enable the configuration options in any combination. For more information about when Amazon S3 considers an object public, see [The Meaning of \"Public\"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide* .", "title": "PublicAccessBlockConfiguration" }, "Regions": { "items": { "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint.Region" }, "markdownDescription": "A collection of the Regions and buckets associated with the Multi-Region Access Point.", "title": "Regions", "type": "array" } }, "required": [ "Regions" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::MultiRegionAccessPoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::MultiRegionAccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to `TRUE` causes the following behavior:\n\n- PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.", "title": "BlockPublicAcls", "type": "boolean" }, "BlockPublicPolicy": { "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.", "title": "BlockPublicPolicy", "type": "boolean" }, "IgnorePublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.", "title": "IgnorePublicAcls", "type": "boolean" }, "RestrictPublicBuckets": { "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to `TRUE` restricts access to this bucket to only AWS service principals and authorized users within this account if the bucket has a public policy.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.", "title": "RestrictPublicBuckets", "type": "boolean" } }, "type": "object" }, "AWS::S3::MultiRegionAccessPoint.Region": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the associated bucket for the Region.", "title": "Bucket", "type": "string" }, "BucketAccountId": { "markdownDescription": "The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point.", "title": "BucketAccountId", "type": "string" } }, "required": [ "Bucket" ], "type": "object" }, "AWS::S3::MultiRegionAccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MrapName": { "markdownDescription": "The name of the Multi-Region Access Point.", "title": "MrapName", "type": "string" }, "Policy": { "markdownDescription": "The access policy associated with the Multi-Region Access Point.", "title": "Policy", "type": "object" } }, "required": [ "MrapName", "Policy" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::MultiRegionAccessPointPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::MultiRegionAccessPointPolicy.PolicyStatus": { "additionalProperties": false, "properties": { "IsPublic": { "markdownDescription": "The policy status for this bucket. `TRUE` indicates that this bucket is public. `FALSE` indicates that the bucket is not public.", "title": "IsPublic", "type": "string" } }, "required": [ "IsPublic" ], "type": "object" }, "AWS::S3::StorageLens": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "StorageLensConfiguration": { "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensConfiguration", "markdownDescription": "This resource contains the details Amazon S3 Storage Lens configuration.", "title": "StorageLensConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A set of tags (key\u2013value pairs) to associate with the Storage Lens configuration.", "title": "Tags", "type": "array" } }, "required": [ "StorageLensConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::StorageLens" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::StorageLens.AccountLevel": { "additionalProperties": false, "properties": { "ActivityMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", "markdownDescription": "This property contains the details of account-level activity metrics for S3 Storage Lens.", "title": "ActivityMetrics" }, "AdvancedCostOptimizationMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", "markdownDescription": "This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens.", "title": "AdvancedCostOptimizationMetrics" }, "AdvancedDataProtectionMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", "markdownDescription": "This property contains the details of account-level advanced data protection metrics for S3 Storage Lens.", "title": "AdvancedDataProtectionMetrics" }, "BucketLevel": { "$ref": "#/definitions/AWS::S3::StorageLens.BucketLevel", "markdownDescription": "This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens.", "title": "BucketLevel" }, "DetailedStatusCodesMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", "markdownDescription": "This property contains the details of account-level detailed status code metrics for S3 Storage Lens.", "title": "DetailedStatusCodesMetrics" }, "StorageLensGroupLevel": { "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupLevel", "markdownDescription": "This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard.", "title": "StorageLensGroupLevel" } }, "required": [ "BucketLevel" ], "type": "object" }, "AWS::S3::StorageLens.ActivityMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "A property that indicates whether the activity metrics is enabled.", "title": "IsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::S3::StorageLens.AdvancedCostOptimizationMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "Indicates whether advanced cost optimization metrics are enabled.", "title": "IsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::S3::StorageLens.AdvancedDataProtectionMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "Indicates whether advanced data protection metrics are enabled.", "title": "IsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::S3::StorageLens.AwsOrg": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "This resource contains the ARN of the AWS Organization.", "title": "Arn", "type": "string" } }, "required": [ "Arn" ], "type": "object" }, "AWS::S3::StorageLens.BucketLevel": { "additionalProperties": false, "properties": { "ActivityMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.ActivityMetrics", "markdownDescription": "A property for bucket-level activity metrics for S3 Storage Lens.", "title": "ActivityMetrics" }, "AdvancedCostOptimizationMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedCostOptimizationMetrics", "markdownDescription": "A property for bucket-level advanced cost optimization metrics for S3 Storage Lens.", "title": "AdvancedCostOptimizationMetrics" }, "AdvancedDataProtectionMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.AdvancedDataProtectionMetrics", "markdownDescription": "A property for bucket-level advanced data protection metrics for S3 Storage Lens.", "title": "AdvancedDataProtectionMetrics" }, "DetailedStatusCodesMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.DetailedStatusCodesMetrics", "markdownDescription": "A property for bucket-level detailed status code metrics for S3 Storage Lens.", "title": "DetailedStatusCodesMetrics" }, "PrefixLevel": { "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevel", "markdownDescription": "A property for bucket-level prefix-level storage metrics for S3 Storage Lens.", "title": "PrefixLevel" } }, "type": "object" }, "AWS::S3::StorageLens.BucketsAndRegions": { "additionalProperties": false, "properties": { "Buckets": { "items": { "type": "string" }, "markdownDescription": "This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* .", "title": "Buckets", "type": "array" }, "Regions": { "items": { "type": "string" }, "markdownDescription": "This property contains the details of the Regions for the S3 Storage Lens configuration.", "title": "Regions", "type": "array" } }, "type": "object" }, "AWS::S3::StorageLens.CloudWatchMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "This property identifies whether the CloudWatch publishing option for S3 Storage Lens is enabled.", "title": "IsEnabled", "type": "boolean" } }, "required": [ "IsEnabled" ], "type": "object" }, "AWS::S3::StorageLens.DataExport": { "additionalProperties": false, "properties": { "CloudWatchMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.CloudWatchMetrics", "markdownDescription": "This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics.", "title": "CloudWatchMetrics" }, "S3BucketDestination": { "$ref": "#/definitions/AWS::S3::StorageLens.S3BucketDestination", "markdownDescription": "This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed.", "title": "S3BucketDestination" } }, "type": "object" }, "AWS::S3::StorageLens.DetailedStatusCodesMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "Indicates whether detailed status code metrics are enabled.", "title": "IsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::S3::StorageLens.Encryption": { "additionalProperties": false, "properties": { "SSEKMS": { "$ref": "#/definitions/AWS::S3::StorageLens.SSEKMS", "markdownDescription": "Specifies the use of AWS Key Management Service keys (SSE-KMS) to encrypt the S3 Storage Lens metrics export file.", "title": "SSEKMS" }, "SSES3": { "markdownDescription": "Specifies the use of an Amazon S3-managed key (SSE-S3) to encrypt the S3 Storage Lens metrics export file.", "title": "SSES3", "type": "object" } }, "type": "object" }, "AWS::S3::StorageLens.PrefixLevel": { "additionalProperties": false, "properties": { "StorageMetrics": { "$ref": "#/definitions/AWS::S3::StorageLens.PrefixLevelStorageMetrics", "markdownDescription": "A property for the prefix-level storage metrics for Amazon S3 Storage Lens.", "title": "StorageMetrics" } }, "required": [ "StorageMetrics" ], "type": "object" }, "AWS::S3::StorageLens.PrefixLevelStorageMetrics": { "additionalProperties": false, "properties": { "IsEnabled": { "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", "title": "IsEnabled", "type": "boolean" }, "SelectionCriteria": { "$ref": "#/definitions/AWS::S3::StorageLens.SelectionCriteria", "markdownDescription": "This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled.", "title": "SelectionCriteria" } }, "type": "object" }, "AWS::S3::StorageLens.S3BucketDestination": { "additionalProperties": false, "properties": { "AccountId": { "markdownDescription": "This property contains the details of the AWS account ID of the S3 Storage Lens export bucket destination.", "title": "AccountId", "type": "string" }, "Arn": { "markdownDescription": "This property contains the details of the ARN of the bucket destination of the S3 Storage Lens export.", "title": "Arn", "type": "string" }, "Encryption": { "$ref": "#/definitions/AWS::S3::StorageLens.Encryption", "markdownDescription": "This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export.", "title": "Encryption" }, "Format": { "markdownDescription": "This property contains the details of the format of the S3 Storage Lens export bucket destination.", "title": "Format", "type": "string" }, "OutputSchemaVersion": { "markdownDescription": "This property contains the details of the output schema version of the S3 Storage Lens export bucket destination.", "title": "OutputSchemaVersion", "type": "string" }, "Prefix": { "markdownDescription": "This property contains the details of the prefix of the bucket destination of the S3 Storage Lens export .", "title": "Prefix", "type": "string" } }, "required": [ "AccountId", "Arn", "Format", "OutputSchemaVersion" ], "type": "object" }, "AWS::S3::StorageLens.SSEKMS": { "additionalProperties": false, "properties": { "KeyId": { "markdownDescription": "Specifies the Amazon Resource Name (ARN) of the customer managed AWS KMS key to use for encrypting the S3 Storage Lens metrics export file. Amazon S3 only supports symmetric encryption keys. For more information, see [Special-purpose keys](https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html) in the *AWS Key Management Service Developer Guide* .", "title": "KeyId", "type": "string" } }, "required": [ "KeyId" ], "type": "object" }, "AWS::S3::StorageLens.SelectionCriteria": { "additionalProperties": false, "properties": { "Delimiter": { "markdownDescription": "This property contains the details of the S3 Storage Lens delimiter being used.", "title": "Delimiter", "type": "string" }, "MaxDepth": { "markdownDescription": "This property contains the details of the max depth that S3 Storage Lens will collect metrics up to.", "title": "MaxDepth", "type": "number" }, "MinStorageBytesPercentage": { "markdownDescription": "This property contains the details of the minimum storage bytes percentage threshold that S3 Storage Lens will collect metrics up to.", "title": "MinStorageBytesPercentage", "type": "number" } }, "type": "object" }, "AWS::S3::StorageLens.StorageLensConfiguration": { "additionalProperties": false, "properties": { "AccountLevel": { "$ref": "#/definitions/AWS::S3::StorageLens.AccountLevel", "markdownDescription": "This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration.", "title": "AccountLevel" }, "AwsOrg": { "$ref": "#/definitions/AWS::S3::StorageLens.AwsOrg", "markdownDescription": "This property contains the details of the AWS Organization for the S3 Storage Lens configuration.", "title": "AwsOrg" }, "DataExport": { "$ref": "#/definitions/AWS::S3::StorageLens.DataExport", "markdownDescription": "This property contains the details of this S3 Storage Lens configuration's metrics export.", "title": "DataExport" }, "Exclude": { "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", "markdownDescription": "This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration.", "title": "Exclude" }, "Id": { "markdownDescription": "This property contains the details of the ID of the S3 Storage Lens configuration.", "title": "Id", "type": "string" }, "Include": { "$ref": "#/definitions/AWS::S3::StorageLens.BucketsAndRegions", "markdownDescription": "This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration.", "title": "Include" }, "IsEnabled": { "markdownDescription": "This property contains the details of whether the Amazon S3 Storage Lens configuration is enabled.", "title": "IsEnabled", "type": "boolean" }, "StorageLensArn": { "markdownDescription": "This property contains the details of the ARN of the S3 Storage Lens configuration. This property is read-only.", "title": "StorageLensArn", "type": "string" } }, "required": [ "AccountLevel", "Id", "IsEnabled" ], "type": "object" }, "AWS::S3::StorageLens.StorageLensGroupLevel": { "additionalProperties": false, "properties": { "StorageLensGroupSelectionCriteria": { "$ref": "#/definitions/AWS::S3::StorageLens.StorageLensGroupSelectionCriteria", "markdownDescription": "This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected.", "title": "StorageLensGroupSelectionCriteria" } }, "type": "object" }, "AWS::S3::StorageLens.StorageLensGroupSelectionCriteria": { "additionalProperties": false, "properties": { "Exclude": { "items": { "type": "string" }, "markdownDescription": "This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation.", "title": "Exclude", "type": "array" }, "Include": { "items": { "type": "string" }, "markdownDescription": "This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation.", "title": "Include", "type": "array" } }, "type": "object" }, "AWS::S3::StorageLensGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Filter": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.Filter", "markdownDescription": "This property contains the criteria for the Storage Lens group data that is displayed", "title": "Filter" }, "Name": { "markdownDescription": "This property contains the Storage Lens group name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "This property contains the AWS resource tags that you're adding to your Storage Lens group. This parameter is optional.", "title": "Tags", "type": "array" } }, "required": [ "Filter", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::S3::StorageLensGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3::StorageLensGroup.And": { "additionalProperties": false, "properties": { "MatchAnyPrefix": { "items": { "type": "string" }, "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", "title": "MatchAnyPrefix", "type": "array" }, "MatchAnySuffix": { "items": { "type": "string" }, "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", "title": "MatchAnySuffix", "type": "array" }, "MatchAnyTag": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", "title": "MatchAnyTag", "type": "array" }, "MatchObjectAge": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days).", "title": "MatchObjectAge" }, "MatchObjectSize": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", "title": "MatchObjectSize" } }, "type": "object" }, "AWS::S3::StorageLensGroup.Filter": { "additionalProperties": false, "properties": { "And": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.And", "markdownDescription": "This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed.", "title": "And" }, "MatchAnyPrefix": { "items": { "type": "string" }, "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", "title": "MatchAnyPrefix", "type": "array" }, "MatchAnySuffix": { "items": { "type": "string" }, "markdownDescription": "This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", "title": "MatchAnySuffix", "type": "array" }, "MatchAnyTag": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", "title": "MatchAnyTag", "type": "array" }, "MatchObjectAge": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", "markdownDescription": "This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days).", "title": "MatchObjectAge" }, "MatchObjectSize": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", "markdownDescription": "This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes).", "title": "MatchObjectSize" }, "Or": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.Or", "markdownDescription": "This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed.", "title": "Or" } }, "type": "object" }, "AWS::S3::StorageLensGroup.MatchObjectAge": { "additionalProperties": false, "properties": { "DaysGreaterThan": { "markdownDescription": "This property indicates the minimum object age in days.", "title": "DaysGreaterThan", "type": "number" }, "DaysLessThan": { "markdownDescription": "This property indicates the maximum object age in days.", "title": "DaysLessThan", "type": "number" } }, "type": "object" }, "AWS::S3::StorageLensGroup.MatchObjectSize": { "additionalProperties": false, "properties": { "BytesGreaterThan": { "markdownDescription": "This property specifies the minimum object size in bytes. The value must be a positive number, greater than 0 and less than 5 TB.", "title": "BytesGreaterThan", "type": "number" }, "BytesLessThan": { "markdownDescription": "This property specifies the maximum object size in bytes. The value must be a positive number, greater than the minimum object size and less than 5 TB.", "title": "BytesLessThan", "type": "number" } }, "type": "object" }, "AWS::S3::StorageLensGroup.Or": { "additionalProperties": false, "properties": { "MatchAnyPrefix": { "items": { "type": "string" }, "markdownDescription": "This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed.", "title": "MatchAnyPrefix", "type": "array" }, "MatchAnySuffix": { "items": { "type": "string" }, "markdownDescription": "This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed.", "title": "MatchAnySuffix", "type": "array" }, "MatchAnyTag": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed.", "title": "MatchAnyTag", "type": "array" }, "MatchObjectAge": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectAge", "markdownDescription": "This property filters objects that match the specified object age range.", "title": "MatchObjectAge" }, "MatchObjectSize": { "$ref": "#/definitions/AWS::S3::StorageLensGroup.MatchObjectSize", "markdownDescription": "This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes).", "title": "MatchObjectSize" } }, "type": "object" }, "AWS::S3Express::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 directory bucket to which the policy applies.", "title": "Bucket", "type": "string" }, "PolicyDocument": { "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Policies and Permissions in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-policy-language-overview.html) in the *Amazon S3 User Guide* .", "title": "PolicyDocument", "type": "object" } }, "required": [ "Bucket", "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Express::BucketPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Express::DirectoryBucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "A name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone. The bucket name must also follow the format `*bucket_base_name* -- *az_id* --x-s3` (for example, `*DOC-EXAMPLE-BUCKET* -- *usw2-az1* --x-s3` ). If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. For information about bucket naming restrictions, see [Directory bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) in the *Amazon S3 User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "title": "BucketName", "type": "string" }, "DataRedundancy": { "markdownDescription": "The number of Availability Zone that's used for redundancy for the bucket.", "title": "DataRedundancy", "type": "string" }, "LocationName": { "markdownDescription": "The name of the location where the bucket will be created.\n\nFor directory buckets, the name of the location is the AZ ID of the Availability Zone where the bucket will be created. An example AZ ID value is `usw2-az1` .", "title": "LocationName", "type": "string" } }, "required": [ "DataRedundancy", "LocationName" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Express::DirectoryBucket" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of this access point.", "title": "Name", "type": "string" }, "ObjectLambdaConfiguration": { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration", "markdownDescription": "A configuration used when creating an Object Lambda Access Point.", "title": "ObjectLambdaConfiguration" } }, "required": [ "ObjectLambdaConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::S3ObjectLambda::AccessPoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.Alias": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The status of the Object Lambda Access Point alias. If the status is `PROVISIONING` , the Object Lambda Access Point is provisioning the alias and the alias is not ready for use yet. If the status is `READY` , the Object Lambda Access Point alias is successfully provisioned and ready for use.", "title": "Status", "type": "string" }, "Value": { "markdownDescription": "The alias value of the Object Lambda Access Point.", "title": "Value", "type": "string" } }, "required": [ "Value" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.AwsLambda": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "", "title": "FunctionArn", "type": "string" }, "FunctionPayload": { "markdownDescription": "", "title": "FunctionPayload", "type": "string" } }, "required": [ "FunctionArn" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.ContentTransformation": { "additionalProperties": false, "properties": { "AwsLambda": { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.AwsLambda", "markdownDescription": "", "title": "AwsLambda" } }, "required": [ "AwsLambda" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { "additionalProperties": false, "properties": { "AllowedFeatures": { "items": { "type": "string" }, "markdownDescription": "A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` .", "title": "AllowedFeatures", "type": "array" }, "CloudWatchMetricsEnabled": { "markdownDescription": "A container for whether the CloudWatch metrics configuration is enabled.", "title": "CloudWatchMetricsEnabled", "type": "boolean" }, "SupportingAccessPoint": { "markdownDescription": "Standard access point associated with the Object Lambda Access Point.", "title": "SupportingAccessPoint", "type": "string" }, "TransformationConfigurations": { "items": { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration" }, "markdownDescription": "A container for transformation configurations for an Object Lambda Access Point.", "title": "TransformationConfigurations", "type": "array" } }, "required": [ "SupportingAccessPoint", "TransformationConfigurations" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.PublicAccessBlockConfiguration": { "additionalProperties": false, "properties": { "BlockPublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to `TRUE` causes the following behavior:\n\n- `PutBucketAcl` and `PutObjectAcl` calls fail if the specified ACL is public.\n- PUT Object calls fail if the request includes a public ACL.\n- PUT Bucket calls fail if the request includes a public ACL.\n\nEnabling this setting doesn't affect existing policies or ACLs.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "BlockPublicAcls", "type": "boolean" }, "BlockPublicPolicy": { "markdownDescription": "Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access.\n\nEnabling this setting doesn't affect existing bucket policies.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "BlockPublicPolicy", "type": "boolean" }, "IgnorePublicAcls": { "markdownDescription": "Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to `TRUE` causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain.\n\nEnabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "IgnorePublicAcls", "type": "boolean" }, "RestrictPublicBuckets": { "markdownDescription": "Specifies whether Amazon S3 should restrict public bucket policies for buckets in this account. Setting this element to `TRUE` restricts access to buckets with public policies to only AWS service principals and authorized users within this account.\n\nEnabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked.\n\nThis property is not supported for Amazon S3 on Outposts.", "title": "RestrictPublicBuckets", "type": "boolean" } }, "type": "object" }, "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { "additionalProperties": false, "properties": { "Actions": { "items": { "type": "string" }, "markdownDescription": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` .", "title": "Actions", "type": "array" }, "ContentTransformation": { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint.ContentTransformation", "markdownDescription": "A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* .", "title": "ContentTransformation" } }, "required": [ "Actions", "ContentTransformation" ], "type": "object" }, "AWS::S3ObjectLambda::AccessPointPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ObjectLambdaAccessPoint": { "markdownDescription": "An access point with an attached AWS Lambda function used to access transformed data from an Amazon S3 bucket.", "title": "ObjectLambdaAccessPoint", "type": "string" }, "PolicyDocument": { "markdownDescription": "Object Lambda Access Point resource policy document.", "title": "PolicyDocument", "type": "object" } }, "required": [ "ObjectLambdaAccessPoint", "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::S3ObjectLambda::AccessPointPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Outposts::AccessPoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon Resource Name (ARN) of the S3 on Outposts bucket that is associated with this access point.", "title": "Bucket", "type": "string" }, "Name": { "markdownDescription": "The name of this access point.", "title": "Name", "type": "string" }, "Policy": { "markdownDescription": "The access point policy associated with this access point.", "title": "Policy", "type": "object" }, "VpcConfiguration": { "$ref": "#/definitions/AWS::S3Outposts::AccessPoint.VpcConfiguration", "markdownDescription": "The virtual private cloud (VPC) configuration for this access point, if one exists.", "title": "VpcConfiguration" } }, "required": [ "Bucket", "Name", "VpcConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Outposts::AccessPoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "additionalProperties": false, "properties": { "VpcId": { "markdownDescription": "", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::S3Outposts::Bucket": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "A name for the S3 on Outposts bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html) . For more information, see [Bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/BucketRestrictions.html#bucketnamingrules) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.", "title": "BucketName", "type": "string" }, "LifecycleConfiguration": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.LifecycleConfiguration", "markdownDescription": "Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.", "title": "LifecycleConfiguration" }, "OutpostId": { "markdownDescription": "The ID of the Outpost of the specified bucket.", "title": "OutpostId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Sets the tags for an S3 on Outposts bucket. For more information, see [Using Amazon S3 on Outposts](https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) .\n\nUse tags to organize your AWS bill to reflect your own cost structure. To do this, sign up to get your AWS account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see [Cost allocation and tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) .\n\n> Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see [Using cost allocation and bucket tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html) . \n\nTo use this resource, you must have permissions to perform the `s3-outposts:PutBucketTagging` . The S3 on Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see [Permissions Related to Bucket Subresource Operations](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) and [Managing access permissions to your Amazon S3 resources](https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) .", "title": "Tags", "type": "array" } }, "required": [ "BucketName", "OutpostId" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Outposts::Bucket" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload": { "additionalProperties": false, "properties": { "DaysAfterInitiation": { "markdownDescription": "Specifies the number of days after initiation that Amazon S3 on Outposts aborts an incomplete multipart upload.", "title": "DaysAfterInitiation", "type": "number" } }, "required": [ "DaysAfterInitiation" ], "type": "object" }, "AWS::S3Outposts::Bucket.Filter": { "additionalProperties": false, "properties": { "AndOperator": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterAndOperator", "markdownDescription": "", "title": "AndOperator" }, "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" }, "Tag": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag", "markdownDescription": "", "title": "Tag" } }, "type": "object" }, "AWS::S3Outposts::Bucket.FilterAndOperator": { "additionalProperties": false, "properties": { "Prefix": { "markdownDescription": "", "title": "Prefix", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.FilterTag" }, "markdownDescription": "", "title": "Tags", "type": "array" } }, "required": [ "Tags" ], "type": "object" }, "AWS::S3Outposts::Bucket.FilterTag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::S3Outposts::Bucket.LifecycleConfiguration": { "additionalProperties": false, "properties": { "Rules": { "items": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.Rule" }, "markdownDescription": "The container for the lifecycle configuration rules for the objects stored in the S3 on Outposts bucket.", "title": "Rules", "type": "array" } }, "required": [ "Rules" ], "type": "object" }, "AWS::S3Outposts::Bucket.Rule": { "additionalProperties": false, "properties": { "AbortIncompleteMultipartUpload": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.AbortIncompleteMultipartUpload", "markdownDescription": "The container for the abort incomplete multipart upload rule.", "title": "AbortIncompleteMultipartUpload" }, "ExpirationDate": { "markdownDescription": "Specifies the expiration for the lifecycle of the object by specifying an expiry date.", "title": "ExpirationDate", "type": "string" }, "ExpirationInDays": { "markdownDescription": "Specifies the expiration for the lifecycle of the object in the form of days that the object has been in the S3 on Outposts bucket.", "title": "ExpirationInDays", "type": "number" }, "Filter": { "$ref": "#/definitions/AWS::S3Outposts::Bucket.Filter", "markdownDescription": "The container for the filter of the lifecycle rule.", "title": "Filter" }, "Id": { "markdownDescription": "", "title": "Id", "type": "string" }, "Status": { "markdownDescription": "If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::S3Outposts::BucketPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 Outposts bucket to which the policy applies.", "title": "Bucket", "type": "string" }, "PolicyDocument": { "markdownDescription": "A policy document containing permissions to add to the specified bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. For more information, see the AWS::IAM::Policy [PolicyDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-policy.html#cfn-iam-policy-policydocument) resource description in this guide and [Access Policy Language Overview](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) .", "title": "PolicyDocument", "type": "object" } }, "required": [ "Bucket", "PolicyDocument" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Outposts::BucketPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Outposts::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessType": { "markdownDescription": "The container for the type of connectivity used to access the Amazon S3 on Outposts endpoint. To use the Amazon VPC , choose `Private` . To use the endpoint with an on-premises network, choose `CustomerOwnedIp` . If you choose `CustomerOwnedIp` , you must also provide the customer-owned IP address pool (CoIP pool).\n\n> `Private` is the default access type value.", "title": "AccessType", "type": "string" }, "CustomerOwnedIpv4Pool": { "markdownDescription": "The ID of the customer-owned IPv4 address pool (CoIP pool) for the endpoint. IP addresses are allocated from this pool for the endpoint.", "title": "CustomerOwnedIpv4Pool", "type": "string" }, "FailedReason": { "$ref": "#/definitions/AWS::S3Outposts::Endpoint.FailedReason", "markdownDescription": "The failure reason, if any, for a create or delete endpoint operation.", "title": "FailedReason" }, "OutpostId": { "markdownDescription": "The ID of the Outpost.", "title": "OutpostId", "type": "string" }, "SecurityGroupId": { "markdownDescription": "The ID of the security group used for the endpoint.", "title": "SecurityGroupId", "type": "string" }, "SubnetId": { "markdownDescription": "The ID of the subnet used for the endpoint.", "title": "SubnetId", "type": "string" } }, "required": [ "OutpostId", "SecurityGroupId", "SubnetId" ], "type": "object" }, "Type": { "enum": [ "AWS::S3Outposts::Endpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::S3Outposts::Endpoint.FailedReason": { "additionalProperties": false, "properties": { "ErrorCode": { "markdownDescription": "The failure code, if any, for a create or delete endpoint operation.", "title": "ErrorCode", "type": "string" }, "Message": { "markdownDescription": "Additional error details describing the endpoint failure and recommended action.", "title": "Message", "type": "string" } }, "type": "object" }, "AWS::S3Outposts::Endpoint.NetworkInterface": { "additionalProperties": false, "properties": { "NetworkInterfaceId": { "markdownDescription": "The ID for the network interface.", "title": "NetworkInterfaceId", "type": "string" } }, "required": [ "NetworkInterfaceId" ], "type": "object" }, "AWS::SDB::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Information about the SimpleDB domain.", "title": "Description", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::SDB::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::ConfigurationSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliveryOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.DeliveryOptions", "markdownDescription": "Specifies the name of the dedicated IP pool to associate with the configuration set and whether messages that use the configuration set are required to use Transport Layer Security (TLS).", "title": "DeliveryOptions" }, "Name": { "markdownDescription": "The name of the configuration set. The name must meet the following requirements:\n\n- Contain only letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", "title": "Name", "type": "string" }, "ReputationOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.ReputationOptions", "markdownDescription": "An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set.", "title": "ReputationOptions" }, "SendingOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.SendingOptions", "markdownDescription": "An object that defines whether or not Amazon SES can send email that you send using the configuration set.", "title": "SendingOptions" }, "SuppressionOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.SuppressionOptions", "markdownDescription": "An object that contains information about the suppression list preferences for your account.", "title": "SuppressionOptions" }, "TrackingOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.TrackingOptions", "markdownDescription": "An object that defines the open and click tracking options for emails that you send using the configuration set.", "title": "TrackingOptions" }, "VdmOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.VdmOptions", "markdownDescription": "The Virtual Deliverability Manager (VDM) options that apply to the configuration set.", "title": "VdmOptions" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::ConfigurationSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::ConfigurationSet.DashboardOptions": { "additionalProperties": false, "properties": { "EngagementMetrics": { "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for the configuration set.", "title": "EngagementMetrics", "type": "string" } }, "required": [ "EngagementMetrics" ], "type": "object" }, "AWS::SES::ConfigurationSet.DeliveryOptions": { "additionalProperties": false, "properties": { "SendingPoolName": { "markdownDescription": "The name of the dedicated IP pool to associate with the configuration set.", "title": "SendingPoolName", "type": "string" }, "TlsPolicy": { "markdownDescription": "Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is `REQUIRE` , messages are only delivered if a TLS connection can be established. If the value is `OPTIONAL` , messages can be delivered in plain text if a TLS connection can't be established.\n\nValid Values: `REQUIRE | OPTIONAL`", "title": "TlsPolicy", "type": "string" } }, "type": "object" }, "AWS::SES::ConfigurationSet.GuardianOptions": { "additionalProperties": false, "properties": { "OptimizedSharedDelivery": { "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for the configuration set.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for the configuration set.", "title": "OptimizedSharedDelivery", "type": "string" } }, "required": [ "OptimizedSharedDelivery" ], "type": "object" }, "AWS::SES::ConfigurationSet.ReputationOptions": { "additionalProperties": false, "properties": { "ReputationMetricsEnabled": { "markdownDescription": "If `true` , tracking of reputation metrics is enabled for the configuration set. If `false` , tracking of reputation metrics is disabled for the configuration set.", "title": "ReputationMetricsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::SES::ConfigurationSet.SendingOptions": { "additionalProperties": false, "properties": { "SendingEnabled": { "markdownDescription": "If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set.", "title": "SendingEnabled", "type": "boolean" } }, "type": "object" }, "AWS::SES::ConfigurationSet.SuppressionOptions": { "additionalProperties": false, "properties": { "SuppressedReasons": { "items": { "type": "string" }, "markdownDescription": "A list that contains the reasons that email addresses are automatically added to the suppression list for your account. This list can contain any or all of the following:\n\n- `COMPLAINT` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a complaint.\n- `BOUNCE` \u2013 Amazon SES adds an email address to the suppression list for your account when a message sent to that address results in a hard bounce.", "title": "SuppressedReasons", "type": "array" } }, "type": "object" }, "AWS::SES::ConfigurationSet.TrackingOptions": { "additionalProperties": false, "properties": { "CustomRedirectDomain": { "markdownDescription": "The custom subdomain that is used to redirect email recipients to the Amazon SES event tracking domain.", "title": "CustomRedirectDomain", "type": "string" } }, "type": "object" }, "AWS::SES::ConfigurationSet.VdmOptions": { "additionalProperties": false, "properties": { "DashboardOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.DashboardOptions", "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", "title": "DashboardOptions" }, "GuardianOptions": { "$ref": "#/definitions/AWS::SES::ConfigurationSet.GuardianOptions", "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", "title": "GuardianOptions" } }, "type": "object" }, "AWS::SES::ConfigurationSetEventDestination": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigurationSetName": { "markdownDescription": "The name of the configuration set that contains the event destination.", "title": "ConfigurationSetName", "type": "string" }, "EventDestination": { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.EventDestination", "markdownDescription": "An object that defines the event destination.", "title": "EventDestination" } }, "required": [ "ConfigurationSetName", "EventDestination" ], "type": "object" }, "Type": { "enum": [ "AWS::SES::ConfigurationSetEventDestination" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination": { "additionalProperties": false, "properties": { "DimensionConfigurations": { "items": { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration" }, "markdownDescription": "An array of objects that define the dimensions to use when you send email events to Amazon CloudWatch.", "title": "DimensionConfigurations", "type": "array" } }, "type": "object" }, "AWS::SES::ConfigurationSetEventDestination.DimensionConfiguration": { "additionalProperties": false, "properties": { "DefaultDimensionValue": { "markdownDescription": "The default value of the dimension that is published to Amazon CloudWatch if you don't provide the value of the dimension when you send an email. This value has to meet the following criteria:\n\n- Can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-), at signs (@), and periods (.).\n- It can contain no more than 256 characters.", "title": "DefaultDimensionValue", "type": "string" }, "DimensionName": { "markdownDescription": "The name of an Amazon CloudWatch dimension associated with an email sending metric. The name has to meet the following criteria:\n\n- It can only contain ASCII letters (a\u2013z, A\u2013Z), numbers (0\u20139), underscores (_), or dashes (-).\n- It can contain no more than 256 characters.", "title": "DimensionName", "type": "string" }, "DimensionValueSource": { "markdownDescription": "The location where the Amazon SES API v2 finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an `X-SES-MESSAGE-TAGS` header or a parameter to the `SendEmail` or `SendRawEmail` API, choose `messageTag` . To use your own email headers, choose `emailHeader` . To use link tags, choose `linkTag` .", "title": "DimensionValueSource", "type": "string" } }, "required": [ "DefaultDimensionValue", "DimensionName", "DimensionValueSource" ], "type": "object" }, "AWS::SES::ConfigurationSetEventDestination.EventDestination": { "additionalProperties": false, "properties": { "CloudWatchDestination": { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.CloudWatchDestination", "markdownDescription": "An object that defines an Amazon CloudWatch destination for email events. You can use Amazon CloudWatch to monitor and gain insights on your email sending metrics.", "title": "CloudWatchDestination" }, "Enabled": { "markdownDescription": "If `true` , the event destination is enabled. When the event destination is enabled, the specified event types are sent to the destinations in this `EventDestinationDefinition` .\n\nIf `false` , the event destination is disabled. When the event destination is disabled, events aren't sent to the specified destinations.", "title": "Enabled", "type": "boolean" }, "KinesisFirehoseDestination": { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination", "markdownDescription": "An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination.", "title": "KinesisFirehoseDestination" }, "MatchingEventTypes": { "items": { "type": "string" }, "markdownDescription": "The types of events that Amazon SES sends to the specified event destinations.\n\n- `SEND` - The send request was successful and SES will attempt to deliver the message to the recipient\u2019s mail server. (If account-level or global suppression is being used, SES will still count it as a send, but delivery is suppressed.)\n- `REJECT` - SES accepted the email, but determined that it contained a virus and didn\u2019t attempt to deliver it to the recipient\u2019s mail server.\n- `BOUNCE` - ( *Hard bounce* ) The recipient's mail server permanently rejected the email. ( *Soft bounces* are only included when SES fails to deliver the email after retrying for a period of time.)\n- `COMPLAINT` - The email was successfully delivered to the recipient\u2019s mail server, but the recipient marked it as spam.\n- `DELIVERY` - SES successfully delivered the email to the recipient's mail server.\n- `OPEN` - The recipient received the message and opened it in their email client.\n- `CLICK` - The recipient clicked one or more links in the email.\n- `RENDERING_FAILURE` - The email wasn't sent because of a template rendering issue. This event type can occur when template data is missing, or when there is a mismatch between template parameters and data. (This event type only occurs when you send email using the [`SendTemplatedEmail`](https://docs.aws.amazon.com/ses/latest/APIReference/API_SendTemplatedEmail.html) or [`SendBulkTemplatedEmail`](https://docs.aws.amazon.com/ses/latest/APIReference/API_SendBulkTemplatedEmail.html) API operations.)\n- `DELIVERY_DELAY` - The email couldn't be delivered to the recipient\u2019s mail server because a temporary issue occurred. Delivery delays can occur, for example, when the recipient's inbox is full, or when the receiving email server experiences a transient issue.\n- `SUBSCRIPTION` - The email was successfully delivered, but the recipient updated their subscription preferences by clicking on an *unsubscribe* link as part of your [subscription management](https://docs.aws.amazon.com/ses/latest/dg/sending-email-subscription-management.html) .", "title": "MatchingEventTypes", "type": "array" }, "Name": { "markdownDescription": "The name of the event destination. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Contain 64 characters or fewer.", "title": "Name", "type": "string" }, "SnsDestination": { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination.SnsDestination", "markdownDescription": "An object that contains the topic ARN associated with an Amazon Simple Notification Service (Amazon SNS) event destination.", "title": "SnsDestination" } }, "required": [ "MatchingEventTypes" ], "type": "object" }, "AWS::SES::ConfigurationSetEventDestination.KinesisFirehoseDestination": { "additionalProperties": false, "properties": { "DeliveryStreamARN": { "markdownDescription": "The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to.", "title": "DeliveryStreamARN", "type": "string" }, "IAMRoleARN": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that the Amazon SES API v2 uses to send email events to the Amazon Kinesis Data Firehose stream.", "title": "IAMRoleARN", "type": "string" } }, "required": [ "DeliveryStreamARN", "IAMRoleARN" ], "type": "object" }, "AWS::SES::ConfigurationSetEventDestination.SnsDestination": { "additionalProperties": false, "properties": { "TopicARN": { "markdownDescription": "The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicARN", "type": "string" } }, "required": [ "TopicARN" ], "type": "object" }, "AWS::SES::ContactList": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactListName": { "markdownDescription": "The name of the contact list.", "title": "ContactListName", "type": "string" }, "Description": { "markdownDescription": "A description of what the contact list is about.", "title": "Description", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags associated with a contact list.", "title": "Tags", "type": "array" }, "Topics": { "items": { "$ref": "#/definitions/AWS::SES::ContactList.Topic" }, "markdownDescription": "An interest group, theme, or label within a list. A contact list can have multiple topics.", "title": "Topics", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::ContactList" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::ContactList.Topic": { "additionalProperties": false, "properties": { "DefaultSubscriptionStatus": { "markdownDescription": "The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic.", "title": "DefaultSubscriptionStatus", "type": "string" }, "Description": { "markdownDescription": "A description of what the topic is about, which the contact will see.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The name of the topic the contact will see.", "title": "DisplayName", "type": "string" }, "TopicName": { "markdownDescription": "The name of the topic.", "title": "TopicName", "type": "string" } }, "required": [ "DefaultSubscriptionStatus", "DisplayName", "TopicName" ], "type": "object" }, "AWS::SES::DedicatedIpPool": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PoolName": { "markdownDescription": "The name of the dedicated IP pool that the IP address is associated with.", "title": "PoolName", "type": "string" }, "ScalingMode": { "markdownDescription": "The type of scaling mode.\n\nThe following options are available:\n\n- `STANDARD` - The customer controls which IPs are part of the dedicated IP pool.\n- `MANAGED` - The reputation and number of IPs are automatically managed by Amazon SES .\n\nThe `STANDARD` option is selected by default if no value is specified.\n\n> Updating *ScalingMode* doesn't require a replacement if you're updating its value from `STANDARD` to `MANAGED` . However, updating *ScalingMode* from `MANAGED` to `STANDARD` is not supported.", "title": "ScalingMode", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::DedicatedIpPool" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::EmailIdentity": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConfigurationSetAttributes": { "$ref": "#/definitions/AWS::SES::EmailIdentity.ConfigurationSetAttributes", "markdownDescription": "Used to associate a configuration set with an email identity.", "title": "ConfigurationSetAttributes" }, "DkimAttributes": { "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimAttributes", "markdownDescription": "An object that contains information about the DKIM attributes for the identity.", "title": "DkimAttributes" }, "DkimSigningAttributes": { "$ref": "#/definitions/AWS::SES::EmailIdentity.DkimSigningAttributes", "markdownDescription": "If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for [Easy DKIM](https://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html) .\n\nYou can only specify this object if the email identity is a domain, as opposed to an address.", "title": "DkimSigningAttributes" }, "EmailIdentity": { "markdownDescription": "The email address or domain to verify.", "title": "EmailIdentity", "type": "string" }, "FeedbackAttributes": { "$ref": "#/definitions/AWS::SES::EmailIdentity.FeedbackAttributes", "markdownDescription": "Used to enable or disable feedback forwarding for an identity.", "title": "FeedbackAttributes" }, "MailFromAttributes": { "$ref": "#/definitions/AWS::SES::EmailIdentity.MailFromAttributes", "markdownDescription": "Used to enable or disable the custom Mail-From domain configuration for an email identity.", "title": "MailFromAttributes" } }, "required": [ "EmailIdentity" ], "type": "object" }, "Type": { "enum": [ "AWS::SES::EmailIdentity" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SES::EmailIdentity.ConfigurationSetAttributes": { "additionalProperties": false, "properties": { "ConfigurationSetName": { "markdownDescription": "The configuration set to associate with an email identity.", "title": "ConfigurationSetName", "type": "string" } }, "type": "object" }, "AWS::SES::EmailIdentity.DkimAttributes": { "additionalProperties": false, "properties": { "SigningEnabled": { "markdownDescription": "Sets the DKIM signing configuration for the identity.\n\nWhen you set this value `true` , then the messages that are sent from the identity are signed using DKIM. If you set this value to `false` , your messages are sent without DKIM signing.", "title": "SigningEnabled", "type": "boolean" } }, "type": "object" }, "AWS::SES::EmailIdentity.DkimSigningAttributes": { "additionalProperties": false, "properties": { "DomainSigningPrivateKey": { "markdownDescription": "[Bring Your Own DKIM] A private key that's used to generate a DKIM signature.\n\nThe private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding.\n\n> Rather than embedding sensitive information directly in your CFN templates, we recommend you use dynamic parameters in the stack template to reference sensitive information that is stored and managed outside of CFN, such as in the AWS Systems Manager Parameter Store or AWS Secrets Manager.\n> \n> For more information, see the [Do not embed credentials in your templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/best-practices.html#creds) best practice.", "title": "DomainSigningPrivateKey", "type": "string" }, "DomainSigningSelector": { "markdownDescription": "[Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain.", "title": "DomainSigningSelector", "type": "string" }, "NextSigningKeyLength": { "markdownDescription": "[Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day.\n\nValid Values: `RSA_1024_BIT | RSA_2048_BIT`", "title": "NextSigningKeyLength", "type": "string" } }, "type": "object" }, "AWS::SES::EmailIdentity.FeedbackAttributes": { "additionalProperties": false, "properties": { "EmailForwardingEnabled": { "markdownDescription": "Sets the feedback forwarding configuration for the identity.\n\nIf the value is `true` , you receive email notifications when bounce or complaint events occur. These notifications are sent to the address that you specified in the `Return-Path` header of the original email.\n\nYou're required to have a method of tracking bounces and complaints. If you haven't set up another mechanism for receiving bounce or complaint notifications (for example, by setting up an event destination), you receive an email notification when these events occur (even if this setting is disabled).", "title": "EmailForwardingEnabled", "type": "boolean" } }, "type": "object" }, "AWS::SES::EmailIdentity.MailFromAttributes": { "additionalProperties": false, "properties": { "BehaviorOnMxFailure": { "markdownDescription": "The action to take if the required MX record isn't found when you send an email. When you set this value to `USE_DEFAULT_VALUE` , the mail is sent using *amazonses.com* as the MAIL FROM domain. When you set this value to `REJECT_MESSAGE` , the Amazon SES API v2 returns a `MailFromDomainNotVerified` error, and doesn't attempt to deliver the email.\n\nThese behaviors are taken when the custom MAIL FROM domain configuration is in the `Pending` , `Failed` , and `TemporaryFailure` states.\n\nValid Values: `USE_DEFAULT_VALUE | REJECT_MESSAGE`", "title": "BehaviorOnMxFailure", "type": "string" }, "MailFromDomain": { "markdownDescription": "The custom MAIL FROM domain that you want the verified identity to use. The MAIL FROM domain must meet the following criteria:\n\n- It has to be a subdomain of the verified identity.\n- It can't be used to receive email.\n- It can't be used in a \"From\" address if the MAIL FROM domain is a destination for feedback forwarding emails.", "title": "MailFromDomain", "type": "string" } }, "type": "object" }, "AWS::SES::ReceiptFilter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Filter": { "$ref": "#/definitions/AWS::SES::ReceiptFilter.Filter", "markdownDescription": "A data structure that describes the IP address filter to create, which consists of a name, an IP address range, and whether to allow or block mail from it.", "title": "Filter" } }, "required": [ "Filter" ], "type": "object" }, "Type": { "enum": [ "AWS::SES::ReceiptFilter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SES::ReceiptFilter.Filter": { "additionalProperties": false, "properties": { "IpFilter": { "$ref": "#/definitions/AWS::SES::ReceiptFilter.IpFilter", "markdownDescription": "A structure that provides the IP addresses to block or allow, and whether to block or allow incoming mail from them.", "title": "IpFilter" }, "Name": { "markdownDescription": "The name of the IP address filter. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), or dashes (-).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", "title": "Name", "type": "string" } }, "required": [ "IpFilter" ], "type": "object" }, "AWS::SES::ReceiptFilter.IpFilter": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "A single IP address or a range of IP addresses to block or allow, specified in Classless Inter-Domain Routing (CIDR) notation. An example of a single email address is 10.0.0.1. An example of a range of IP addresses is 10.0.0.1/24. For more information about CIDR notation, see [RFC 2317](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc2317) .", "title": "Cidr", "type": "string" }, "Policy": { "markdownDescription": "Indicates whether to block or allow incoming mail from the specified IP addresses.", "title": "Policy", "type": "string" } }, "required": [ "Cidr", "Policy" ], "type": "object" }, "AWS::SES::ReceiptRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "After": { "markdownDescription": "The name of an existing rule after which the new rule is placed. If this parameter is null, the new rule is inserted at the beginning of the rule list.", "title": "After", "type": "string" }, "Rule": { "$ref": "#/definitions/AWS::SES::ReceiptRule.Rule", "markdownDescription": "A data structure that contains the specified rule's name, actions, recipients, domains, enabled status, scan status, and TLS policy.", "title": "Rule" }, "RuleSetName": { "markdownDescription": "The name of the rule set where the receipt rule is added.", "title": "RuleSetName", "type": "string" } }, "required": [ "Rule", "RuleSetName" ], "type": "object" }, "Type": { "enum": [ "AWS::SES::ReceiptRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SES::ReceiptRule.Action": { "additionalProperties": false, "properties": { "AddHeaderAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.AddHeaderAction", "markdownDescription": "Adds a header to the received email.", "title": "AddHeaderAction" }, "BounceAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.BounceAction", "markdownDescription": "Rejects the received email by returning a bounce response to the sender and, optionally, publishes a notification to Amazon Simple Notification Service (Amazon SNS).", "title": "BounceAction" }, "LambdaAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.LambdaAction", "markdownDescription": "Calls an AWS Lambda function, and optionally, publishes a notification to Amazon SNS.", "title": "LambdaAction" }, "S3Action": { "$ref": "#/definitions/AWS::SES::ReceiptRule.S3Action", "markdownDescription": "Saves the received message to an Amazon Simple Storage Service (Amazon S3) bucket and, optionally, publishes a notification to Amazon SNS.", "title": "S3Action" }, "SNSAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.SNSAction", "markdownDescription": "Publishes the email content within a notification to Amazon SNS.", "title": "SNSAction" }, "StopAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.StopAction", "markdownDescription": "Terminates the evaluation of the receipt rule set and optionally publishes a notification to Amazon SNS.", "title": "StopAction" }, "WorkmailAction": { "$ref": "#/definitions/AWS::SES::ReceiptRule.WorkmailAction", "markdownDescription": "Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS.", "title": "WorkmailAction" } }, "type": "object" }, "AWS::SES::ReceiptRule.AddHeaderAction": { "additionalProperties": false, "properties": { "HeaderName": { "markdownDescription": "The name of the header to add to the incoming message. The name must contain at least one character, and can contain up to 50 characters. It consists of alphanumeric ( `a\u2013z, A\u2013Z, 0\u20139` ) characters and dashes.", "title": "HeaderName", "type": "string" }, "HeaderValue": { "markdownDescription": "The content to include in the header. This value can contain up to 2048 characters. It can't contain newline ( `\\n` ) or carriage return ( `\\r` ) characters.", "title": "HeaderValue", "type": "string" } }, "required": [ "HeaderName", "HeaderValue" ], "type": "object" }, "AWS::SES::ReceiptRule.BounceAction": { "additionalProperties": false, "properties": { "Message": { "markdownDescription": "Human-readable text to include in the bounce message.", "title": "Message", "type": "string" }, "Sender": { "markdownDescription": "The email address of the sender of the bounced email. This is the address from which the bounce message is sent.", "title": "Sender", "type": "string" }, "SmtpReplyCode": { "markdownDescription": "The SMTP reply code, as defined by [RFC 5321](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5321) .", "title": "SmtpReplyCode", "type": "string" }, "StatusCode": { "markdownDescription": "The SMTP enhanced status code, as defined by [RFC 3463](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc3463) .", "title": "StatusCode", "type": "string" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the bounce action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "Message", "Sender", "SmtpReplyCode" ], "type": "object" }, "AWS::SES::ReceiptRule.LambdaAction": { "additionalProperties": false, "properties": { "FunctionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Lambda function. An example of an AWS Lambda function ARN is `arn:aws:lambda:us-west-2:account-id:function:MyFunction` . For more information about AWS Lambda, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/welcome.html) .", "title": "FunctionArn", "type": "string" }, "InvocationType": { "markdownDescription": "The invocation type of the AWS Lambda function. An invocation type of `RequestResponse` means that the execution of the function immediately results in a response, and a value of `Event` means that the function is invoked asynchronously. The default value is `Event` . For information about AWS Lambda invocation types, see the [AWS Lambda Developer Guide](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html) .\n\n> There is a 30-second timeout on `RequestResponse` invocations. You should use `Event` invocation in most cases. Use `RequestResponse` only to make a mail flow decision, such as whether to stop the receipt rule or the receipt rule set.", "title": "InvocationType", "type": "string" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the Lambda action is executed. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "FunctionArn" ], "type": "object" }, "AWS::SES::ReceiptRule.Rule": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::SES::ReceiptRule.Action" }, "markdownDescription": "An ordered list of actions to perform on messages that match at least one of the recipient email addresses or domains specified in the receipt rule.", "title": "Actions", "type": "array" }, "Enabled": { "markdownDescription": "If `true` , the receipt rule is active. The default value is `false` .", "title": "Enabled", "type": "boolean" }, "Name": { "markdownDescription": "The name of the receipt rule. The name must meet the following requirements:\n\n- Contain only ASCII letters (a-z, A-Z), numbers (0-9), underscores (_), dashes (-), or periods (.).\n- Start and end with a letter or number.\n- Contain 64 characters or fewer.", "title": "Name", "type": "string" }, "Recipients": { "items": { "type": "string" }, "markdownDescription": "The recipient domains and email addresses that the receipt rule applies to. If this field is not specified, this rule matches all recipients on all verified domains.", "title": "Recipients", "type": "array" }, "ScanEnabled": { "markdownDescription": "If `true` , then messages that this receipt rule applies to are scanned for spam and viruses. The default value is `false` .", "title": "ScanEnabled", "type": "boolean" }, "TlsPolicy": { "markdownDescription": "Specifies whether Amazon SES should require that incoming email is delivered over a connection encrypted with Transport Layer Security (TLS). If this parameter is set to `Require` , Amazon SES bounces emails that are not received over TLS. The default is `Optional` .\n\nValid Values: `Require | Optional`", "title": "TlsPolicy", "type": "string" } }, "type": "object" }, "AWS::SES::ReceiptRule.S3Action": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the Amazon S3 bucket for incoming email.", "title": "BucketName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The customer master key that Amazon SES should use to encrypt your emails before saving them to the Amazon S3 bucket. You can use the default master key or a custom master key that you created in AWS KMS as follows:\n\n- To use the default master key, provide an ARN in the form of `arn:aws:kms:REGION:ACCOUNT-ID-WITHOUT-HYPHENS:alias/aws/ses` . For example, if your AWS account ID is 123456789012 and you want to use the default master key in the US West (Oregon) Region, the ARN of the default master key would be `arn:aws:kms:us-west-2:123456789012:alias/aws/ses` . If you use the default master key, you don't need to perform any extra steps to give Amazon SES permission to use the key.\n- To use a custom master key that you created in AWS KMS, provide the ARN of the master key and ensure that you add a statement to your key's policy to give Amazon SES permission to use it. For more information about giving permissions, see the [Amazon SES Developer Guide](https://docs.aws.amazon.com/ses/latest/dg/receiving-email-permissions.html) .\n\nFor more information about key policies, see the [AWS KMS Developer Guide](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) . If you do not specify a master key, Amazon SES does not encrypt your emails.\n\n> Your mail is encrypted by Amazon SES using the Amazon S3 encryption client before the mail is submitted to Amazon S3 for storage. It is not encrypted using Amazon S3 server-side encryption. This means that you must use the Amazon S3 encryption client to decrypt the email after retrieving it from Amazon S3, as the service has no access to use your AWS KMS keys for decryption. This encryption client is currently available with the [AWS SDK for Java](https://docs.aws.amazon.com/sdk-for-java/) and [AWS SDK for Ruby](https://docs.aws.amazon.com/sdk-for-ruby/) only. For more information about client-side encryption using AWS KMS master keys, see the [Amazon S3 Developer Guide](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html) .", "title": "KmsKeyArn", "type": "string" }, "ObjectKeyPrefix": { "markdownDescription": "The key prefix of the Amazon S3 bucket. The key prefix is similar to a directory name that enables you to store similar data under the same directory in a bucket.", "title": "ObjectKeyPrefix", "type": "string" }, "TopicArn": { "markdownDescription": "The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::SES::ReceiptRule.SNSAction": { "additionalProperties": false, "properties": { "Encoding": { "markdownDescription": "The encoding to use for the email within the Amazon SNS notification. UTF-8 is easier to use, but may not preserve all special characters when a message was encoded with a different encoding format. Base64 preserves all special characters. The default value is UTF-8.", "title": "Encoding", "type": "string" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "type": "object" }, "AWS::SES::ReceiptRule.StopAction": { "additionalProperties": false, "properties": { "Scope": { "markdownDescription": "The scope of the StopAction. The only acceptable value is `RuleSet` .", "title": "Scope", "type": "string" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "Scope" ], "type": "object" }, "AWS::SES::ReceiptRule.WorkmailAction": { "additionalProperties": false, "properties": { "OrganizationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon WorkMail organization. Amazon WorkMail ARNs use the following format:\n\n`arn:aws:workmail:::organization/`\n\nYou can find the ID of your organization by using the [ListOrganizations](https://docs.aws.amazon.com/workmail/latest/APIReference/API_ListOrganizations.html) operation in Amazon WorkMail. Amazon WorkMail organization IDs begin with \" `m-` \", followed by a string of alphanumeric characters.\n\nFor information about Amazon WorkMail organizations, see the [Amazon WorkMail Administrator Guide](https://docs.aws.amazon.com/workmail/latest/adminguide/organizations_overview.html) .", "title": "OrganizationArn", "type": "string" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) operation in Amazon SNS.\n\nFor more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) .", "title": "TopicArn", "type": "string" } }, "required": [ "OrganizationArn" ], "type": "object" }, "AWS::SES::ReceiptRuleSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "RuleSetName": { "markdownDescription": "The name of the receipt rule set to make active. Setting this value to null disables all email receiving.", "title": "RuleSetName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::ReceiptRuleSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::Template": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Template": { "$ref": "#/definitions/AWS::SES::Template.Template", "markdownDescription": "The content of the email, composed of a subject line and either an HTML part or a text-only part.", "title": "Template" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::Template" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::Template.Template": { "additionalProperties": false, "properties": { "HtmlPart": { "markdownDescription": "The HTML body of the email.", "title": "HtmlPart", "type": "string" }, "SubjectPart": { "markdownDescription": "The subject line of the email.", "title": "SubjectPart", "type": "string" }, "TemplateName": { "markdownDescription": "The name of the template. You will refer to this name when you send email using the `SendTemplatedEmail` or `SendBulkTemplatedEmail` operations.", "title": "TemplateName", "type": "string" }, "TextPart": { "markdownDescription": "The email body that is visible to recipients whose email clients do not display HTML content.", "title": "TextPart", "type": "string" } }, "required": [ "SubjectPart" ], "type": "object" }, "AWS::SES::VdmAttributes": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DashboardAttributes": { "$ref": "#/definitions/AWS::SES::VdmAttributes.DashboardAttributes", "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Dashboard.", "title": "DashboardAttributes" }, "GuardianAttributes": { "$ref": "#/definitions/AWS::SES::VdmAttributes.GuardianAttributes", "markdownDescription": "Specifies additional settings for your VDM configuration as applicable to the Guardian.", "title": "GuardianAttributes" } }, "type": "object" }, "Type": { "enum": [ "AWS::SES::VdmAttributes" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SES::VdmAttributes.DashboardAttributes": { "additionalProperties": false, "properties": { "EngagementMetrics": { "markdownDescription": "Specifies the status of your VDM engagement metrics collection. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables engagement metrics for your account.\n- `DISABLED` \u2013 Amazon SES disables engagement metrics for your account.", "title": "EngagementMetrics", "type": "string" } }, "type": "object" }, "AWS::SES::VdmAttributes.GuardianAttributes": { "additionalProperties": false, "properties": { "OptimizedSharedDelivery": { "markdownDescription": "Specifies the status of your VDM optimized shared delivery. Can be one of the following:\n\n- `ENABLED` \u2013 Amazon SES enables optimized shared delivery for your account.\n- `DISABLED` \u2013 Amazon SES disables optimized shared delivery for your account.", "title": "OptimizedSharedDelivery", "type": "string" } }, "type": "object" }, "AWS::SNS::Subscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeliveryPolicy": { "markdownDescription": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message delivery retries](https://docs.aws.amazon.com/sns/latest/dg/sns-message-delivery-retries.html) in the *Amazon SNS Developer Guide* .", "title": "DeliveryPolicy", "type": "object" }, "Endpoint": { "markdownDescription": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", "title": "Endpoint", "type": "string" }, "FilterPolicy": { "markdownDescription": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* and [Message filtering](https://docs.aws.amazon.com/sns/latest/dg/sns-message-filtering.html) in the *Amazon SNS Developer Guide* .", "title": "FilterPolicy", "type": "object" }, "FilterPolicyScope": { "markdownDescription": "This attribute lets you choose the filtering scope by using one of the following string value types:\n\n- `MessageAttributes` (default) - The filter is applied on the message attributes.\n- `MessageBody` - The filter is applied on the message body.", "title": "FilterPolicyScope", "type": "string" }, "Protocol": { "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", "title": "Protocol", "type": "string" }, "RawMessageDelivery": { "markdownDescription": "When set to `true` , enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints. For more information, see `[GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html)` in the *Amazon SNS API Reference* .", "title": "RawMessageDelivery", "type": "boolean" }, "RedrivePolicy": { "markdownDescription": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors (for example, when the subscribed endpoint is unreachable) or server errors (for example, when the service that powers the subscribed endpoint becomes unavailable) are held in the dead-letter queue for further analysis or reprocessing.\n\nFor more information about the redrive policy and dead-letter queues, see [Amazon SQS dead-letter queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html) in the *Amazon SQS Developer Guide* .", "title": "RedrivePolicy", "type": "object" }, "Region": { "markdownDescription": "For cross-region subscriptions, the region in which the topic resides.\n\nIf no region is specified, AWS CloudFormation uses the region of the caller as the default.\n\nIf you perform an update operation that only updates the `Region` property of a `AWS::SNS::Subscription` resource, that operation will fail unless you are either:\n\n- Updating the `Region` from `NULL` to the caller region.\n- Updating the `Region` from the caller region to `NULL` .", "title": "Region", "type": "string" }, "ReplayPolicy": { "markdownDescription": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.", "title": "ReplayPolicy", "type": "object" }, "SubscriptionRoleArn": { "markdownDescription": "This property applies only to Amazon Data Firehose delivery stream subscriptions. Specify the ARN of the IAM role that has the following:\n\n- Permission to write to the Amazon Data Firehose delivery stream\n- Amazon SNS listed as a trusted entity\n\nSpecifying a valid ARN for this attribute is required for Firehose delivery stream subscriptions. For more information, see [Fanout to Amazon Data Firehose delivery streams](https://docs.aws.amazon.com/sns/latest/dg/sns-firehose-as-subscriber.html) in the *Amazon SNS Developer Guide.*", "title": "SubscriptionRoleArn", "type": "string" }, "TopicArn": { "markdownDescription": "The ARN of the topic to subscribe to.", "title": "TopicArn", "type": "string" } }, "required": [ "Protocol", "TopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SNS::Subscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SNS::Topic": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ArchivePolicy": { "markdownDescription": "The archive policy determines the number of days Amazon SNS retains messages. You can set a retention period from 1 to 365 days.", "title": "ArchivePolicy", "type": "object" }, "ContentBasedDeduplication": { "markdownDescription": "Enables content-based deduplication for FIFO topics.\n\n- By default, `ContentBasedDeduplication` is set to `false` . If you create a FIFO topic and this attribute is `false` , you must specify a value for the `MessageDeduplicationId` parameter for the [Publish](https://docs.aws.amazon.com/sns/latest/api/API_Publish.html) action.\n- When you set `ContentBasedDeduplication` to `true` , Amazon SNS uses a SHA-256 hash to generate the `MessageDeduplicationId` using the body of the message (but not the attributes of the message).\n\n(Optional) To override the generated value, you can specify a value for the the `MessageDeduplicationId` parameter for the `Publish` action.", "title": "ContentBasedDeduplication", "type": "boolean" }, "DataProtectionPolicy": { "markdownDescription": "The body of the policy document you want to use for this topic.\n\nYou can only add one policy per topic.\n\nThe policy must be in JSON string format.\n\nLength Constraints: Maximum length of 30,720.", "title": "DataProtectionPolicy", "type": "object" }, "DeliveryStatusLogging": { "items": { "$ref": "#/definitions/AWS::SNS::Topic.LoggingConfig" }, "markdownDescription": "The `DeliveryStatusLogging` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n\n- HTTP\n- Amazon Kinesis Data Firehose\n- AWS Lambda\n- Platform application endpoint\n- Amazon Simple Queue Service\n\nOnce configured, log entries are sent to Amazon CloudWatch Logs.", "title": "DeliveryStatusLogging", "type": "array" }, "DisplayName": { "markdownDescription": "The display name to use for an Amazon SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.", "title": "DisplayName", "type": "string" }, "FifoTopic": { "markdownDescription": "Set to true to create a FIFO topic.", "title": "FifoTopic", "type": "boolean" }, "KmsMasterKeyId": { "markdownDescription": "The ID of an AWS managed customer master key (CMK) for Amazon SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms) . For more examples, see `[KeyId](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)` in the *AWS Key Management Service API Reference* .\n\nThis property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html) .", "title": "KmsMasterKeyId", "type": "string" }, "SignatureVersion": { "markdownDescription": "The signature version corresponds to the hashing algorithm used while creating the signature of the notifications, subscription confirmations, or unsubscribe confirmation messages sent by Amazon SNS. By default, `SignatureVersion` is set to `1` .", "title": "SignatureVersion", "type": "string" }, "Subscription": { "items": { "$ref": "#/definitions/AWS::SNS::Topic.Subscription" }, "markdownDescription": "The Amazon SNS subscriptions (endpoints) for this topic.\n\n> If you specify the `Subscription` property in the `AWS::SNS::Topic` resource and it creates an associated subscription resource, the associated subscription is not deleted when the `AWS::SNS::Topic` resource is deleted.", "title": "Subscription", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of tags to add to a new topic.\n\n> To be able to tag a topic on creation, you must have the `sns:CreateTopic` and `sns:TagResource` permissions.", "title": "Tags", "type": "array" }, "TopicName": { "markdownDescription": "The name of the topic you want to create. Topic names must include only uppercase and lowercase ASCII letters, numbers, underscores, and hyphens, and must be between 1 and 256 characters long. FIFO topic names must end with `.fifo` .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the topic name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "TopicName", "type": "string" }, "TracingConfig": { "markdownDescription": "Tracing mode of an Amazon SNS topic. By default `TracingConfig` is set to `PassThrough` , and the topic passes through the tracing header it receives from an Amazon SNS publisher to its subscriptions. If set to `Active` , Amazon SNS will vend X-Ray segment data to topic owner account if the sampled flag in the tracing header is true.", "title": "TracingConfig", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::SNS::Topic" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SNS::Topic.LoggingConfig": { "additionalProperties": false, "properties": { "FailureFeedbackRoleArn": { "markdownDescription": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.", "title": "FailureFeedbackRoleArn", "type": "string" }, "Protocol": { "markdownDescription": "Indicates one of the supported protocols for the Amazon SNS topic.\n\n> At least one of the other three `LoggingConfig` properties is recommend along with `Protocol` .", "title": "Protocol", "type": "string" }, "SuccessFeedbackRoleArn": { "markdownDescription": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.", "title": "SuccessFeedbackRoleArn", "type": "string" }, "SuccessFeedbackSampleRate": { "markdownDescription": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.", "title": "SuccessFeedbackSampleRate", "type": "string" } }, "required": [ "Protocol" ], "type": "object" }, "AWS::SNS::Topic.Subscription": { "additionalProperties": false, "properties": { "Endpoint": { "markdownDescription": "The endpoint that receives notifications from the Amazon SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the `Endpoint` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", "title": "Endpoint", "type": "string" }, "Protocol": { "markdownDescription": "The subscription's protocol. For more information, see the `Protocol` parameter of the `[Subscribe](https://docs.aws.amazon.com/sns/latest/api/API_Subscribe.html)` action in the *Amazon SNS API Reference* .", "title": "Protocol", "type": "string" } }, "required": [ "Endpoint", "Protocol" ], "type": "object" }, "AWS::SNS::TopicInlinePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A policy document that contains permissions to add to the specified Amazon SNS topic.", "title": "PolicyDocument", "type": "object" }, "TopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the topic to which you want to add the policy.", "title": "TopicArn", "type": "string" } }, "required": [ "PolicyDocument", "TopicArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SNS::TopicInlinePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SNS::TopicPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A policy document that contains permissions to add to the specified SNS topics.", "title": "PolicyDocument", "type": "object" }, "Topics": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARN) of the topics to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html)` resource.", "title": "Topics", "type": "array" } }, "required": [ "PolicyDocument", "Topics" ], "type": "object" }, "Type": { "enum": [ "AWS::SNS::TopicPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SQS::Queue": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContentBasedDeduplication": { "markdownDescription": "For first-in-first-out (FIFO) queues, specifies whether to enable content-based deduplication. During the deduplication interval, Amazon SQS treats messages that are sent with identical content as duplicates and delivers only one copy of the message. For more information, see the `ContentBasedDeduplication` attribute for the `[CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html)` action in the *Amazon SQS API Reference* .", "title": "ContentBasedDeduplication", "type": "boolean" }, "DeduplicationScope": { "markdownDescription": "For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. Valid values are `messageGroup` and `queue` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `messageGroup` *and* set the `FifoThroughputLimit` attribute to `perMessageGroupId` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", "title": "DeduplicationScope", "type": "string" }, "DelaySeconds": { "markdownDescription": "The time in seconds for which the delivery of all messages in the queue is delayed. You can specify an integer value of `0` to `900` (15 minutes). The default value is `0` .", "title": "DelaySeconds", "type": "number" }, "FifoQueue": { "markdownDescription": "If set to true, creates a FIFO queue. If you don't specify this property, Amazon SQS creates a standard queue. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Amazon SQS Developer Guide* .", "title": "FifoQueue", "type": "boolean" }, "FifoThroughputLimit": { "markdownDescription": "For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. Valid values are `perQueue` and `perMessageGroupId` .\n\nTo enable high throughput for a FIFO queue, set this attribute to `perMessageGroupId` *and* set the `DeduplicationScope` attribute to `messageGroup` . If you set these attributes to anything other than these values, normal throughput is in effect and deduplication occurs as specified. For more information, see [High throughput for FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/high-throughput-fifo.html) and [Quotas related to messages](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/quotas-messages.html) in the *Amazon SQS Developer Guide* .", "title": "FifoThroughputLimit", "type": "string" }, "KmsDataKeyReusePeriodSeconds": { "markdownDescription": "The length of time in seconds for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).\n\n> A shorter time period provides better security, but results in more calls to AWS KMS , which might incur charges after Free Tier. For more information, see [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work) in the *Amazon SQS Developer Guide* .", "title": "KmsDataKeyReusePeriodSeconds", "type": "number" }, "KmsMasterKeyId": { "markdownDescription": "The ID of an AWS Key Management Service (KMS) for Amazon SQS , or a custom KMS. To use the AWS managed KMS for Amazon SQS , specify a (default) alias ARN, alias name (e.g. `alias/aws/sqs` ), key ARN, or key ID. For more information, see the following:\n\n- [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Amazon SQS Developer Guide*\n- [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *Amazon SQS API Reference*\n- [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *AWS Key Management Service API Reference*\n- The Key Management Service (KMS) section of the [AWS Key Management Service Best Practices](https://docs.aws.amazon.com/https://d0.awsstatic.com/whitepapers/aws-kms-best-practices.pdf) whitepaper", "title": "KmsMasterKeyId", "type": "string" }, "MaximumMessageSize": { "markdownDescription": "The limit of how many bytes that a message can contain before Amazon SQS rejects it. You can specify an integer value from `1,024` bytes (1 KiB) to `262,144` bytes (256 KiB). The default value is `262,144` (256 KiB).", "title": "MaximumMessageSize", "type": "number" }, "MessageRetentionPeriod": { "markdownDescription": "The number of seconds that Amazon SQS retains a message. You can specify an integer value from `60` seconds (1 minute) to `1,209,600` seconds (14 days). The default value is `345,600` seconds (4 days).", "title": "MessageRetentionPeriod", "type": "number" }, "QueueName": { "markdownDescription": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the `.fifo` suffix. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Amazon SQS Developer Guide* .\n\nIf you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *AWS CloudFormation User Guide* .\n\n> If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "QueueName", "type": "string" }, "ReceiveMessageWaitTimeSeconds": { "markdownDescription": "Specifies the duration, in seconds, that the ReceiveMessage action call waits until a message is in the queue in order to include it in the response, rather than returning an empty response if a message isn't yet available. You can specify an integer from 1 to 20. Short polling is used as the default or when you specify 0 for this property. For more information, see [Consuming messages using long polling](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-short-and-long-polling.html#sqs-long-polling) in the *Amazon SQS Developer Guide* .", "title": "ReceiveMessageWaitTimeSeconds", "type": "number" }, "RedriveAllowPolicy": { "markdownDescription": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n\n- `redrivePermission` : The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n\n- `allowAll` : (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n- `denyAll` : No source queues can specify this queue as the dead-letter queue.\n- `byQueue` : Only queues specified by the `sourceQueueArns` parameter can specify this queue as the dead-letter queue.\n- `sourceQueueArns` : The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the `redrivePermission` parameter is set to `byQueue` . You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the `redrivePermission` parameter to `allowAll` .", "title": "RedriveAllowPolicy", "type": "object" }, "RedrivePolicy": { "markdownDescription": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n\n- `deadLetterTargetArn` : The Amazon Resource Name (ARN) of the dead-letter queue to which Amazon SQS moves messages after the value of `maxReceiveCount` is exceeded.\n- `maxReceiveCount` : The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the `ReceiveCount` for a message exceeds the `maxReceiveCount` for a queue, Amazon SQS moves the message to the dead-letter-queue.\n\n> The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue. \n\n*JSON*\n\n`{ \"deadLetterTargetArn\" : *String* , \"maxReceiveCount\" : *Integer* }`\n\n*YAML*\n\n`deadLetterTargetArn : *String*`\n\n`maxReceiveCount : *Integer*`", "title": "RedrivePolicy", "type": "object" }, "SqsManagedSseEnabled": { "markdownDescription": "Enables server-side queue encryption using SQS owned encryption keys. Only one server-side encryption option is supported per queue (for example, [SSE-KMS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sse-existing-queue.html) or [SSE-SQS](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-configure-sqs-sse-queue.html) ). When `SqsManagedSseEnabled` is not defined, `SSE-SQS` encryption is enabled by default.", "title": "SqsManagedSseEnabled", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags that you attach to this queue. For more information, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide* .", "title": "Tags", "type": "array" }, "VisibilityTimeout": { "markdownDescription": "The length of time during which a message will be unavailable after a message is delivered from the queue. This blocks other components from receiving the same message and gives the initial component time to process and delete the message from the queue.\n\nValues must be from 0 to 43,200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.\n\nFor more information about Amazon SQS queue visibility timeouts, see [Visibility timeout](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html) in the *Amazon SQS Developer Guide* .", "title": "VisibilityTimeout", "type": "number" } }, "type": "object" }, "Type": { "enum": [ "AWS::SQS::Queue" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SQS::QueueInlinePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", "title": "PolicyDocument", "type": "object" }, "Queue": { "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html)` resource.", "title": "Queue", "type": "string" } }, "required": [ "PolicyDocument", "Queue" ], "type": "object" }, "Type": { "enum": [ "AWS::SQS::QueueInlinePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SQS::QueuePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PolicyDocument": { "markdownDescription": "A policy document that contains the permissions for the specified Amazon SQS queues. For more information about Amazon SQS policies, see [Using custom policies with the Amazon SQS access policy language](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-creating-custom-policies.html) in the *Amazon SQS Developer Guide* .", "title": "PolicyDocument", "type": "object" }, "Queues": { "items": { "type": "string" }, "markdownDescription": "The URLs of the queues to which you want to add the policy. You can use the `[Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)` function to specify an `[AWS::SQS::Queue](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sqs-queue.html)` resource.", "title": "Queues", "type": "array" } }, "required": [ "PolicyDocument", "Queues" ], "type": "object" }, "Type": { "enum": [ "AWS::SQS::QueuePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::Association": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplyOnlyAtCronInterval": { "markdownDescription": "By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.", "title": "ApplyOnlyAtCronInterval", "type": "boolean" }, "AssociationName": { "markdownDescription": "Specify a descriptive name for the association.", "title": "AssociationName", "type": "string" }, "AutomationTargetParameterName": { "markdownDescription": "Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager .", "title": "AutomationTargetParameterName", "type": "string" }, "CalendarNames": { "items": { "type": "string" }, "markdownDescription": "The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) .", "title": "CalendarNames", "type": "array" }, "ComplianceSeverity": { "markdownDescription": "The severity level that is assigned to the association.", "title": "ComplianceSeverity", "type": "string" }, "DocumentVersion": { "markdownDescription": "The version of the SSM document to associate with the target.\n\n> Note the following important information.\n> \n> - State Manager doesn't support running associations that use a new version of a document if that document is shared from another account. State Manager always runs the `default` version of a document if shared from another account, even though the Systems Manager console shows that a new version was processed. If you want to run an association using a new version of a document shared form another account, you must set the document version to `default` .\n> - `DocumentVersion` is not valid for documents owned by AWS , such as `AWS-RunPatchBaseline` or `AWS-UpdateSSMAgent` . If you specify `DocumentVersion` for an AWS document, the system returns the following error: \"Error occurred during operation 'CreateAssociation'.\" (RequestToken: , HandlerErrorCode: GeneralServiceException).", "title": "DocumentVersion", "type": "string" }, "InstanceId": { "markdownDescription": "The ID of the instance that the SSM document is associated with. You must specify the `InstanceId` or `Targets` property.\n\n> `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.", "title": "InstanceId", "type": "string" }, "MaxConcurrency": { "markdownDescription": "The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.\n\nIf a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .", "title": "MaxConcurrency", "type": "string" }, "MaxErrors": { "markdownDescription": "The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.\n\nExecutions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.", "title": "MaxErrors", "type": "string" }, "Name": { "markdownDescription": "The name of the SSM document that contains the configuration information for the instance. You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:\n\n`arn:partition:ssm:region:account-id:document/document-name`\n\nFor example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`\n\nFor AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, `AWS -ApplyPatchBaseline` or `My-Document` .", "title": "Name", "type": "string" }, "OutputLocation": { "$ref": "#/definitions/AWS::SSM::Association.InstanceAssociationOutputLocation", "markdownDescription": "An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.", "title": "OutputLocation" }, "Parameters": { "markdownDescription": "The parameters for the runtime configuration of the document.", "title": "Parameters", "type": "object" }, "ScheduleExpression": { "markdownDescription": "A cron expression that specifies a schedule when the association runs. The schedule runs in Coordinated Universal Time (UTC).", "title": "ScheduleExpression", "type": "string" }, "ScheduleOffset": { "markdownDescription": "Number of days to wait after the scheduled day to run an association.", "title": "ScheduleOffset", "type": "number" }, "SyncCompliance": { "markdownDescription": "The mode for generating association compliance. You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .\n\nIn `MANUAL` mode, you must specify the `AssociationId` as a parameter for the `PutComplianceItems` API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the `PutComplianceItems` API action.\n\nBy default, all associations use `AUTO` mode.", "title": "SyncCompliance", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::SSM::Association.Target" }, "markdownDescription": "The targets for the association. You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying t he `InstanceIds` key with a value of `*` .\n\nSupported formats include the following.\n\n- `Key=InstanceIds,Values=,,`\n- `Key=tag-key,Values=,`\n\nTo view a JSON and a YAML example that targets all instances, see \"Create an association for all managed instances in an AWS account \" on the Examples page.", "title": "Targets", "type": "array" }, "WaitForSuccessTimeoutSeconds": { "markdownDescription": "The number of seconds the service should wait for the association status to show \"Success\" before proceeding with the stack execution. If the association status doesn't show \"Success\" after the specified number of seconds, then stack creation fails.\n\n> When you specify a value for the `WaitForSuccessTimeoutSeconds` , [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html) for your AWS CloudFormation stack\u2019s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don\u2019t include `WaitForSuccessTimeoutSeconds` in your template.", "title": "WaitForSuccessTimeoutSeconds", "type": "number" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::Association" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::Association.InstanceAssociationOutputLocation": { "additionalProperties": false, "properties": { "S3Location": { "$ref": "#/definitions/AWS::SSM::Association.S3OutputLocation", "markdownDescription": "`S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.", "title": "S3Location" } }, "type": "object" }, "AWS::SSM::Association.S3OutputLocation": { "additionalProperties": false, "properties": { "OutputS3BucketName": { "markdownDescription": "The name of the S3 bucket.", "title": "OutputS3BucketName", "type": "string" }, "OutputS3KeyPrefix": { "markdownDescription": "The S3 bucket subfolder.", "title": "OutputS3KeyPrefix", "type": "string" }, "OutputS3Region": { "markdownDescription": "The AWS Region of the S3 bucket.", "title": "OutputS3Region", "type": "string" } }, "type": "object" }, "AWS::SSM::Association.Target": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", "title": "Values", "type": "array" } }, "required": [ "Key", "Values" ], "type": "object" }, "AWS::SSM::Document": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Attachments": { "items": { "$ref": "#/definitions/AWS::SSM::Document.AttachmentsSource" }, "markdownDescription": "A list of key-value pairs that describe attachments to a version of a document.", "title": "Attachments", "type": "array" }, "Content": { "markdownDescription": "The content for the new SSM document in JSON or YAML. For more information about the schemas for SSM document content, see [SSM document schema features and examples](https://docs.aws.amazon.com/systems-manager/latest/userguide/document-schemas-features.html) in the *AWS Systems Manager User Guide* .\n\n> This parameter also supports `String` data types.", "title": "Content", "type": "object" }, "DocumentFormat": { "markdownDescription": "Specify the document format for the request. `JSON` is the default format.", "title": "DocumentFormat", "type": "string" }, "DocumentType": { "markdownDescription": "The type of document to create.", "title": "DocumentType", "type": "string" }, "Name": { "markdownDescription": "A name for the SSM document.\n\n> You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:\n> \n> - `aws`\n> - `amazon`\n> - `amzn`\n> - `AWSEC2`\n> - `AWSConfigRemediation`\n> - `AWSSupport`", "title": "Name", "type": "string" }, "Requires": { "items": { "$ref": "#/definitions/AWS::SSM::Document.DocumentRequires" }, "markdownDescription": "A list of SSM documents required by a document. This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .", "title": "Requires", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "AWS CloudFormation resource tags to apply to the document. Use tags to help you identify and categorize resources.", "title": "Tags", "type": "array" }, "TargetType": { "markdownDescription": "Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .", "title": "TargetType", "type": "string" }, "UpdateMethod": { "markdownDescription": "If the document resource you specify in your template already exists, this parameter determines whether a new version of the existing document is created, or the existing document is replaced. `Replace` is the default method. If you specify `NewVersion` for the `UpdateMethod` parameter, and the `Name` of the document does not match an existing resource, a new document is created. When you specify `NewVersion` , the default version of the document is changed to the newly created version.", "title": "UpdateMethod", "type": "string" }, "VersionName": { "markdownDescription": "An optional field specifying the version of the artifact you are creating with the document. For example, `Release12.1` . This value is unique across all versions of a document, and can't be changed.", "title": "VersionName", "type": "string" } }, "required": [ "Content" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::Document" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::Document.AttachmentsSource": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key of a key-value pair that identifies the location of an attachment to a document.", "title": "Key", "type": "string" }, "Name": { "markdownDescription": "The name of the document attachment file.", "title": "Name", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The value of a key-value pair that identifies the location of an attachment to a document. The format for *Value* depends on the type of key you specify.\n\n- For the key *SourceUrl* , the value is an S3 bucket location. For example:\n\n`\"Values\": [ \"s3://doc-example-bucket/my-folder\" ]`\n- For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:\n\n`\"Values\": [ \"s3://doc-example-bucket/my-folder/my-file.py\" ]`\n- For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:\n\n`\"Values\": [ \"MyOtherDocument/3/my-other-file.py\" ]`\n\nHowever, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:\n\n`\"Values\": [ \"arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py\" ]`", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::SSM::Document.DocumentRequires": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the required SSM document. The name can be an Amazon Resource Name (ARN).", "title": "Name", "type": "string" }, "Version": { "markdownDescription": "The document version required by the current document.", "title": "Version", "type": "string" } }, "type": "object" }, "AWS::SSM::MaintenanceWindow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowUnassociatedTargets": { "markdownDescription": "Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.", "title": "AllowUnassociatedTargets", "type": "boolean" }, "Cutoff": { "markdownDescription": "The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.", "title": "Cutoff", "type": "number" }, "Description": { "markdownDescription": "A description of the maintenance window.", "title": "Description", "type": "string" }, "Duration": { "markdownDescription": "The duration of the maintenance window in hours.", "title": "Duration", "type": "number" }, "EndDate": { "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.", "title": "EndDate", "type": "string" }, "Name": { "markdownDescription": "The name of the maintenance window.", "title": "Name", "type": "string" }, "Schedule": { "markdownDescription": "The schedule of the maintenance window in the form of a cron or rate expression.", "title": "Schedule", "type": "string" }, "ScheduleOffset": { "markdownDescription": "The number of days to wait to run a maintenance window after the scheduled cron expression date and time.", "title": "ScheduleOffset", "type": "number" }, "ScheduleTimezone": { "markdownDescription": "The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.", "title": "ScheduleTimezone", "type": "string" }, "StartDate": { "markdownDescription": "The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. `StartDate` allows you to delay activation of the maintenance window until the specified future date.", "title": "StartDate", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.", "title": "Tags", "type": "array" } }, "required": [ "AllowUnassociatedTargets", "Cutoff", "Duration", "Name", "Schedule" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::MaintenanceWindow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTarget": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the target.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name for the maintenance window target.", "title": "Name", "type": "string" }, "OwnerInformation": { "markdownDescription": "A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.", "title": "OwnerInformation", "type": "string" }, "ResourceType": { "markdownDescription": "The type of target that is being registered with the maintenance window.", "title": "ResourceType", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget.Targets" }, "markdownDescription": "The targets to register with the maintenance window. In other words, the instances to run commands on when the maintenance window runs.\n\nYou must specify targets by using the `WindowTargetIds` parameter.", "title": "Targets", "type": "array" }, "WindowId": { "markdownDescription": "The ID of the maintenance window to register the target with.", "title": "WindowId", "type": "string" } }, "required": [ "ResourceType", "Targets", "WindowId" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::MaintenanceWindowTarget" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTarget.Targets": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "User-defined criteria for sending commands that target managed nodes that meet the criteria.", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .\n\nDepending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.", "title": "Values", "type": "array" } }, "required": [ "Key", "Values" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTask": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CutoffBehavior": { "markdownDescription": "The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.", "title": "CutoffBehavior", "type": "string" }, "Description": { "markdownDescription": "A description of the task.", "title": "Description", "type": "string" }, "LoggingInfo": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.LoggingInfo", "markdownDescription": "Information about an Amazon S3 bucket to write Run Command task-level logs to.\n\n> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs for Run Command tasks, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS ::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) .", "title": "LoggingInfo" }, "MaxConcurrency": { "markdownDescription": "The maximum number of targets this task can be run for, in parallel.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "title": "MaxConcurrency", "type": "string" }, "MaxErrors": { "markdownDescription": "The maximum number of errors allowed before this task stops being scheduled.\n\n> Although this element is listed as \"Required: No\", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.\n> \n> For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.", "title": "MaxErrors", "type": "string" }, "Name": { "markdownDescription": "The task name.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "The priority of the task in the maintenance window. The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.", "title": "Priority", "type": "number" }, "ServiceRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up maintenance windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", "title": "ServiceRoleArn", "type": "string" }, "Targets": { "items": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.Target" }, "markdownDescription": "The targets, either instances or window target IDs.\n\n- Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .\n- Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .", "title": "Targets", "type": "array" }, "TaskArn": { "markdownDescription": "The resource that the task uses during execution.\n\nFor `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).\n\nFor `LAMBDA` tasks, `TaskArn` is the function name or ARN.\n\nFor `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.", "title": "TaskArn", "type": "string" }, "TaskInvocationParameters": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters", "markdownDescription": "The parameters to pass to the task when it runs. Populate only the fields that match the task type. All other fields should be empty.\n\n> When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.", "title": "TaskInvocationParameters" }, "TaskParameters": { "markdownDescription": "The parameters to pass to the task when it runs.\n\n> `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .", "title": "TaskParameters", "type": "object" }, "TaskType": { "markdownDescription": "The type of task. Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .", "title": "TaskType", "type": "string" }, "WindowId": { "markdownDescription": "The ID of the maintenance window where the task is registered.", "title": "WindowId", "type": "string" } }, "required": [ "Priority", "TaskArn", "TaskType", "WindowId" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::MaintenanceWindowTask" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig": { "additionalProperties": false, "properties": { "CloudWatchLogGroupName": { "markdownDescription": "The name of the CloudWatch Logs log group where you want to send command output. If you don't specify a group name, AWS Systems Manager automatically creates a log group for you. The log group uses the following naming format:\n\n`aws/ssm/ *SystemsManagerDocumentName*`", "title": "CloudWatchLogGroupName", "type": "string" }, "CloudWatchOutputEnabled": { "markdownDescription": "Enables Systems Manager to send command output to CloudWatch Logs.", "title": "CloudWatchOutputEnabled", "type": "boolean" } }, "type": "object" }, "AWS::SSM::MaintenanceWindowTask.LoggingInfo": { "additionalProperties": false, "properties": { "Region": { "markdownDescription": "The AWS Region where the S3 bucket is located.", "title": "Region", "type": "string" }, "S3Bucket": { "markdownDescription": "The name of an S3 bucket where execution logs are stored.", "title": "S3Bucket", "type": "string" }, "S3Prefix": { "markdownDescription": "The Amazon S3 bucket subfolder.", "title": "S3Prefix", "type": "string" } }, "required": [ "Region", "S3Bucket" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters": { "additionalProperties": false, "properties": { "DocumentVersion": { "markdownDescription": "The version of an Automation runbook to use during task execution.", "title": "DocumentVersion", "type": "string" }, "Parameters": { "markdownDescription": "The parameters for the `AUTOMATION` type task.", "title": "Parameters", "type": "object" } }, "type": "object" }, "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters": { "additionalProperties": false, "properties": { "ClientContext": { "markdownDescription": "Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function.", "title": "ClientContext", "type": "string" }, "Payload": { "markdownDescription": "JSON to provide to your AWS Lambda function as input.\n\n> Although `Type` is listed as \"String\" for this property, the payload content must be formatted as a Base64-encoded binary data object. \n\n*Length Constraint:* 4096", "title": "Payload", "type": "string" }, "Qualifier": { "markdownDescription": "An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.", "title": "Qualifier", "type": "string" } }, "type": "object" }, "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters": { "additionalProperties": false, "properties": { "CloudWatchOutputConfig": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.CloudWatchOutputConfig", "markdownDescription": "Configuration options for sending command output to Amazon CloudWatch Logs.", "title": "CloudWatchOutputConfig" }, "Comment": { "markdownDescription": "Information about the command or commands to run.", "title": "Comment", "type": "string" }, "DocumentHash": { "markdownDescription": "The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.", "title": "DocumentHash", "type": "string" }, "DocumentHashType": { "markdownDescription": "The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.", "title": "DocumentHashType", "type": "string" }, "DocumentVersion": { "markdownDescription": "The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:\n\n`--document-version \"\\$DEFAULT\"`\n\n`--document-version \"\\$LATEST\"`\n\n`--document-version \"3\"`", "title": "DocumentVersion", "type": "string" }, "NotificationConfig": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.NotificationConfig", "markdownDescription": "Configurations for sending notifications about command status changes on a per-managed node basis.", "title": "NotificationConfig" }, "OutputS3BucketName": { "markdownDescription": "The name of the Amazon Simple Storage Service (Amazon S3) bucket.", "title": "OutputS3BucketName", "type": "string" }, "OutputS3KeyPrefix": { "markdownDescription": "The S3 bucket subfolder.", "title": "OutputS3KeyPrefix", "type": "string" }, "Parameters": { "markdownDescription": "The parameters for the `RUN_COMMAND` task execution.\n\nThe supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .", "title": "Parameters", "type": "object" }, "ServiceRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` .\n\nHowever, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up maintenance windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* .", "title": "ServiceRoleArn", "type": "string" }, "TimeoutSeconds": { "markdownDescription": "If this time is reached and the command hasn't already started running, it doesn't run.", "title": "TimeoutSeconds", "type": "number" } }, "type": "object" }, "AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters": { "additionalProperties": false, "properties": { "Input": { "markdownDescription": "The inputs for the `STEP_FUNCTIONS` task.", "title": "Input", "type": "string" }, "Name": { "markdownDescription": "The name of the `STEP_FUNCTIONS` task.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::SSM::MaintenanceWindowTask.NotificationConfig": { "additionalProperties": false, "properties": { "NotificationArn": { "markdownDescription": "An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic.", "title": "NotificationArn", "type": "string" }, "NotificationEvents": { "items": { "type": "string" }, "markdownDescription": "The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .", "title": "NotificationEvents", "type": "array" }, "NotificationType": { "markdownDescription": "The notification type.\n\n- `Command` : Receive notification when the status of a command changes.\n- `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.", "title": "NotificationType", "type": "string" } }, "required": [ "NotificationArn" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTask.Target": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .", "title": "Values", "type": "array" } }, "required": [ "Key", "Values" ], "type": "object" }, "AWS::SSM::MaintenanceWindowTask.TaskInvocationParameters": { "additionalProperties": false, "properties": { "MaintenanceWindowAutomationParameters": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowAutomationParameters", "markdownDescription": "The parameters for an `AUTOMATION` task type.", "title": "MaintenanceWindowAutomationParameters" }, "MaintenanceWindowLambdaParameters": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowLambdaParameters", "markdownDescription": "The parameters for a `LAMBDA` task type.", "title": "MaintenanceWindowLambdaParameters" }, "MaintenanceWindowRunCommandParameters": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowRunCommandParameters", "markdownDescription": "The parameters for a `RUN_COMMAND` task type.", "title": "MaintenanceWindowRunCommandParameters" }, "MaintenanceWindowStepFunctionsParameters": { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask.MaintenanceWindowStepFunctionsParameters", "markdownDescription": "The parameters for a `STEP_FUNCTIONS` task type.", "title": "MaintenanceWindowStepFunctionsParameters" } }, "type": "object" }, "AWS::SSM::Parameter": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllowedPattern": { "markdownDescription": "A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\\d+$`", "title": "AllowedPattern", "type": "string" }, "DataType": { "markdownDescription": "The data type of the parameter, such as `text` or `aws:ec2:image` . The default is `text` .", "title": "DataType", "type": "string" }, "Description": { "markdownDescription": "Information about the parameter.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the parameter.\n\n> The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`", "title": "Name", "type": "string" }, "Policies": { "markdownDescription": "Information about the policies assigned to a parameter.\n\n[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .", "title": "Policies", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" }, "Tier": { "markdownDescription": "The parameter tier.", "title": "Tier", "type": "string" }, "Type": { "markdownDescription": "The type of parameter.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The parameter value.\n\n> If type is `StringList` , the system returns a comma-separated string with no spaces between commas in the `Value` field.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::Parameter" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::PatchBaseline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApprovalRules": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.RuleGroup", "markdownDescription": "A set of rules used to include patches in the baseline.", "title": "ApprovalRules" }, "ApprovedPatches": { "items": { "type": "string" }, "markdownDescription": "A list of explicitly approved patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", "title": "ApprovedPatches", "type": "array" }, "ApprovedPatchesComplianceLevel": { "markdownDescription": "Defines the compliance level for approved patches. When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .", "title": "ApprovedPatchesComplianceLevel", "type": "string" }, "ApprovedPatchesEnableNonSecurity": { "markdownDescription": "Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. The default value is `false` . Applies to Linux managed nodes only.", "title": "ApprovedPatchesEnableNonSecurity", "type": "boolean" }, "DefaultBaseline": { "type": "boolean" }, "Description": { "markdownDescription": "A description of the patch baseline.", "title": "Description", "type": "string" }, "GlobalFilters": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", "markdownDescription": "A set of global filters used to include patches in the baseline.", "title": "GlobalFilters" }, "Name": { "markdownDescription": "The name of the patch baseline.", "title": "Name", "type": "string" }, "OperatingSystem": { "markdownDescription": "Defines the operating system the patch baseline applies to. The default value is `WINDOWS` .", "title": "OperatingSystem", "type": "string" }, "PatchGroups": { "items": { "type": "string" }, "markdownDescription": "The name of the patch group to be registered with the patch baseline.", "title": "PatchGroups", "type": "array" }, "RejectedPatches": { "items": { "type": "string" }, "markdownDescription": "A list of explicitly rejected patches for the baseline.\n\nFor information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .", "title": "RejectedPatches", "type": "array" }, "RejectedPatchesAction": { "markdownDescription": "The action for Patch Manager to take on patches included in the `RejectedPackages` list.\n\n- *`ALLOW_AS_DEPENDENCY`* : A package in the `Rejected` patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `InstalledOther` . This is the default action if no option is specified.\n- *BLOCK* : Packages in the *Rejected patches* list, and packages that include them as dependencies, aren't installed by Patch Manager under any circumstances. If a package was installed before it was added to the *Rejected patches* list, or is installed outside of Patch Manager afterward, it's considered noncompliant with the patch baseline and its status is reported as *InstalledRejected* .", "title": "RejectedPatchesAction", "type": "string" }, "Sources": { "items": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchSource" }, "markdownDescription": "Information about the patches to use to update the managed nodes, including target operating systems and source repositories. Applies to Linux managed nodes only.", "title": "Sources", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::PatchBaseline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::PatchBaseline.PatchFilter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key for the filter.\n\nFor information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The value for the filter key.\n\nFor information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", "title": "Values", "type": "array" } }, "type": "object" }, "AWS::SSM::PatchBaseline.PatchFilterGroup": { "additionalProperties": false, "properties": { "PatchFilters": { "items": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilter" }, "markdownDescription": "The set of patch filters that make up the group.", "title": "PatchFilters", "type": "array" } }, "type": "object" }, "AWS::SSM::PatchBaseline.PatchSource": { "additionalProperties": false, "properties": { "Configuration": { "markdownDescription": "The value of the yum repo configuration. For example:\n\n`[main]`\n\n`name=MyCustomRepository`\n\n`baseurl=https://my-custom-repository`\n\n`enabled=1`\n\n> For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .", "title": "Configuration", "type": "string" }, "Name": { "markdownDescription": "The name specified to identify the patch source.", "title": "Name", "type": "string" }, "Products": { "items": { "type": "string" }, "markdownDescription": "The specific operating system versions a patch repository applies to, such as \"Ubuntu16.04\", \"RedhatEnterpriseLinux7.2\" or \"Suse12.7\". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .", "title": "Products", "type": "array" } }, "type": "object" }, "AWS::SSM::PatchBaseline.Rule": { "additionalProperties": false, "properties": { "ApproveAfterDays": { "markdownDescription": "The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released.\n\nYou must specify a value for `ApproveAfterDays` .\n\nException: Not supported on Debian Server or Ubuntu Server.", "title": "ApproveAfterDays", "type": "number" }, "ApproveUntilDate": { "markdownDescription": "The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server.\n\nEnter dates in the format `YYYY-MM-DD` . For example, `2021-12-31` .", "title": "ApproveUntilDate", "type": "string" }, "ComplianceLevel": { "markdownDescription": "A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .", "title": "ComplianceLevel", "type": "string" }, "EnableNonSecurity": { "markdownDescription": "For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only.", "title": "EnableNonSecurity", "type": "boolean" }, "PatchFilterGroup": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.PatchFilterGroup", "markdownDescription": "The patch filter group that defines the criteria for the rule.", "title": "PatchFilterGroup" } }, "type": "object" }, "AWS::SSM::PatchBaseline.RuleGroup": { "additionalProperties": false, "properties": { "PatchRules": { "items": { "$ref": "#/definitions/AWS::SSM::PatchBaseline.Rule" }, "markdownDescription": "The rules that make up the rule group.", "title": "PatchRules", "type": "array" } }, "type": "object" }, "AWS::SSM::ResourceDataSync": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "An Amazon S3 prefix for the bucket.", "title": "BucketPrefix", "type": "string" }, "BucketRegion": { "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", "title": "BucketRegion", "type": "string" }, "KMSKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an encryption key for a destination in Amazon S3 . You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same AWS Region as the destination Amazon S3 bucket.", "title": "KMSKeyArn", "type": "string" }, "S3Destination": { "$ref": "#/definitions/AWS::SSM::ResourceDataSync.S3Destination", "markdownDescription": "Configuration information for the target S3 bucket.", "title": "S3Destination" }, "SyncFormat": { "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", "title": "SyncFormat", "type": "string" }, "SyncName": { "markdownDescription": "A name for the resource data sync.", "title": "SyncName", "type": "string" }, "SyncSource": { "$ref": "#/definitions/AWS::SSM::ResourceDataSync.SyncSource", "markdownDescription": "Information about the source where the data was synchronized.", "title": "SyncSource" }, "SyncType": { "markdownDescription": "The type of resource data sync. If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .", "title": "SyncType", "type": "string" } }, "required": [ "SyncName" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::ResourceDataSync" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSM::ResourceDataSync.AwsOrganizationsSource": { "additionalProperties": false, "properties": { "OrganizationSourceType": { "markdownDescription": "If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.", "title": "OrganizationSourceType", "type": "string" }, "OrganizationalUnits": { "items": { "type": "string" }, "markdownDescription": "The AWS Organizations organization units included in the sync.", "title": "OrganizationalUnits", "type": "array" } }, "required": [ "OrganizationSourceType" ], "type": "object" }, "AWS::SSM::ResourceDataSync.S3Destination": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of the S3 bucket where the aggregated data is stored.", "title": "BucketName", "type": "string" }, "BucketPrefix": { "markdownDescription": "An Amazon S3 prefix for the bucket.", "title": "BucketPrefix", "type": "string" }, "BucketRegion": { "markdownDescription": "The AWS Region with the S3 bucket targeted by the resource data sync.", "title": "BucketRegion", "type": "string" }, "KMSKeyArn": { "markdownDescription": "The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket.", "title": "KMSKeyArn", "type": "string" }, "SyncFormat": { "markdownDescription": "A supported sync format. The following format is currently supported: JsonSerDe", "title": "SyncFormat", "type": "string" } }, "required": [ "BucketName", "BucketRegion", "SyncFormat" ], "type": "object" }, "AWS::SSM::ResourceDataSync.SyncSource": { "additionalProperties": false, "properties": { "AwsOrganizationsSource": { "$ref": "#/definitions/AWS::SSM::ResourceDataSync.AwsOrganizationsSource", "markdownDescription": "Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations .", "title": "AwsOrganizationsSource" }, "IncludeFutureRegions": { "markdownDescription": "Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.", "title": "IncludeFutureRegions", "type": "boolean" }, "SourceRegions": { "items": { "type": "string" }, "markdownDescription": "The `SyncSource` AWS Regions included in the resource data sync.", "title": "SourceRegions", "type": "array" }, "SourceType": { "markdownDescription": "The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .", "title": "SourceType", "type": "string" } }, "required": [ "SourceRegions", "SourceType" ], "type": "object" }, "AWS::SSM::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Policy": { "markdownDescription": "A policy you want to associate with a resource.", "title": "Policy", "type": "object" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource to which you want to attach a policy.", "title": "ResourceArn", "type": "string" } }, "required": [ "Policy", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SSM::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMContacts::Contact": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Alias": { "markdownDescription": "The unique and identifiable alias of the contact or escalation plan.", "title": "Alias", "type": "string" }, "DisplayName": { "markdownDescription": "The full name of the contact or escalation plan.", "title": "DisplayName", "type": "string" }, "Plan": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Contact.Stage" }, "markdownDescription": "A list of stages. A contact has an engagement plan with stages that contact specified contact channels. An escalation plan uses stages that contact specified contacts.", "title": "Plan", "type": "array" }, "Type": { "markdownDescription": "The type of contact.\n\n- `PERSONAL` : A single, individual contact.\n- `ESCALATION` : An escalation plan.\n- `ONCALL_SCHEDULE` : An on-call schedule.", "title": "Type", "type": "string" } }, "required": [ "Alias", "DisplayName", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMContacts::Contact" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMContacts::Contact.ChannelTargetInfo": { "additionalProperties": false, "properties": { "ChannelId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", "title": "ChannelId", "type": "string" }, "RetryIntervalInMinutes": { "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", "title": "RetryIntervalInMinutes", "type": "number" } }, "required": [ "ChannelId", "RetryIntervalInMinutes" ], "type": "object" }, "AWS::SSMContacts::Contact.ContactTargetInfo": { "additionalProperties": false, "properties": { "ContactId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", "title": "ContactId", "type": "string" }, "IsEssential": { "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", "title": "IsEssential", "type": "boolean" } }, "required": [ "ContactId", "IsEssential" ], "type": "object" }, "AWS::SSMContacts::Contact.Stage": { "additionalProperties": false, "properties": { "DurationInMinutes": { "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", "title": "DurationInMinutes", "type": "number" }, "RotationIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", "title": "RotationIds", "type": "array" }, "Targets": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Contact.Targets" }, "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", "title": "Targets", "type": "array" } }, "type": "object" }, "AWS::SSMContacts::Contact.Targets": { "additionalProperties": false, "properties": { "ChannelTargetInfo": { "$ref": "#/definitions/AWS::SSMContacts::Contact.ChannelTargetInfo", "markdownDescription": "Information about the contact channel that Incident Manager engages.", "title": "ChannelTargetInfo" }, "ContactTargetInfo": { "$ref": "#/definitions/AWS::SSMContacts::Contact.ContactTargetInfo", "markdownDescription": "The contact that Incident Manager is engaging during an incident.", "title": "ContactTargetInfo" } }, "type": "object" }, "AWS::SSMContacts::ContactChannel": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelAddress": { "markdownDescription": "The details that Incident Manager uses when trying to engage the contact channel.", "title": "ChannelAddress", "type": "string" }, "ChannelName": { "markdownDescription": "The name of the contact channel.", "title": "ChannelName", "type": "string" }, "ChannelType": { "markdownDescription": "The type of the contact channel. Incident Manager supports three contact methods:\n\n- SMS\n- VOICE\n- EMAIL", "title": "ChannelType", "type": "string" }, "ContactId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact you are adding the contact channel to.", "title": "ContactId", "type": "string" }, "DeferActivation": { "markdownDescription": "If you want to activate the channel at a later time, you can choose to defer activation. Incident Manager can't engage your contact channel until it has been activated.", "title": "DeferActivation", "type": "boolean" } }, "required": [ "ChannelAddress", "ChannelName", "ChannelType", "ContactId" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMContacts::ContactChannel" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMContacts::Plan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", "title": "ContactId", "type": "string" }, "RotationIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the on-call rotations associated with the plan.", "title": "RotationIds", "type": "array" }, "Stages": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Plan.Stage" }, "markdownDescription": "A list of stages that the escalation plan or engagement plan uses to engage contacts and contact methods.", "title": "Stages", "type": "array" } }, "required": [ "ContactId" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMContacts::Plan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMContacts::Plan.ChannelTargetInfo": { "additionalProperties": false, "properties": { "ChannelId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact channel.", "title": "ChannelId", "type": "string" }, "RetryIntervalInMinutes": { "markdownDescription": "The number of minutes to wait before retrying to send engagement if the engagement initially failed.", "title": "RetryIntervalInMinutes", "type": "number" } }, "required": [ "ChannelId", "RetryIntervalInMinutes" ], "type": "object" }, "AWS::SSMContacts::Plan.ContactTargetInfo": { "additionalProperties": false, "properties": { "ContactId": { "markdownDescription": "The Amazon Resource Name (ARN) of the contact.", "title": "ContactId", "type": "string" }, "IsEssential": { "markdownDescription": "A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan.", "title": "IsEssential", "type": "boolean" } }, "required": [ "ContactId", "IsEssential" ], "type": "object" }, "AWS::SSMContacts::Plan.Stage": { "additionalProperties": false, "properties": { "DurationInMinutes": { "markdownDescription": "The time to wait until beginning the next stage. The duration can only be set to 0 if a target is specified.", "title": "DurationInMinutes", "type": "number" }, "Targets": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Plan.Targets" }, "markdownDescription": "The contacts or contact methods that the escalation plan or engagement plan is engaging.", "title": "Targets", "type": "array" } }, "required": [ "DurationInMinutes" ], "type": "object" }, "AWS::SSMContacts::Plan.Targets": { "additionalProperties": false, "properties": { "ChannelTargetInfo": { "$ref": "#/definitions/AWS::SSMContacts::Plan.ChannelTargetInfo", "markdownDescription": "Information about the contact channel that Incident Manager engages.", "title": "ChannelTargetInfo" }, "ContactTargetInfo": { "$ref": "#/definitions/AWS::SSMContacts::Plan.ContactTargetInfo", "markdownDescription": "Information about the contact that Incident Manager engages.", "title": "ContactTargetInfo" } }, "type": "object" }, "AWS::SSMContacts::Rotation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ContactIds": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Names (ARNs) of the contacts to add to the rotation.\n\n> Only the `PERSONAL` contact type is supported. The contact types `ESCALATION` and `ONCALL_SCHEDULE` are not supported for this operation. \n\nThe order in which you list the contacts is their shift order in the rotation schedule.", "title": "ContactIds", "type": "array" }, "Name": { "markdownDescription": "The name for the rotation.", "title": "Name", "type": "string" }, "Recurrence": { "$ref": "#/definitions/AWS::SSMContacts::Rotation.RecurrenceSettings", "markdownDescription": "Information about the rule that specifies when shift team members rotate.", "title": "Recurrence" }, "StartTime": { "markdownDescription": "The date and time the rotation goes into effect.", "title": "StartTime", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Optional metadata to assign to the rotation. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For more information, see [Tagging Incident Manager resources](https://docs.aws.amazon.com/incident-manager/latest/userguide/tagging.html) in the *Incident Manager User Guide* .", "title": "Tags", "type": "array" }, "TimeZoneId": { "markdownDescription": "The time zone to base the rotation\u2019s activity on, in Internet Assigned Numbers Authority (IANA) format. For example: \"America/Los_Angeles\", \"UTC\", or \"Asia/Seoul\". For more information, see the [Time Zone Database](https://docs.aws.amazon.com/https://www.iana.org/time-zones) on the IANA website.\n\n> Designators for time zones that don\u2019t support Daylight Savings Time rules, such as Pacific Standard Time (PST), are not supported.", "title": "TimeZoneId", "type": "string" } }, "required": [ "ContactIds", "Name", "Recurrence", "StartTime", "TimeZoneId" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMContacts::Rotation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMContacts::Rotation.CoverageTime": { "additionalProperties": false, "properties": { "EndTime": { "markdownDescription": "Information about when an on-call rotation shift ends.", "title": "EndTime", "type": "string" }, "StartTime": { "markdownDescription": "Information about when an on-call rotation shift begins.", "title": "StartTime", "type": "string" } }, "required": [ "EndTime", "StartTime" ], "type": "object" }, "AWS::SSMContacts::Rotation.MonthlySetting": { "additionalProperties": false, "properties": { "DayOfMonth": { "markdownDescription": "The day of the month when monthly recurring on-call rotations begin.", "title": "DayOfMonth", "type": "number" }, "HandOffTime": { "markdownDescription": "The time of day when a monthly recurring on-call shift rotation begins.", "title": "HandOffTime", "type": "string" } }, "required": [ "DayOfMonth", "HandOffTime" ], "type": "object" }, "AWS::SSMContacts::Rotation.RecurrenceSettings": { "additionalProperties": false, "properties": { "DailySettings": { "items": { "type": "string" }, "markdownDescription": "Information about on-call rotations that recur daily.", "title": "DailySettings", "type": "array" }, "MonthlySettings": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Rotation.MonthlySetting" }, "markdownDescription": "Information about on-call rotations that recur monthly.", "title": "MonthlySettings", "type": "array" }, "NumberOfOnCalls": { "markdownDescription": "The number of contacts, or shift team members designated to be on call concurrently during a shift. For example, in an on-call schedule that contains ten contacts, a value of `2` designates that two of them are on call at any given time.", "title": "NumberOfOnCalls", "type": "number" }, "RecurrenceMultiplier": { "markdownDescription": "The number of days, weeks, or months a single rotation lasts.", "title": "RecurrenceMultiplier", "type": "number" }, "ShiftCoverages": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Rotation.ShiftCoverage" }, "markdownDescription": "Information about the days of the week included in on-call rotation coverage.", "title": "ShiftCoverages", "type": "array" }, "WeeklySettings": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Rotation.WeeklySetting" }, "markdownDescription": "Information about on-call rotations that recur weekly.", "title": "WeeklySettings", "type": "array" } }, "required": [ "NumberOfOnCalls", "RecurrenceMultiplier" ], "type": "object" }, "AWS::SSMContacts::Rotation.ShiftCoverage": { "additionalProperties": false, "properties": { "CoverageTimes": { "items": { "$ref": "#/definitions/AWS::SSMContacts::Rotation.CoverageTime" }, "markdownDescription": "The start and end times of the shift.", "title": "CoverageTimes", "type": "array" }, "DayOfWeek": { "markdownDescription": "A list of days on which the schedule is active.", "title": "DayOfWeek", "type": "string" } }, "required": [ "CoverageTimes", "DayOfWeek" ], "type": "object" }, "AWS::SSMContacts::Rotation.WeeklySetting": { "additionalProperties": false, "properties": { "DayOfWeek": { "markdownDescription": "The day of the week when weekly recurring on-call shift rotations begins.", "title": "DayOfWeek", "type": "string" }, "HandOffTime": { "markdownDescription": "The time of day when a weekly recurring on-call shift rotation begins.", "title": "HandOffTime", "type": "string" } }, "required": [ "DayOfWeek", "HandOffTime" ], "type": "object" }, "AWS::SSMIncidents::ReplicationSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeletionProtected": { "markdownDescription": "Determines if the replication set deletion protection is enabled or not. If deletion protection is enabled, you can't delete the last Region in the replication set.", "title": "DeletionProtected", "type": "boolean" }, "Regions": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.ReplicationRegion" }, "markdownDescription": "Specifies the Regions of the replication set.", "title": "Regions", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to add to the replication set.", "title": "Tags", "type": "array" } }, "required": [ "Regions" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMIncidents::ReplicationSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMIncidents::ReplicationSet.RegionConfiguration": { "additionalProperties": false, "properties": { "SseKmsKeyId": { "markdownDescription": "The AWS Key Management Service key ID to use to encrypt your replication set.", "title": "SseKmsKeyId", "type": "string" } }, "required": [ "SseKmsKeyId" ], "type": "object" }, "AWS::SSMIncidents::ReplicationSet.ReplicationRegion": { "additionalProperties": false, "properties": { "RegionConfiguration": { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet.RegionConfiguration", "markdownDescription": "Specifies the Region configuration.", "title": "RegionConfiguration" }, "RegionName": { "markdownDescription": "Specifies the region name to add to the replication set.", "title": "RegionName", "type": "string" } }, "type": "object" }, "AWS::SSMIncidents::ResponsePlan": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Action" }, "markdownDescription": "The actions that the response plan starts at the beginning of an incident.", "title": "Actions", "type": "array" }, "ChatChannel": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.ChatChannel", "markdownDescription": "The AWS Chatbot chat channel used for collaboration during an incident.", "title": "ChatChannel" }, "DisplayName": { "markdownDescription": "The human readable name of the response plan.", "title": "DisplayName", "type": "string" }, "Engagements": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) for the contacts and escalation plans that the response plan engages during an incident.", "title": "Engagements", "type": "array" }, "IncidentTemplate": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.IncidentTemplate", "markdownDescription": "Details used to create an incident when using this response plan.", "title": "IncidentTemplate" }, "Integrations": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.Integration" }, "markdownDescription": "Information about third-party services integrated into the response plan.", "title": "Integrations", "type": "array" }, "Name": { "markdownDescription": "The name of the response plan.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "IncidentTemplate", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::SSMIncidents::ResponsePlan" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.Action": { "additionalProperties": false, "properties": { "SsmAutomation": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmAutomation", "markdownDescription": "Details about the Systems Manager automation document that will be used as a runbook during an incident.", "title": "SsmAutomation" } }, "type": "object" }, "AWS::SSMIncidents::ResponsePlan.ChatChannel": { "additionalProperties": false, "properties": { "ChatbotSns": { "items": { "type": "string" }, "markdownDescription": "The Amazon SNS targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon SNS topics", "title": "ChatbotSns", "type": "array" } }, "type": "object" }, "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key parameter to use when running the Systems Manager Automation runbook.", "title": "Key", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue", "markdownDescription": "The dynamic parameter value.", "title": "Value" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.DynamicSsmParameterValue": { "additionalProperties": false, "properties": { "Variable": { "markdownDescription": "Variable dynamic parameters. A parameter value is determined when an incident is created.", "title": "Variable", "type": "string" } }, "type": "object" }, "AWS::SSMIncidents::ResponsePlan.IncidentTemplate": { "additionalProperties": false, "properties": { "DedupeString": { "markdownDescription": "Used to create only one incident record for an incident.", "title": "DedupeString", "type": "string" }, "Impact": { "markdownDescription": "Defines the impact to the customers. Providing an impact overwrites the impact provided by a response plan.\n\n**Possible impacts:** - `1` - Critical impact, this typically relates to full application failure that impacts many to all customers.\n- `2` - High impact, partial application failure with impact to many customers.\n- `3` - Medium impact, the application is providing reduced service to customers.\n- `4` - Low impact, customer might aren't impacted by the problem yet.\n- `5` - No impact, customers aren't currently impacted but urgent action is needed to avoid impact.", "title": "Impact", "type": "number" }, "IncidentTags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to assign to the template. When the `StartIncident` API action is called, Incident Manager assigns the tags specified in the template to the incident.", "title": "IncidentTags", "type": "array" }, "NotificationTargets": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.NotificationTargetItem" }, "markdownDescription": "The Amazon Simple Notification Service ( Amazon SNS ) targets that AWS Chatbot uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel using the Amazon SNS topics.", "title": "NotificationTargets", "type": "array" }, "Summary": { "markdownDescription": "The summary describes what has happened during the incident.", "title": "Summary", "type": "string" }, "Title": { "markdownDescription": "The title of the incident is a brief and easily recognizable.", "title": "Title", "type": "string" } }, "required": [ "Impact", "Title" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.Integration": { "additionalProperties": false, "properties": { "PagerDutyConfiguration": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration", "markdownDescription": "Information about the PagerDuty service where the response plan creates an incident.", "title": "PagerDutyConfiguration" } }, "required": [ "PagerDutyConfiguration" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.NotificationTargetItem": { "additionalProperties": false, "properties": { "SnsTopicArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Amazon SNS topic.", "title": "SnsTopicArn", "type": "string" } }, "type": "object" }, "AWS::SSMIncidents::ResponsePlan.PagerDutyConfiguration": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the PagerDuty configuration.", "title": "Name", "type": "string" }, "PagerDutyIncidentConfiguration": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration", "markdownDescription": "Details about the PagerDuty service associated with the configuration.", "title": "PagerDutyIncidentConfiguration" }, "SecretId": { "markdownDescription": "The ID of the AWS Secrets Manager secret that stores your PagerDuty key, either a General Access REST API Key or User Token REST API Key, and other user credentials.", "title": "SecretId", "type": "string" } }, "required": [ "Name", "PagerDutyIncidentConfiguration", "SecretId" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.PagerDutyIncidentConfiguration": { "additionalProperties": false, "properties": { "ServiceId": { "markdownDescription": "The ID of the PagerDuty service that the response plan associates with an incident when it launches.", "title": "ServiceId", "type": "string" } }, "required": [ "ServiceId" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.SsmAutomation": { "additionalProperties": false, "properties": { "DocumentName": { "markdownDescription": "The automation document's name.", "title": "DocumentName", "type": "string" }, "DocumentVersion": { "markdownDescription": "The version of the runbook to use when running.", "title": "DocumentVersion", "type": "string" }, "DynamicParameters": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.DynamicSsmParameter" }, "markdownDescription": "The key-value pairs to resolve dynamic parameter values when processing a Systems Manager Automation runbook.", "title": "DynamicParameters", "type": "array" }, "Parameters": { "items": { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan.SsmParameter" }, "markdownDescription": "The key-value pair parameters to use when running the runbook.", "title": "Parameters", "type": "array" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the role that the automation document will assume when running commands.", "title": "RoleArn", "type": "string" }, "TargetAccount": { "markdownDescription": "The account that the automation document will be run in. This can be in either the management account or an application account.", "title": "TargetAccount", "type": "string" } }, "required": [ "DocumentName", "RoleArn" ], "type": "object" }, "AWS::SSMIncidents::ResponsePlan.SsmParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key parameter to use when running the Automation runbook.", "title": "Key", "type": "string" }, "Values": { "items": { "type": "string" }, "markdownDescription": "The value parameter to use when running the Automation runbook.", "title": "Values", "type": "array" } }, "required": [ "Key", "Values" ], "type": "object" }, "AWS::SSO::Assignment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceArn": { "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "InstanceArn", "type": "string" }, "PermissionSetArn": { "markdownDescription": "The ARN of the permission set.", "title": "PermissionSetArn", "type": "string" }, "PrincipalId": { "markdownDescription": "An identifier for an object in IAM Identity Center, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). For more information about PrincipalIds in IAM Identity Center, see the [IAM Identity Center Identity Store API Reference](https://docs.aws.amazon.com//singlesignon/latest/IdentityStoreAPIReference/welcome.html) .", "title": "PrincipalId", "type": "string" }, "PrincipalType": { "markdownDescription": "The entity type for which the assignment will be created.", "title": "PrincipalType", "type": "string" }, "TargetId": { "markdownDescription": "TargetID is an AWS account identifier, (For example, 123456789012).", "title": "TargetId", "type": "string" }, "TargetType": { "markdownDescription": "The entity type for which the assignment will be created.", "title": "TargetType", "type": "string" } }, "required": [ "InstanceArn", "PermissionSetArn", "PrincipalId", "PrincipalType", "TargetId", "TargetType" ], "type": "object" }, "Type": { "enum": [ "AWS::SSO::Assignment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSO::InstanceAccessControlAttributeConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessControlAttributes": { "items": { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute" }, "markdownDescription": "Lists the attributes that are configured for ABAC in the specified IAM Identity Center instance.", "title": "AccessControlAttributes", "type": "array" }, "InstanceArn": { "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed.", "title": "InstanceArn", "type": "string" } }, "required": [ "InstanceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SSO::InstanceAccessControlAttributeConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttribute": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name of the attribute associated with your identities in your identity source. This is used to map a specified attribute in your identity source with an attribute in IAM Identity Center .", "title": "Key", "type": "string" }, "Value": { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue", "markdownDescription": "The value used for mapping a specified attribute to an identity source.", "title": "Value" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::SSO::InstanceAccessControlAttributeConfiguration.AccessControlAttributeValue": { "additionalProperties": false, "properties": { "Source": { "items": { "type": "string" }, "markdownDescription": "The identity source to use when mapping a specified attribute to IAM Identity Center .", "title": "Source", "type": "array" } }, "required": [ "Source" ], "type": "object" }, "AWS::SSO::PermissionSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CustomerManagedPolicyReferences": { "items": { "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference" }, "markdownDescription": "Specifies the names and paths of the customer managed policies that you have attached to your permission set.", "title": "CustomerManagedPolicyReferences", "type": "array" }, "Description": { "markdownDescription": "The description of the `PermissionSet` .", "title": "Description", "type": "string" }, "InlinePolicy": { "markdownDescription": "The inline policy that is attached to the permission set.\n\n> For `Length Constraints` , if a valid ARN is provided for a permission set, it is possible for an empty inline policy to be returned.", "title": "InlinePolicy", "type": "object" }, "InstanceArn": { "markdownDescription": "The ARN of the IAM Identity Center instance under which the operation will be executed. For more information about ARNs, see [Amazon Resource Names (ARNs) and AWS Service Namespaces](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* .", "title": "InstanceArn", "type": "string" }, "ManagedPolicies": { "items": { "type": "string" }, "markdownDescription": "A structure that stores the details of the AWS managed policy.", "title": "ManagedPolicies", "type": "array" }, "Name": { "markdownDescription": "The name of the permission set.", "title": "Name", "type": "string" }, "PermissionsBoundary": { "$ref": "#/definitions/AWS::SSO::PermissionSet.PermissionsBoundary", "markdownDescription": "Specifies the configuration of the AWS managed or customer managed policy that you want to set as a permissions boundary. Specify either `CustomerManagedPolicyReference` to use the name and path of a customer managed policy, or `ManagedPolicyArn` to use the ARN of an AWS managed policy. A permissions boundary represents the maximum permissions that any policy can grant your role. For more information, see [Permissions boundaries for IAM entities](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the *IAM User Guide* .\n\n> Policies used as permissions boundaries don't provide permissions. You must also attach an IAM policy to the role. To learn how the effective permissions for a role are evaluated, see [IAM JSON policy evaluation logic](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the *IAM User Guide* .", "title": "PermissionsBoundary" }, "RelayStateType": { "markdownDescription": "Used to redirect users within the application during the federation authentication process.", "title": "RelayStateType", "type": "string" }, "SessionDuration": { "markdownDescription": "The length of time that the application user sessions are valid for in the ISO-8601 standard.", "title": "SessionDuration", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to attach to the new `PermissionSet` .", "title": "Tags", "type": "array" } }, "required": [ "InstanceArn", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::SSO::PermissionSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SSO::PermissionSet.CustomerManagedPolicyReference": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the IAM policy that you have configured in each account where you want to deploy your permission set.", "title": "Name", "type": "string" }, "Path": { "markdownDescription": "The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* .", "title": "Path", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::SSO::PermissionSet.PermissionsBoundary": { "additionalProperties": false, "properties": { "CustomerManagedPolicyReference": { "$ref": "#/definitions/AWS::SSO::PermissionSet.CustomerManagedPolicyReference", "markdownDescription": "Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set.", "title": "CustomerManagedPolicyReference" }, "ManagedPolicyArn": { "markdownDescription": "The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary.", "title": "ManagedPolicyArn", "type": "string" } }, "type": "object" }, "AWS::SageMaker::App": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppName": { "markdownDescription": "The name of the app.", "title": "AppName", "type": "string" }, "AppType": { "markdownDescription": "The type of app.", "title": "AppType", "type": "string" }, "DomainId": { "markdownDescription": "The domain ID.", "title": "DomainId", "type": "string" }, "ResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::App.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", "title": "ResourceSpec" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "UserProfileName": { "markdownDescription": "The user profile name.", "title": "UserProfileName", "type": "string" } }, "required": [ "AppName", "AppType", "DomainId", "UserProfileName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::App" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::App.ResourceSpec": { "additionalProperties": false, "properties": { "InstanceType": { "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", "title": "InstanceType", "type": "string" }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker image that the image version belongs to.", "title": "SageMakerImageArn", "type": "string" }, "SageMakerImageVersionArn": { "markdownDescription": "The ARN of the image version created on the instance.", "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, "AWS::SageMaker::AppImageConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppImageConfigName": { "markdownDescription": "The name of the AppImageConfig. Must be unique to your account.", "title": "AppImageConfigName", "type": "string" }, "CodeEditorAppImageConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig", "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", "title": "CodeEditorAppImageConfig" }, "JupyterLabAppImageConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig", "markdownDescription": "The configuration for the file system and the runtime, such as the environment variables and entry point.", "title": "JupyterLabAppImageConfig" }, "KernelGatewayImageConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig", "markdownDescription": "The configuration for the file system and kernels in the SageMaker image.", "title": "KernelGatewayImageConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "AppImageConfigName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::AppImageConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::AppImageConfig.CodeEditorAppImageConfig": { "additionalProperties": false, "properties": { "ContainerConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", "markdownDescription": "", "title": "ContainerConfig" } }, "type": "object" }, "AWS::SageMaker::AppImageConfig.ContainerConfig": { "additionalProperties": false, "properties": { "ContainerArguments": { "items": { "type": "string" }, "markdownDescription": "The arguments for the container when you're running the application.", "title": "ContainerArguments", "type": "array" }, "ContainerEntrypoint": { "items": { "type": "string" }, "markdownDescription": "The entrypoint used to run the application in the container.", "title": "ContainerEntrypoint", "type": "array" }, "ContainerEnvironmentVariables": { "items": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable" }, "markdownDescription": "The environment variables to set in the container", "title": "ContainerEnvironmentVariables", "type": "array" } }, "type": "object" }, "AWS::SageMaker::AppImageConfig.CustomImageContainerEnvironmentVariable": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key that identifies a container environment variable.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the container environment variable.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::SageMaker::AppImageConfig.FileSystemConfig": { "additionalProperties": false, "properties": { "DefaultGid": { "markdownDescription": "The default POSIX group ID (GID). If not specified, defaults to `100` .", "title": "DefaultGid", "type": "number" }, "DefaultUid": { "markdownDescription": "The default POSIX user ID (UID). If not specified, defaults to `1000` .", "title": "DefaultUid", "type": "number" }, "MountPath": { "markdownDescription": "The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to */home/sagemaker-user* .", "title": "MountPath", "type": "string" } }, "type": "object" }, "AWS::SageMaker::AppImageConfig.JupyterLabAppImageConfig": { "additionalProperties": false, "properties": { "ContainerConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.ContainerConfig", "markdownDescription": "The configuration used to run the application image container.", "title": "ContainerConfig" } }, "type": "object" }, "AWS::SageMaker::AppImageConfig.KernelGatewayImageConfig": { "additionalProperties": false, "properties": { "FileSystemConfig": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.FileSystemConfig", "markdownDescription": "The Amazon Elastic File System storage configuration for a SageMaker image.", "title": "FileSystemConfig" }, "KernelSpecs": { "items": { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig.KernelSpec" }, "markdownDescription": "The specification of the Jupyter kernels in the image.", "title": "KernelSpecs", "type": "array" } }, "required": [ "KernelSpecs" ], "type": "object" }, "AWS::SageMaker::AppImageConfig.KernelSpec": { "additionalProperties": false, "properties": { "DisplayName": { "markdownDescription": "The display name of the kernel.", "title": "DisplayName", "type": "string" }, "Name": { "markdownDescription": "The name of the Jupyter kernel in the image. This value is case sensitive.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::SageMaker::CodeRepository": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CodeRepositoryName": { "markdownDescription": "The name of the Git repository.", "title": "CodeRepositoryName", "type": "string" }, "GitConfig": { "$ref": "#/definitions/AWS::SageMaker::CodeRepository.GitConfig", "markdownDescription": "Configuration details for the Git repository, including the URL where it is located and the ARN of the AWS Secrets Manager secret that contains the credentials used to access the repository.", "title": "GitConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "List of tags for Code Repository.", "title": "Tags", "type": "array" } }, "required": [ "GitConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::CodeRepository" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::CodeRepository.GitConfig": { "additionalProperties": false, "properties": { "Branch": { "markdownDescription": "The default branch for the Git repository.", "title": "Branch", "type": "string" }, "RepositoryUrl": { "markdownDescription": "The URL where the Git repository is located.", "title": "RepositoryUrl", "type": "string" }, "SecretArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the credentials used to access the git repository. The secret must have a staging label of `AWSCURRENT` and must be in the following format:\n\n`{\"username\": *UserName* , \"password\": *Password* }`", "title": "SecretArn", "type": "string" } }, "required": [ "RepositoryUrl" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataQualityAppSpecification": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification", "markdownDescription": "Specifies the container that runs the monitoring job.", "title": "DataQualityAppSpecification" }, "DataQualityBaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig", "markdownDescription": "Configures the constraints and baselines for the monitoring job.", "title": "DataQualityBaselineConfig" }, "DataQualityJobInput": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput", "markdownDescription": "A list of inputs for the monitoring job. Currently endpoints are supported as monitoring inputs.", "title": "DataQualityJobInput" }, "DataQualityJobOutputConfig": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig", "markdownDescription": "The output configuration for monitoring jobs.", "title": "DataQualityJobOutputConfig" }, "EndpointName": { "markdownDescription": "", "title": "EndpointName", "type": "string" }, "JobDefinitionName": { "markdownDescription": "The name for the monitoring job definition.", "title": "JobDefinitionName", "type": "string" }, "JobResources": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringResources", "markdownDescription": "Identifies the resources to deploy for a monitoring job.", "title": "JobResources" }, "NetworkConfig": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.NetworkConfig", "markdownDescription": "Specifies networking configuration for the monitoring job.", "title": "NetworkConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", "title": "RoleArn", "type": "string" }, "StoppingCondition": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StoppingCondition", "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DataQualityAppSpecification", "DataQualityJobInput", "DataQualityJobOutputConfig", "JobResources", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::DataQualityJobDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { "DataCapturedDestinationS3Uri": { "markdownDescription": "The Amazon S3 location being used to capture the data.", "title": "DataCapturedDestinationS3Uri", "type": "string" }, "DatasetFormat": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.DatasetFormat", "markdownDescription": "The dataset format for your batch transform job.", "title": "DatasetFormat" }, "ExcludeFeaturesAttribute": { "markdownDescription": "The attributes of the input data to exclude from the analysis.", "title": "ExcludeFeaturesAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", "title": "LocalPath", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "DataCapturedDestinationS3Uri", "DatasetFormat", "LocalPath" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the processing job.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", "title": "VolumeKmsKeyId", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceCount", "InstanceType", "VolumeSizeInGB" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.Csv": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.DataQualityAppSpecification": { "additionalProperties": false, "properties": { "ContainerArguments": { "items": { "type": "string" }, "markdownDescription": "The arguments to send to the container that the monitoring job runs.", "title": "ContainerArguments", "type": "array" }, "ContainerEntrypoint": { "items": { "type": "string" }, "markdownDescription": "The entrypoint for a container used to run a monitoring job.", "title": "ContainerEntrypoint", "type": "array" }, "Environment": { "additionalProperties": true, "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "ImageUri": { "markdownDescription": "The container image that the data quality monitoring job runs.", "title": "ImageUri", "type": "string" }, "PostAnalyticsProcessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", "title": "PostAnalyticsProcessorSourceUri", "type": "string" }, "RecordPreprocessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", "title": "RecordPreprocessorSourceUri", "type": "string" } }, "required": [ "ImageUri" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.DataQualityBaselineConfig": { "additionalProperties": false, "properties": { "BaseliningJobName": { "markdownDescription": "The name of the job that performs baselining for the data quality monitoring job.", "title": "BaseliningJobName", "type": "string" }, "ConstraintsResource": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ConstraintsResource", "markdownDescription": "The constraints resource for a monitoring job.", "title": "ConstraintsResource" }, "StatisticsResource": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.StatisticsResource", "markdownDescription": "Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically.", "title": "StatisticsResource" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.DataQualityJobInput": { "additionalProperties": false, "properties": { "BatchTransformInput": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.BatchTransformInput", "markdownDescription": "Input object for the batch transform job.", "title": "BatchTransformInput" }, "EndpointInput": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.EndpointInput", "markdownDescription": "Input object for the endpoint", "title": "EndpointInput" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Csv", "markdownDescription": "", "title": "Csv" }, "Json": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.Json", "markdownDescription": "", "title": "Json" }, "Parquet": { "markdownDescription": "", "title": "Parquet", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", "title": "EndpointName", "type": "string" }, "ExcludeFeaturesAttribute": { "markdownDescription": "The attributes of the input data to exclude from the analysis.", "title": "ExcludeFeaturesAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", "title": "LocalPath", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "EndpointName", "LocalPath" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.Json": { "additionalProperties": false, "properties": { "Line": { "markdownDescription": "", "title": "Line", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { "S3Output": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.S3Output", "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", "title": "S3Output" } }, "required": [ "S3Output" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", "title": "KmsKeyId", "type": "string" }, "MonitoringOutputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.MonitoringOutput" }, "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", "title": "MonitoringOutputs", "type": "array" } }, "required": [ "MonitoringOutputs" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { "ClusterConfig": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.ClusterConfig", "markdownDescription": "The configuration for the cluster resources used to run the processing job.", "title": "ClusterConfig" } }, "required": [ "ClusterConfig" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { "EnableInterContainerTrafficEncryption": { "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, "EnableNetworkIsolation": { "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", "title": "EnableNetworkIsolation", "type": "boolean" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition.VpcConfig", "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", "title": "VpcConfig" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.S3Output": { "additionalProperties": false, "properties": { "LocalPath": { "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", "title": "LocalPath", "type": "string" }, "S3UploadMode": { "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", "title": "S3UploadMode", "type": "string" }, "S3Uri": { "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ "LocalPath", "S3Uri" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.StatisticsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the statistics resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { "MaxRuntimeInSeconds": { "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ "MaxRuntimeInSeconds" ], "type": "object" }, "AWS::SageMaker::DataQualityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::Device": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Device": { "$ref": "#/definitions/AWS::SageMaker::Device.Device", "markdownDescription": "Edge device you want to create.", "title": "Device" }, "DeviceFleetName": { "markdownDescription": "The name of the fleet the device belongs to.", "title": "DeviceFleetName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your devices. Each tag consists of a key and a value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "DeviceFleetName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Device" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Device.Device": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Description of the device.", "title": "Description", "type": "string" }, "DeviceName": { "markdownDescription": "The name of the device.", "title": "DeviceName", "type": "string" }, "IotThingName": { "markdownDescription": "AWS Internet of Things (IoT) object name.", "title": "IotThingName", "type": "string" } }, "required": [ "DeviceName" ], "type": "object" }, "AWS::SageMaker::DeviceFleet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the fleet.", "title": "Description", "type": "string" }, "DeviceFleetName": { "markdownDescription": "Name of the device fleet.", "title": "DeviceFleetName", "type": "string" }, "OutputConfig": { "$ref": "#/definitions/AWS::SageMaker::DeviceFleet.EdgeOutputConfig", "markdownDescription": "The output configuration for storing sample data collected by the fleet.", "title": "OutputConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) that has access to AWS Internet of Things (IoT).", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs that contain metadata to help you categorize and organize your device fleets. Each tag consists of a key and a value, both of which you define.", "title": "Tags", "type": "array" } }, "required": [ "DeviceFleetName", "OutputConfig", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::DeviceFleet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::DeviceFleet.EdgeOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume after compilation job. If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account.", "title": "KmsKeyId", "type": "string" }, "S3OutputLocation": { "markdownDescription": "The Amazon Simple Storage (S3) bucket URI.", "title": "S3OutputLocation", "type": "string" } }, "required": [ "S3OutputLocation" ], "type": "object" }, "AWS::SageMaker::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AppNetworkAccessType": { "markdownDescription": "Specifies the VPC used for non-EFS traffic. The default value is `PublicInternetOnly` .\n\n- `PublicInternetOnly` - Non-EFS traffic is through a VPC managed by Amazon SageMaker , which allows direct internet access\n- `VpcOnly` - All Studio traffic is through the specified VPC and subnets\n\n*Valid Values* : `PublicInternetOnly | VpcOnly`", "title": "AppNetworkAccessType", "type": "string" }, "AppSecurityGroupManagement": { "markdownDescription": "The entity that creates and manages the required security groups for inter-app communication in `VpcOnly` mode. Required when `CreateDomain.AppNetworkAccessType` is `VpcOnly` and `DomainSettings.RStudioServerProDomainSettings.DomainExecutionRoleArn` is provided. If setting up the domain for use with RStudio, this value must be set to `Service` .\n\n*Allowed Values* : `Service` | `Customer`", "title": "AppSecurityGroupManagement", "type": "string" }, "AuthMode": { "markdownDescription": "The mode of authentication that members use to access the Domain.\n\n*Valid Values* : `SSO | IAM`", "title": "AuthMode", "type": "string" }, "DefaultSpaceSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceSettings", "markdownDescription": "A collection of settings that apply to spaces created in the domain.", "title": "DefaultSpaceSettings" }, "DefaultUserSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.UserSettings", "markdownDescription": "The default user settings.", "title": "DefaultUserSettings" }, "DomainName": { "markdownDescription": "The domain name.", "title": "DomainName", "type": "string" }, "DomainSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.DomainSettings", "markdownDescription": "A collection of settings that apply to the `SageMaker Domain` . These settings are specified through the `CreateDomain` API call.", "title": "DomainSettings" }, "KmsKeyId": { "markdownDescription": "SageMaker uses AWS KMS to encrypt the EFS volume attached to the Domain with an AWS managed customer master key (CMK) by default. For more control, specify a customer managed CMK.\n\n*Length Constraints* : Maximum length of 2048.\n\n*Pattern* : `.*`", "title": "KmsKeyId", "type": "string" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The VPC subnets that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Array members* : Minimum number of 1 item. Maximum number of 16 items.\n\n*Pattern* : `[-0-9a-zA-Z]+`", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags to associated with the Domain. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.\n\nTags that you specify for the Domain are also added to all apps that are launched in the Domain.\n\n*Array members* : Minimum number of 0 items. Maximum number of 50 items.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the Amazon Virtual Private Cloud (Amazon VPC) that Studio uses for communication.\n\n*Length Constraints* : Maximum length of 32.\n\n*Pattern* : `[-0-9a-zA-Z]+`", "title": "VpcId", "type": "string" } }, "required": [ "AuthMode", "DefaultUserSettings", "DomainName", "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Domain.CodeEditorAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", "title": "DefaultResourceSpec" }, "LifecycleConfigArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", "title": "LifecycleConfigArns", "type": "array" } }, "type": "object" }, "AWS::SageMaker::Domain.CodeRepository": { "additionalProperties": false, "properties": { "RepositoryUrl": { "markdownDescription": "The URL of the Git repository.", "title": "RepositoryUrl", "type": "string" } }, "required": [ "RepositoryUrl" ], "type": "object" }, "AWS::SageMaker::Domain.CustomFileSystemConfig": { "additionalProperties": false, "properties": { "EFSFileSystemConfig": { "$ref": "#/definitions/AWS::SageMaker::Domain.EFSFileSystemConfig", "markdownDescription": "The settings for a custom Amazon EFS file system.", "title": "EFSFileSystemConfig" } }, "type": "object" }, "AWS::SageMaker::Domain.CustomImage": { "additionalProperties": false, "properties": { "AppImageConfigName": { "markdownDescription": "The name of the AppImageConfig.", "title": "AppImageConfigName", "type": "string" }, "ImageName": { "markdownDescription": "The name of the CustomImage. Must be unique to your account.", "title": "ImageName", "type": "string" }, "ImageVersionNumber": { "markdownDescription": "The version number of the CustomImage.", "title": "ImageVersionNumber", "type": "number" } }, "required": [ "AppImageConfigName", "ImageName" ], "type": "object" }, "AWS::SageMaker::Domain.CustomPosixUserConfig": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The POSIX group ID.", "title": "Gid", "type": "number" }, "Uid": { "markdownDescription": "The POSIX user ID.", "title": "Uid", "type": "number" } }, "required": [ "Gid", "Uid" ], "type": "object" }, "AWS::SageMaker::Domain.DefaultEbsStorageSettings": { "additionalProperties": false, "properties": { "DefaultEbsVolumeSizeInGb": { "markdownDescription": "The default size of the EBS storage volume for a space.", "title": "DefaultEbsVolumeSizeInGb", "type": "number" }, "MaximumEbsVolumeSizeInGb": { "markdownDescription": "The maximum size of the EBS storage volume for a space.", "title": "MaximumEbsVolumeSizeInGb", "type": "number" } }, "required": [ "DefaultEbsVolumeSizeInGb", "MaximumEbsVolumeSizeInGb" ], "type": "object" }, "AWS::SageMaker::Domain.DefaultSpaceSettings": { "additionalProperties": false, "properties": { "ExecutionRole": { "markdownDescription": "The ARN of the execution role for the space.", "title": "ExecutionRole", "type": "string" }, "JupyterServerAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", "markdownDescription": "The JupyterServer app settings.", "title": "JupyterServerAppSettings" }, "KernelGatewayAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", "markdownDescription": "The KernelGateway app settings.", "title": "KernelGatewayAppSettings" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security group IDs for the Amazon VPC that the space uses for communication.", "title": "SecurityGroups", "type": "array" } }, "required": [ "ExecutionRole" ], "type": "object" }, "AWS::SageMaker::Domain.DefaultSpaceStorageSettings": { "additionalProperties": false, "properties": { "DefaultEbsStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultEbsStorageSettings", "markdownDescription": "The default EBS storage settings for a space.", "title": "DefaultEbsStorageSettings" } }, "type": "object" }, "AWS::SageMaker::Domain.DockerSettings": { "additionalProperties": false, "properties": { "EnableDockerAccess": { "markdownDescription": "Indicates whether the domain can access Docker.", "title": "EnableDockerAccess", "type": "string" }, "VpcOnlyTrustedAccounts": { "items": { "type": "string" }, "markdownDescription": "The list of AWS accounts that are trusted when the domain is created in VPC-only mode.", "title": "VpcOnlyTrustedAccounts", "type": "array" } }, "type": "object" }, "AWS::SageMaker::Domain.DomainSettings": { "additionalProperties": false, "properties": { "DockerSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.DockerSettings", "markdownDescription": "A collection of settings that configure the domain's Docker interaction.", "title": "DockerSettings" }, "RStudioServerProDomainSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProDomainSettings", "markdownDescription": "A collection of settings that configure the `RStudioServerPro` Domain-level app.", "title": "RStudioServerProDomainSettings" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The security groups for the Amazon Virtual Private Cloud that the `Domain` uses for communication between Domain-level apps and user apps.", "title": "SecurityGroupIds", "type": "array" } }, "type": "object" }, "AWS::SageMaker::Domain.EFSFileSystemConfig": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The ID of your Amazon EFS file system.", "title": "FileSystemId", "type": "string" }, "FileSystemPath": { "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", "title": "FileSystemPath", "type": "string" } }, "required": [ "FileSystemId" ], "type": "object" }, "AWS::SageMaker::Domain.JupyterLabAppSettings": { "additionalProperties": false, "properties": { "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CodeRepository" }, "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", "title": "CodeRepositories", "type": "array" }, "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", "title": "DefaultResourceSpec" }, "LifecycleConfigArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", "title": "LifecycleConfigArns", "type": "array" } }, "type": "object" }, "AWS::SageMaker::Domain.JupyterServerAppSettings": { "additionalProperties": false, "properties": { "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Domain.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.\n\n> The Amazon SageMaker Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Domain.RSessionAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a RSession app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Domain.RStudioServerProAppSettings": { "additionalProperties": false, "properties": { "AccessStatus": { "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", "title": "AccessStatus", "type": "string" }, "UserGroup": { "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", "title": "UserGroup", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Domain.RStudioServerProDomainSettings": { "additionalProperties": false, "properties": { "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Domain.ResourceSpec", "markdownDescription": "A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain.", "title": "DefaultResourceSpec" }, "DomainExecutionRoleArn": { "markdownDescription": "The ARN of the execution role for the `RStudioServerPro` Domain-level app.", "title": "DomainExecutionRoleArn", "type": "string" }, "RStudioConnectUrl": { "markdownDescription": "A URL pointing to an RStudio Connect server.", "title": "RStudioConnectUrl", "type": "string" }, "RStudioPackageManagerUrl": { "markdownDescription": "A URL pointing to an RStudio Package Manager server.", "title": "RStudioPackageManagerUrl", "type": "string" } }, "required": [ "DomainExecutionRoleArn" ], "type": "object" }, "AWS::SageMaker::Domain.ResourceSpec": { "additionalProperties": false, "properties": { "InstanceType": { "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", "title": "InstanceType", "type": "string" }, "LifecycleConfigArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the Lifecycle Configuration attached to the Resource.", "title": "LifecycleConfigArn", "type": "string" }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker image that the image version belongs to.", "title": "SageMakerImageArn", "type": "string" }, "SageMakerImageVersionArn": { "markdownDescription": "The ARN of the image version created on the instance.", "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Domain.SharingSettings": { "additionalProperties": false, "properties": { "NotebookOutputOption": { "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "title": "NotebookOutputOption", "type": "string" }, "S3KmsKeyId": { "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", "title": "S3KmsKeyId", "type": "string" }, "S3OutputPath": { "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", "title": "S3OutputPath", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Domain.UserSettings": { "additionalProperties": false, "properties": { "CodeEditorAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.CodeEditorAppSettings", "markdownDescription": "The Code Editor application settings.", "title": "CodeEditorAppSettings" }, "CustomFileSystemConfigs": { "items": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomFileSystemConfig" }, "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio.", "title": "CustomFileSystemConfigs", "type": "array" }, "CustomPosixUserConfig": { "$ref": "#/definitions/AWS::SageMaker::Domain.CustomPosixUserConfig", "markdownDescription": "Details about the POSIX identity that is used for file system operations.", "title": "CustomPosixUserConfig" }, "DefaultLandingUri": { "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", "title": "DefaultLandingUri", "type": "string" }, "ExecutionRole": { "markdownDescription": "The execution role for the user.", "title": "ExecutionRole", "type": "string" }, "JupyterLabAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterLabAppSettings", "markdownDescription": "The settings for the JupyterLab application.", "title": "JupyterLabAppSettings" }, "JupyterServerAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.JupyterServerAppSettings", "markdownDescription": "The Jupyter server's app settings.", "title": "JupyterServerAppSettings" }, "KernelGatewayAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.KernelGatewayAppSettings", "markdownDescription": "The kernel gateway app settings.", "title": "KernelGatewayAppSettings" }, "RSessionAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.RSessionAppSettings", "markdownDescription": "A collection of settings that configure the `RSessionGateway` app.", "title": "RSessionAppSettings" }, "RStudioServerProAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.RStudioServerProAppSettings", "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", "title": "RStudioServerProAppSettings" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.", "title": "SecurityGroups", "type": "array" }, "SharingSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.SharingSettings", "markdownDescription": "Specifies options for sharing Amazon SageMaker Studio notebooks.", "title": "SharingSettings" }, "SpaceStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::Domain.DefaultSpaceStorageSettings", "markdownDescription": "The storage settings for a space.", "title": "SpaceStorageSettings" }, "StudioWebPortal": { "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", "title": "StudioWebPortal", "type": "string" } }, "required": [ "ExecutionRole" ], "type": "object" }, "AWS::SageMaker::Endpoint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeploymentConfig": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.DeploymentConfig", "markdownDescription": "The deployment configuration for an endpoint, which contains the desired deployment strategy and rollback configurations.", "title": "DeploymentConfig" }, "EndpointConfigName": { "markdownDescription": "The name of the [AWS::SageMaker::EndpointConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sagemaker-endpointconfig.html) resource that specifies the configuration for the endpoint. For more information, see [CreateEndpointConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html) .", "title": "EndpointConfigName", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint.The name must be unique within an AWS Region in your AWS account. The name is case-insensitive in `CreateEndpoint` , but the case is preserved and must be matched in [](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_runtime_InvokeEndpoint.html) .", "title": "EndpointName", "type": "string" }, "ExcludeRetainedVariantProperties": { "items": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.VariantProperty" }, "markdownDescription": "When you are updating endpoint resources with [RetainAllVariantProperties](https://docs.aws.amazon.com/sagemaker/latest/dg/API_UpdateEndpoint.html#SageMaker-UpdateEndpoint-request-RetainAllVariantProperties) whose value is set to `true` , `ExcludeRetainedVariantProperties` specifies the list of type [VariantProperty](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-endpoint-variantproperty.html) to override with the values provided by `EndpointConfig` . If you don't specify a value for `ExcludeAllVariantProperties` , no variant properties are overridden. Don't use this property when creating new endpoint resources or when `RetainAllVariantProperties` is set to `false` .", "title": "ExcludeRetainedVariantProperties", "type": "array" }, "RetainAllVariantProperties": { "markdownDescription": "When updating endpoint resources, enables or disables the retention of variant properties, such as the instance count or the variant weight. To retain the variant properties of an endpoint when updating it, set `RetainAllVariantProperties` to `true` . To use the variant properties specified in a new `EndpointConfig` call when updating an endpoint, set `RetainAllVariantProperties` to `false` . Use this property only when updating endpoint resources, not when creating new endpoint resources.", "title": "RetainAllVariantProperties", "type": "boolean" }, "RetainDeploymentConfig": { "markdownDescription": "Specifies whether to reuse the last deployment configuration. The default value is false (the configuration is not reused).", "title": "RetainDeploymentConfig", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "EndpointConfigName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Endpoint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Endpoint.Alarm": { "additionalProperties": false, "properties": { "AlarmName": { "markdownDescription": "The name of a CloudWatch alarm in your account.", "title": "AlarmName", "type": "string" } }, "required": [ "AlarmName" ], "type": "object" }, "AWS::SageMaker::Endpoint.AutoRollbackConfig": { "additionalProperties": false, "properties": { "Alarms": { "items": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.Alarm" }, "markdownDescription": "List of CloudWatch alarms in your account that are configured to monitor metrics on an endpoint. If any alarms are tripped during a deployment, SageMaker rolls back the deployment.", "title": "Alarms", "type": "array" } }, "required": [ "Alarms" ], "type": "object" }, "AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy": { "additionalProperties": false, "properties": { "MaximumExecutionTimeoutInSeconds": { "markdownDescription": "Maximum execution timeout for the deployment. Note that the timeout value should be larger than the total waiting time specified in `TerminationWaitInSeconds` and `WaitIntervalInSeconds` .", "title": "MaximumExecutionTimeoutInSeconds", "type": "number" }, "TerminationWaitInSeconds": { "markdownDescription": "Additional waiting time in seconds after the completion of an endpoint deployment before terminating the old endpoint fleet. Default is 0.", "title": "TerminationWaitInSeconds", "type": "number" }, "TrafficRoutingConfiguration": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.TrafficRoutingConfig", "markdownDescription": "Defines the traffic routing strategy to shift traffic from the old fleet to the new fleet during an endpoint deployment.", "title": "TrafficRoutingConfiguration" } }, "required": [ "TrafficRoutingConfiguration" ], "type": "object" }, "AWS::SageMaker::Endpoint.CapacitySize": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Specifies the endpoint capacity type.\n\n- `INSTANCE_COUNT` : The endpoint activates based on the number of instances.\n- `CAPACITY_PERCENT` : The endpoint activates based on the specified percentage of capacity.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Defines the capacity size, either as a number of instances or a capacity percentage.", "title": "Value", "type": "number" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::SageMaker::Endpoint.DeploymentConfig": { "additionalProperties": false, "properties": { "AutoRollbackConfiguration": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.AutoRollbackConfig", "markdownDescription": "Automatic rollback configuration for handling endpoint deployment failures and recovery.", "title": "AutoRollbackConfiguration" }, "BlueGreenUpdatePolicy": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.BlueGreenUpdatePolicy", "markdownDescription": "Update policy for a blue/green deployment. If this update policy is specified, SageMaker creates a new fleet during the deployment while maintaining the old fleet. SageMaker flips traffic to the new fleet according to the specified traffic routing configuration. Only one update policy should be used in the deployment configuration. If no update policy is specified, SageMaker uses a blue/green deployment strategy with all at once traffic shifting by default.", "title": "BlueGreenUpdatePolicy" }, "RollingUpdatePolicy": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.RollingUpdatePolicy", "markdownDescription": "Specifies a rolling deployment strategy for updating a SageMaker endpoint.", "title": "RollingUpdatePolicy" } }, "type": "object" }, "AWS::SageMaker::Endpoint.RollingUpdatePolicy": { "additionalProperties": false, "properties": { "MaximumBatchSize": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", "markdownDescription": "Batch size for each rolling step to provision capacity and turn on traffic on the new endpoint fleet, and terminate capacity on the old endpoint fleet. Value must be between 5% to 50% of the variant's total instance count.", "title": "MaximumBatchSize" }, "MaximumExecutionTimeoutInSeconds": { "markdownDescription": "The time limit for the total deployment. Exceeding this limit causes a timeout.", "title": "MaximumExecutionTimeoutInSeconds", "type": "number" }, "RollbackMaximumBatchSize": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", "markdownDescription": "Batch size for rollback to the old endpoint fleet. Each rolling step to provision capacity and turn on traffic on the old endpoint fleet, and terminate capacity on the new endpoint fleet. If this field is absent, the default value will be set to 100% of total capacity which means to bring up the whole capacity of the old fleet at once during rollback.", "title": "RollbackMaximumBatchSize" }, "WaitIntervalInSeconds": { "markdownDescription": "The length of the baking period, during which SageMaker monitors alarms for each batch on the new fleet.", "title": "WaitIntervalInSeconds", "type": "number" } }, "required": [ "MaximumBatchSize", "WaitIntervalInSeconds" ], "type": "object" }, "AWS::SageMaker::Endpoint.TrafficRoutingConfig": { "additionalProperties": false, "properties": { "CanarySize": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", "markdownDescription": "Batch size for the first step to turn on traffic on the new endpoint fleet. `Value` must be less than or equal to 50% of the variant's total instance count.", "title": "CanarySize" }, "LinearStepSize": { "$ref": "#/definitions/AWS::SageMaker::Endpoint.CapacitySize", "markdownDescription": "Batch size for each step to turn on traffic on the new endpoint fleet. `Value` must be 10-50% of the variant's total instance count.", "title": "LinearStepSize" }, "Type": { "markdownDescription": "Traffic routing strategy type.\n\n- `ALL_AT_ONCE` : Endpoint traffic shifts to the new fleet in a single step.\n- `CANARY` : Endpoint traffic shifts to the new fleet in two steps. The first step is the canary, which is a small portion of the traffic. The second step is the remainder of the traffic.\n- `LINEAR` : Endpoint traffic shifts to the new fleet in n steps of a configurable size.", "title": "Type", "type": "string" }, "WaitIntervalInSeconds": { "markdownDescription": "The waiting time (in seconds) between incremental steps to turn on traffic on the new endpoint fleet.", "title": "WaitIntervalInSeconds", "type": "number" } }, "required": [ "Type" ], "type": "object" }, "AWS::SageMaker::Endpoint.VariantProperty": { "additionalProperties": false, "properties": { "VariantPropertyType": { "markdownDescription": "The type of variant property. The supported values are:\n\n- `DesiredInstanceCount` : Overrides the existing variant instance counts using the [InitialInstanceCount](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialInstanceCount) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DesiredWeight` : Overrides the existing variant weights using the [InitialVariantWeight](https://docs.aws.amazon.com/sagemaker/latest/dg/API_ProductionVariant.html#SageMaker-Type-ProductionVariant-InitialVariantWeight) values in the [ProductionVariants](https://docs.aws.amazon.com/sagemaker/latest/dg/API_CreateEndpointConfig.html#SageMaker-CreateEndpointConfig-request-ProductionVariants) .\n- `DataCaptureConfig` : (Not currently supported.)", "title": "VariantPropertyType", "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AsyncInferenceConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceConfig", "markdownDescription": "Specifies configuration for how an endpoint performs asynchronous inference.", "title": "AsyncInferenceConfig" }, "DataCaptureConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.DataCaptureConfig", "markdownDescription": "Specifies how to capture endpoint data for model monitor. The data capture configuration applies to all production variants hosted at the endpoint.", "title": "DataCaptureConfig" }, "EnableNetworkIsolation": { "type": "boolean" }, "EndpointConfigName": { "markdownDescription": "The name of the endpoint configuration.", "title": "EndpointConfigName", "type": "string" }, "ExecutionRoleArn": { "type": "string" }, "ExplainerConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ExplainerConfig", "markdownDescription": "A parameter to activate explainers.", "title": "ExplainerConfig" }, "KmsKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Key Management Service key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance that hosts the endpoint.\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nThe KMS key policy must grant permission to the IAM role that you specify in your `CreateEndpoint` , `UpdateEndpoint` requests. For more information, refer to the AWS Key Management Service section [Using Key Policies in AWS KMS](https://docs.aws.amazon.com//kms/latest/developerguide/key-policies.html)\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `KmsKeyId` when using an instance type with local storage. If any of the models that you specify in the `ProductionVariants` parameter use nitro-based instances with local storage, do not specify a value for the `KmsKeyId` parameter. If you specify a value for `KmsKeyId` when using any nitro-based instances with local storage, the call to `CreateEndpointConfig` fails.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) .", "title": "KmsKeyId", "type": "string" }, "ProductionVariants": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" }, "markdownDescription": "A list of `ProductionVariant` objects, one for each model that you want to host at this endpoint.", "title": "ProductionVariants", "type": "array" }, "ShadowProductionVariants": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ProductionVariant" }, "markdownDescription": "Array of `ProductionVariant` objects. There is one for each model that you want to host at this endpoint in shadow mode with production traffic replicated from the model specified on `ProductionVariants` . If you use this field, you can only specify one variant for `ProductionVariants` and one variant for `ShadowProductionVariants` .", "title": "ShadowProductionVariants", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .", "title": "Tags", "type": "array" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.VpcConfig" } }, "required": [ "ProductionVariants" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::EndpointConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig": { "additionalProperties": false, "properties": { "MaxConcurrentInvocationsPerInstance": { "markdownDescription": "The maximum number of concurrent requests sent by the SageMaker client to the model container. If no value is provided, SageMaker will choose an optimal value for you.", "title": "MaxConcurrentInvocationsPerInstance", "type": "number" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.AsyncInferenceConfig": { "additionalProperties": false, "properties": { "ClientConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceClientConfig", "markdownDescription": "Configures the behavior of the client used by SageMaker to interact with the model container during asynchronous inference.", "title": "ClientConfig" }, "OutputConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig", "markdownDescription": "Specifies the configuration for asynchronous inference invocation outputs.", "title": "OutputConfig" } }, "required": [ "OutputConfig" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig": { "additionalProperties": false, "properties": { "ErrorTopic": { "markdownDescription": "Amazon SNS topic to post a notification to when an inference fails. If no topic is provided, no notification is sent on failure.", "title": "ErrorTopic", "type": "string" }, "IncludeInferenceResponseIn": { "items": { "type": "string" }, "markdownDescription": "The Amazon SNS topics where you want the inference response to be included.\n\n> The inference response is included only if the response size is less than or equal to 128 KB.", "title": "IncludeInferenceResponseIn", "type": "array" }, "SuccessTopic": { "markdownDescription": "Amazon SNS topic to post a notification to when an inference completes successfully. If no topic is provided, no notification is sent on success.", "title": "SuccessTopic", "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.AsyncInferenceOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the asynchronous inference output in Amazon S3.", "title": "KmsKeyId", "type": "string" }, "NotificationConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.AsyncInferenceNotificationConfig", "markdownDescription": "Specifies the configuration for notifications of inference results for asynchronous inference.", "title": "NotificationConfig" }, "S3FailurePath": { "markdownDescription": "The Amazon S3 location to upload failure inference responses to.", "title": "S3FailurePath", "type": "string" }, "S3OutputPath": { "markdownDescription": "The Amazon S3 location to upload inference responses to.", "title": "S3OutputPath", "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader": { "additionalProperties": false, "properties": { "CsvContentTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the CSV content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", "title": "CsvContentTypes", "type": "array" }, "JsonContentTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the JSON content types of the data that the endpoint captures. For the endpoint to capture the data, you must also specify the content type when you invoke the endpoint.", "title": "JsonContentTypes", "type": "array" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.CaptureOption": { "additionalProperties": false, "properties": { "CaptureMode": { "markdownDescription": "Specifies whether the endpoint captures input data or output data.", "title": "CaptureMode", "type": "string" } }, "required": [ "CaptureMode" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig": { "additionalProperties": false, "properties": { "EnableExplanations": { "markdownDescription": "A JMESPath boolean expression used to filter which records to explain. Explanations are activated by default. See [`EnableExplanations`](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-enable) for additional information.", "title": "EnableExplanations", "type": "string" }, "InferenceConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig", "markdownDescription": "The inference configuration parameter for the model container.", "title": "InferenceConfig" }, "ShapConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapConfig", "markdownDescription": "The configuration for SHAP analysis.", "title": "ShapConfig" } }, "required": [ "ShapConfig" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyFeatureType": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyHeader": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyInferenceConfig": { "additionalProperties": false, "properties": { "ContentTemplate": { "markdownDescription": "A template string used to format a JSON record into an acceptable model container input. For example, a `ContentTemplate` string `'{\"myfeatures\":$features}'` will format a list of features `[1,2,3]` into the record string `'{\"myfeatures\":[1,2,3]}'` . Required only when the model container input is in JSON Lines format.", "title": "ContentTemplate", "type": "string" }, "FeatureHeaders": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" }, "markdownDescription": "The names of the features. If provided, these are included in the endpoint response payload to help readability of the `InvokeEndpoint` output. See the [Response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", "title": "FeatureHeaders", "type": "array" }, "FeatureTypes": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyFeatureType" }, "markdownDescription": "A list of data types of the features (optional). Applicable only to NLP explainability. If provided, `FeatureTypes` must have at least one `'text'` string (for example, `['text']` ). If `FeatureTypes` is not provided, the explainer infers the feature types based on the baseline data. The feature types are included in the endpoint response payload. For additional information see the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information.", "title": "FeatureTypes", "type": "array" }, "FeaturesAttribute": { "markdownDescription": "Provides the JMESPath expression to extract the features from a model container input in JSON Lines format. For example, if `FeaturesAttribute` is the JMESPath expression `'myfeatures'` , it extracts a list of features `[1,2,3]` from request data `'{\"myfeatures\":[1,2,3]}'` .", "title": "FeaturesAttribute", "type": "string" }, "LabelAttribute": { "markdownDescription": "A JMESPath expression used to locate the list of label headers in the model container output.\n\n*Example* : If the model container output of a batch request is `'{\"labels\":[\"cat\",\"dog\",\"fish\"],\"probability\":[0.6,0.3,0.1]}'` , then set `LabelAttribute` to `'labels'` to extract the list of label headers `[\"cat\",\"dog\",\"fish\"]`", "title": "LabelAttribute", "type": "string" }, "LabelHeaders": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyHeader" }, "markdownDescription": "For multiclass classification problems, the label headers are the names of the classes. Otherwise, the label header is the name of the predicted label. These are used to help readability for the output of the `InvokeEndpoint` API. See the [response](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-invoke-endpoint.html#clarify-online-explainability-response) section under *Invoke the endpoint* in the Developer Guide for more information. If there are no label headers in the model container output, provide them manually using this parameter.", "title": "LabelHeaders", "type": "array" }, "LabelIndex": { "markdownDescription": "A zero-based index used to extract a label header or list of label headers from model container output in CSV format.\n\n*Example for a multiclass model:* If the model container output consists of label headers followed by probabilities: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `LabelIndex` to `0` to select the label headers `['cat','dog','fish']` .", "title": "LabelIndex", "type": "number" }, "MaxPayloadInMB": { "markdownDescription": "The maximum payload size (MB) allowed of a request from the explainer to the model container. Defaults to `6` MB.", "title": "MaxPayloadInMB", "type": "number" }, "MaxRecordCount": { "markdownDescription": "The maximum number of records in a request that the model container can process when querying the model container for the predictions of a [synthetic dataset](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html#clarify-online-explainability-create-endpoint-synthetic) . A record is a unit of input data that inference can be made on, for example, a single line in CSV data. If `MaxRecordCount` is `1` , the model container expects one record per request. A value of 2 or greater means that the model expects batch requests, which can reduce overhead and speed up the inferencing process. If this parameter is not provided, the explainer will tune the record count per request according to the model container's capacity at runtime.", "title": "MaxRecordCount", "type": "number" }, "ProbabilityAttribute": { "markdownDescription": "A JMESPath expression used to extract the probability (or score) from the model container output if the model container is in JSON Lines format.\n\n*Example* : If the model container output of a single request is `'{\"predicted_label\":1,\"probability\":0.6}'` , then set `ProbabilityAttribute` to `'probability'` .", "title": "ProbabilityAttribute", "type": "string" }, "ProbabilityIndex": { "markdownDescription": "A zero-based index used to extract a probability value (score) or list from model container output in CSV format. If this value is not provided, the entire model container output will be treated as a probability value (score) or list.\n\n*Example for a single class model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'1,0.6'` , set `ProbabilityIndex` to `1` to select the probability value `0.6` .\n\n*Example for a multiclass model:* If the model container output consists of a string-formatted prediction label followed by its probability: `'\"[\\'cat\\',\\'dog\\',\\'fish\\']\",\"[0.1,0.6,0.3]\"'` , set `ProbabilityIndex` to `1` to select the probability values `[0.1,0.6,0.3]` .", "title": "ProbabilityIndex", "type": "number" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig": { "additionalProperties": false, "properties": { "MimeType": { "markdownDescription": "The MIME type of the baseline data. Choose from `'text/csv'` or `'application/jsonlines'` . Defaults to `'text/csv'` .", "title": "MimeType", "type": "string" }, "ShapBaseline": { "markdownDescription": "The inline SHAP baseline data in string format. `ShapBaseline` can have one or multiple records to be used as the baseline dataset. The format of the SHAP baseline file should be the same format as the training dataset. For example, if the training dataset is in CSV format and each record contains four features, and all features are numerical, then the format of the baseline data should also share these characteristics. For natural language processing (NLP) of text columns, the baseline value should be the value used to replace the unit of text specified by the `Granularity` of the `TextConfig` parameter. The size limit for `ShapBasline` is 4 KB. Use the `ShapBaselineUri` parameter if you want to provide more than 4 KB of baseline data.", "title": "ShapBaseline", "type": "string" }, "ShapBaselineUri": { "markdownDescription": "The uniform resource identifier (URI) of the S3 bucket where the SHAP baseline file is stored. The format of the SHAP baseline file should be the same format as the format of the training dataset. For example, if the training dataset is in CSV format, and each record in the training dataset has four features, and all features are numerical, then the baseline file should also have this same format. Each record should contain only the features. If you are using a virtual private cloud (VPC), the `ShapBaselineUri` should be accessible to the VPC. For more information about setting up endpoints with Amazon Virtual Private Cloud, see [Give SageMaker access to Resources in your Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) .", "title": "ShapBaselineUri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyShapConfig": { "additionalProperties": false, "properties": { "NumberOfSamples": { "markdownDescription": "The number of samples to be used for analysis by the Kernal SHAP algorithm.\n\n> The number of samples determines the size of the synthetic dataset, which has an impact on latency of explainability requests. For more information, see the *Synthetic data* of [Configure and create an endpoint](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-online-explainability-create-endpoint.html) .", "title": "NumberOfSamples", "type": "number" }, "Seed": { "markdownDescription": "The starting value used to initialize the random number generator in the explainer. Provide a value for this parameter to obtain a deterministic SHAP result.", "title": "Seed", "type": "number" }, "ShapBaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyShapBaselineConfig", "markdownDescription": "The configuration for the SHAP baseline of the Kernal SHAP algorithm.", "title": "ShapBaselineConfig" }, "TextConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyTextConfig", "markdownDescription": "A parameter that indicates if text features are treated as text and explanations are provided for individual units of text. Required for natural language processing (NLP) explainability only.", "title": "TextConfig" }, "UseLogit": { "markdownDescription": "A Boolean toggle to indicate if you want to use the logit function (true) or log-odds units (false) for model predictions. Defaults to false.", "title": "UseLogit", "type": "boolean" } }, "required": [ "ShapBaselineConfig" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.ClarifyTextConfig": { "additionalProperties": false, "properties": { "Granularity": { "markdownDescription": "The unit of granularity for the analysis of text features. For example, if the unit is `'token'` , then each token (like a word in English) of the text is treated as a feature. SHAP values are computed for each unit/feature.", "title": "Granularity", "type": "string" }, "Language": { "markdownDescription": "Specifies the language of the text features in [ISO 639-1](https://docs.aws.amazon.com/ https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes) or [ISO 639-3](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/ISO_639-3) code of a supported language.\n\n> For a mix of multiple languages, use code `'xx'` .", "title": "Language", "type": "string" } }, "required": [ "Granularity", "Language" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.DataCaptureConfig": { "additionalProperties": false, "properties": { "CaptureContentTypeHeader": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureContentTypeHeader", "markdownDescription": "A list of the JSON and CSV content type that the endpoint captures.", "title": "CaptureContentTypeHeader" }, "CaptureOptions": { "items": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.CaptureOption" }, "markdownDescription": "Specifies whether the endpoint captures input data to your model, output data from your model, or both.", "title": "CaptureOptions", "type": "array" }, "DestinationS3Uri": { "markdownDescription": "The S3 bucket where model monitor stores captured data.", "title": "DestinationS3Uri", "type": "string" }, "EnableCapture": { "markdownDescription": "Set to `True` to enable data capture.", "title": "EnableCapture", "type": "boolean" }, "InitialSamplingPercentage": { "markdownDescription": "The percentage of data to capture.", "title": "InitialSamplingPercentage", "type": "number" }, "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the captured data at rest using Amazon S3 server-side encryption. The KmsKeyId can be any of the following formats: Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab Key ARN: arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab Alias name: alias/ExampleAlias Alias name ARN: arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias If you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see KMS-Managed Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the Amazon Simple Storage Service Developer Guide. The KMS key policy must grant permission to the IAM role that you specify in your CreateModel (https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see Using Key Policies in AWS KMS (http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the AWS Key Management Service Developer Guide.", "title": "KmsKeyId", "type": "string" } }, "required": [ "CaptureOptions", "DestinationS3Uri", "InitialSamplingPercentage" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.ExplainerConfig": { "additionalProperties": false, "properties": { "ClarifyExplainerConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ClarifyExplainerConfig", "markdownDescription": "A member of `ExplainerConfig` that contains configuration parameters for the SageMaker Clarify explainer.", "title": "ClarifyExplainerConfig" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.ManagedInstanceScaling": { "additionalProperties": false, "properties": { "MaxInstanceCount": { "type": "number" }, "MinInstanceCount": { "type": "number" }, "Status": { "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.ProductionVariant": { "additionalProperties": false, "properties": { "AcceleratorType": { "markdownDescription": "The size of the Elastic Inference (EI) instance to use for the production variant. EI instances provide on-demand GPU computing for inference. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) . For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .", "title": "AcceleratorType", "type": "string" }, "ContainerStartupHealthCheckTimeoutInSeconds": { "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by SageMaker Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", "title": "ContainerStartupHealthCheckTimeoutInSeconds", "type": "number" }, "EnableSSMAccess": { "markdownDescription": "You can use this parameter to turn on native AWS Systems Manager (SSM) access for a production variant behind an endpoint. By default, SSM access is disabled for all production variants behind an endpoint. You can turn on or turn off SSM access for a production variant behind an existing endpoint by creating a new endpoint configuration and calling `UpdateEndpoint` .", "title": "EnableSSMAccess", "type": "boolean" }, "InitialInstanceCount": { "markdownDescription": "Number of instances to launch initially.", "title": "InitialInstanceCount", "type": "number" }, "InitialVariantWeight": { "markdownDescription": "Determines initial traffic distribution among all of the models that you specify in the endpoint configuration. The traffic to a production variant is determined by the ratio of the `VariantWeight` to the sum of all `VariantWeight` values across all ProductionVariants. If unspecified, it defaults to 1.0.", "title": "InitialVariantWeight", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type.", "title": "InstanceType", "type": "string" }, "ManagedInstanceScaling": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ManagedInstanceScaling" }, "ModelDataDownloadTimeoutInSeconds": { "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this production variant.", "title": "ModelDataDownloadTimeoutInSeconds", "type": "number" }, "ModelName": { "markdownDescription": "The name of the model that you want to host. This is the name that you specified when creating the model.", "title": "ModelName", "type": "string" }, "RoutingConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.RoutingConfig" }, "ServerlessConfig": { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig.ServerlessConfig", "markdownDescription": "The serverless configuration for an endpoint. Specifies a serverless endpoint configuration instead of an instance-based endpoint configuration.", "title": "ServerlessConfig" }, "VariantName": { "markdownDescription": "The name of the production variant.", "title": "VariantName", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size, in GB, of the ML storage volume attached to individual inference instance associated with the production variant. Currently only Amazon EBS gp2 storage volumes are supported.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "VariantName" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.RoutingConfig": { "additionalProperties": false, "properties": { "RoutingStrategy": { "type": "string" } }, "type": "object" }, "AWS::SageMaker::EndpointConfig.ServerlessConfig": { "additionalProperties": false, "properties": { "MaxConcurrency": { "markdownDescription": "The maximum number of concurrent invocations your serverless endpoint can process.", "title": "MaxConcurrency", "type": "number" }, "MemorySizeInMB": { "markdownDescription": "The memory size of your serverless endpoint. Valid values are in 1 GB increments: 1024 MB, 2048 MB, 3072 MB, 4096 MB, 5120 MB, or 6144 MB.", "title": "MemorySizeInMB", "type": "number" }, "ProvisionedConcurrency": { "markdownDescription": "The amount of provisioned concurrency to allocate for the serverless endpoint. Should be less than or equal to `MaxConcurrency` .\n\n> This field is not supported for serverless endpoint recommendations for Inference Recommender jobs. For more information about creating an Inference Recommender job, see [CreateInferenceRecommendationsJobs](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateInferenceRecommendationsJob.html) .", "title": "ProvisionedConcurrency", "type": "number" } }, "required": [ "MaxConcurrency", "MemorySizeInMB" ], "type": "object" }, "AWS::SageMaker::EndpointConfig.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "type": "array" }, "Subnets": { "items": { "type": "string" }, "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::FeatureGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A free form description of a `FeatureGroup` .", "title": "Description", "type": "string" }, "EventTimeFeatureName": { "markdownDescription": "The name of the feature that stores the `EventTime` of a Record in a `FeatureGroup` .\n\nA `EventTime` is point in time when a new event occurs that corresponds to the creation or update of a `Record` in `FeatureGroup` . All `Records` in the `FeatureGroup` must have a corresponding `EventTime` .", "title": "EventTimeFeatureName", "type": "string" }, "FeatureDefinitions": { "items": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.FeatureDefinition" }, "markdownDescription": "A list of `Feature` s. Each `Feature` must include a `FeatureName` and a `FeatureType` .\n\nValid `FeatureType` s are `Integral` , `Fractional` and `String` .\n\n`FeatureName` s cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nYou can create up to 2,500 `FeatureDefinition` s per `FeatureGroup` .", "title": "FeatureDefinitions", "type": "array" }, "FeatureGroupName": { "markdownDescription": "The name of the `FeatureGroup` .", "title": "FeatureGroupName", "type": "string" }, "OfflineStoreConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OfflineStoreConfig", "markdownDescription": "The configuration of an `OfflineStore` .", "title": "OfflineStoreConfig" }, "OnlineStoreConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreConfig", "markdownDescription": "The configuration of an `OnlineStore` .", "title": "OnlineStoreConfig" }, "RecordIdentifierFeatureName": { "markdownDescription": "The name of the `Feature` whose value uniquely identifies a `Record` defined in the `FeatureGroup` `FeatureDefinitions` .", "title": "RecordIdentifierFeatureName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM execution role used to create the feature group.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Tags used to define a `FeatureGroup` .", "title": "Tags", "type": "array" }, "ThroughputConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.ThroughputConfig", "markdownDescription": "Used to set feature group throughput configuration. There are two modes: `ON_DEMAND` and `PROVISIONED` . With on-demand mode, you are charged for data reads and writes that your application performs on your feature group. You do not need to specify read and write throughput because Feature Store accommodates your workloads as they ramp up and down. You can switch a feature group to on-demand only once in a 24 hour period. With provisioned throughput mode, you specify the read and write capacity per second that you expect your application to require, and you are billed based on those limits. Exceeding provisioned throughput will result in your requests being throttled.\n\nNote: `PROVISIONED` throughput mode is supported only for feature groups that are offline-only, or use the [`Standard`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_OnlineStoreConfig.html#sagemaker-Type-OnlineStoreConfig-StorageType) tier online store.", "title": "ThroughputConfig" } }, "required": [ "EventTimeFeatureName", "FeatureDefinitions", "FeatureGroupName", "RecordIdentifierFeatureName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::FeatureGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.DataCatalogConfig": { "additionalProperties": false, "properties": { "Catalog": { "markdownDescription": "The name of the Glue table catalog.", "title": "Catalog", "type": "string" }, "Database": { "markdownDescription": "The name of the Glue table database.", "title": "Database", "type": "string" }, "TableName": { "markdownDescription": "The name of the Glue table.", "title": "TableName", "type": "string" } }, "required": [ "Catalog", "Database", "TableName" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.FeatureDefinition": { "additionalProperties": false, "properties": { "FeatureName": { "markdownDescription": "The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` .\n\nThe name:\n\n- Must start with an alphanumeric character.\n- Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed.", "title": "FeatureName", "type": "string" }, "FeatureType": { "markdownDescription": "The value type of a feature. Valid values are Integral, Fractional, or String.", "title": "FeatureType", "type": "string" } }, "required": [ "FeatureName", "FeatureType" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.OfflineStoreConfig": { "additionalProperties": false, "properties": { "DataCatalogConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.DataCatalogConfig", "markdownDescription": "The meta data of the Glue table that is autogenerated when an `OfflineStore` is created.", "title": "DataCatalogConfig" }, "DisableGlueTableCreation": { "markdownDescription": "Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) .\n\nThe default value is `False` .", "title": "DisableGlueTableCreation", "type": "boolean" }, "S3StorageConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.S3StorageConfig", "markdownDescription": "The Amazon Simple Storage (Amazon S3) location of `OfflineStore` .", "title": "S3StorageConfig" }, "TableFormat": { "markdownDescription": "Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) .", "title": "TableFormat", "type": "string" } }, "required": [ "S3StorageConfig" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.OnlineStoreConfig": { "additionalProperties": false, "properties": { "EnableOnlineStore": { "markdownDescription": "Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag.\n\nThe default value is `False` .", "title": "EnableOnlineStore", "type": "boolean" }, "SecurityConfig": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig", "markdownDescription": "Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` .", "title": "SecurityConfig" }, "StorageType": { "markdownDescription": "Option for different tiers of low latency storage for real-time data retrieval.\n\n- `Standard` : A managed low latency data store for feature groups.\n- `InMemory` : A managed data store for feature groups that supports very low latency retrieval.", "title": "StorageType", "type": "string" }, "TtlDuration": { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup.TtlDuration", "markdownDescription": "Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide.", "title": "TtlDuration" } }, "type": "object" }, "AWS::SageMaker::FeatureGroup.OnlineStoreSecurityConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.\n\nThe caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` :\n\n- `\"kms:Encrypt\"`\n- `\"kms:Decrypt\"`\n- `\"kms:DescribeKey\"`\n- `\"kms:CreateGrant\"`\n- `\"kms:RetireGrant\"`\n- `\"kms:ReEncryptFrom\"`\n- `\"kms:ReEncryptTo\"`\n- `\"kms:GenerateDataKey\"`\n- `\"kms:ListAliases\"`\n- `\"kms:ListGrants\"`\n- `\"kms:RevokeGrant\"`\n\nThe caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` :\n\n- `\"kms:Decrypt\"`", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::SageMaker::FeatureGroup.S3StorageConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location.\n\nThe IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` :\n\n- `\"kms:GenerateDataKey\"`", "title": "KmsKeyId", "type": "string" }, "S3Uri": { "markdownDescription": "The S3 URI, or location in Amazon S3, of `OfflineStore` .\n\nS3 URIs have a format similar to the following: `s3://example-bucket/prefix/` .", "title": "S3Uri", "type": "string" } }, "required": [ "S3Uri" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.ThroughputConfig": { "additionalProperties": false, "properties": { "ProvisionedReadCapacityUnits": { "markdownDescription": "For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", "title": "ProvisionedReadCapacityUnits", "type": "number" }, "ProvisionedWriteCapacityUnits": { "markdownDescription": "For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling.\n\nThis field is not applicable for on-demand feature groups.", "title": "ProvisionedWriteCapacityUnits", "type": "number" }, "ThroughputMode": { "markdownDescription": "The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` .", "title": "ThroughputMode", "type": "string" } }, "required": [ "ThroughputMode" ], "type": "object" }, "AWS::SageMaker::FeatureGroup.TtlDuration": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "`TtlDuration` time unit.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "`TtlDuration` time value.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::SageMaker::Image": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ImageDescription": { "markdownDescription": "The description of the image.", "title": "ImageDescription", "type": "string" }, "ImageDisplayName": { "markdownDescription": "The display name of the image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 128.\n\n*Pattern* : `^\\S(.*\\S)?$`", "title": "ImageDisplayName", "type": "string" }, "ImageName": { "markdownDescription": "The name of the Image. Must be unique by region in your account.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", "title": "ImageName", "type": "string" }, "ImageRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that enables Amazon SageMaker to perform tasks on your behalf.\n\n*Length Constraints* : Minimum length of 20. Maximum length of 2048.\n\n*Pattern* : `^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$`", "title": "ImageRoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\n*Array Members* : Minimum number of 0 items. Maximum number of 50 items.", "title": "Tags", "type": "array" } }, "required": [ "ImageName", "ImageRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Image" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ImageVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Alias": { "markdownDescription": "", "title": "Alias", "type": "string" }, "Aliases": { "items": { "type": "string" }, "markdownDescription": "", "title": "Aliases", "type": "array" }, "BaseImage": { "markdownDescription": "The container image that the SageMaker image version is based on.", "title": "BaseImage", "type": "string" }, "Horovod": { "markdownDescription": "", "title": "Horovod", "type": "boolean" }, "ImageName": { "markdownDescription": "The name of the parent image.\n\n*Length Constraints* : Minimum length of 1. Maximum length of 63.\n\n*Pattern* : `^[a-zA-Z0-9]([-.]?[a-zA-Z0-9]){0,62}$`", "title": "ImageName", "type": "string" }, "JobType": { "markdownDescription": "", "title": "JobType", "type": "string" }, "MLFramework": { "markdownDescription": "", "title": "MLFramework", "type": "string" }, "Processor": { "markdownDescription": "", "title": "Processor", "type": "string" }, "ProgrammingLang": { "markdownDescription": "", "title": "ProgrammingLang", "type": "string" }, "ReleaseNotes": { "markdownDescription": "", "title": "ReleaseNotes", "type": "string" }, "VendorGuidance": { "markdownDescription": "", "title": "VendorGuidance", "type": "string" } }, "required": [ "BaseImage", "ImageName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ImageVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::InferenceComponent": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the endpoint that hosts the inference component.", "title": "EndpointArn", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint that hosts the inference component.", "title": "EndpointName", "type": "string" }, "InferenceComponentName": { "markdownDescription": "The name of the inference component.", "title": "InferenceComponentName", "type": "string" }, "RuntimeConfig": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig", "markdownDescription": "", "title": "RuntimeConfig" }, "Specification": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentSpecification", "markdownDescription": "", "title": "Specification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "", "title": "Tags", "type": "array" }, "VariantName": { "markdownDescription": "The name of the production variant that hosts the inference component.", "title": "VariantName", "type": "string" } }, "required": [ "EndpointName", "RuntimeConfig", "Specification", "VariantName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::InferenceComponent" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::InferenceComponent.DeployedImage": { "additionalProperties": false, "properties": { "ResolutionTime": { "markdownDescription": "The date and time when the image path for the model resolved to the `ResolvedImage`", "title": "ResolutionTime", "type": "string" }, "ResolvedImage": { "markdownDescription": "The specific digest path of the image hosted in this `ProductionVariant` .", "title": "ResolvedImage", "type": "string" }, "SpecifiedImage": { "markdownDescription": "The image path you specified when you created the model.", "title": "SpecifiedImage", "type": "string" } }, "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements": { "additionalProperties": false, "properties": { "MaxMemoryRequiredInMb": { "markdownDescription": "The maximum MB of memory to allocate to run a model that you assign to an inference component.", "title": "MaxMemoryRequiredInMb", "type": "number" }, "MinMemoryRequiredInMb": { "markdownDescription": "The minimum MB of memory to allocate to run a model that you assign to an inference component.", "title": "MinMemoryRequiredInMb", "type": "number" }, "NumberOfAcceleratorDevicesRequired": { "markdownDescription": "The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia.", "title": "NumberOfAcceleratorDevicesRequired", "type": "number" }, "NumberOfCpuCoresRequired": { "markdownDescription": "The number of CPU cores to allocate to run a model that you assign to an inference component.", "title": "NumberOfCpuCoresRequired", "type": "number" } }, "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification": { "additionalProperties": false, "properties": { "ArtifactUrl": { "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", "title": "ArtifactUrl", "type": "string" }, "DeployedImage": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.DeployedImage", "markdownDescription": "", "title": "DeployedImage" }, "Environment": { "additionalProperties": true, "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "Image": { "markdownDescription": "The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored.", "title": "Image", "type": "string" } }, "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentRuntimeConfig": { "additionalProperties": false, "properties": { "CopyCount": { "markdownDescription": "The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests.", "title": "CopyCount", "type": "number" }, "CurrentCopyCount": { "markdownDescription": "", "title": "CurrentCopyCount", "type": "number" }, "DesiredCopyCount": { "markdownDescription": "", "title": "DesiredCopyCount", "type": "number" } }, "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentSpecification": { "additionalProperties": false, "properties": { "ComputeResourceRequirements": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentComputeResourceRequirements", "markdownDescription": "The compute resources allocated to run the model assigned to the inference component.", "title": "ComputeResourceRequirements" }, "Container": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentContainerSpecification", "markdownDescription": "Defines a container that provides the runtime environment for a model that you deploy with an inference component.", "title": "Container" }, "ModelName": { "markdownDescription": "The name of an existing SageMaker model object in your account that you want to deploy with the inference component.", "title": "ModelName", "type": "string" }, "StartupParameters": { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters", "markdownDescription": "Settings that take effect while the model container starts up.", "title": "StartupParameters" } }, "required": [ "ComputeResourceRequirements" ], "type": "object" }, "AWS::SageMaker::InferenceComponent.InferenceComponentStartupParameters": { "additionalProperties": false, "properties": { "ContainerStartupHealthCheckTimeoutInSeconds": { "markdownDescription": "The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) .", "title": "ContainerStartupHealthCheckTimeoutInSeconds", "type": "number" }, "ModelDataDownloadTimeoutInSeconds": { "markdownDescription": "The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component.", "title": "ModelDataDownloadTimeoutInSeconds", "type": "number" } }, "type": "object" }, "AWS::SageMaker::InferenceExperiment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DataStorageConfig": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.DataStorageConfig", "markdownDescription": "The Amazon S3 location and configuration for storing inference request and response data.", "title": "DataStorageConfig" }, "Description": { "markdownDescription": "The description of the inference experiment.", "title": "Description", "type": "string" }, "DesiredState": { "markdownDescription": "The desired state of the experiment after stopping. The possible states are the following:\n\n- `Completed` : The experiment completed successfully\n- `Cancelled` : The experiment was canceled", "title": "DesiredState", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint.", "title": "EndpointName", "type": "string" }, "KmsKey": { "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", "title": "KmsKey", "type": "string" }, "ModelVariants": { "items": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelVariantConfig" }, "markdownDescription": "An array of `ModelVariantConfigSummary` objects. There is one for each variant in the inference experiment. Each `ModelVariantConfigSummary` object in the array describes the infrastructure configuration for deploying the corresponding variant.", "title": "ModelVariants", "type": "array" }, "Name": { "markdownDescription": "The name of the inference experiment.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the IAM role that Amazon SageMaker can assume to access model artifacts and container images, and manage Amazon SageMaker Inference endpoints for model deployment.", "title": "RoleArn", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule", "markdownDescription": "The duration for which the inference experiment ran or will run.\n\nThe maximum duration that you can set for an inference experiment is 30 days.", "title": "Schedule" }, "ShadowModeConfig": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModeConfig", "markdownDescription": "The configuration of `ShadowMode` inference experiment type, which shows the production variant that takes all the inference requests, and the shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant it also shows the percentage of requests that Amazon SageMaker replicates.", "title": "ShadowModeConfig" }, "StatusReason": { "markdownDescription": "The error message for the inference experiment status result.", "title": "StatusReason", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of the inference experiment.", "title": "Type", "type": "string" } }, "required": [ "EndpointName", "ModelVariants", "Name", "RoleArn", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::InferenceExperiment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader": { "additionalProperties": false, "properties": { "CsvContentTypes": { "items": { "type": "string" }, "markdownDescription": "The list of all content type headers that Amazon SageMaker will treat as CSV and capture accordingly.", "title": "CsvContentTypes", "type": "array" }, "JsonContentTypes": { "items": { "type": "string" }, "markdownDescription": "The list of all content type headers that SageMaker will treat as JSON and capture accordingly.", "title": "JsonContentTypes", "type": "array" } }, "type": "object" }, "AWS::SageMaker::InferenceExperiment.DataStorageConfig": { "additionalProperties": false, "properties": { "ContentType": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.CaptureContentTypeHeader", "markdownDescription": "Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data.", "title": "ContentType" }, "Destination": { "markdownDescription": "The Amazon S3 bucket where the inference request and response data is stored.", "title": "Destination", "type": "string" }, "KmsKey": { "markdownDescription": "The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption.", "title": "KmsKey", "type": "string" } }, "required": [ "Destination" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.EndpointMetadata": { "additionalProperties": false, "properties": { "EndpointConfigName": { "markdownDescription": "The name of the endpoint configuration.", "title": "EndpointConfigName", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint.", "title": "EndpointName", "type": "string" }, "EndpointStatus": { "markdownDescription": "The status of the endpoint. For possible values of the status of an endpoint, see [](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sagemaker-inferenceexperiment-endpointmetadata.html#cfn-sagemaker-inferenceexperiment-endpointmetadata-endpointstatus) .", "title": "EndpointStatus", "type": "string" } }, "required": [ "EndpointName" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.InferenceExperimentSchedule": { "additionalProperties": false, "properties": { "EndTime": { "markdownDescription": "The timestamp at which the inference experiment ended or will end.", "title": "EndTime", "type": "string" }, "StartTime": { "markdownDescription": "The timestamp at which the inference experiment started or will start.", "title": "StartTime", "type": "string" } }, "type": "object" }, "AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig": { "additionalProperties": false, "properties": { "InfrastructureType": { "markdownDescription": "The inference option to which to deploy your model. Possible values are the following:\n\n- `RealTime` : Deploy to real-time inference.", "title": "InfrastructureType", "type": "string" }, "RealTimeInferenceConfig": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig", "markdownDescription": "The infrastructure configuration for deploying the model to real-time inference.", "title": "RealTimeInferenceConfig" } }, "required": [ "InfrastructureType", "RealTimeInferenceConfig" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.ModelVariantConfig": { "additionalProperties": false, "properties": { "InfrastructureConfig": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ModelInfrastructureConfig", "markdownDescription": "The configuration for the infrastructure that the model will be deployed to.", "title": "InfrastructureConfig" }, "ModelName": { "markdownDescription": "The name of the Amazon SageMaker Model entity.", "title": "ModelName", "type": "string" }, "VariantName": { "markdownDescription": "The name of the variant.", "title": "VariantName", "type": "string" } }, "required": [ "InfrastructureConfig", "ModelName", "VariantName" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.RealTimeInferenceConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of instances of the type specified by `InstanceType` .", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The instance type the model is deployed to.", "title": "InstanceType", "type": "string" } }, "required": [ "InstanceCount", "InstanceType" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.ShadowModeConfig": { "additionalProperties": false, "properties": { "ShadowModelVariants": { "items": { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig" }, "markdownDescription": "List of shadow variant configurations.", "title": "ShadowModelVariants", "type": "array" }, "SourceModelVariantName": { "markdownDescription": "The name of the production variant, which takes all the inference requests.", "title": "SourceModelVariantName", "type": "string" } }, "required": [ "ShadowModelVariants", "SourceModelVariantName" ], "type": "object" }, "AWS::SageMaker::InferenceExperiment.ShadowModelVariantConfig": { "additionalProperties": false, "properties": { "SamplingPercentage": { "markdownDescription": "The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant.", "title": "SamplingPercentage", "type": "number" }, "ShadowModelVariantName": { "markdownDescription": "The name of the shadow variant.", "title": "ShadowModelVariantName", "type": "string" } }, "required": [ "SamplingPercentage", "ShadowModelVariantName" ], "type": "object" }, "AWS::SageMaker::Model": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition" }, "markdownDescription": "Specifies the containers in the inference pipeline.", "title": "Containers", "type": "array" }, "EnableNetworkIsolation": { "markdownDescription": "Isolates the model container. No inbound or outbound network calls can be made to or from the model container.", "title": "EnableNetworkIsolation", "type": "boolean" }, "ExecutionRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that SageMaker can assume to access model artifacts and docker image for deployment on ML compute instances or for batch transform jobs. Deploying on ML compute instances is part of model hosting. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", "title": "ExecutionRoleArn", "type": "string" }, "InferenceExecutionConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.InferenceExecutionConfig", "markdownDescription": "Specifies details of how containers in a multi-container endpoint are called.", "title": "InferenceExecutionConfig" }, "ModelName": { "markdownDescription": "The name of the new model.", "title": "ModelName", "type": "string" }, "PrimaryContainer": { "$ref": "#/definitions/AWS::SageMaker::Model.ContainerDefinition", "markdownDescription": "The location of the primary docker image containing inference code, associated artifacts, and custom environment map that the inference code uses when the model is deployed for predictions.", "title": "PrimaryContainer" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.VpcConfig", "markdownDescription": "A [VpcConfig](https://docs.aws.amazon.com/sagemaker/latest/dg/API_VpcConfig.html) object that specifies the VPC that you want your model to connect to. Control access to and from your model container by configuring the VPC. `VpcConfig` is used in hosting services and in batch transform. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Data in Batch Transform Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/batch-vpc.html) .", "title": "VpcConfig" } }, "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Model" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SageMaker::Model.ContainerDefinition": { "additionalProperties": false, "properties": { "ContainerHostname": { "markdownDescription": "This parameter is ignored for models that contain only a `PrimaryContainer` .\n\nWhen a `ContainerDefinition` is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html) . If you don't specify a value for this parameter for a `ContainerDefinition` that is part of an inference pipeline, a unique name is automatically assigned based on the position of the `ContainerDefinition` in the pipeline. If you specify a value for the `ContainerHostName` for any `ContainerDefinition` that is part of an inference pipeline, you must specify a value for the `ContainerHostName` parameter of every `ContainerDefinition` in that pipeline.", "title": "ContainerHostname", "type": "string" }, "Environment": { "markdownDescription": "The environment variables to set in the Docker container.\n\nThe maximum length of each key and value in the `Environment` map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a `CreateModel` request, then the maximum length of all of their maps, combined, is also 32 KB.", "title": "Environment", "type": "object" }, "Image": { "markdownDescription": "The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", "title": "Image", "type": "string" }, "ImageConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.ImageConfig", "markdownDescription": "Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) .\n\n> The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating.", "title": "ImageConfig" }, "InferenceSpecificationName": { "markdownDescription": "The inference specification name in the model package version.", "title": "InferenceSpecificationName", "type": "string" }, "Mode": { "markdownDescription": "Whether the container hosts a single model or multiple models.", "title": "Mode", "type": "string" }, "ModelDataSource": { "$ref": "#/definitions/AWS::SageMaker::Model.ModelDataSource", "markdownDescription": "Specifies the location of ML model data to deploy.\n\n> Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace.", "title": "ModelDataSource" }, "ModelDataUrl": { "markdownDescription": "The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html) .\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model or endpoint you are creating. \n\nIf you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the *AWS Identity and Access Management User Guide* .\n\n> If you use a built-in algorithm to create a model, SageMaker requires that you provide a S3 path to the model artifacts in `ModelDataUrl` .", "title": "ModelDataUrl", "type": "string" }, "ModelPackageName": { "markdownDescription": "The name or Amazon Resource Name (ARN) of the model package to use to create the model.", "title": "ModelPackageName", "type": "string" }, "MultiModelConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.MultiModelConfig", "markdownDescription": "Specifies additional configuration for multi-model endpoints.", "title": "MultiModelConfig" } }, "type": "object" }, "AWS::SageMaker::Model.ImageConfig": { "additionalProperties": false, "properties": { "RepositoryAccessMode": { "markdownDescription": "Set this to one of the following values:\n\n- `Platform` - The model image is hosted in Amazon ECR.\n- `Vpc` - The model image is hosted in a private Docker registry in your VPC.", "title": "RepositoryAccessMode", "type": "string" }, "RepositoryAuthConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.RepositoryAuthConfig", "markdownDescription": "(Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication.", "title": "RepositoryAuthConfig" } }, "required": [ "RepositoryAccessMode" ], "type": "object" }, "AWS::SageMaker::Model.InferenceExecutionConfig": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "How containers in a multi-container are run. The following values are valid.\n\n- `Serial` - Containers run as a serial pipeline.\n- `Direct` - Only the individual container that you specify is run.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::SageMaker::Model.ModelAccessConfig": { "additionalProperties": false, "properties": { "AcceptEula": { "markdownDescription": "Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model.", "title": "AcceptEula", "type": "boolean" } }, "required": [ "AcceptEula" ], "type": "object" }, "AWS::SageMaker::Model.ModelDataSource": { "additionalProperties": false, "properties": { "S3DataSource": { "$ref": "#/definitions/AWS::SageMaker::Model.S3DataSource", "markdownDescription": "Specifies the S3 location of ML model data to deploy.", "title": "S3DataSource" } }, "required": [ "S3DataSource" ], "type": "object" }, "AWS::SageMaker::Model.MultiModelConfig": { "additionalProperties": false, "properties": { "ModelCacheSetting": { "markdownDescription": "Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to Disabled.", "title": "ModelCacheSetting", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Model.RepositoryAuthConfig": { "additionalProperties": false, "properties": { "RepositoryCredentialsProviderArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the *AWS Lambda Developer Guide* .", "title": "RepositoryCredentialsProviderArn", "type": "string" } }, "required": [ "RepositoryCredentialsProviderArn" ], "type": "object" }, "AWS::SageMaker::Model.S3DataSource": { "additionalProperties": false, "properties": { "CompressionType": { "markdownDescription": "", "title": "CompressionType", "type": "string" }, "ModelAccessConfig": { "$ref": "#/definitions/AWS::SageMaker::Model.ModelAccessConfig", "markdownDescription": "", "title": "ModelAccessConfig" }, "S3DataType": { "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , S3Uri identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", "title": "S3DataType", "type": "string" }, "S3Uri": { "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", "title": "S3Uri", "type": "string" } }, "required": [ "CompressionType", "S3DataType", "S3Uri" ], "type": "object" }, "AWS::SageMaker::Model.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "", "title": "EndpointName", "type": "string" }, "JobDefinitionName": { "markdownDescription": "The name of the bias job definition. The name must be unique within an AWS Region in the AWS account.", "title": "JobDefinitionName", "type": "string" }, "JobResources": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources", "markdownDescription": "Identifies the resources to deploy for a monitoring job.", "title": "JobResources" }, "ModelBiasAppSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification", "markdownDescription": "Configures the model bias job to run a specified Docker container image.", "title": "ModelBiasAppSpecification" }, "ModelBiasBaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig", "markdownDescription": "The baseline configuration for a model bias job.", "title": "ModelBiasBaselineConfig" }, "ModelBiasJobInput": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput", "markdownDescription": "Inputs for the model bias job.", "title": "ModelBiasJobInput" }, "ModelBiasJobOutputConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig", "markdownDescription": "The output configuration for monitoring jobs.", "title": "ModelBiasJobOutputConfig" }, "NetworkConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig", "markdownDescription": "Networking options for a model bias job.", "title": "NetworkConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", "title": "RoleArn", "type": "string" }, "StoppingCondition": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition", "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "JobResources", "ModelBiasAppSpecification", "ModelBiasJobInput", "ModelBiasJobOutputConfig", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelBiasJobDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { "DataCapturedDestinationS3Uri": { "markdownDescription": "The Amazon S3 location being used to capture the data.", "title": "DataCapturedDestinationS3Uri", "type": "string" }, "DatasetFormat": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat", "markdownDescription": "The dataset format for your batch transform job.", "title": "DatasetFormat" }, "EndTimeOffset": { "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "EndTimeOffset", "type": "string" }, "FeaturesAttribute": { "markdownDescription": "The attributes of the input data that are the input features.", "title": "FeaturesAttribute", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "ProbabilityThresholdAttribute": { "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", "title": "ProbabilityThresholdAttribute", "type": "number" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" }, "StartTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "StartTimeOffset", "type": "string" } }, "required": [ "DataCapturedDestinationS3Uri", "DatasetFormat", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the processing job.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", "title": "VolumeKmsKeyId", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceCount", "InstanceType", "VolumeSizeInGB" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.Csv": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Csv", "markdownDescription": "", "title": "Csv" }, "Json": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.Json", "markdownDescription": "", "title": "Json" }, "Parquet": { "markdownDescription": "", "title": "Parquet", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { "EndTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "EndTimeOffset", "type": "string" }, "EndpointName": { "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", "title": "EndpointName", "type": "string" }, "FeaturesAttribute": { "markdownDescription": "The attributes of the input data that are the input features.", "title": "FeaturesAttribute", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "ProbabilityThresholdAttribute": { "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", "title": "ProbabilityThresholdAttribute", "type": "number" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" }, "StartTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "StartTimeOffset", "type": "string" } }, "required": [ "EndpointName", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.Json": { "additionalProperties": false, "properties": { "Line": { "markdownDescription": "", "title": "Line", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasAppSpecification": { "additionalProperties": false, "properties": { "ConfigUri": { "markdownDescription": "JSON formatted S3 file that defines bias parameters. For more information on this JSON configuration file, see [Configure bias parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-bias-parameters.html) .", "title": "ConfigUri", "type": "string" }, "Environment": { "additionalProperties": true, "markdownDescription": "Sets the environment variables in the Docker container.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "ImageUri": { "markdownDescription": "The container image to be run by the model bias job.", "title": "ImageUri", "type": "string" } }, "required": [ "ConfigUri", "ImageUri" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasBaselineConfig": { "additionalProperties": false, "properties": { "BaseliningJobName": { "markdownDescription": "The name of the baseline model bias job.", "title": "BaseliningJobName", "type": "string" }, "ConstraintsResource": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ConstraintsResource", "markdownDescription": "The constraints resource for a monitoring job.", "title": "ConstraintsResource" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.ModelBiasJobInput": { "additionalProperties": false, "properties": { "BatchTransformInput": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.BatchTransformInput", "markdownDescription": "Input object for the batch transform job.", "title": "BatchTransformInput" }, "EndpointInput": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.EndpointInput", "markdownDescription": "Input object for the endpoint", "title": "EndpointInput" }, "GroundTruthS3Input": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input", "markdownDescription": "Location of ground truth labels to use in model bias job.", "title": "GroundTruthS3Input" } }, "required": [ "GroundTruthS3Input" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.MonitoringGroundTruthS3Input": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", "title": "S3Uri", "type": "string" } }, "required": [ "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { "S3Output": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.S3Output", "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", "title": "S3Output" } }, "required": [ "S3Output" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", "title": "KmsKeyId", "type": "string" }, "MonitoringOutputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.MonitoringOutput" }, "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", "title": "MonitoringOutputs", "type": "array" } }, "required": [ "MonitoringOutputs" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { "ClusterConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.ClusterConfig", "markdownDescription": "The configuration for the cluster resources used to run the processing job.", "title": "ClusterConfig" } }, "required": [ "ClusterConfig" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { "EnableInterContainerTrafficEncryption": { "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, "EnableNetworkIsolation": { "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", "title": "EnableNetworkIsolation", "type": "boolean" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition.VpcConfig", "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", "title": "VpcConfig" } }, "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.S3Output": { "additionalProperties": false, "properties": { "LocalPath": { "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. `LocalPath` is an absolute path for the output data.", "title": "LocalPath", "type": "string" }, "S3UploadMode": { "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", "title": "S3UploadMode", "type": "string" }, "S3Uri": { "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ "LocalPath", "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { "MaxRuntimeInSeconds": { "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ "MaxRuntimeInSeconds" ], "type": "object" }, "AWS::SageMaker::ModelBiasJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::ModelCard": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Content": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.Content", "markdownDescription": "The content of the model card. Content uses the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", "title": "Content" }, "CreatedBy": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", "markdownDescription": "Information about the user who created or modified one or more of the following:\n\n- Experiment\n- Trial\n- Trial component\n- Lineage group\n- Project\n- Model Card", "title": "CreatedBy" }, "LastModifiedBy": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.UserContext", "markdownDescription": "", "title": "LastModifiedBy" }, "ModelCardName": { "markdownDescription": "The unique name of the model card.", "title": "ModelCardName", "type": "string" }, "ModelCardStatus": { "markdownDescription": "The approval status of the model card within your organization. Different organizations might have different criteria for model card review and approval.\n\n- `Draft` : The model card is a work in progress.\n- `PendingReview` : The model card is pending review.\n- `Approved` : The model card is approved.\n- `Archived` : The model card is archived. No more updates should be made to the model card, but it can still be exported.", "title": "ModelCardStatus", "type": "string" }, "SecurityConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.SecurityConfig", "markdownDescription": "The security configuration used to protect model card data.", "title": "SecurityConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs used to manage metadata for the model card.", "title": "Tags", "type": "array" } }, "required": [ "Content", "ModelCardName", "ModelCardStatus" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelCard" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ModelCard.AdditionalInformation": { "additionalProperties": false, "properties": { "CaveatsAndRecommendations": { "markdownDescription": "Caveats and recommendations for those who might use this model in their applications.", "title": "CaveatsAndRecommendations", "type": "string" }, "CustomDetails": { "additionalProperties": true, "markdownDescription": "Any additional information to document about the model.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "CustomDetails", "type": "object" }, "EthicalConsiderations": { "markdownDescription": "Any ethical considerations documented by the model card author.", "title": "EthicalConsiderations", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.BusinessDetails": { "additionalProperties": false, "properties": { "BusinessProblem": { "markdownDescription": "The specific business problem that the model is trying to solve.", "title": "BusinessProblem", "type": "string" }, "BusinessStakeholders": { "markdownDescription": "The relevant stakeholders for the model.", "title": "BusinessStakeholders", "type": "string" }, "LineOfBusiness": { "markdownDescription": "The broader business need that the model is serving.", "title": "LineOfBusiness", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.Container": { "additionalProperties": false, "properties": { "Image": { "markdownDescription": "", "title": "Image", "type": "string" }, "ModelDataUrl": { "markdownDescription": "", "title": "ModelDataUrl", "type": "string" }, "NearestModelName": { "markdownDescription": "", "title": "NearestModelName", "type": "string" } }, "required": [ "Image" ], "type": "object" }, "AWS::SageMaker::ModelCard.Content": { "additionalProperties": false, "properties": { "AdditionalInformation": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.AdditionalInformation", "markdownDescription": "Additional information about the model.", "title": "AdditionalInformation" }, "BusinessDetails": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.BusinessDetails", "markdownDescription": "Information about how the model supports business goals.", "title": "BusinessDetails" }, "EvaluationDetails": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.EvaluationDetail" }, "markdownDescription": "An overview about the model's evaluation.", "title": "EvaluationDetails", "type": "array" }, "IntendedUses": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.IntendedUses", "markdownDescription": "The intended usage of the model.", "title": "IntendedUses" }, "ModelOverview": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelOverview", "markdownDescription": "An overview about the model", "title": "ModelOverview" }, "ModelPackageDetails": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageDetails", "markdownDescription": "", "title": "ModelPackageDetails" }, "TrainingDetails": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingDetails", "markdownDescription": "An overview about model training.", "title": "TrainingDetails" } }, "type": "object" }, "AWS::SageMaker::ModelCard.EvaluationDetail": { "additionalProperties": false, "properties": { "Datasets": { "items": { "type": "string" }, "markdownDescription": "The location of the datasets used to evaluate the model.", "title": "Datasets", "type": "array" }, "EvaluationJobArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the evaluation job.", "title": "EvaluationJobArn", "type": "string" }, "EvaluationObservation": { "markdownDescription": "Any observations made during the model evaluation.", "title": "EvaluationObservation", "type": "string" }, "Metadata": { "additionalProperties": true, "markdownDescription": "Additional attributes associated with the evaluation results.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Metadata", "type": "object" }, "MetricGroups": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricGroup" }, "markdownDescription": "An evaluation Metric Group object.", "title": "MetricGroups", "type": "array" }, "Name": { "markdownDescription": "The evaluation job name.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::SageMaker::ModelCard.Function": { "additionalProperties": false, "properties": { "Condition": { "markdownDescription": "An optional description of any conditions of your objective function metric.", "title": "Condition", "type": "string" }, "Facet": { "markdownDescription": "The metric of the model's objective function. For example, *loss* or *rmse* . The following list shows examples of the values that you can specify for the metric:\n\n- `ACCURACY`\n- `AUC`\n- `LOSS`\n- `MAE`\n- `RMSE`", "title": "Facet", "type": "string" }, "Function": { "markdownDescription": "The optimization direction of the model's objective function. You must specify one of the following values:\n\n- `Maximize`\n- `Minimize`", "title": "Function", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.InferenceEnvironment": { "additionalProperties": false, "properties": { "ContainerImage": { "items": { "type": "string" }, "markdownDescription": "The container used to run the inference environment.", "title": "ContainerImage", "type": "array" } }, "type": "object" }, "AWS::SageMaker::ModelCard.InferenceSpecification": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.Container" }, "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", "title": "Containers", "type": "array" } }, "required": [ "Containers" ], "type": "object" }, "AWS::SageMaker::ModelCard.IntendedUses": { "additionalProperties": false, "properties": { "ExplanationsForRiskRating": { "markdownDescription": "An explanation of why your organization categorizes the model with its risk rating.", "title": "ExplanationsForRiskRating", "type": "string" }, "FactorsAffectingModelEfficiency": { "markdownDescription": "Factors affecting model efficacy.", "title": "FactorsAffectingModelEfficiency", "type": "string" }, "IntendedUses": { "markdownDescription": "The intended use cases for the model.", "title": "IntendedUses", "type": "string" }, "PurposeOfModel": { "markdownDescription": "The general purpose of the model.", "title": "PurposeOfModel", "type": "string" }, "RiskRating": { "markdownDescription": "Your organization's risk rating. You can specify one the following values as the risk rating:\n\n- High\n- Medium\n- Low\n- Unknown", "title": "RiskRating", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.MetricDataItems": { "additionalProperties": false, "properties": { "Name": { "type": "string" }, "Notes": { "type": "string" }, "Type": { "type": "string" }, "Value": { "type": "object" }, "XAxisName": { "items": { "type": "string" }, "type": "array" }, "YAxisName": { "items": { "type": "string" }, "type": "array" } }, "required": [ "Name", "Type", "Value" ], "type": "object" }, "AWS::SageMaker::ModelCard.MetricGroup": { "additionalProperties": false, "properties": { "MetricData": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.MetricDataItems" }, "markdownDescription": "A list of metric objects. The `MetricDataItems` list can have one of the following values:\n\n- `bar_chart_metric`\n- `matrix_metric`\n- `simple_metric`\n- `linear_graph_metric`\n\nFor more information about the metric schema, see the definition section of the [model card JSON schema](https://docs.aws.amazon.com/sagemaker/latest/dg/model-cards.html#model-cards-json-schema) .", "title": "MetricData", "type": "array" }, "Name": { "markdownDescription": "The metric group name.", "title": "Name", "type": "string" } }, "required": [ "MetricData", "Name" ], "type": "object" }, "AWS::SageMaker::ModelCard.ModelOverview": { "additionalProperties": false, "properties": { "AlgorithmType": { "markdownDescription": "The algorithm used to solve the problem.", "title": "AlgorithmType", "type": "string" }, "InferenceEnvironment": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceEnvironment", "markdownDescription": "An overview about model inference.", "title": "InferenceEnvironment" }, "ModelArtifact": { "items": { "type": "string" }, "markdownDescription": "The location of the model artifact.", "title": "ModelArtifact", "type": "array" }, "ModelCreator": { "markdownDescription": "The creator of the model.", "title": "ModelCreator", "type": "string" }, "ModelDescription": { "markdownDescription": "A description of the model.", "title": "ModelDescription", "type": "string" }, "ModelId": { "markdownDescription": "The SageMaker Model ARN or non- SageMaker Model ID.", "title": "ModelId", "type": "string" }, "ModelName": { "markdownDescription": "The name of the model.", "title": "ModelName", "type": "string" }, "ModelOwner": { "markdownDescription": "The owner of the model.", "title": "ModelOwner", "type": "string" }, "ModelVersion": { "markdownDescription": "The version of the model.", "title": "ModelVersion", "type": "number" }, "ProblemType": { "markdownDescription": "The problem being solved with the model.", "title": "ProblemType", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.ModelPackageCreator": { "additionalProperties": false, "properties": { "UserProfileName": { "markdownDescription": "", "title": "UserProfileName", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.ModelPackageDetails": { "additionalProperties": false, "properties": { "ApprovalDescription": { "markdownDescription": "", "title": "ApprovalDescription", "type": "string" }, "CreatedBy": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.ModelPackageCreator", "markdownDescription": "", "title": "CreatedBy" }, "Domain": { "markdownDescription": "", "title": "Domain", "type": "string" }, "InferenceSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.InferenceSpecification", "markdownDescription": "", "title": "InferenceSpecification" }, "ModelApprovalStatus": { "markdownDescription": "", "title": "ModelApprovalStatus", "type": "string" }, "ModelPackageArn": { "markdownDescription": "", "title": "ModelPackageArn", "type": "string" }, "ModelPackageDescription": { "markdownDescription": "", "title": "ModelPackageDescription", "type": "string" }, "ModelPackageGroupName": { "markdownDescription": "", "title": "ModelPackageGroupName", "type": "string" }, "ModelPackageName": { "markdownDescription": "", "title": "ModelPackageName", "type": "string" }, "ModelPackageStatus": { "markdownDescription": "", "title": "ModelPackageStatus", "type": "string" }, "ModelPackageVersion": { "markdownDescription": "", "title": "ModelPackageVersion", "type": "number" }, "SourceAlgorithms": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.SourceAlgorithm" }, "markdownDescription": "", "title": "SourceAlgorithms", "type": "array" }, "Task": { "markdownDescription": "", "title": "Task", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.ObjectiveFunction": { "additionalProperties": false, "properties": { "Function": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.Function", "markdownDescription": "A function object that details optimization direction, metric, and additional descriptions.", "title": "Function" }, "Notes": { "markdownDescription": "Notes about the object function, including other considerations for possible objective functions.", "title": "Notes", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.SecurityConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "A AWS Key Management Service [key ID](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id) used to encrypt a model card.", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.SourceAlgorithm": { "additionalProperties": false, "properties": { "AlgorithmName": { "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", "title": "AlgorithmName", "type": "string" }, "ModelDataUrl": { "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", "title": "ModelDataUrl", "type": "string" } }, "required": [ "AlgorithmName" ], "type": "object" }, "AWS::SageMaker::ModelCard.TrainingDetails": { "additionalProperties": false, "properties": { "ObjectiveFunction": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.ObjectiveFunction", "markdownDescription": "The function that is optimized during model training.", "title": "ObjectiveFunction" }, "TrainingJobDetails": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingJobDetails", "markdownDescription": "Details about any associated training jobs.", "title": "TrainingJobDetails" }, "TrainingObservations": { "markdownDescription": "Any observations about training.", "title": "TrainingObservations", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelCard.TrainingEnvironment": { "additionalProperties": false, "properties": { "ContainerImage": { "items": { "type": "string" }, "markdownDescription": "SageMaker inference image URI.", "title": "ContainerImage", "type": "array" } }, "type": "object" }, "AWS::SageMaker::ModelCard.TrainingHyperParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the hyper parameter.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value specified for the hyper parameter.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::SageMaker::ModelCard.TrainingJobDetails": { "additionalProperties": false, "properties": { "HyperParameters": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" }, "markdownDescription": "The hyper parameters used in the training job.", "title": "HyperParameters", "type": "array" }, "TrainingArn": { "markdownDescription": "The SageMaker training job Amazon Resource Name (ARN)", "title": "TrainingArn", "type": "string" }, "TrainingDatasets": { "items": { "type": "string" }, "markdownDescription": "The location of the datasets used to train the model.", "title": "TrainingDatasets", "type": "array" }, "TrainingEnvironment": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingEnvironment", "markdownDescription": "The SageMaker training job image URI.", "title": "TrainingEnvironment" }, "TrainingMetrics": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" }, "markdownDescription": "The SageMaker training job results.", "title": "TrainingMetrics", "type": "array" }, "UserProvidedHyperParameters": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingHyperParameter" }, "markdownDescription": "Additional hyper parameters that you've specified when training the model.", "title": "UserProvidedHyperParameters", "type": "array" }, "UserProvidedTrainingMetrics": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelCard.TrainingMetric" }, "markdownDescription": "Custom training job results.", "title": "UserProvidedTrainingMetrics", "type": "array" } }, "type": "object" }, "AWS::SageMaker::ModelCard.TrainingMetric": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the result from the SageMaker training job.", "title": "Name", "type": "string" }, "Notes": { "markdownDescription": "Any additional notes describing the result of the training job.", "title": "Notes", "type": "string" }, "Value": { "markdownDescription": "The value of a result from the SageMaker training job.", "title": "Value", "type": "number" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::SageMaker::ModelCard.UserContext": { "additionalProperties": false, "properties": { "DomainId": { "markdownDescription": "The domain associated with the user.", "title": "DomainId", "type": "string" }, "UserProfileArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the user's profile.", "title": "UserProfileArn", "type": "string" }, "UserProfileName": { "markdownDescription": "The name of the user's profile.", "title": "UserProfileName", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "", "title": "EndpointName", "type": "string" }, "JobDefinitionName": { "markdownDescription": "The name of the model explainability job definition. The name must be unique within an AWS Region in the AWS account.", "title": "JobDefinitionName", "type": "string" }, "JobResources": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources", "markdownDescription": "Identifies the resources to deploy for a monitoring job.", "title": "JobResources" }, "ModelExplainabilityAppSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification", "markdownDescription": "Configures the model explainability job to run a specified Docker container image.", "title": "ModelExplainabilityAppSpecification" }, "ModelExplainabilityBaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig", "markdownDescription": "The baseline configuration for a model explainability job.", "title": "ModelExplainabilityBaselineConfig" }, "ModelExplainabilityJobInput": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput", "markdownDescription": "Inputs for the model explainability job.", "title": "ModelExplainabilityJobInput" }, "ModelExplainabilityJobOutputConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig", "markdownDescription": "The output configuration for monitoring jobs.", "title": "ModelExplainabilityJobOutputConfig" }, "NetworkConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig", "markdownDescription": "Networking options for a model explainability job.", "title": "NetworkConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", "title": "RoleArn", "type": "string" }, "StoppingCondition": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition", "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "JobResources", "ModelExplainabilityAppSpecification", "ModelExplainabilityJobInput", "ModelExplainabilityJobOutputConfig", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelExplainabilityJobDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { "DataCapturedDestinationS3Uri": { "markdownDescription": "The Amazon S3 location being used to capture the data.", "title": "DataCapturedDestinationS3Uri", "type": "string" }, "DatasetFormat": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat", "markdownDescription": "The dataset format for your batch transform job.", "title": "DatasetFormat" }, "FeaturesAttribute": { "markdownDescription": "The attributes of the input data that are the input features.", "title": "FeaturesAttribute", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "DataCapturedDestinationS3Uri", "DatasetFormat", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the processing job.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", "title": "VolumeKmsKeyId", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceCount", "InstanceType", "VolumeSizeInGB" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.Csv": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Csv", "markdownDescription": "", "title": "Csv" }, "Json": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.Json", "markdownDescription": "", "title": "Json" }, "Parquet": { "markdownDescription": "", "title": "Parquet", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", "title": "EndpointName", "type": "string" }, "FeaturesAttribute": { "markdownDescription": "The attributes of the input data that are the input features.", "title": "FeaturesAttribute", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "EndpointName", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.Json": { "additionalProperties": false, "properties": { "Line": { "markdownDescription": "", "title": "Line", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityAppSpecification": { "additionalProperties": false, "properties": { "ConfigUri": { "markdownDescription": "JSON formatted Amazon S3 file that defines explainability parameters. For more information on this JSON configuration file, see [Configure model explainability parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/clarify-config-json-monitor-model-explainability-parameters.html) .", "title": "ConfigUri", "type": "string" }, "Environment": { "additionalProperties": true, "markdownDescription": "Sets the environment variables in the Docker container.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "ImageUri": { "markdownDescription": "The container image to be run by the model explainability job.", "title": "ImageUri", "type": "string" } }, "required": [ "ConfigUri", "ImageUri" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityBaselineConfig": { "additionalProperties": false, "properties": { "BaseliningJobName": { "markdownDescription": "The name of the baseline model explainability job.", "title": "BaseliningJobName", "type": "string" }, "ConstraintsResource": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ConstraintsResource", "markdownDescription": "The constraints resource for a model explainability job.", "title": "ConstraintsResource" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.ModelExplainabilityJobInput": { "additionalProperties": false, "properties": { "BatchTransformInput": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.BatchTransformInput", "markdownDescription": "Input object for the batch transform job.", "title": "BatchTransformInput" }, "EndpointInput": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.EndpointInput", "markdownDescription": "Input object for the endpoint", "title": "EndpointInput" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { "S3Output": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output", "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", "title": "S3Output" } }, "required": [ "S3Output" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", "title": "KmsKeyId", "type": "string" }, "MonitoringOutputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringOutput" }, "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", "title": "MonitoringOutputs", "type": "array" } }, "required": [ "MonitoringOutputs" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { "ClusterConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.ClusterConfig", "markdownDescription": "The configuration for the cluster resources used to run the processing job.", "title": "ClusterConfig" } }, "required": [ "ClusterConfig" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { "EnableInterContainerTrafficEncryption": { "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, "EnableNetworkIsolation": { "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", "title": "EnableNetworkIsolation", "type": "boolean" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig", "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", "title": "VpcConfig" } }, "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.S3Output": { "additionalProperties": false, "properties": { "LocalPath": { "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", "title": "LocalPath", "type": "string" }, "S3UploadMode": { "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", "title": "S3UploadMode", "type": "string" }, "S3Uri": { "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ "LocalPath", "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { "MaxRuntimeInSeconds": { "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ "MaxRuntimeInSeconds" ], "type": "object" }, "AWS::SageMaker::ModelExplainabilityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::ModelPackage": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalInferenceSpecifications": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" }, "markdownDescription": "An array of additional Inference Specification objects.", "title": "AdditionalInferenceSpecifications", "type": "array" }, "AdditionalInferenceSpecificationsToAdd": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition" }, "markdownDescription": "An array of additional Inference Specification objects to be added to the existing array. The total number of additional Inference Specification objects cannot exceed 15. Each additional Inference Specification object specifies artifacts based on this model package that can be used on inference endpoints. Generally used with SageMaker Neo to store the compiled artifacts.", "title": "AdditionalInferenceSpecificationsToAdd", "type": "array" }, "ApprovalDescription": { "markdownDescription": "A description provided when the model approval is set.", "title": "ApprovalDescription", "type": "string" }, "CertifyForMarketplace": { "markdownDescription": "Whether the model package is to be certified to be listed on AWS Marketplace. For information about listing model packages on AWS Marketplace, see [List Your Algorithm or Model Package on AWS Marketplace](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-mkt-list.html) .", "title": "CertifyForMarketplace", "type": "boolean" }, "ClientToken": { "markdownDescription": "A unique token that guarantees that the call to this API is idempotent.", "title": "ClientToken", "type": "string" }, "CustomerMetadataProperties": { "additionalProperties": true, "markdownDescription": "The metadata properties for the model package.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "CustomerMetadataProperties", "type": "object" }, "Domain": { "markdownDescription": "The machine learning domain of your model package and its components. Common machine learning domains include computer vision and natural language processing.", "title": "Domain", "type": "string" }, "DriftCheckBaselines": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBaselines", "markdownDescription": "Represents the drift check baselines that can be used when the model monitor is set using the model package.", "title": "DriftCheckBaselines" }, "InferenceSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.InferenceSpecification", "markdownDescription": "Defines how to perform inference generation after a training job is run.", "title": "InferenceSpecification" }, "LastModifiedTime": { "markdownDescription": "The last time the model package was modified.", "title": "LastModifiedTime", "type": "string" }, "MetadataProperties": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetadataProperties", "markdownDescription": "Metadata properties of the tracking entity, trial, or trial component.", "title": "MetadataProperties" }, "ModelApprovalStatus": { "markdownDescription": "The approval status of the model. This can be one of the following values.\n\n- `APPROVED` - The model is approved\n- `REJECTED` - The model is rejected.\n- `PENDING_MANUAL_APPROVAL` - The model is waiting for manual approval.", "title": "ModelApprovalStatus", "type": "string" }, "ModelMetrics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelMetrics", "markdownDescription": "Metrics for the model.", "title": "ModelMetrics" }, "ModelPackageDescription": { "markdownDescription": "The description of the model package.", "title": "ModelPackageDescription", "type": "string" }, "ModelPackageGroupName": { "markdownDescription": "The model group to which the model belongs.", "title": "ModelPackageGroupName", "type": "string" }, "ModelPackageName": { "markdownDescription": "The name of the model.", "title": "ModelPackageName", "type": "string" }, "ModelPackageStatusDetails": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusDetails", "markdownDescription": "Specifies the validation and image scan statuses of the model package.", "title": "ModelPackageStatusDetails" }, "ModelPackageVersion": { "markdownDescription": "The version number of a versioned model.", "title": "ModelPackageVersion", "type": "number" }, "SamplePayloadUrl": { "markdownDescription": "The Amazon Simple Storage Service path where the sample payload are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix).", "title": "SamplePayloadUrl", "type": "string" }, "SkipModelValidation": { "markdownDescription": "Indicates if you want to skip model validation.", "title": "SkipModelValidation", "type": "string" }, "SourceAlgorithmSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification", "markdownDescription": "A list of algorithms that were used to create a model package.", "title": "SourceAlgorithmSpecification" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of the tags associated with the model package. For more information, see [Tagging AWS resources](https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) in the *AWS General Reference Guide* .", "title": "Tags", "type": "array" }, "Task": { "markdownDescription": "The machine learning task your model package accomplishes. Common machine learning tasks include object detection and image classification.", "title": "Task", "type": "string" }, "ValidationSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationSpecification", "markdownDescription": "Specifies batch transform jobs that SageMaker runs to validate your model package.", "title": "ValidationSpecification" } }, "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelPackage" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SageMaker::ModelPackage.AdditionalInferenceSpecificationDefinition": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" }, "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", "title": "Containers", "type": "array" }, "Description": { "markdownDescription": "A description of the additional Inference specification", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package.", "title": "Name", "type": "string" }, "SupportedContentTypes": { "items": { "type": "string" }, "markdownDescription": "The supported MIME types for the input data.", "title": "SupportedContentTypes", "type": "array" }, "SupportedRealtimeInferenceInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.", "title": "SupportedRealtimeInferenceInstanceTypes", "type": "array" }, "SupportedResponseMIMETypes": { "items": { "type": "string" }, "markdownDescription": "The supported MIME types for the output data.", "title": "SupportedResponseMIMETypes", "type": "array" }, "SupportedTransformInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.", "title": "SupportedTransformInstanceTypes", "type": "array" } }, "required": [ "Containers", "Name" ], "type": "object" }, "AWS::SageMaker::ModelPackage.Bias": { "additionalProperties": false, "properties": { "PostTrainingReport": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The post-training bias report for a model.", "title": "PostTrainingReport" }, "PreTrainingReport": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The pre-training bias report for a model.", "title": "PreTrainingReport" }, "Report": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The bias report for a model", "title": "Report" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.DataSource": { "additionalProperties": false, "properties": { "S3DataSource": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.S3DataSource", "markdownDescription": "The S3 location of the data source that is associated with a channel.", "title": "S3DataSource" } }, "required": [ "S3DataSource" ], "type": "object" }, "AWS::SageMaker::ModelPackage.DriftCheckBaselines": { "additionalProperties": false, "properties": { "Bias": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckBias", "markdownDescription": "Represents the drift check bias baselines that can be used when the model monitor is set using the model package.", "title": "Bias" }, "Explainability": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckExplainability", "markdownDescription": "Represents the drift check explainability baselines that can be used when the model monitor is set using the model package.", "title": "Explainability" }, "ModelDataQuality": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality", "markdownDescription": "Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package.", "title": "ModelDataQuality" }, "ModelQuality": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DriftCheckModelQuality", "markdownDescription": "Represents the drift check model quality baselines that can be used when the model monitor is set using the model package.", "title": "ModelQuality" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.DriftCheckBias": { "additionalProperties": false, "properties": { "ConfigFile": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", "markdownDescription": "The bias config file for a model.", "title": "ConfigFile" }, "PostTrainingConstraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The post-training constraints.", "title": "PostTrainingConstraints" }, "PreTrainingConstraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The pre-training constraints.", "title": "PreTrainingConstraints" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.DriftCheckExplainability": { "additionalProperties": false, "properties": { "ConfigFile": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.FileSource", "markdownDescription": "The explainability config file for the model.", "title": "ConfigFile" }, "Constraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The drift check explainability constraints.", "title": "Constraints" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.DriftCheckModelDataQuality": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The drift check model data quality constraints.", "title": "Constraints" }, "Statistics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The drift check model data quality statistics.", "title": "Statistics" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.DriftCheckModelQuality": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The drift check model quality constraints.", "title": "Constraints" }, "Statistics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The drift check model quality statistics.", "title": "Statistics" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.Explainability": { "additionalProperties": false, "properties": { "Report": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "The explainability report for a model.", "title": "Report" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.FileSource": { "additionalProperties": false, "properties": { "ContentDigest": { "markdownDescription": "The digest of the file source.", "title": "ContentDigest", "type": "string" }, "ContentType": { "markdownDescription": "The type of content stored in the file source.", "title": "ContentType", "type": "string" }, "S3Uri": { "markdownDescription": "The Amazon S3 URI for the file source.", "title": "S3Uri", "type": "string" } }, "required": [ "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelPackage.InferenceSpecification": { "additionalProperties": false, "properties": { "Containers": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition" }, "markdownDescription": "The Amazon ECR registry path of the Docker image that contains the inference code.", "title": "Containers", "type": "array" }, "SupportedContentTypes": { "items": { "type": "string" }, "markdownDescription": "The supported MIME types for the input data.", "title": "SupportedContentTypes", "type": "array" }, "SupportedRealtimeInferenceInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the instance types that are used to generate inferences in real-time.\n\nThis parameter is required for unversioned models, and optional for versioned models.", "title": "SupportedRealtimeInferenceInstanceTypes", "type": "array" }, "SupportedResponseMIMETypes": { "items": { "type": "string" }, "markdownDescription": "The supported MIME types for the output data.", "title": "SupportedResponseMIMETypes", "type": "array" }, "SupportedTransformInstanceTypes": { "items": { "type": "string" }, "markdownDescription": "A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed.\n\nThis parameter is required for unversioned models, and optional for versioned models.", "title": "SupportedTransformInstanceTypes", "type": "array" } }, "required": [ "Containers", "SupportedContentTypes", "SupportedResponseMIMETypes" ], "type": "object" }, "AWS::SageMaker::ModelPackage.MetadataProperties": { "additionalProperties": false, "properties": { "CommitId": { "markdownDescription": "The commit ID.", "title": "CommitId", "type": "string" }, "GeneratedBy": { "markdownDescription": "The entity this entity was generated by.", "title": "GeneratedBy", "type": "string" }, "ProjectId": { "markdownDescription": "The project ID.", "title": "ProjectId", "type": "string" }, "Repository": { "markdownDescription": "The repository.", "title": "Repository", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.MetricsSource": { "additionalProperties": false, "properties": { "ContentDigest": { "markdownDescription": "The hash key used for the metrics source.", "title": "ContentDigest", "type": "string" }, "ContentType": { "markdownDescription": "The metric source content type.", "title": "ContentType", "type": "string" }, "S3Uri": { "markdownDescription": "The S3 URI for the metrics source.", "title": "S3Uri", "type": "string" } }, "required": [ "ContentType", "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ModelDataQuality": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "Data quality constraints for a model.", "title": "Constraints" }, "Statistics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "Data quality statistics for a model.", "title": "Statistics" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.ModelInput": { "additionalProperties": false, "properties": { "DataInputConfig": { "markdownDescription": "The input configuration object for the model.", "title": "DataInputConfig", "type": "string" } }, "required": [ "DataInputConfig" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ModelMetrics": { "additionalProperties": false, "properties": { "Bias": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Bias", "markdownDescription": "Metrics that measure bias in a model.", "title": "Bias" }, "Explainability": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.Explainability", "markdownDescription": "Metrics that help explain a model.", "title": "Explainability" }, "ModelDataQuality": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelDataQuality", "markdownDescription": "Metrics that measure the quality of the input data for a model.", "title": "ModelDataQuality" }, "ModelQuality": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelQuality", "markdownDescription": "Metrics that measure the quality of a model.", "title": "ModelQuality" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.ModelPackageContainerDefinition": { "additionalProperties": false, "properties": { "ContainerHostname": { "markdownDescription": "The DNS host name for the Docker container.", "title": "ContainerHostname", "type": "string" }, "Environment": { "additionalProperties": true, "markdownDescription": "The environment variables to set in the Docker container. Each key and value in the `Environment` string to string map can have length of up to 1024. We support up to 16 entries in the map.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "Framework": { "markdownDescription": "The machine learning framework of the model package container image.", "title": "Framework", "type": "string" }, "FrameworkVersion": { "markdownDescription": "The framework version of the Model Package Container Image.", "title": "FrameworkVersion", "type": "string" }, "Image": { "markdownDescription": "The Amazon EC2 Container Registry (Amazon ECR) path where inference code is stored.\n\nIf you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both `registry/repository[:tag]` and `registry/repository[@digest]` image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html) .", "title": "Image", "type": "string" }, "ImageDigest": { "markdownDescription": "An MD5 hash of the training algorithm that identifies the Docker image used for training.", "title": "ImageDigest", "type": "string" }, "ModelDataUrl": { "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same region as the model package.", "title": "ModelDataUrl", "type": "string" }, "ModelInput": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelInput", "markdownDescription": "A structure with Model Input details.", "title": "ModelInput" }, "NearestModelName": { "markdownDescription": "The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. You can find a list of benchmarked models by calling `ListModelMetadata` .", "title": "NearestModelName", "type": "string" } }, "required": [ "Image" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ModelPackageStatusDetails": { "additionalProperties": false, "properties": { "ValidationStatuses": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ModelPackageStatusItem" }, "markdownDescription": "The validation status of the model package.", "title": "ValidationStatuses", "type": "array" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.ModelPackageStatusItem": { "additionalProperties": false, "properties": { "FailureReason": { "markdownDescription": "if the overall status is `Failed` , the reason for the failure.", "title": "FailureReason", "type": "string" }, "Name": { "markdownDescription": "The name of the model package for which the overall status is being reported.", "title": "Name", "type": "string" }, "Status": { "markdownDescription": "The current status.", "title": "Status", "type": "string" } }, "required": [ "Name", "Status" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ModelQuality": { "additionalProperties": false, "properties": { "Constraints": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "Model quality constraints.", "title": "Constraints" }, "Statistics": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.MetricsSource", "markdownDescription": "Model quality statistics.", "title": "Statistics" } }, "type": "object" }, "AWS::SageMaker::ModelPackage.S3DataSource": { "additionalProperties": false, "properties": { "S3DataType": { "markdownDescription": "If you choose `S3Prefix` , `S3Uri` identifies a key name prefix. SageMaker uses all objects that match the specified key name prefix for model training.\n\nIf you choose `ManifestFile` , `S3Uri` identifies an object that is a manifest file containing a list of object keys that you want SageMaker to use for model training.\n\nIf you choose `AugmentedManifestFile` , S3Uri identifies an object that is an augmented manifest file in JSON lines format. This file contains the data you want to use for model training. `AugmentedManifestFile` can only be used if the Channel's input mode is `Pipe` .", "title": "S3DataType", "type": "string" }, "S3Uri": { "markdownDescription": "Depending on the value specified for the `S3DataType` , identifies either a key name prefix or a manifest. For example:\n\n- A key name prefix might look like this: `s3://bucketname/exampleprefix/`\n- A manifest might look like this: `s3://bucketname/example.manifest`\n\nA manifest is an S3 object which is a JSON file consisting of an array of elements. The first element is a prefix which is followed by one or more suffixes. SageMaker appends the suffix elements to the prefix to get a full set of `S3Uri` . Note that the prefix must be a valid non-empty `S3Uri` that precludes users from specifying a manifest whose individual `S3Uri` is sourced from different S3 buckets.\n\nThe following code example shows a valid manifest format:\n\n`[ {\"prefix\": \"s3://customer_bucket/some/prefix/\"},`\n\n`\"relative/path/to/custdata-1\",`\n\n`\"relative/path/custdata-2\",`\n\n`...`\n\n`\"relative/path/custdata-N\"`\n\n`]`\n\nThis JSON is equivalent to the following `S3Uri` list:\n\n`s3://customer_bucket/some/prefix/relative/path/to/custdata-1`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-2`\n\n`...`\n\n`s3://customer_bucket/some/prefix/relative/path/custdata-N`\n\nThe complete set of `S3Uri` in this manifest is the input data for the channel for this data source. The object that each `S3Uri` points to must be readable by the IAM role that SageMaker uses to perform tasks on your behalf.\n\nYour input bucket must be located in same AWS region as your training job.", "title": "S3Uri", "type": "string" } }, "required": [ "S3DataType", "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelPackage.SourceAlgorithm": { "additionalProperties": false, "properties": { "AlgorithmName": { "markdownDescription": "The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to.", "title": "AlgorithmName", "type": "string" }, "ModelDataUrl": { "markdownDescription": "The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single `gzip` compressed tar archive ( `.tar.gz` suffix).\n\n> The model artifacts must be in an S3 bucket that is in the same AWS region as the algorithm.", "title": "ModelDataUrl", "type": "string" } }, "required": [ "AlgorithmName" ], "type": "object" }, "AWS::SageMaker::ModelPackage.SourceAlgorithmSpecification": { "additionalProperties": false, "properties": { "SourceAlgorithms": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.SourceAlgorithm" }, "markdownDescription": "A list of the algorithms that were used to create a model package.", "title": "SourceAlgorithms", "type": "array" } }, "required": [ "SourceAlgorithms" ], "type": "object" }, "AWS::SageMaker::ModelPackage.TransformInput": { "additionalProperties": false, "properties": { "CompressionType": { "markdownDescription": "If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is `None` .", "title": "CompressionType", "type": "string" }, "ContentType": { "markdownDescription": "The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job.", "title": "ContentType", "type": "string" }, "DataSource": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.DataSource", "markdownDescription": "Describes the location of the channel data, which is, the S3 location of the input data that the model can consume.", "title": "DataSource" }, "SplitType": { "markdownDescription": "The method to use to split the transform job's data files into smaller batches. Splitting is necessary when the total size of each object is too large to fit in a single request. You can also use data splitting to improve performance by processing multiple concurrent mini-batches. The default value for `SplitType` is `None` , which indicates that input data files are not split, and request payloads contain the entire contents of an input object. Set the value of this parameter to `Line` to split records on a newline character boundary. `SplitType` also supports a number of record-oriented binary data formats. Currently, the supported record formats are:\n\n- RecordIO\n- TFRecord\n\nWhen splitting is enabled, the size of a mini-batch depends on the values of the `BatchStrategy` and `MaxPayloadInMB` parameters. When the value of `BatchStrategy` is `MultiRecord` , Amazon SageMaker sends the maximum number of records in each request, up to the `MaxPayloadInMB` limit. If the value of `BatchStrategy` is `SingleRecord` , Amazon SageMaker sends individual records in each request.\n\n> Some data formats represent a record as a binary payload wrapped with extra padding bytes. When splitting is applied to a binary data format, padding is removed if the value of `BatchStrategy` is set to `SingleRecord` . Padding is not removed if the value of `BatchStrategy` is set to `MultiRecord` .\n> \n> For more information about `RecordIO` , see [Create a Dataset Using RecordIO](https://docs.aws.amazon.com/https://mxnet.apache.org/api/faq/recordio) in the MXNet documentation. For more information about `TFRecord` , see [Consuming TFRecord data](https://docs.aws.amazon.com/https://www.tensorflow.org/guide/data#consuming_tfrecord_data) in the TensorFlow documentation.", "title": "SplitType", "type": "string" } }, "required": [ "DataSource" ], "type": "object" }, "AWS::SageMaker::ModelPackage.TransformJobDefinition": { "additionalProperties": false, "properties": { "BatchStrategy": { "markdownDescription": "A string that determines the number of records included in a single mini-batch.\n\n`SingleRecord` means only one record is used per mini-batch. `MultiRecord` means a mini-batch is set to contain as many records that can fit within the `MaxPayloadInMB` limit.", "title": "BatchStrategy", "type": "string" }, "Environment": { "additionalProperties": true, "markdownDescription": "The environment variables to set in the Docker container. We support up to 16 key and values entries in the map.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "MaxConcurrentTransforms": { "markdownDescription": "The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1.", "title": "MaxConcurrentTransforms", "type": "number" }, "MaxPayloadInMB": { "markdownDescription": "The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata).", "title": "MaxPayloadInMB", "type": "number" }, "TransformInput": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformInput", "markdownDescription": "A description of the input source and the way the transform job consumes it.", "title": "TransformInput" }, "TransformOutput": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformOutput", "markdownDescription": "Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job.", "title": "TransformOutput" }, "TransformResources": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformResources", "markdownDescription": "Identifies the ML compute instances for the transform job.", "title": "TransformResources" } }, "required": [ "TransformInput", "TransformOutput", "TransformResources" ], "type": "object" }, "AWS::SageMaker::ModelPackage.TransformOutput": { "additionalProperties": false, "properties": { "Accept": { "markdownDescription": "The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job.", "title": "Accept", "type": "string" }, "AssembleWith": { "markdownDescription": "Defines how to assemble the results of the transform job as a single S3 object. Choose a format that is most convenient to you. To concatenate the results in binary format, specify `None` . To add a newline character at the end of every transformed record, specify `Line` .", "title": "AssembleWith", "type": "string" }, "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. The `KmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`\n\nIf you don't provide a KMS key ID, Amazon SageMaker uses the default KMS key for Amazon S3 for your role's account. For more information, see [KMS-Managed Encryption Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Developer Guide.*\n\nThe KMS key policy must grant permission to the IAM role that you specify in your [CreateModel](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_CreateModel.html) request. For more information, see [Using Key Policies in AWS KMS](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html) in the *AWS Key Management Service Developer Guide* .", "title": "KmsKeyId", "type": "string" }, "S3OutputPath": { "markdownDescription": "The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. For example, `s3://bucket-name/key-name-prefix` .\n\nFor every S3 object used as input for the transform job, batch transform stores the transformed data with an . `out` suffix in a corresponding subfolder in the location in the output prefix. For example, for the input data stored at `s3://bucket-name/input-name-prefix/dataset01/data.csv` , batch transform stores the transformed data at `s3://bucket-name/output-name-prefix/input-name-prefix/data.csv.out` . Batch transform doesn't upload partially processed objects. For an input S3 object that contains multiple records, it creates an . `out` file only if the transform job succeeds on the entire file. When the input contains multiple S3 objects, the batch transform job processes the listed S3 objects and uploads only the output for successfully processed objects. If any object fails in the transform job batch transform marks the job as failed to prompt investigation.", "title": "S3OutputPath", "type": "string" } }, "required": [ "S3OutputPath" ], "type": "object" }, "AWS::SageMaker::ModelPackage.TransformResources": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the transform job. The default value is `1` , and the maximum is `100` . For distributed transform jobs, specify a value greater than `1` .", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the transform job. If you are using built-in algorithms to transform moderately sized datasets, we recommend using ml.m4.xlarge or `ml.m5.large` instance types.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job.\n\n> Certain Nitro-based instances include local storage, dependent on the instance type. Local storage volumes are encrypted using a hardware module on the instance. You can't request a `VolumeKmsKeyId` when using an instance type with local storage.\n> \n> For a list of instance types that support local instance storage, see [Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html#instance-store-volumes) .\n> \n> For more information about local instance storage encryption, see [SSD Instance Store Volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ssd-instance-store.html) . \n\nThe `VolumeKmsKeyId` can be any of the following formats:\n\n- Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`\n- Key ARN: `arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`\n- Alias name: `alias/ExampleAlias`\n- Alias name ARN: `arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias`", "title": "VolumeKmsKeyId", "type": "string" } }, "required": [ "InstanceCount", "InstanceType" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ValidationProfile": { "additionalProperties": false, "properties": { "ProfileName": { "markdownDescription": "The name of the profile for the model package.", "title": "ProfileName", "type": "string" }, "TransformJobDefinition": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.TransformJobDefinition", "markdownDescription": "The `TransformJobDefinition` object that describes the transform job used for the validation of the model package.", "title": "TransformJobDefinition" } }, "required": [ "ProfileName", "TransformJobDefinition" ], "type": "object" }, "AWS::SageMaker::ModelPackage.ValidationSpecification": { "additionalProperties": false, "properties": { "ValidationProfiles": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelPackage.ValidationProfile" }, "markdownDescription": "An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package.", "title": "ValidationProfiles", "type": "array" }, "ValidationRole": { "markdownDescription": "The IAM roles to be used for the validation of the model package.", "title": "ValidationRole", "type": "string" } }, "required": [ "ValidationProfiles", "ValidationRole" ], "type": "object" }, "AWS::SageMaker::ModelPackageGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ModelPackageGroupDescription": { "markdownDescription": "The description for the model group.", "title": "ModelPackageGroupDescription", "type": "string" }, "ModelPackageGroupName": { "markdownDescription": "The name of the model group.", "title": "ModelPackageGroupName", "type": "string" }, "ModelPackageGroupPolicy": { "markdownDescription": "A resouce policy to control access to a model group. For information about resoure policies, see [Identity-based policies and resource-based policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html) in the *AWS Identity and Access Management User Guide.* .", "title": "ModelPackageGroupPolicy", "type": "object" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "ModelPackageGroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelPackageGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "", "title": "EndpointName", "type": "string" }, "JobDefinitionName": { "markdownDescription": "The name of the monitoring job definition.", "title": "JobDefinitionName", "type": "string" }, "JobResources": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources", "markdownDescription": "Identifies the resources to deploy for a monitoring job.", "title": "JobResources" }, "ModelQualityAppSpecification": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification", "markdownDescription": "Container image configuration object for the monitoring job.", "title": "ModelQualityAppSpecification" }, "ModelQualityBaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig", "markdownDescription": "Specifies the constraints and baselines for the monitoring job.", "title": "ModelQualityBaselineConfig" }, "ModelQualityJobInput": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput", "markdownDescription": "A list of the inputs that are monitored. Currently endpoints are supported.", "title": "ModelQualityJobInput" }, "ModelQualityJobOutputConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig", "markdownDescription": "The output configuration for monitoring jobs.", "title": "ModelQualityJobOutputConfig" }, "NetworkConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig", "markdownDescription": "Specifies the network configuration for the monitoring job.", "title": "NetworkConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", "title": "RoleArn", "type": "string" }, "StoppingCondition": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition", "markdownDescription": "A time limit for how long the monitoring job is allowed to run before stopping.", "title": "StoppingCondition" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "JobResources", "ModelQualityAppSpecification", "ModelQualityJobInput", "ModelQualityJobOutputConfig", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::ModelQualityJobDefinition" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput": { "additionalProperties": false, "properties": { "DataCapturedDestinationS3Uri": { "markdownDescription": "The Amazon S3 location being used to capture the data.", "title": "DataCapturedDestinationS3Uri", "type": "string" }, "DatasetFormat": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat", "markdownDescription": "The dataset format for your batch transform job.", "title": "DatasetFormat" }, "EndTimeOffset": { "markdownDescription": "If specified, monitoring jobs subtract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "EndTimeOffset", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "ProbabilityThresholdAttribute": { "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", "title": "ProbabilityThresholdAttribute", "type": "number" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" }, "StartTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "StartTimeOffset", "type": "string" } }, "required": [ "DataCapturedDestinationS3Uri", "DatasetFormat", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the processing job.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", "title": "VolumeKmsKeyId", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceCount", "InstanceType", "VolumeSizeInGB" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.Csv": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.DatasetFormat": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Csv", "markdownDescription": "", "title": "Csv" }, "Json": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.Json", "markdownDescription": "", "title": "Json" }, "Parquet": { "markdownDescription": "", "title": "Parquet", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.EndpointInput": { "additionalProperties": false, "properties": { "EndTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the end time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "EndTimeOffset", "type": "string" }, "EndpointName": { "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", "title": "EndpointName", "type": "string" }, "InferenceAttribute": { "markdownDescription": "The attribute of the input data that represents the ground truth label.", "title": "InferenceAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", "title": "LocalPath", "type": "string" }, "ProbabilityAttribute": { "markdownDescription": "In a classification problem, the attribute that represents the class probability.", "title": "ProbabilityAttribute", "type": "string" }, "ProbabilityThresholdAttribute": { "markdownDescription": "The threshold for the class probability to be evaluated as a positive result.", "title": "ProbabilityThresholdAttribute", "type": "number" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" }, "StartTimeOffset": { "markdownDescription": "If specified, monitoring jobs substract this time from the start time. For information about using offsets for scheduling monitoring jobs, see [Schedule Model Quality Monitoring Jobs](https://docs.aws.amazon.com/sagemaker/latest/dg/model-monitor-model-quality-schedule.html) .", "title": "StartTimeOffset", "type": "string" } }, "required": [ "EndpointName", "LocalPath" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.Json": { "additionalProperties": false, "properties": { "Line": { "markdownDescription": "", "title": "Line", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityAppSpecification": { "additionalProperties": false, "properties": { "ContainerArguments": { "items": { "type": "string" }, "markdownDescription": "An array of arguments for the container used to run the monitoring job.", "title": "ContainerArguments", "type": "array" }, "ContainerEntrypoint": { "items": { "type": "string" }, "markdownDescription": "Specifies the entrypoint for a container that the monitoring job runs.", "title": "ContainerEntrypoint", "type": "array" }, "Environment": { "additionalProperties": true, "markdownDescription": "Sets the environment variables in the container that the monitoring job runs.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "ImageUri": { "markdownDescription": "The address of the container image that the monitoring job runs.", "title": "ImageUri", "type": "string" }, "PostAnalyticsProcessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", "title": "PostAnalyticsProcessorSourceUri", "type": "string" }, "ProblemType": { "markdownDescription": "The machine learning problem type of the model that the monitoring job monitors.", "title": "ProblemType", "type": "string" }, "RecordPreprocessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", "title": "RecordPreprocessorSourceUri", "type": "string" } }, "required": [ "ImageUri", "ProblemType" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityBaselineConfig": { "additionalProperties": false, "properties": { "BaseliningJobName": { "markdownDescription": "The name of the job that performs baselining for the monitoring job.", "title": "BaseliningJobName", "type": "string" }, "ConstraintsResource": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ConstraintsResource", "markdownDescription": "The constraints resource for a monitoring job.", "title": "ConstraintsResource" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.ModelQualityJobInput": { "additionalProperties": false, "properties": { "BatchTransformInput": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.BatchTransformInput", "markdownDescription": "Input object for the batch transform job.", "title": "BatchTransformInput" }, "EndpointInput": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.EndpointInput", "markdownDescription": "Input object for the endpoint", "title": "EndpointInput" }, "GroundTruthS3Input": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input", "markdownDescription": "The ground truth label provided for the model.", "title": "GroundTruthS3Input" } }, "required": [ "GroundTruthS3Input" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.MonitoringGroundTruthS3Input": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The address of the Amazon S3 location of the ground truth labels.", "title": "S3Uri", "type": "string" } }, "required": [ "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput": { "additionalProperties": false, "properties": { "S3Output": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.S3Output", "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", "title": "S3Output" } }, "required": [ "S3Output" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", "title": "KmsKeyId", "type": "string" }, "MonitoringOutputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.MonitoringOutput" }, "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", "title": "MonitoringOutputs", "type": "array" } }, "required": [ "MonitoringOutputs" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.MonitoringResources": { "additionalProperties": false, "properties": { "ClusterConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.ClusterConfig", "markdownDescription": "The configuration for the cluster resources used to run the processing job.", "title": "ClusterConfig" } }, "required": [ "ClusterConfig" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.NetworkConfig": { "additionalProperties": false, "properties": { "EnableInterContainerTrafficEncryption": { "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, "EnableNetworkIsolation": { "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", "title": "EnableNetworkIsolation", "type": "boolean" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition.VpcConfig", "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC.", "title": "VpcConfig" } }, "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.S3Output": { "additionalProperties": false, "properties": { "LocalPath": { "markdownDescription": "The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", "title": "LocalPath", "type": "string" }, "S3UploadMode": { "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", "title": "S3UploadMode", "type": "string" }, "S3Uri": { "markdownDescription": "A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ "LocalPath", "S3Uri" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.StoppingCondition": { "additionalProperties": false, "properties": { "MaxRuntimeInSeconds": { "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ "MaxRuntimeInSeconds" ], "type": "object" }, "AWS::SageMaker::ModelQualityJobDefinition.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "The name of the endpoint using the monitoring schedule.", "title": "EndpointName", "type": "string" }, "FailureReason": { "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", "title": "FailureReason", "type": "string" }, "LastMonitoringExecutionSummary": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary", "markdownDescription": "Describes metadata on the last execution to run, if there was one.", "title": "LastMonitoringExecutionSummary" }, "MonitoringScheduleConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig", "markdownDescription": "The configuration object that specifies the monitoring schedule and defines the monitoring job.", "title": "MonitoringScheduleConfig" }, "MonitoringScheduleName": { "markdownDescription": "The name of the monitoring schedule.", "title": "MonitoringScheduleName", "type": "string" }, "MonitoringScheduleStatus": { "markdownDescription": "The status of the monitoring schedule.", "title": "MonitoringScheduleStatus", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "MonitoringScheduleConfig", "MonitoringScheduleName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::MonitoringSchedule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.BaselineConfig": { "additionalProperties": false, "properties": { "ConstraintsResource": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ConstraintsResource", "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "ConstraintsResource" }, "StatisticsResource": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StatisticsResource", "markdownDescription": "The baseline statistics file in Amazon S3 that the current monitoring job should be validated against.", "title": "StatisticsResource" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.BatchTransformInput": { "additionalProperties": false, "properties": { "DataCapturedDestinationS3Uri": { "markdownDescription": "The Amazon S3 location being used to capture the data.", "title": "DataCapturedDestinationS3Uri", "type": "string" }, "DatasetFormat": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.DatasetFormat", "markdownDescription": "The dataset format for your batch transform job.", "title": "DatasetFormat" }, "ExcludeFeaturesAttribute": { "markdownDescription": "The attributes of the input data to exclude from the analysis.", "title": "ExcludeFeaturesAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the batch transform data is available to the container.", "title": "LocalPath", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "DataCapturedDestinationS3Uri", "DatasetFormat", "LocalPath" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.ClusterConfig": { "additionalProperties": false, "properties": { "InstanceCount": { "markdownDescription": "The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1.", "title": "InstanceCount", "type": "number" }, "InstanceType": { "markdownDescription": "The ML compute instance type for the processing job.", "title": "InstanceType", "type": "string" }, "VolumeKmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job.", "title": "VolumeKmsKeyId", "type": "string" }, "VolumeSizeInGB": { "markdownDescription": "The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceCount", "InstanceType", "VolumeSizeInGB" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.ConstraintsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The Amazon S3 URI for the constraints resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.Csv": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "", "title": "Header", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.DatasetFormat": { "additionalProperties": false, "properties": { "Csv": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Csv", "markdownDescription": "", "title": "Csv" }, "Json": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.Json", "markdownDescription": "", "title": "Json" }, "Parquet": { "markdownDescription": "", "title": "Parquet", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.EndpointInput": { "additionalProperties": false, "properties": { "EndpointName": { "markdownDescription": "An endpoint in customer's account which has enabled `DataCaptureConfig` enabled.", "title": "EndpointName", "type": "string" }, "ExcludeFeaturesAttribute": { "markdownDescription": "The attributes of the input data to exclude from the analysis.", "title": "ExcludeFeaturesAttribute", "type": "string" }, "LocalPath": { "markdownDescription": "Path to the filesystem where the endpoint data is available to the container.", "title": "LocalPath", "type": "string" }, "S3DataDistributionType": { "markdownDescription": "Whether input data distributed in Amazon S3 is fully replicated or sharded by an Amazon S3 key. Defaults to `FullyReplicated`", "title": "S3DataDistributionType", "type": "string" }, "S3InputMode": { "markdownDescription": "Whether the `Pipe` or `File` is used as the input mode for transferring data for the monitoring job. `Pipe` mode is recommended for large datasets. `File` mode is useful for small files that fit in memory. Defaults to `File` .", "title": "S3InputMode", "type": "string" } }, "required": [ "EndpointName", "LocalPath" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.Json": { "additionalProperties": false, "properties": { "Line": { "markdownDescription": "", "title": "Line", "type": "boolean" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification": { "additionalProperties": false, "properties": { "ContainerArguments": { "items": { "type": "string" }, "markdownDescription": "An array of arguments for the container used to run the monitoring job.", "title": "ContainerArguments", "type": "array" }, "ContainerEntrypoint": { "items": { "type": "string" }, "markdownDescription": "Specifies the entrypoint for a container used to run the monitoring job.", "title": "ContainerEntrypoint", "type": "array" }, "ImageUri": { "markdownDescription": "The container image to be run by the monitoring job.", "title": "ImageUri", "type": "string" }, "PostAnalyticsProcessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers.", "title": "PostAnalyticsProcessorSourceUri", "type": "string" }, "RecordPreprocessorSourceUri": { "markdownDescription": "An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flattened JSON so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers.", "title": "RecordPreprocessorSourceUri", "type": "string" } }, "required": [ "ImageUri" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringExecutionSummary": { "additionalProperties": false, "properties": { "CreationTime": { "markdownDescription": "The time at which the monitoring job was created.", "title": "CreationTime", "type": "string" }, "EndpointName": { "markdownDescription": "The name of the endpoint used to run the monitoring job.", "title": "EndpointName", "type": "string" }, "FailureReason": { "markdownDescription": "Contains the reason a monitoring job failed, if it failed.", "title": "FailureReason", "type": "string" }, "LastModifiedTime": { "markdownDescription": "A timestamp that indicates the last time the monitoring job was modified.", "title": "LastModifiedTime", "type": "string" }, "MonitoringExecutionStatus": { "markdownDescription": "The status of the monitoring job.", "title": "MonitoringExecutionStatus", "type": "string" }, "MonitoringScheduleName": { "markdownDescription": "The name of the monitoring schedule.", "title": "MonitoringScheduleName", "type": "string" }, "ProcessingJobArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the monitoring job.", "title": "ProcessingJobArn", "type": "string" }, "ScheduledTime": { "markdownDescription": "The time the monitoring job was scheduled.", "title": "ScheduledTime", "type": "string" } }, "required": [ "CreationTime", "LastModifiedTime", "MonitoringExecutionStatus", "MonitoringScheduleName", "ScheduledTime" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringInput": { "additionalProperties": false, "properties": { "BatchTransformInput": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BatchTransformInput", "markdownDescription": "Input object for the batch transform job.", "title": "BatchTransformInput" }, "EndpointInput": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.EndpointInput", "markdownDescription": "The endpoint for a monitoring job.", "title": "EndpointInput" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition": { "additionalProperties": false, "properties": { "BaselineConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.BaselineConfig", "markdownDescription": "Baseline configuration used to validate that the data conforms to the specified constraints and statistics", "title": "BaselineConfig" }, "Environment": { "additionalProperties": true, "markdownDescription": "Sets the environment variables in the Docker container.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Environment", "type": "object" }, "MonitoringAppSpecification": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringAppSpecification", "markdownDescription": "Configures the monitoring job to run a specified Docker container image.", "title": "MonitoringAppSpecification" }, "MonitoringInputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringInput" }, "markdownDescription": "The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker Endpoint.", "title": "MonitoringInputs", "type": "array" }, "MonitoringOutputConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig", "markdownDescription": "The array of outputs from the monitoring job to be uploaded to Amazon S3.", "title": "MonitoringOutputConfig" }, "MonitoringResources": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringResources", "markdownDescription": "Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance.", "title": "MonitoringResources" }, "NetworkConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.NetworkConfig", "markdownDescription": "Specifies networking options for an monitoring job.", "title": "NetworkConfig" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf.", "title": "RoleArn", "type": "string" }, "StoppingCondition": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.StoppingCondition", "markdownDescription": "Specifies a time limit for how long the monitoring job is allowed to run.", "title": "StoppingCondition" } }, "required": [ "MonitoringAppSpecification", "MonitoringInputs", "MonitoringOutputConfig", "MonitoringResources", "RoleArn" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringOutput": { "additionalProperties": false, "properties": { "S3Output": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.S3Output", "markdownDescription": "The Amazon S3 storage location where the results of a monitoring job are saved.", "title": "S3Output" } }, "required": [ "S3Output" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringOutputConfig": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The AWS Key Management Service ( AWS KMS ) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption.", "title": "KmsKeyId", "type": "string" }, "MonitoringOutputs": { "items": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringOutput" }, "markdownDescription": "Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded.", "title": "MonitoringOutputs", "type": "array" } }, "required": [ "MonitoringOutputs" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringResources": { "additionalProperties": false, "properties": { "ClusterConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ClusterConfig", "markdownDescription": "The configuration for the cluster resources used to run the processing job.", "title": "ClusterConfig" } }, "required": [ "ClusterConfig" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.MonitoringScheduleConfig": { "additionalProperties": false, "properties": { "MonitoringJobDefinition": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.MonitoringJobDefinition", "markdownDescription": "Defines the monitoring job.", "title": "MonitoringJobDefinition" }, "MonitoringJobDefinitionName": { "markdownDescription": "The name of the monitoring job definition to schedule.", "title": "MonitoringJobDefinitionName", "type": "string" }, "MonitoringType": { "markdownDescription": "The type of the monitoring job definition to schedule.", "title": "MonitoringType", "type": "string" }, "ScheduleConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.ScheduleConfig", "markdownDescription": "Configures the monitoring schedule.", "title": "ScheduleConfig" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.NetworkConfig": { "additionalProperties": false, "properties": { "EnableInterContainerTrafficEncryption": { "markdownDescription": "Whether to encrypt all communications between distributed processing jobs. Choose `True` to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer.", "title": "EnableInterContainerTrafficEncryption", "type": "boolean" }, "EnableNetworkIsolation": { "markdownDescription": "Whether to allow inbound and outbound network calls to and from the containers used for the processing job.", "title": "EnableNetworkIsolation", "type": "boolean" }, "VpcConfig": { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule.VpcConfig", "markdownDescription": "Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) .", "title": "VpcConfig" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.S3Output": { "additionalProperties": false, "properties": { "LocalPath": { "markdownDescription": "The local path to the S3 storage location where SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data.", "title": "LocalPath", "type": "string" }, "S3UploadMode": { "markdownDescription": "Whether to upload the results of the monitoring job continuously or after the job completes.", "title": "S3UploadMode", "type": "string" }, "S3Uri": { "markdownDescription": "A URI that identifies the S3 storage location where SageMaker saves the results of a monitoring job.", "title": "S3Uri", "type": "string" } }, "required": [ "LocalPath", "S3Uri" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.ScheduleConfig": { "additionalProperties": false, "properties": { "DataAnalysisEndTime": { "markdownDescription": "Sets the end time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to end the window one hour before the start of each monitoring job, you would specify: `\"-PT1H\"` .\n\nThe end time that you specify must not follow the start time that you specify by more than 24 hours. You specify the start time with the `DataAnalysisStartTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", "title": "DataAnalysisEndTime", "type": "string" }, "DataAnalysisStartTime": { "markdownDescription": "Sets the start time for a monitoring job window. Express this time as an offset to the times that you schedule your monitoring jobs to run. You schedule monitoring jobs with the `ScheduleExpression` parameter. Specify this offset in ISO 8601 duration format. For example, if you want to monitor the five hours of data in your dataset that precede the start of each monitoring job, you would specify: `\"-PT5H\"` .\n\nThe start time that you specify must not precede the end time that you specify by more than 24 hours. You specify the end time with the `DataAnalysisEndTime` parameter.\n\nIf you set `ScheduleExpression` to `NOW` , this parameter is required.", "title": "DataAnalysisStartTime", "type": "string" }, "ScheduleExpression": { "markdownDescription": "A cron expression that describes details about the monitoring schedule.\n\nThe supported cron expressions are:\n\n- If you want to set the job to start every hour, use the following:\n\n`Hourly: cron(0 * ? * * *)`\n- If you want to start the job daily:\n\n`cron(0 [00-23] ? * * *)`\n- If you want to run the job one time, immediately, use the following keyword:\n\n`NOW`\n\nFor example, the following are valid cron expressions:\n\n- Daily at noon UTC: `cron(0 12 ? * * *)`\n- Daily at midnight UTC: `cron(0 0 ? * * *)`\n\nTo support running every 6, 12 hours, the following are also supported:\n\n`cron(0 [00-23]/[01-24] ? * * *)`\n\nFor example, the following are valid cron expressions:\n\n- Every 12 hours, starting at 5pm UTC: `cron(0 17/12 ? * * *)`\n- Every two hours starting at midnight: `cron(0 0/2 ? * * *)`\n\n> - Even though the cron expression is set to start at 5PM UTC, note that there could be a delay of 0-20 minutes from the actual requested time to run the execution.\n> - We recommend that if you would like a daily schedule, you do not provide this parameter. Amazon SageMaker will pick a time for running every day. \n\nYou can also specify the keyword `NOW` to run the monitoring job immediately, one time, without recurring.", "title": "ScheduleExpression", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.StatisticsResource": { "additionalProperties": false, "properties": { "S3Uri": { "markdownDescription": "The S3 URI for the statistics resource.", "title": "S3Uri", "type": "string" } }, "type": "object" }, "AWS::SageMaker::MonitoringSchedule.StoppingCondition": { "additionalProperties": false, "properties": { "MaxRuntimeInSeconds": { "markdownDescription": "The maximum length of time, in seconds, that a training or compilation job can run before it is stopped.\n\nFor compilation jobs, if the job does not complete during this time, a `TimeOut` error is generated. We recommend starting with 900 seconds and increasing as necessary based on your model.\n\nFor all other jobs, if the job does not complete during this time, SageMaker ends the job. When `RetryStrategy` is specified in the job request, `MaxRuntimeInSeconds` specifies the maximum time for all of the attempts in total, not each individual attempt. The default value is 1 day. The maximum value is 28 days.\n\nThe maximum time that a `TrainingJob` can run in total, including any time spent publishing metrics or archiving and uploading models after it has been stopped, is 30 days.", "title": "MaxRuntimeInSeconds", "type": "number" } }, "required": [ "MaxRuntimeInSeconds" ], "type": "object" }, "AWS::SageMaker::MonitoringSchedule.VpcConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form `sg-xxxxxxxx` . Specify the security groups for the VPC that is specified in the `Subnets` field.", "title": "SecurityGroupIds", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html) .", "title": "Subnets", "type": "array" } }, "required": [ "SecurityGroupIds", "Subnets" ], "type": "object" }, "AWS::SageMaker::NotebookInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceleratorTypes": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon Elastic Inference (EI) instance types to associate with the notebook instance. Currently, only one instance type can be associated with a notebook instance. For more information, see [Using Elastic Inference in Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/ei.html) .\n\n*Valid Values:* `ml.eia1.medium | ml.eia1.large | ml.eia1.xlarge | ml.eia2.medium | ml.eia2.large | ml.eia2.xlarge` .", "title": "AcceleratorTypes", "type": "array" }, "AdditionalCodeRepositories": { "items": { "type": "string" }, "markdownDescription": "An array of up to three Git repositories associated with the notebook instance. These can be either the names of Git repositories stored as resources in your account, or the URL of Git repositories in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. These repositories are cloned at the same level as the default repository of your notebook instance. For more information, see [Associating Git Repositories with SageMaker Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", "title": "AdditionalCodeRepositories", "type": "array" }, "DefaultCodeRepository": { "markdownDescription": "The Git repository associated with the notebook instance as its default code repository. This can be either the name of a Git repository stored as a resource in your account, or the URL of a Git repository in [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html) or in any other Git repository. When you open a notebook instance, it opens in the directory that contains this repository. For more information, see [Associating Git Repositories with SageMaker Notebook Instances](https://docs.aws.amazon.com/sagemaker/latest/dg/nbi-git-repo.html) .", "title": "DefaultCodeRepository", "type": "string" }, "DirectInternetAccess": { "markdownDescription": "Sets whether SageMaker provides internet access to the notebook instance. If you set this to `Disabled` this notebook instance is able to access resources only in your VPC, and is not be able to connect to SageMaker training and endpoint services unless you configure a NAT Gateway in your VPC.\n\nFor more information, see [Notebook Instances Are Internet-Enabled by Default](https://docs.aws.amazon.com/sagemaker/latest/dg/appendix-additional-considerations.html#appendix-notebook-and-internet-access) . You can set the value of this parameter to `Disabled` only if you set a value for the `SubnetId` parameter.", "title": "DirectInternetAccess", "type": "string" }, "InstanceMetadataServiceConfiguration": { "$ref": "#/definitions/AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration", "markdownDescription": "Information on the IMDS configuration of the notebook instance", "title": "InstanceMetadataServiceConfiguration" }, "InstanceType": { "markdownDescription": "The type of ML compute instance to launch for the notebook instance.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", "title": "InstanceType", "type": "string" }, "KmsKeyId": { "markdownDescription": "The Amazon Resource Name (ARN) of a AWS Key Management Service key that SageMaker uses to encrypt data on the storage volume attached to your notebook instance. The KMS key you provide must be enabled. For information, see [Enabling and Disabling Keys](https://docs.aws.amazon.com/kms/latest/developerguide/enabling-keys.html) in the *AWS Key Management Service Developer Guide* .", "title": "KmsKeyId", "type": "string" }, "LifecycleConfigName": { "markdownDescription": "The name of a lifecycle configuration to associate with the notebook instance. For information about lifecycle configurations, see [Customize a Notebook Instance](https://docs.aws.amazon.com/sagemaker/latest/dg/notebook-lifecycle-config.html) in the *Amazon SageMaker Developer Guide* .", "title": "LifecycleConfigName", "type": "string" }, "NotebookInstanceName": { "markdownDescription": "The name of the new notebook instance.", "title": "NotebookInstanceName", "type": "string" }, "PlatformIdentifier": { "markdownDescription": "The platform identifier of the notebook instance runtime environment.", "title": "PlatformIdentifier", "type": "string" }, "RoleArn": { "markdownDescription": "When you send any requests to AWS resources from the notebook instance, SageMaker assumes this role to perform tasks on your behalf. You must grant this role necessary permissions so SageMaker can perform these tasks. The policy must allow the SageMaker service principal (sagemaker.amazonaws.com) permissions to assume this role. For more information, see [SageMaker Roles](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-roles.html) .\n\n> To be able to pass this role to SageMaker, the caller of this API must have the `iam:PassRole` permission.", "title": "RoleArn", "type": "string" }, "RootAccess": { "markdownDescription": "Whether root access is enabled or disabled for users of the notebook instance. The default value is `Enabled` .\n\n> Lifecycle configurations need root access to be able to set up a notebook instance. Because of this, lifecycle configurations associated with a notebook instance always run with root access even if you disable root access for users.", "title": "RootAccess", "type": "string" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The VPC security group IDs, in the form sg-xxxxxxxx. The security groups must be for the same VPC as specified in the subnet.", "title": "SecurityGroupIds", "type": "array" }, "SubnetId": { "markdownDescription": "The ID of the subnet in a VPC to which you would like to have a connectivity from your ML compute instance.", "title": "SubnetId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) .\n\nYou can add tags later by using the `CreateTags` API.", "title": "Tags", "type": "array" }, "VolumeSizeInGB": { "markdownDescription": "The size, in GB, of the ML storage volume to attach to the notebook instance. The default value is 5 GB.\n\n> Expect some interruption of service if this parameter is changed as CloudFormation stops a notebook instance and starts it up again to update it.", "title": "VolumeSizeInGB", "type": "number" } }, "required": [ "InstanceType", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::NotebookInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::NotebookInstance.InstanceMetadataServiceConfiguration": { "additionalProperties": false, "properties": { "MinimumInstanceMetadataServiceVersion": { "markdownDescription": "Indicates the minimum IMDS version that the notebook instance supports. When passed as part of `CreateNotebookInstance` , if no value is selected, then it defaults to IMDSv1. This means that both IMDSv1 and IMDSv2 are supported. If passed as part of `UpdateNotebookInstance` , there is no default.", "title": "MinimumInstanceMetadataServiceVersion", "type": "string" } }, "required": [ "MinimumInstanceMetadataServiceVersion" ], "type": "object" }, "AWS::SageMaker::NotebookInstanceLifecycleConfig": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "NotebookInstanceLifecycleConfigName": { "markdownDescription": "The name of the lifecycle configuration.", "title": "NotebookInstanceLifecycleConfigName", "type": "string" }, "OnCreate": { "items": { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" }, "markdownDescription": "A shell script that runs only once, when you create a notebook instance. The shell script must be a base64-encoded string.", "title": "OnCreate", "type": "array" }, "OnStart": { "items": { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook" }, "markdownDescription": "A shell script that runs every time you start a notebook instance, including when you create the notebook instance. The shell script must be a base64-encoded string.", "title": "OnStart", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::NotebookInstanceLifecycleConfig" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SageMaker::NotebookInstanceLifecycleConfig.NotebookInstanceLifecycleHook": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "A base64-encoded string that contains a shell script for a notebook instance lifecycle configuration.", "title": "Content", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Pipeline": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ParallelismConfiguration": { "$ref": "#/definitions/AWS::SageMaker::Pipeline.ParallelismConfiguration", "markdownDescription": "The parallelism configuration applied to the pipeline.", "title": "ParallelismConfiguration" }, "PipelineDefinition": { "$ref": "#/definitions/AWS::SageMaker::Pipeline.PipelineDefinition", "markdownDescription": "The definition of the pipeline. This can be either a JSON string or an Amazon S3 location.", "title": "PipelineDefinition" }, "PipelineDescription": { "markdownDescription": "The description of the pipeline.", "title": "PipelineDescription", "type": "string" }, "PipelineDisplayName": { "markdownDescription": "The display name of the pipeline.", "title": "PipelineDisplayName", "type": "string" }, "PipelineName": { "markdownDescription": "The name of the pipeline.", "title": "PipelineName", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role used to execute the pipeline.", "title": "RoleArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags of the pipeline.", "title": "Tags", "type": "array" } }, "required": [ "PipelineDefinition", "PipelineName", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Pipeline" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Pipeline.ParallelismConfiguration": { "additionalProperties": false, "properties": { "MaxParallelExecutionSteps": { "markdownDescription": "The max number of steps that can be executed in parallel.", "title": "MaxParallelExecutionSteps", "type": "number" } }, "required": [ "MaxParallelExecutionSteps" ], "type": "object" }, "AWS::SageMaker::Pipeline.PipelineDefinition": { "additionalProperties": false, "properties": { "PipelineDefinitionBody": { "markdownDescription": "The [JSON pipeline definition](https://docs.aws.amazon.com/https://aws-sagemaker-mlops.github.io/sagemaker-model-building-pipeline-definition-JSON-schema/) of the pipeline.", "title": "PipelineDefinitionBody", "type": "string" }, "PipelineDefinitionS3Location": { "$ref": "#/definitions/AWS::SageMaker::Pipeline.S3Location", "markdownDescription": "The location of the pipeline definition stored in Amazon S3. If specified, SageMaker retrieves the pipeline definition from this location.", "title": "PipelineDefinitionS3Location" } }, "type": "object" }, "AWS::SageMaker::Pipeline.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket.", "title": "Bucket", "type": "string" }, "ETag": { "markdownDescription": "A file checksum of the pipeline definition file.", "title": "ETag", "type": "string" }, "Key": { "markdownDescription": "The object key (or key name) which uniquely identifies the object in an S3 bucket.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "The version ID of the pipeline definition file. If not specified, Amazon SageMaker will retrieve the latest version.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::SageMaker::Project": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ProjectDescription": { "markdownDescription": "The description of the project.", "title": "ProjectDescription", "type": "string" }, "ProjectName": { "markdownDescription": "The name of the project.", "title": "ProjectName", "type": "string" }, "ServiceCatalogProvisionedProductDetails": { "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails", "markdownDescription": "Details of a provisioned service catalog product. For information about service catalog, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", "title": "ServiceCatalogProvisionedProductDetails" }, "ServiceCatalogProvisioningDetails": { "$ref": "#/definitions/AWS::SageMaker::Project.ServiceCatalogProvisioningDetails", "markdownDescription": "The product ID and provisioning artifact ID to provision a service catalog. For information, see [What is AWS Service Catalog](https://docs.aws.amazon.com/servicecatalog/latest/adminguide/introduction.html) .", "title": "ServiceCatalogProvisioningDetails" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to apply to this resource.\n\nFor more information, see [Resource Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) and [Using Cost Allocation Tags](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html#allocation-what) in the *AWS Billing and Cost Management User Guide* .", "title": "Tags", "type": "array" } }, "required": [ "ProjectName", "ServiceCatalogProvisioningDetails" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Project" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Project.ProvisioningParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The key that identifies a provisioning parameter.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the provisioning parameter.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::SageMaker::Project.ServiceCatalogProvisionedProductDetails": { "additionalProperties": false, "properties": { "ProvisionedProductId": { "markdownDescription": "The ID of the provisioned product.", "title": "ProvisionedProductId", "type": "string" }, "ProvisionedProductStatusMessage": { "markdownDescription": "The current status of the product.\n\n- `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed.\n- `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations.\n- `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version.\n- `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack.\n- `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations.", "title": "ProvisionedProductStatusMessage", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Project.ServiceCatalogProvisioningDetails": { "additionalProperties": false, "properties": { "PathId": { "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path.", "title": "PathId", "type": "string" }, "ProductId": { "markdownDescription": "The ID of the product to provision.", "title": "ProductId", "type": "string" }, "ProvisioningArtifactId": { "markdownDescription": "The ID of the provisioning artifact.", "title": "ProvisioningArtifactId", "type": "string" }, "ProvisioningParameters": { "items": { "$ref": "#/definitions/AWS::SageMaker::Project.ProvisioningParameter" }, "markdownDescription": "A list of key value pairs that you specify when you provision a product.", "title": "ProvisioningParameters", "type": "array" } }, "required": [ "ProductId" ], "type": "object" }, "AWS::SageMaker::Space": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainId": { "markdownDescription": "The ID of the associated domain.", "title": "DomainId", "type": "string" }, "OwnershipSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.OwnershipSettings", "markdownDescription": "The collection of ownership settings for a space.", "title": "OwnershipSettings" }, "SpaceDisplayName": { "markdownDescription": "The name of the space that appears in the Studio UI.", "title": "SpaceDisplayName", "type": "string" }, "SpaceName": { "markdownDescription": "The name of the space.", "title": "SpaceName", "type": "string" }, "SpaceSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSettings", "markdownDescription": "A collection of space settings.", "title": "SpaceSettings" }, "SpaceSharingSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceSharingSettings", "markdownDescription": "A collection of space sharing settings.", "title": "SpaceSharingSettings" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DomainId", "SpaceName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Space" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::Space.CodeRepository": { "additionalProperties": false, "properties": { "RepositoryUrl": { "markdownDescription": "The URL of the Git repository.", "title": "RepositoryUrl", "type": "string" } }, "required": [ "RepositoryUrl" ], "type": "object" }, "AWS::SageMaker::Space.CustomFileSystem": { "additionalProperties": false, "properties": { "EFSFileSystem": { "$ref": "#/definitions/AWS::SageMaker::Space.EFSFileSystem", "markdownDescription": "A custom file system in Amazon EFS.", "title": "EFSFileSystem" } }, "type": "object" }, "AWS::SageMaker::Space.CustomImage": { "additionalProperties": false, "properties": { "AppImageConfigName": { "markdownDescription": "The name of the AppImageConfig.", "title": "AppImageConfigName", "type": "string" }, "ImageName": { "markdownDescription": "The name of the CustomImage. Must be unique to your account.", "title": "ImageName", "type": "string" }, "ImageVersionNumber": { "markdownDescription": "The version number of the CustomImage.", "title": "ImageVersionNumber", "type": "number" } }, "required": [ "AppImageConfigName", "ImageName" ], "type": "object" }, "AWS::SageMaker::Space.EFSFileSystem": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The ID of your Amazon EFS file system.", "title": "FileSystemId", "type": "string" } }, "required": [ "FileSystemId" ], "type": "object" }, "AWS::SageMaker::Space.EbsStorageSettings": { "additionalProperties": false, "properties": { "EbsVolumeSizeInGb": { "markdownDescription": "The size of an EBS storage volume for a space.", "title": "EbsVolumeSizeInGb", "type": "number" } }, "required": [ "EbsVolumeSizeInGb" ], "type": "object" }, "AWS::SageMaker::Space.JupyterServerAppSettings": { "additionalProperties": false, "properties": { "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Space.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::Space.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.\n\n> The Amazon SageMaker Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Space.OwnershipSettings": { "additionalProperties": false, "properties": { "OwnerUserProfileName": { "markdownDescription": "The user profile who is the owner of the space.", "title": "OwnerUserProfileName", "type": "string" } }, "required": [ "OwnerUserProfileName" ], "type": "object" }, "AWS::SageMaker::Space.ResourceSpec": { "additionalProperties": false, "properties": { "InstanceType": { "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", "title": "InstanceType", "type": "string" }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker image that the image version belongs to.", "title": "SageMakerImageArn", "type": "string" }, "SageMakerImageVersionArn": { "markdownDescription": "The ARN of the image version created on the instance.", "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Space.SpaceCodeEditorAppSettings": { "additionalProperties": false, "properties": { "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Space.SpaceJupyterLabAppSettings": { "additionalProperties": false, "properties": { "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::Space.CodeRepository" }, "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", "title": "CodeRepositories", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::Space.ResourceSpec", "markdownDescription": "Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::Space.SpaceSettings": { "additionalProperties": false, "properties": { "AppType": { "markdownDescription": "The type of app created within the space.", "title": "AppType", "type": "string" }, "CodeEditorAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceCodeEditorAppSettings", "markdownDescription": "The Code Editor application settings.", "title": "CodeEditorAppSettings" }, "CustomFileSystems": { "items": { "$ref": "#/definitions/AWS::SageMaker::Space.CustomFileSystem" }, "markdownDescription": "A file system, created by you, that you assign to a space for an Amazon SageMaker Domain. Permitted users can access this file system in Amazon SageMaker Studio.", "title": "CustomFileSystems", "type": "array" }, "JupyterLabAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceJupyterLabAppSettings", "markdownDescription": "The settings for the JupyterLab application.", "title": "JupyterLabAppSettings" }, "JupyterServerAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.JupyterServerAppSettings", "markdownDescription": "The JupyterServer app settings.", "title": "JupyterServerAppSettings" }, "KernelGatewayAppSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.KernelGatewayAppSettings", "markdownDescription": "The KernelGateway app settings.", "title": "KernelGatewayAppSettings" }, "SpaceStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.SpaceStorageSettings", "markdownDescription": "The storage settings for a space.", "title": "SpaceStorageSettings" } }, "type": "object" }, "AWS::SageMaker::Space.SpaceSharingSettings": { "additionalProperties": false, "properties": { "SharingType": { "markdownDescription": "Specifies the sharing type of the space.", "title": "SharingType", "type": "string" } }, "required": [ "SharingType" ], "type": "object" }, "AWS::SageMaker::Space.SpaceStorageSettings": { "additionalProperties": false, "properties": { "EbsStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::Space.EbsStorageSettings", "markdownDescription": "A collection of EBS storage settings for a space.", "title": "EbsStorageSettings" } }, "type": "object" }, "AWS::SageMaker::UserProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DomainId": { "markdownDescription": "The domain ID.", "title": "DomainId", "type": "string" }, "SingleSignOnUserIdentifier": { "markdownDescription": "A specifier for the type of value specified in SingleSignOnUserValue. Currently, the only supported value is \"UserName\". If the Domain's AuthMode is IAM Identity Center , this field is required. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", "title": "SingleSignOnUserIdentifier", "type": "string" }, "SingleSignOnUserValue": { "markdownDescription": "The username of the associated AWS Single Sign-On User for this UserProfile. If the Domain's AuthMode is IAM Identity Center , this field is required, and must match a valid username of a user in your directory. If the Domain's AuthMode is not IAM Identity Center , this field cannot be specified.", "title": "SingleSignOnUserValue", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nTags that you specify for the User Profile are also added to all apps that the User Profile launches.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" }, "UserProfileName": { "markdownDescription": "The user profile name.", "title": "UserProfileName", "type": "string" }, "UserSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.UserSettings", "markdownDescription": "A collection of settings that apply to users of Amazon SageMaker Studio.", "title": "UserSettings" } }, "required": [ "DomainId", "UserProfileName" ], "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::UserProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SageMaker::UserProfile.CodeEditorAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a Code Editor app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the Code Editor app.", "title": "DefaultResourceSpec" }, "LifecycleConfigArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the Code Editor application lifecycle configuration.", "title": "LifecycleConfigArns", "type": "array" } }, "type": "object" }, "AWS::SageMaker::UserProfile.CodeRepository": { "additionalProperties": false, "properties": { "RepositoryUrl": { "markdownDescription": "The URL of the Git repository.", "title": "RepositoryUrl", "type": "string" } }, "required": [ "RepositoryUrl" ], "type": "object" }, "AWS::SageMaker::UserProfile.CustomFileSystemConfig": { "additionalProperties": false, "properties": { "EFSFileSystemConfig": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.EFSFileSystemConfig", "markdownDescription": "The settings for a custom Amazon EFS file system.", "title": "EFSFileSystemConfig" } }, "type": "object" }, "AWS::SageMaker::UserProfile.CustomImage": { "additionalProperties": false, "properties": { "AppImageConfigName": { "markdownDescription": "The name of the AppImageConfig.", "title": "AppImageConfigName", "type": "string" }, "ImageName": { "markdownDescription": "The name of the CustomImage. Must be unique to your account.", "title": "ImageName", "type": "string" }, "ImageVersionNumber": { "markdownDescription": "The version number of the CustomImage.", "title": "ImageVersionNumber", "type": "number" } }, "required": [ "AppImageConfigName", "ImageName" ], "type": "object" }, "AWS::SageMaker::UserProfile.CustomPosixUserConfig": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The POSIX group ID.", "title": "Gid", "type": "number" }, "Uid": { "markdownDescription": "The POSIX user ID.", "title": "Uid", "type": "number" } }, "required": [ "Gid", "Uid" ], "type": "object" }, "AWS::SageMaker::UserProfile.DefaultEbsStorageSettings": { "additionalProperties": false, "properties": { "DefaultEbsVolumeSizeInGb": { "markdownDescription": "The default size of the EBS storage volume for a space.", "title": "DefaultEbsVolumeSizeInGb", "type": "number" }, "MaximumEbsVolumeSizeInGb": { "markdownDescription": "The maximum size of the EBS storage volume for a space.", "title": "MaximumEbsVolumeSizeInGb", "type": "number" } }, "required": [ "DefaultEbsVolumeSizeInGb", "MaximumEbsVolumeSizeInGb" ], "type": "object" }, "AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings": { "additionalProperties": false, "properties": { "DefaultEbsStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultEbsStorageSettings", "markdownDescription": "The default EBS storage settings for a space.", "title": "DefaultEbsStorageSettings" } }, "type": "object" }, "AWS::SageMaker::UserProfile.EFSFileSystemConfig": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The ID of your Amazon EFS file system.", "title": "FileSystemId", "type": "string" }, "FileSystemPath": { "markdownDescription": "The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below.", "title": "FileSystemPath", "type": "string" } }, "required": [ "FileSystemId" ], "type": "object" }, "AWS::SageMaker::UserProfile.JupyterLabAppSettings": { "additionalProperties": false, "properties": { "CodeRepositories": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeRepository" }, "markdownDescription": "A list of Git repositories that SageMaker automatically displays to users for cloning in the JupyterLab application.", "title": "CodeRepositories", "type": "array" }, "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a JupyterLab app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app.", "title": "DefaultResourceSpec" }, "LifecycleConfigArns": { "items": { "type": "string" }, "markdownDescription": "The Amazon Resource Name (ARN) of the lifecycle configurations attached to the user profile or domain. To remove a lifecycle config, you must set `LifecycleConfigArns` to an empty list.", "title": "LifecycleConfigArns", "type": "array" } }, "type": "object" }, "AWS::SageMaker::UserProfile.JupyterServerAppSettings": { "additionalProperties": false, "properties": { "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::UserProfile.KernelGatewayAppSettings": { "additionalProperties": false, "properties": { "CustomImages": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomImage" }, "markdownDescription": "A list of custom SageMaker images that are configured to run as a KernelGateway app.", "title": "CustomImages", "type": "array" }, "DefaultResourceSpec": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.ResourceSpec", "markdownDescription": "The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app.\n\n> The Amazon SageMaker Studio UI does not use the default instance type value set here. The default instance type set here is used when Apps are created using the AWS CLI or AWS CloudFormation and the instance type parameter value is not passed.", "title": "DefaultResourceSpec" } }, "type": "object" }, "AWS::SageMaker::UserProfile.RStudioServerProAppSettings": { "additionalProperties": false, "properties": { "AccessStatus": { "markdownDescription": "Indicates whether the current user has access to the `RStudioServerPro` app.", "title": "AccessStatus", "type": "string" }, "UserGroup": { "markdownDescription": "The level of permissions that the user has within the `RStudioServerPro` app. This value defaults to `User`. The `Admin` value allows the user access to the RStudio Administrative Dashboard.", "title": "UserGroup", "type": "string" } }, "type": "object" }, "AWS::SageMaker::UserProfile.ResourceSpec": { "additionalProperties": false, "properties": { "InstanceType": { "markdownDescription": "The instance type that the image version runs on.\n\n> *JupyterServer apps* only support the `system` value.\n> \n> For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types.", "title": "InstanceType", "type": "string" }, "SageMakerImageArn": { "markdownDescription": "The ARN of the SageMaker image that the image version belongs to.", "title": "SageMakerImageArn", "type": "string" }, "SageMakerImageVersionArn": { "markdownDescription": "The ARN of the image version created on the instance.", "title": "SageMakerImageVersionArn", "type": "string" } }, "type": "object" }, "AWS::SageMaker::UserProfile.SharingSettings": { "additionalProperties": false, "properties": { "NotebookOutputOption": { "markdownDescription": "Whether to include the notebook cell output when sharing the notebook. The default is `Disabled` .", "title": "NotebookOutputOption", "type": "string" }, "S3KmsKeyId": { "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket.", "title": "S3KmsKeyId", "type": "string" }, "S3OutputPath": { "markdownDescription": "When `NotebookOutputOption` is `Allowed` , the Amazon S3 bucket used to store the shared notebook snapshots.", "title": "S3OutputPath", "type": "string" } }, "type": "object" }, "AWS::SageMaker::UserProfile.UserSettings": { "additionalProperties": false, "properties": { "CodeEditorAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CodeEditorAppSettings", "markdownDescription": "The Code Editor application settings.", "title": "CodeEditorAppSettings" }, "CustomFileSystemConfigs": { "items": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomFileSystemConfig" }, "markdownDescription": "The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker Studio.", "title": "CustomFileSystemConfigs", "type": "array" }, "CustomPosixUserConfig": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.CustomPosixUserConfig", "markdownDescription": "Details about the POSIX identity that is used for file system operations.", "title": "CustomPosixUserConfig" }, "DefaultLandingUri": { "markdownDescription": "The default experience that the user is directed to when accessing the domain. The supported values are:\n\n- `studio::` : Indicates that Studio is the default experience. This value can only be passed if `StudioWebPortal` is set to `ENABLED` .\n- `app:JupyterServer:` : Indicates that Studio Classic is the default experience.", "title": "DefaultLandingUri", "type": "string" }, "ExecutionRole": { "markdownDescription": "The execution role for the user.", "title": "ExecutionRole", "type": "string" }, "JupyterLabAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterLabAppSettings", "markdownDescription": "The settings for the JupyterLab application.", "title": "JupyterLabAppSettings" }, "JupyterServerAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.JupyterServerAppSettings", "markdownDescription": "The Jupyter server's app settings.", "title": "JupyterServerAppSettings" }, "KernelGatewayAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.KernelGatewayAppSettings", "markdownDescription": "The kernel gateway app settings.", "title": "KernelGatewayAppSettings" }, "RStudioServerProAppSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.RStudioServerProAppSettings", "markdownDescription": "A collection of settings that configure user interaction with the `RStudioServerPro` app.", "title": "RStudioServerProAppSettings" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "The security groups for the Amazon Virtual Private Cloud (VPC) that the domain uses for communication.\n\nOptional when the `CreateDomain.AppNetworkAccessType` parameter is set to `PublicInternetOnly` .\n\nRequired when the `CreateDomain.AppNetworkAccessType` parameter is set to `VpcOnly` , unless specified as part of the `DefaultUserSettings` for the domain.\n\nAmazon SageMaker adds a security group to allow NFS traffic from Amazon SageMaker Studio. Therefore, the number of security groups that you can specify is one less than the maximum number shown.", "title": "SecurityGroups", "type": "array" }, "SharingSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.SharingSettings", "markdownDescription": "Specifies options for sharing Amazon SageMaker Studio notebooks.", "title": "SharingSettings" }, "SpaceStorageSettings": { "$ref": "#/definitions/AWS::SageMaker::UserProfile.DefaultSpaceStorageSettings", "markdownDescription": "The storage settings for a space.", "title": "SpaceStorageSettings" }, "StudioWebPortal": { "markdownDescription": "Whether the user can access Studio. If this value is set to `DISABLED` , the user cannot access Studio, even if that is the default experience for the domain.", "title": "StudioWebPortal", "type": "string" } }, "type": "object" }, "AWS::SageMaker::Workteam": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the work team.", "title": "Description", "type": "string" }, "MemberDefinitions": { "items": { "$ref": "#/definitions/AWS::SageMaker::Workteam.MemberDefinition" }, "markdownDescription": "A list of `MemberDefinition` objects that contains objects that identify the workers that make up the work team.\n\nWorkforces can be created using Amazon Cognito or your own OIDC Identity Provider (IdP). For private workforces created using Amazon Cognito use `CognitoMemberDefinition` . For workforces created using your own OIDC identity provider (IdP) use `OidcMemberDefinition` .", "title": "MemberDefinitions", "type": "array" }, "NotificationConfiguration": { "$ref": "#/definitions/AWS::SageMaker::Workteam.NotificationConfiguration", "markdownDescription": "Configures SNS notifications of available or expiring work items for work teams.", "title": "NotificationConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs.", "title": "Tags", "type": "array" }, "WorkforceName": { "markdownDescription": "The name of the workforce.", "title": "WorkforceName", "type": "string" }, "WorkteamName": { "markdownDescription": "The name of the work team.", "title": "WorkteamName", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::SageMaker::Workteam" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SageMaker::Workteam.CognitoMemberDefinition": { "additionalProperties": false, "properties": { "CognitoClientId": { "markdownDescription": "An identifier for an application client. You must create the app client ID using Amazon Cognito .", "title": "CognitoClientId", "type": "string" }, "CognitoUserGroup": { "markdownDescription": "An identifier for a user group.", "title": "CognitoUserGroup", "type": "string" }, "CognitoUserPool": { "markdownDescription": "An identifier for a user pool. The user pool must be in the same region as the service that you are calling.", "title": "CognitoUserPool", "type": "string" } }, "required": [ "CognitoClientId", "CognitoUserGroup", "CognitoUserPool" ], "type": "object" }, "AWS::SageMaker::Workteam.MemberDefinition": { "additionalProperties": false, "properties": { "CognitoMemberDefinition": { "$ref": "#/definitions/AWS::SageMaker::Workteam.CognitoMemberDefinition", "markdownDescription": "The Amazon Cognito user group that is part of the work team.", "title": "CognitoMemberDefinition" }, "OidcMemberDefinition": { "$ref": "#/definitions/AWS::SageMaker::Workteam.OidcMemberDefinition", "markdownDescription": "A list user groups that exist in your OIDC Identity Provider (IdP). One to ten groups can be used to create a single private work team. When you add a user group to the list of `Groups` , you can add that user group to one or more private work teams. If you add a user group to a private work team, all workers in that user group are added to the work team.", "title": "OidcMemberDefinition" } }, "type": "object" }, "AWS::SageMaker::Workteam.NotificationConfiguration": { "additionalProperties": false, "properties": { "NotificationTopicArn": { "markdownDescription": "The ARN for the Amazon SNS topic to which notifications should be published.", "title": "NotificationTopicArn", "type": "string" } }, "required": [ "NotificationTopicArn" ], "type": "object" }, "AWS::SageMaker::Workteam.OidcMemberDefinition": { "additionalProperties": false, "properties": { "OidcGroups": { "items": { "type": "string" }, "markdownDescription": "", "title": "OidcGroups", "type": "array" } }, "required": [ "OidcGroups" ], "type": "object" }, "AWS::Scheduler::Schedule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description you specify for the schedule.", "title": "Description", "type": "string" }, "EndDate": { "markdownDescription": "The date, in UTC, before which the schedule can invoke its target. Depending on the schedule's recurrence expression, invocations might stop on, or before, the `EndDate` you specify.\nEventBridge Scheduler ignores `EndDate` for one-time schedules.", "title": "EndDate", "type": "string" }, "FlexibleTimeWindow": { "$ref": "#/definitions/AWS::Scheduler::Schedule.FlexibleTimeWindow", "markdownDescription": "Allows you to configure a time window during which EventBridge Scheduler invokes the schedule.", "title": "FlexibleTimeWindow" }, "GroupName": { "markdownDescription": "The name of the schedule group associated with this schedule.", "title": "GroupName", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the customer managed KMS key that EventBridge Scheduler will use to encrypt and decrypt your data.", "title": "KmsKeyArn", "type": "string" }, "Name": { "markdownDescription": "The name of the schedule.", "title": "Name", "type": "string" }, "ScheduleExpression": { "markdownDescription": "The expression that defines when the schedule runs. The following formats are supported.\n\n- `at` expression - `at(yyyy-mm-ddThh:mm:ss)`\n- `rate` expression - `rate(value unit)`\n- `cron` expression - `cron(fields)`\n\nYou can use `at` expressions to create one-time schedules that invoke a target once, at the time and in the time zone, that you specify. You can use `rate` and `cron` expressions to create recurring schedules. Rate-based schedules are useful when you want to invoke a target at regular intervals, such as every 15 minutes or every five days. Cron-based schedules are useful when you want to invoke a target periodically at a specific time, such as at 8:00 am (UTC+0) every 1st day of the month.\n\nA `cron` expression consists of six fields separated by white spaces: `(minutes hours day_of_month month day_of_week year)` .\n\nA `rate` expression consists of a *value* as a positive integer, and a *unit* with the following options: `minute` | `minutes` | `hour` | `hours` | `day` | `days`\n\nFor more information and examples, see [Schedule types on EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/schedule-types.html) in the *EventBridge Scheduler User Guide* .", "title": "ScheduleExpression", "type": "string" }, "ScheduleExpressionTimezone": { "markdownDescription": "The timezone in which the scheduling expression is evaluated.", "title": "ScheduleExpressionTimezone", "type": "string" }, "StartDate": { "markdownDescription": "The date, in UTC, after which the schedule can begin invoking its target. Depending on the schedule's recurrence expression, invocations might occur on, or after, the `StartDate` you specify.\nEventBridge Scheduler ignores `StartDate` for one-time schedules.", "title": "StartDate", "type": "string" }, "State": { "markdownDescription": "Specifies whether the schedule is enabled or disabled.\n\n*Allowed Values* : `ENABLED` | `DISABLED`", "title": "State", "type": "string" }, "Target": { "$ref": "#/definitions/AWS::Scheduler::Schedule.Target", "markdownDescription": "The schedule's target details.", "title": "Target" } }, "required": [ "FlexibleTimeWindow", "ScheduleExpression", "Target" ], "type": "object" }, "Type": { "enum": [ "AWS::Scheduler::Schedule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Scheduler::Schedule.AwsVpcConfiguration": { "additionalProperties": false, "properties": { "AssignPublicIp": { "markdownDescription": "Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` .", "title": "AssignPublicIp", "type": "string" }, "SecurityGroups": { "items": { "type": "string" }, "markdownDescription": "Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used.", "title": "SecurityGroups", "type": "array" }, "Subnets": { "items": { "type": "string" }, "markdownDescription": "Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets.", "title": "Subnets", "type": "array" } }, "required": [ "Subnets" ], "type": "object" }, "AWS::Scheduler::Schedule.CapacityProviderStrategyItem": { "additionalProperties": false, "properties": { "Base": { "markdownDescription": "The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of `0` is used.", "title": "Base", "type": "number" }, "CapacityProvider": { "markdownDescription": "The short name of the capacity provider.", "title": "CapacityProvider", "type": "string" }, "Weight": { "markdownDescription": "The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.", "title": "Weight", "type": "number" } }, "required": [ "CapacityProvider" ], "type": "object" }, "AWS::Scheduler::Schedule.DeadLetterConfig": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the SQS queue specified as the destination for the dead-letter queue.", "title": "Arn", "type": "string" } }, "type": "object" }, "AWS::Scheduler::Schedule.EcsParameters": { "additionalProperties": false, "properties": { "CapacityProviderStrategy": { "items": { "$ref": "#/definitions/AWS::Scheduler::Schedule.CapacityProviderStrategyItem" }, "markdownDescription": "The capacity provider strategy to use for the task.", "title": "CapacityProviderStrategy", "type": "array" }, "EnableECSManagedTags": { "markdownDescription": "Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the *Amazon ECS Developer Guide* .", "title": "EnableECSManagedTags", "type": "boolean" }, "EnableExecuteCommand": { "markdownDescription": "Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task.", "title": "EnableExecuteCommand", "type": "boolean" }, "Group": { "markdownDescription": "Specifies an Amazon ECS task group for the task. The maximum length is 255 characters.", "title": "Group", "type": "string" }, "LaunchType": { "markdownDescription": "Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* .", "title": "LaunchType", "type": "string" }, "NetworkConfiguration": { "$ref": "#/definitions/AWS::Scheduler::Schedule.NetworkConfiguration", "markdownDescription": "This structure specifies the network configuration for an ECS task.", "title": "NetworkConfiguration" }, "PlacementConstraints": { "items": { "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementConstraint" }, "markdownDescription": "An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime).", "title": "PlacementConstraints", "type": "array" }, "PlacementStrategy": { "items": { "$ref": "#/definitions/AWS::Scheduler::Schedule.PlacementStrategy" }, "markdownDescription": "The task placement strategy for a task or service.", "title": "PlacementStrategy", "type": "array" }, "PlatformVersion": { "markdownDescription": "Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` .", "title": "PlatformVersion", "type": "string" }, "PropagateTags": { "markdownDescription": "Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action.", "title": "PropagateTags", "type": "string" }, "ReferenceId": { "markdownDescription": "The reference ID to use for the task.", "title": "ReferenceId", "type": "string" }, "Tags": { "markdownDescription": "The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. For more information, see [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) in the *Amazon ECS API Reference* .", "title": "Tags", "type": "object" }, "TaskCount": { "markdownDescription": "The number of tasks to create based on `TaskDefinition` . The default is `1` .", "title": "TaskCount", "type": "number" }, "TaskDefinitionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the task definition to use if the event target is an Amazon ECS task.", "title": "TaskDefinitionArn", "type": "string" } }, "required": [ "TaskDefinitionArn" ], "type": "object" }, "AWS::Scheduler::Schedule.EventBridgeParameters": { "additionalProperties": false, "properties": { "DetailType": { "markdownDescription": "A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail.", "title": "DetailType", "type": "string" }, "Source": { "markdownDescription": "The source of the event.", "title": "Source", "type": "string" } }, "required": [ "DetailType", "Source" ], "type": "object" }, "AWS::Scheduler::Schedule.FlexibleTimeWindow": { "additionalProperties": false, "properties": { "MaximumWindowInMinutes": { "markdownDescription": "The maximum time window during which a schedule can be invoked.\n\n*Minimum* : `1`\n\n*Maximum* : `1440`", "title": "MaximumWindowInMinutes", "type": "number" }, "Mode": { "markdownDescription": "Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template.\n\n*Allowed Values* : `\"OFF\"` | `\"FLEXIBLE\"`", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::Scheduler::Schedule.KinesisParameters": { "additionalProperties": false, "properties": { "PartitionKey": { "markdownDescription": "Specifies the shard to which EventBridge Scheduler sends the event. For more information, see [Amazon Kinesis Data Streams terminology and concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html) in the *Amazon Kinesis Streams Developer Guide* .", "title": "PartitionKey", "type": "string" } }, "required": [ "PartitionKey" ], "type": "object" }, "AWS::Scheduler::Schedule.NetworkConfiguration": { "additionalProperties": false, "properties": { "AwsvpcConfiguration": { "$ref": "#/definitions/AWS::Scheduler::Schedule.AwsVpcConfiguration", "markdownDescription": "Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode.", "title": "AwsvpcConfiguration" } }, "type": "object" }, "AWS::Scheduler::Schedule.PlacementConstraint": { "additionalProperties": false, "properties": { "Expression": { "markdownDescription": "A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . For more information, see [Cluster query language](https://docs.aws.amazon.com/latest/developerguide/cluster-query-language.html) in the *Amazon ECS Developer Guide* .", "title": "Expression", "type": "string" }, "Type": { "markdownDescription": "The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Scheduler::Schedule.PlacementStrategy": { "additionalProperties": false, "properties": { "Field": { "markdownDescription": "The field to apply the placement strategy against. For the spread placement strategy, valid values are `instanceId` (or `instanceId` , which has the same effect), or any platform or custom attribute that is applied to a container instance, such as `attribute:ecs.availability-zone` . For the binpack placement strategy, valid values are `cpu` and `memory` . For the random placement strategy, this field is not used.", "title": "Field", "type": "string" }, "Type": { "markdownDescription": "The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task).", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Scheduler::Schedule.RetryPolicy": { "additionalProperties": false, "properties": { "MaximumEventAgeInSeconds": { "markdownDescription": "The maximum amount of time, in seconds, to continue to make retry attempts.", "title": "MaximumEventAgeInSeconds", "type": "number" }, "MaximumRetryAttempts": { "markdownDescription": "The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is reached.", "title": "MaximumRetryAttempts", "type": "number" } }, "type": "object" }, "AWS::Scheduler::Schedule.SageMakerPipelineParameter": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Name of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "Value of parameter to start execution of a SageMaker Model Building Pipeline.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::Scheduler::Schedule.SageMakerPipelineParameters": { "additionalProperties": false, "properties": { "PipelineParameterList": { "items": { "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameter" }, "markdownDescription": "List of parameter names and values to use when executing the SageMaker Model Building Pipeline.", "title": "PipelineParameterList", "type": "array" } }, "type": "object" }, "AWS::Scheduler::Schedule.SqsParameters": { "additionalProperties": false, "properties": { "MessageGroupId": { "markdownDescription": "The FIFO message group ID to use as the target.", "title": "MessageGroupId", "type": "string" } }, "type": "object" }, "AWS::Scheduler::Schedule.Target": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the target.", "title": "Arn", "type": "string" }, "DeadLetterConfig": { "$ref": "#/definitions/AWS::Scheduler::Schedule.DeadLetterConfig", "markdownDescription": "An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue.", "title": "DeadLetterConfig" }, "EcsParameters": { "$ref": "#/definitions/AWS::Scheduler::Schedule.EcsParameters", "markdownDescription": "The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation.", "title": "EcsParameters" }, "EventBridgeParameters": { "$ref": "#/definitions/AWS::Scheduler::Schedule.EventBridgeParameters", "markdownDescription": "The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation.", "title": "EventBridgeParameters" }, "Input": { "markdownDescription": "The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda , AWS Step Functions , or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, Amazon EventBridge Scheduler delivers a default notification to the target.", "title": "Input", "type": "string" }, "KinesisParameters": { "$ref": "#/definitions/AWS::Scheduler::Schedule.KinesisParameters", "markdownDescription": "The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation.", "title": "KinesisParameters" }, "RetryPolicy": { "$ref": "#/definitions/AWS::Scheduler::Schedule.RetryPolicy", "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target.", "title": "RetryPolicy" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role that EventBridge Scheduler will use for this target when the schedule is invoked.", "title": "RoleArn", "type": "string" }, "SageMakerPipelineParameters": { "$ref": "#/definitions/AWS::Scheduler::Schedule.SageMakerPipelineParameters", "markdownDescription": "The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation.", "title": "SageMakerPipelineParameters" }, "SqsParameters": { "$ref": "#/definitions/AWS::Scheduler::Schedule.SqsParameters", "markdownDescription": "The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* .", "title": "SqsParameters" } }, "required": [ "Arn", "RoleArn" ], "type": "object" }, "AWS::Scheduler::ScheduleGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the schedule group.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Scheduler::ScheduleGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SecretsManager::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BlockPublicPolicy": { "markdownDescription": "Specifies whether to block resource-based policies that allow broad access to the secret. By default, Secrets Manager blocks policies that allow broad access, for example those that use a wildcard for the principal.", "title": "BlockPublicPolicy", "type": "boolean" }, "ResourcePolicy": { "markdownDescription": "A JSON-formatted string for an AWS resource-based policy. For example policies, see [Permissions policy examples](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html) .", "title": "ResourcePolicy", "type": "object" }, "SecretId": { "markdownDescription": "The ARN or name of the secret to attach the resource-based policy.\n\nFor an ARN, we recommend that you specify a complete ARN rather than a partial ARN.", "title": "SecretId", "type": "string" } }, "required": [ "ResourcePolicy", "SecretId" ], "type": "object" }, "Type": { "enum": [ "AWS::SecretsManager::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecretsManager::RotationSchedule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HostedRotationLambda": { "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.HostedRotationLambda", "markdownDescription": "Creates a new Lambda rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) . To use a rotation function that already exists, specify `RotationLambdaARN` instead.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .", "title": "HostedRotationLambda" }, "RotateImmediatelyOnUpdate": { "markdownDescription": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window. The rotation schedule is defined in `RotationRules` .\n\nIf you don't immediately rotate the secret, Secrets Manager tests the rotation configuration by running the [`testSecret` step](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) of the Lambda rotation function. The test creates an `AWSPENDING` version of the secret and then removes it.\n\nIf you don't specify this value, then by default, Secrets Manager rotates the secret immediately.\n\nRotation is an asynchronous process. For more information, see [How rotation works](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) .", "title": "RotateImmediatelyOnUpdate", "type": "boolean" }, "RotationLambdaARN": { "markdownDescription": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function.\n\nFor Amazon RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html) .\n\nTo create a new rotation function based on one of the [Secrets Manager rotation function templates](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) , specify `HostedRotationLambda` instead.", "title": "RotationLambdaARN", "type": "string" }, "RotationRules": { "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule.RotationRules", "markdownDescription": "A structure that defines the rotation configuration for this secret.", "title": "RotationRules" }, "SecretId": { "markdownDescription": "The ARN or name of the secret to rotate.\n\nTo reference a secret also created in this template, use the [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", "title": "SecretId", "type": "string" } }, "required": [ "SecretId" ], "type": "object" }, "Type": { "enum": [ "AWS::SecretsManager::RotationSchedule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecretsManager::RotationSchedule.HostedRotationLambda": { "additionalProperties": false, "properties": { "ExcludeCharacters": { "markdownDescription": "A string of the characters that you don't want in the password.", "title": "ExcludeCharacters", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If `aws/secretsmanager` doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.", "title": "KmsKeyArn", "type": "string" }, "MasterSecretArn": { "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", "title": "MasterSecretArn", "type": "string" }, "MasterSecretKmsKeyArn": { "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", "title": "MasterSecretKmsKeyArn", "type": "string" }, "RotationLambdaName": { "markdownDescription": "The name of the Lambda rotation function.", "title": "RotationLambdaName", "type": "string" }, "RotationType": { "markdownDescription": "The rotation template to base the rotation function on, one of the following:\n\n- `Db2SingleUser` to use the template [SecretsManagerRDSDb2RotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-singleuser) .\n- `Db2MultiUser` to use the template [SecretsManagerRDSDb2RotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-db2-multiuser) .\n- `MySQLSingleUser` to use the template [SecretsManagerRDSMySQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-singleuser) .\n- `MySQLMultiUser` to use the template [SecretsManagerRDSMySQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mysql-multiuser) .\n- `PostgreSQLSingleUser` to use the template [SecretsManagerRDSPostgreSQLRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-singleuser)\n- `PostgreSQLMultiUser` to use the template [SecretsManagerRDSPostgreSQLRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-postgre-multiuser) .\n- `OracleSingleUser` to use the template [SecretsManagerRDSOracleRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-singleuser) .\n- `OracleMultiUser` to use the template [SecretsManagerRDSOracleRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-oracle-multiuser) .\n- `MariaDBSingleUser` to use the template [SecretsManagerRDSMariaDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-singleuser) .\n- `MariaDBMultiUser` to use the template [SecretsManagerRDSMariaDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mariadb-multiuser) .\n- `SQLServerSingleUser` to use the template [SecretsManagerRDSSQLServerRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-singleuser) .\n- `SQLServerMultiUser` to use the template [SecretsManagerRDSSQLServerRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-sqlserver-multiuser) .\n- `RedshiftSingleUser` to use the template [SecretsManagerRedshiftRotationSingleUsr](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-singleuser) .\n- `RedshiftMultiUser` to use the template [SecretsManagerRedshiftRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-redshift-multiuser) .\n- `MongoDBSingleUser` to use the template [SecretsManagerMongoDBRotationSingleUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-singleuser) .\n- `MongoDBMultiUser` to use the template [SecretsManagerMongoDBRotationMultiUser](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html#sar-template-mongodb-multiuser) .", "title": "RotationType", "type": "string" }, "Runtime": { "markdownDescription": "By default, CloudFormation deploys Python 3.9 binaries for the rotation function. To use a different version of Python, you must do the following two steps:\n\n- Deploy the matching version Python binaries with your rotation function.\n- Set the version number in this field. For example, for Python 3.7, enter *python3.7*\n\nIf you only do one of the steps, your rotation function will be incompatible with the binaries. For more information, see [Why did my Lambda rotation function fail with a \"pg module not found\" error](https://docs.aws.amazon.com/https://repost.aws/knowledge-center/secrets-manager-lambda-rotation) .", "title": "Runtime", "type": "string" }, "SuperuserSecretArn": { "markdownDescription": "The ARN of the secret that contains superuser credentials, if you use the [Alternating users rotation strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) . CloudFormation grants the execution role for the Lambda rotation function `GetSecretValue` permission to the secret in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou must create the superuser secret before you can set this property.\n\nYou must also include the superuser secret ARN as a key in the JSON of the rotating secret so that the Lambda rotation function can find it. CloudFormation does not hardcode secret ARNs in the Lambda rotation function, so you can use the function to rotate multiple secrets. For more information, see [JSON structure of Secrets Manager secrets](https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html) .\n\nYou can specify `MasterSecretArn` or `SuperuserSecretArn` but not both. They represent the same superuser secret.", "title": "SuperuserSecretArn", "type": "string" }, "SuperuserSecretKmsKeyArn": { "markdownDescription": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the [alternating users strategy](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users) and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key `aws/secretsmanager` . CloudFormation grants the execution role for the Lambda rotation function `Decrypt` , `DescribeKey` , and `GenerateDataKey` permission to the key in this property. For more information, see [Lambda rotation function execution role permissions for Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-required-permissions-function.html) .\n\nYou can specify `MasterSecretKmsKeyArn` or `SuperuserSecretKmsKeyArn` but not both. They represent the same superuser secret KMS key .", "title": "SuperuserSecretKmsKeyArn", "type": "string" }, "VpcSecurityGroupIds": { "markdownDescription": "A comma-separated list of security group IDs applied to the target database.\n\nThe template applies the same security groups as on the Lambda rotation function that is created as part of this stack.", "title": "VpcSecurityGroupIds", "type": "string" }, "VpcSubnetIds": { "markdownDescription": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.", "title": "VpcSubnetIds", "type": "string" } }, "required": [ "RotationType" ], "type": "object" }, "AWS::SecretsManager::RotationSchedule.RotationRules": { "additionalProperties": false, "properties": { "AutomaticallyAfterDays": { "markdownDescription": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.\n\nIn `DescribeSecret` and `ListSecrets` , this value is calculated from the rotation schedule after every successful rotation. In `RotateSecret` , you can set the rotation schedule in `RotationRules` with `AutomaticallyAfterDays` or `ScheduleExpression` , but not both.", "title": "AutomaticallyAfterDays", "type": "number" }, "Duration": { "markdownDescription": "The length of the rotation window in hours, for example `3h` for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the `ScheduleExpression` . If you don't specify a `Duration` , for a `ScheduleExpression` in hours, the window automatically closes after one hour. For a `ScheduleExpression` in days, the window automatically closes at the end of the UTC day. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* .", "title": "Duration", "type": "string" }, "ScheduleExpression": { "markdownDescription": "A `cron()` or `rate()` expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. Secrets Manager rotates your secret any time during a rotation window.\n\nSecrets Manager `rate()` expressions represent the interval in hours or days that you want to rotate your secret, for example `rate(12 hours)` or `rate(10 days)` . You can rotate a secret as often as every four hours. If you use a `rate()` expression, the rotation window starts at midnight. For a rate in hours, the default rotation window closes after one hour. For a rate in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.\n\nYou can use a `cron()` expression to create a rotation schedule that is more detailed than a rotation interval. For more information, including examples, see [Schedule expressions in Secrets Manager rotation](https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_schedule.html) in the *Secrets Manager Users Guide* . For a cron expression that represents a schedule in hours, the default rotation window closes after one hour. For a cron expression that represents a schedule in days, the default rotation window closes at the end of the day. You can set the `Duration` to change the rotation window. The rotation window must not extend into the next UTC day or into the next rotation window.", "title": "ScheduleExpression", "type": "string" } }, "type": "object" }, "AWS::SecretsManager::Secret": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the secret.", "title": "Description", "type": "string" }, "GenerateSecretString": { "$ref": "#/definitions/AWS::SecretsManager::Secret.GenerateSecretString", "markdownDescription": "A structure that specifies how to generate a password to encrypt and store in the secret. To include a specific string in the secret, use `SecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.\n\nWe recommend that you specify the maximum length and include every character type that the system you are generating a password for can support.", "title": "GenerateSecretString" }, "KmsKeyId": { "markdownDescription": "The ARN, key ID, or alias of the AWS KMS key that Secrets Manager uses to encrypt the secret value in the secret. An alias is always prefixed by `alias/` , for example `alias/aws/secretsmanager` . For more information, see [About aliases](https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html) .\n\nTo use a AWS KMS key in a different account, use the key ARN or the alias ARN.\n\nIf you don't specify this value, then Secrets Manager uses the key `aws/secretsmanager` . If that key doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.\n\nIf the secret is in a different AWS account from the credentials calling the API, then you can't use `aws/secretsmanager` to encrypt the secret, and you must create and use a customer managed AWS KMS key.", "title": "KmsKeyId", "type": "string" }, "Name": { "markdownDescription": "The name of the new secret.\n\nThe secret name can contain ASCII letters, numbers, and the following characters: /_+=.@-\n\nDo not end your secret name with a hyphen followed by six characters. If you do so, you risk confusion and unexpected results when searching for a secret by partial ARN. Secrets Manager automatically adds a hyphen and six random characters after the secret name at the end of the ARN.", "title": "Name", "type": "string" }, "ReplicaRegions": { "items": { "$ref": "#/definitions/AWS::SecretsManager::Secret.ReplicaRegion" }, "markdownDescription": "A custom type that specifies a `Region` and the `KmsKeyId` for a replica secret.", "title": "ReplicaRegions", "type": "array" }, "SecretString": { "markdownDescription": "The text to encrypt and store in the secret. We recommend you use a JSON structure of key/value pairs for your secret value. To generate a random password, use `GenerateSecretString` instead. If you omit both `GenerateSecretString` and `SecretString` , you create an empty secret. When you make a change to this property, a new secret version is created.", "title": "SecretString", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags to attach to the secret. Each tag is a key and value pair of strings in a JSON text string, for example:\n\n`[{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]`\n\nSecrets Manager tag key names are case sensitive. A tag with the key \"ABC\" is a different tag from one with key \"abc\".\n\nStack-level tags, tags you apply to the CloudFormation stack, are also attached to the secret.\n\nIf you check tags in permissions policies as part of your security strategy, then adding or removing a tag can change permissions. If the completion of this operation would result in you losing your permissions for this secret, then Secrets Manager blocks the operation and returns an `Access Denied` error. For more information, see [Control access to secrets using tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac) and [Limit access to identities with tags that match secrets' tags](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2) .\n\nFor information about how to format a JSON parameter for the various command line tool environments, see [Using JSON for Parameters](https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json) . If your command-line tool or SDK requires quotation marks around the parameter, you should use single quotes to avoid confusion with the double quotes required in the JSON text.\n\nThe following restrictions apply to tags:\n\n- Maximum number of tags per secret: 50\n- Maximum key length: 127 Unicode characters in UTF-8\n- Maximum value length: 255 Unicode characters in UTF-8\n- Tag keys and values are case sensitive.\n- Do not use the `aws:` prefix in your tag names or values because AWS reserves it for AWS use. You can't edit or delete tag names or values with this prefix. Tags with this prefix do not count against your tags per secret limit.\n- If you use your tagging schema across multiple services and resources, other services might have restrictions on allowed characters. Generally allowed characters: letters, spaces, and numbers representable in UTF-8, plus the following special characters: + - = . _ : / @.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::SecretsManager::Secret" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SecretsManager::Secret.GenerateSecretString": { "additionalProperties": false, "properties": { "ExcludeCharacters": { "markdownDescription": "A string of the characters that you don't want in the password.", "title": "ExcludeCharacters", "type": "string" }, "ExcludeLowercase": { "markdownDescription": "Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters.", "title": "ExcludeLowercase", "type": "boolean" }, "ExcludeNumbers": { "markdownDescription": "Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers.", "title": "ExcludeNumbers", "type": "boolean" }, "ExcludePunctuation": { "markdownDescription": "Specifies whether to exclude the following punctuation characters from the password: `! \" # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \\ ] ^ _ ` { | } ~` . If you don't include this switch, the password can contain punctuation.", "title": "ExcludePunctuation", "type": "boolean" }, "ExcludeUppercase": { "markdownDescription": "Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters.", "title": "ExcludeUppercase", "type": "boolean" }, "GenerateStringKey": { "markdownDescription": "The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the `SecretStringTemplate` parameter. If you specify this parameter, then you must also specify `SecretStringTemplate` .", "title": "GenerateStringKey", "type": "string" }, "IncludeSpace": { "markdownDescription": "Specifies whether to include the space character. If you include this switch, the password can contain space characters.", "title": "IncludeSpace", "type": "boolean" }, "PasswordLength": { "markdownDescription": "The length of the password. If you don't include this parameter, the default length is 32 characters.", "title": "PasswordLength", "type": "number" }, "RequireEachIncludedType": { "markdownDescription": "Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type.", "title": "RequireEachIncludedType", "type": "boolean" }, "SecretStringTemplate": { "markdownDescription": "A template that the generated string must match. When you make a change to this property, a new secret version is created.", "title": "SecretStringTemplate", "type": "string" } }, "type": "object" }, "AWS::SecretsManager::Secret.ReplicaRegion": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses `aws/secretsmanager` .", "title": "KmsKeyId", "type": "string" }, "Region": { "markdownDescription": "A string that represents a `Region` , for example \"us-east-1\".", "title": "Region", "type": "string" } }, "required": [ "Region" ], "type": "object" }, "AWS::SecretsManager::SecretTargetAttachment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SecretId": { "markdownDescription": "The ARN or name of the secret. To reference a secret also created in this template, use the see [Ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html) function with the secret's logical ID.", "title": "SecretId", "type": "string" }, "TargetId": { "markdownDescription": "The ID of the database or cluster.", "title": "TargetId", "type": "string" }, "TargetType": { "markdownDescription": "A string that defines the type of service or database associated with the secret. This value instructs Secrets Manager how to update the secret with the details of the service or database. This value must be one of the following:\n\n- AWS::RDS::DBInstance\n- AWS::RDS::DBCluster\n- AWS::Redshift::Cluster\n- AWS::DocDB::DBInstance\n- AWS::DocDB::DBCluster", "title": "TargetType", "type": "string" } }, "required": [ "SecretId", "TargetId", "TargetType" ], "type": "object" }, "Type": { "enum": [ "AWS::SecretsManager::SecretTargetAttachment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityHub::AutomationRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Actions": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesAction" }, "markdownDescription": "One or more actions to update finding fields if a finding matches the conditions specified in `Criteria` .", "title": "Actions", "type": "array" }, "Criteria": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters", "markdownDescription": "A set of [AWS Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that Security Hub uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, Security Hub applies the rule action to the finding.", "title": "Criteria" }, "Description": { "markdownDescription": "A description of the rule.", "title": "Description", "type": "string" }, "IsTerminal": { "markdownDescription": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.", "title": "IsTerminal", "type": "boolean" }, "RuleName": { "markdownDescription": "The name of the rule.", "title": "RuleName", "type": "string" }, "RuleOrder": { "markdownDescription": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.", "title": "RuleOrder", "type": "number" }, "RuleStatus": { "markdownDescription": "Whether the rule is active after it is created. If this parameter is equal to `ENABLED` , Security Hub applies the rule to findings and finding updates after the rule is created.", "title": "RuleStatus", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "User-defined tags associated with an automation rule.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::AutomationRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.AutomationRulesAction": { "additionalProperties": false, "properties": { "FindingFieldsUpdate": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate", "markdownDescription": "Specifies that the automation rule action is an update to a finding field.", "title": "FindingFieldsUpdate" }, "Type": { "markdownDescription": "Specifies that the rule action should update the `Types` finding field. The `Types` finding field classifies findings in the format of namespace/category/classifier. For more information, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .", "title": "Type", "type": "string" } }, "required": [ "FindingFieldsUpdate", "Type" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFieldsUpdate": { "additionalProperties": false, "properties": { "Confidence": { "markdownDescription": "The rule action updates the `Confidence` field of a finding.", "title": "Confidence", "type": "number" }, "Criticality": { "markdownDescription": "The rule action updates the `Criticality` field of a finding.", "title": "Criticality", "type": "number" }, "Note": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NoteUpdate", "markdownDescription": "The rule action will update the `Note` field of a finding.", "title": "Note" }, "RelatedFindings": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.RelatedFinding" }, "markdownDescription": "The rule action will update the `RelatedFindings` field of a finding.", "title": "RelatedFindings", "type": "array" }, "Severity": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.SeverityUpdate", "markdownDescription": "The rule action will update the `Severity` field of a finding.", "title": "Severity" }, "Types": { "items": { "type": "string" }, "markdownDescription": "The rule action updates the `Types` field of a finding.", "title": "Types", "type": "array" }, "UserDefinedFields": { "additionalProperties": true, "markdownDescription": "The rule action updates the `UserDefinedFields` field of a finding.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "UserDefinedFields", "type": "object" }, "VerificationState": { "markdownDescription": "The rule action updates the `VerificationState` field of a finding.", "title": "VerificationState", "type": "string" }, "Workflow": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.WorkflowUpdate", "markdownDescription": "The rule action will update the `Workflow` field of a finding.", "title": "Workflow" } }, "type": "object" }, "AWS::SecurityHub::AutomationRule.AutomationRulesFindingFilters": { "additionalProperties": false, "properties": { "AwsAccountId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The AWS account ID in which a finding was generated.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", "title": "AwsAccountId", "type": "array" }, "CompanyName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "CompanyName", "type": "array" }, "ComplianceAssociatedStandardsId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ComplianceAssociatedStandardsId", "type": "array" }, "ComplianceSecurityControlId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ComplianceSecurityControlId", "type": "array" }, "ComplianceStatus": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The result of a security check. This field is only used for findings generated from controls.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ComplianceStatus", "type": "array" }, "Confidence": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" }, "markdownDescription": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. `Confidence` is scored on a 0\u2013100 basis using a ratio scale. A value of `0` means 0 percent confidence, and a value of `100` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Confidence", "type": "array" }, "CreatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, "markdownDescription": "A timestamp that indicates when this finding record was created.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "CreatedAt", "type": "array" }, "Criticality": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.NumberFilter" }, "markdownDescription": "The level of importance that is assigned to the resources that are associated with a finding. `Criticality` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of `0` means that the underlying resources have no criticality, and a score of `100` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Criticality", "type": "array" }, "Description": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "A finding's description.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Description", "type": "array" }, "FirstObservedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "FirstObservedAt", "type": "array" }, "GeneratorId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The identifier for the solution-specific component that generated a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", "title": "GeneratorId", "type": "array" }, "Id": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The product-specific identifier for a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Id", "type": "array" }, "LastObservedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, "markdownDescription": "A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "LastObservedAt", "type": "array" }, "NoteText": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The text of a user-defined note that's added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "NoteText", "type": "array" }, "NoteUpdatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, "markdownDescription": "The timestamp of when the note was updated.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "NoteUpdatedAt", "type": "array" }, "NoteUpdatedBy": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The principal that created a note.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "NoteUpdatedBy", "type": "array" }, "ProductArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ProductArn", "type": "array" }, "ProductName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ProductName", "type": "array" }, "RecordState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "Provides the current state of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "RecordState", "type": "array" }, "RelatedFindingsId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "RelatedFindingsId", "type": "array" }, "RelatedFindingsProductArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The ARN for the product that generated a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "RelatedFindingsProductArn", "type": "array" }, "ResourceDetailsOther": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" }, "markdownDescription": "Custom fields and values about the resource that a finding pertains to.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ResourceDetailsOther", "type": "array" }, "ResourceId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS service that created the resource. For non- AWS resources, this is a unique identifier that is associated with the resource.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", "title": "ResourceId", "type": "array" }, "ResourcePartition": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS Regions . Each AWS account is scoped to one partition.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ResourcePartition", "type": "array" }, "ResourceRegion": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The AWS Region where the resource that a finding pertains to is located.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ResourceRegion", "type": "array" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" }, "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "ResourceTags", "type": "array" }, "ResourceType": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", "title": "ResourceType", "type": "array" }, "SeverityLabel": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "The severity value of the finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "SeverityLabel", "type": "array" }, "SourceUrl": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "Provides a URL that links to a page about the current finding in the finding product.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "SourceUrl", "type": "array" }, "Title": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "A finding's title.\n\nArray Members: Minimum number of 1 item. Maximum number of 100 items.", "title": "Title", "type": "array" }, "Type": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *AWS Security Hub User Guide* .\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Type", "type": "array" }, "UpdatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateFilter" }, "markdownDescription": "A timestamp that indicates when the finding record was most recently updated.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "UpdatedAt", "type": "array" }, "UserDefinedFields": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.MapFilter" }, "markdownDescription": "A list of user-defined name and value string pairs added to a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "UserDefinedFields", "type": "array" }, "VerificationState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "Provides the veracity of a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "VerificationState", "type": "array" }, "WorkflowStatus": { "items": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.StringFilter" }, "markdownDescription": "Provides information about the status of the investigation into a finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "WorkflowStatus", "type": "array" } }, "type": "object" }, "AWS::SecurityHub::AutomationRule.DateFilter": { "additionalProperties": false, "properties": { "DateRange": { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule.DateRange", "markdownDescription": "A date range for the date filter.", "title": "DateRange" }, "End": { "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "End", "type": "string" }, "Start": { "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "Start", "type": "string" } }, "type": "object" }, "AWS::SecurityHub::AutomationRule.DateRange": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "A date range unit for the date filter.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "A date range value for the date filter.", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.MapFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, "Key": { "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", "title": "Value", "type": "string" } }, "required": [ "Comparison", "Key", "Value" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.NoteUpdate": { "additionalProperties": false, "properties": { "Text": { "markdownDescription": "The updated note text.", "title": "Text", "type": "string" }, "UpdatedBy": { "markdownDescription": "The principal that updated the note.", "title": "UpdatedBy", "type": "object" } }, "required": [ "Text", "UpdatedBy" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.NumberFilter": { "additionalProperties": false, "properties": { "Eq": { "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", "title": "Eq", "type": "number" }, "Gte": { "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", "title": "Gte", "type": "number" }, "Lte": { "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", "title": "Lte", "type": "number" } }, "type": "object" }, "AWS::SecurityHub::AutomationRule.RelatedFinding": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The product-generated identifier for a related finding.\n\nArray Members: Minimum number of 1 item. Maximum number of 20 items.", "title": "Id", "type": "object" }, "ProductArn": { "markdownDescription": "The Amazon Resource Name (ARN) for the product that generated a related finding.", "title": "ProductArn", "type": "string" } }, "required": [ "Id", "ProductArn" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.SeverityUpdate": { "additionalProperties": false, "properties": { "Label": { "markdownDescription": "The severity value of the finding. The allowed values are the following.\n\n- `INFORMATIONAL` - No issue was found.\n- `LOW` - The issue does not require action on its own.\n- `MEDIUM` - The issue must be addressed but not urgently.\n- `HIGH` - The issue must be addressed as a priority.\n- `CRITICAL` - The issue must be remediated immediately to avoid it escalating.", "title": "Label", "type": "string" }, "Normalized": { "markdownDescription": "The normalized severity for the finding. This attribute is to be deprecated in favor of `Label` .\n\nIf you provide `Normalized` and do not provide `Label` , `Label` is set automatically as follows.\n\n- 0 - `INFORMATIONAL`\n- 1\u201339 - `LOW`\n- 40\u201369 - `MEDIUM`\n- 70\u201389 - `HIGH`\n- 90\u2013100 - `CRITICAL`", "title": "Normalized", "type": "number" }, "Product": { "markdownDescription": "The native severity as defined by the AWS service or integrated partner product that generated the finding.", "title": "Product", "type": "number" } }, "type": "object" }, "AWS::SecurityHub::AutomationRule.StringFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, "Value": { "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", "title": "Value", "type": "string" } }, "required": [ "Comparison", "Value" ], "type": "object" }, "AWS::SecurityHub::AutomationRule.WorkflowUpdate": { "additionalProperties": false, "properties": { "Status": { "markdownDescription": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the same issue.\n\nThe allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets `WorkFlowStatus` from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- The record state changes from `ARCHIVED` to `ACTIVE` .\n- The compliance status changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n- `SUPPRESSED` - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.", "title": "Status", "type": "string" } }, "required": [ "Status" ], "type": "object" }, "AWS::SecurityHub::DelegatedAdmin": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdminAccountId": { "markdownDescription": "The AWS account identifier of the account to designate as the Security Hub administrator account.", "title": "AdminAccountId", "type": "string" } }, "required": [ "AdminAccountId" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::DelegatedAdmin" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityHub::Hub": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AutoEnableControls": { "markdownDescription": "Whether to automatically enable new controls when they are added to standards that are enabled.\n\nBy default, this is set to `true` , and new controls are enabled automatically. To not automatically enable new controls, set this to `false` .", "title": "AutoEnableControls", "type": "boolean" }, "ControlFindingGenerator": { "markdownDescription": "Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to `SECURITY_CONTROL` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards.\n\nIf the value for this field is set to `STANDARD_CONTROL` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards.\n\nThe value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is `SECURITY_CONTROL` if you enabled Security Hub on or after February 23, 2023.", "title": "ControlFindingGenerator", "type": "string" }, "EnableDefaultStandards": { "markdownDescription": "Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for `EnableDefaultStandards` , it is set to `true` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set `EnableDefaultStandards` to `false` .\n\nCurrently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).", "title": "EnableDefaultStandards", "type": "boolean" }, "Tags": { "additionalProperties": true, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::Hub" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SecurityHub::Insight": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Filters": { "$ref": "#/definitions/AWS::SecurityHub::Insight.AwsSecurityFindingFilters", "markdownDescription": "One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters. You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.", "title": "Filters" }, "GroupByAttribute": { "markdownDescription": "The grouping attribute for the insight's findings. Indicates how to group the matching findings, and identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.", "title": "GroupByAttribute", "type": "string" }, "Name": { "markdownDescription": "The name of a Security Hub insight.", "title": "Name", "type": "string" } }, "required": [ "Filters", "GroupByAttribute", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::Insight" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityHub::Insight.AwsSecurityFindingFilters": { "additionalProperties": false, "properties": { "AwsAccountId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The AWS account ID in which a finding is generated.", "title": "AwsAccountId", "type": "array" }, "AwsAccountName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the AWS account in which a finding is generated.", "title": "AwsAccountName", "type": "array" }, "CompanyName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the findings provider (company) that owns the solution (product) that generates findings.", "title": "CompanyName", "type": "array" }, "ComplianceAssociatedStandardsId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.", "title": "ComplianceAssociatedStandardsId", "type": "array" }, "ComplianceSecurityControlId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The unique identifier of a control across standards. Values for this field typically consist of an AWS service and a number, such as APIGateway.5.", "title": "ComplianceSecurityControlId", "type": "array" }, "ComplianceSecurityControlParametersName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of a security control parameter.", "title": "ComplianceSecurityControlParametersName", "type": "array" }, "ComplianceSecurityControlParametersValue": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The current value of a security control parameter.", "title": "ComplianceSecurityControlParametersValue", "type": "array" }, "ComplianceStatus": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.", "title": "ComplianceStatus", "type": "array" }, "Confidence": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", "title": "Confidence", "type": "array" }, "CreatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "CreatedAt", "type": "array" }, "Criticality": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The level of importance assigned to the resources associated with the finding.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", "title": "Criticality", "type": "array" }, "Description": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "A finding's description.", "title": "Description", "type": "array" }, "FindingProviderFieldsConfidence": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.\n\nConfidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.", "title": "FindingProviderFieldsConfidence", "type": "array" }, "FindingProviderFieldsCriticality": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The finding provider value for the level of importance assigned to the resources associated with the findings.\n\nA score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.", "title": "FindingProviderFieldsCriticality", "type": "array" }, "FindingProviderFieldsRelatedFindingsId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The finding identifier of a related finding that is identified by the finding provider.", "title": "FindingProviderFieldsRelatedFindingsId", "type": "array" }, "FindingProviderFieldsRelatedFindingsProductArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The ARN of the solution that generated a related finding that is identified by the finding provider.", "title": "FindingProviderFieldsRelatedFindingsProductArn", "type": "array" }, "FindingProviderFieldsSeverityLabel": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The finding provider value for the severity label.", "title": "FindingProviderFieldsSeverityLabel", "type": "array" }, "FindingProviderFieldsSeverityOriginal": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The finding provider's original value for the severity.", "title": "FindingProviderFieldsSeverityOriginal", "type": "array" }, "FindingProviderFieldsTypes": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "One or more finding types that the finding provider assigned to the finding. Uses the format of `namespace/category/classifier` that classify a finding.\n\nValid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications", "title": "FindingProviderFieldsTypes", "type": "array" }, "FirstObservedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "FirstObservedAt", "type": "array" }, "GeneratorId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.", "title": "GeneratorId", "type": "array" }, "Id": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The security findings provider-specific identifier for a finding.", "title": "Id", "type": "array" }, "LastObservedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "LastObservedAt", "type": "array" }, "MalwareName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the malware that was observed.", "title": "MalwareName", "type": "array" }, "MalwarePath": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The filesystem path of the malware that was observed.", "title": "MalwarePath", "type": "array" }, "MalwareState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The state of the malware that was observed.", "title": "MalwareState", "type": "array" }, "MalwareType": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The type of the malware that was observed.", "title": "MalwareType", "type": "array" }, "NetworkDestinationDomain": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The destination domain of network-related information about a finding.", "title": "NetworkDestinationDomain", "type": "array" }, "NetworkDestinationIpV4": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The destination IPv4 address of network-related information about a finding.", "title": "NetworkDestinationIpV4", "type": "array" }, "NetworkDestinationIpV6": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The destination IPv6 address of network-related information about a finding.", "title": "NetworkDestinationIpV6", "type": "array" }, "NetworkDestinationPort": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The destination port of network-related information about a finding.", "title": "NetworkDestinationPort", "type": "array" }, "NetworkDirection": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "Indicates the direction of network traffic associated with a finding.", "title": "NetworkDirection", "type": "array" }, "NetworkProtocol": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The protocol of network-related information about a finding.", "title": "NetworkProtocol", "type": "array" }, "NetworkSourceDomain": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The source domain of network-related information about a finding.", "title": "NetworkSourceDomain", "type": "array" }, "NetworkSourceIpV4": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The source IPv4 address of network-related information about a finding.", "title": "NetworkSourceIpV4", "type": "array" }, "NetworkSourceIpV6": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The source IPv6 address of network-related information about a finding.", "title": "NetworkSourceIpV6", "type": "array" }, "NetworkSourceMac": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The source media access control (MAC) address of network-related information about a finding.", "title": "NetworkSourceMac", "type": "array" }, "NetworkSourcePort": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The source port of network-related information about a finding.", "title": "NetworkSourcePort", "type": "array" }, "NoteText": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The text of a note.", "title": "NoteText", "type": "array" }, "NoteUpdatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "The timestamp of when the note was updated.", "title": "NoteUpdatedAt", "type": "array" }, "NoteUpdatedBy": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The principal that created a note.", "title": "NoteUpdatedBy", "type": "array" }, "ProcessLaunchedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that identifies when the process was launched.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "ProcessLaunchedAt", "type": "array" }, "ProcessName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the process.", "title": "ProcessName", "type": "array" }, "ProcessParentPid": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The parent process ID. This field accepts positive integers between `O` and `2147483647` .", "title": "ProcessParentPid", "type": "array" }, "ProcessPath": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The path to the process executable.", "title": "ProcessPath", "type": "array" }, "ProcessPid": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.NumberFilter" }, "markdownDescription": "The process ID.", "title": "ProcessPid", "type": "array" }, "ProcessTerminatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that identifies when the process was terminated.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "ProcessTerminatedAt", "type": "array" }, "ProductArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.", "title": "ProductArn", "type": "array" }, "ProductFields": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, "markdownDescription": "A data type where security findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format.", "title": "ProductFields", "type": "array" }, "ProductName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the solution (product) that generates findings.", "title": "ProductName", "type": "array" }, "RecommendationText": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The recommendation of what to do about the issue described in a finding.", "title": "RecommendationText", "type": "array" }, "RecordState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The updated record state for the finding.", "title": "RecordState", "type": "array" }, "Region": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The Region from which the finding was generated.", "title": "Region", "type": "array" }, "RelatedFindingsId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The solution-generated identifier for a related finding.", "title": "RelatedFindingsId", "type": "array" }, "RelatedFindingsProductArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The ARN of the solution that generated a related finding.", "title": "RelatedFindingsProductArn", "type": "array" }, "ResourceApplicationArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The ARN of the application that is related to a finding.", "title": "ResourceApplicationArn", "type": "array" }, "ResourceApplicationName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the application that is related to a finding.", "title": "ResourceApplicationName", "type": "array" }, "ResourceAwsEc2InstanceIamInstanceProfileArn": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The IAM profile ARN of the instance.", "title": "ResourceAwsEc2InstanceIamInstanceProfileArn", "type": "array" }, "ResourceAwsEc2InstanceImageId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The Amazon Machine Image (AMI) ID of the instance.", "title": "ResourceAwsEc2InstanceImageId", "type": "array" }, "ResourceAwsEc2InstanceIpV4Addresses": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The IPv4 addresses associated with the instance.", "title": "ResourceAwsEc2InstanceIpV4Addresses", "type": "array" }, "ResourceAwsEc2InstanceIpV6Addresses": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.IpFilter" }, "markdownDescription": "The IPv6 addresses associated with the instance.", "title": "ResourceAwsEc2InstanceIpV6Addresses", "type": "array" }, "ResourceAwsEc2InstanceKeyName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The key name associated with the instance.", "title": "ResourceAwsEc2InstanceKeyName", "type": "array" }, "ResourceAwsEc2InstanceLaunchedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "The date and time the instance was launched.", "title": "ResourceAwsEc2InstanceLaunchedAt", "type": "array" }, "ResourceAwsEc2InstanceSubnetId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The identifier of the subnet that the instance was launched in.", "title": "ResourceAwsEc2InstanceSubnetId", "type": "array" }, "ResourceAwsEc2InstanceType": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The instance type of the instance.", "title": "ResourceAwsEc2InstanceType", "type": "array" }, "ResourceAwsEc2InstanceVpcId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The identifier of the VPC that the instance was launched in.", "title": "ResourceAwsEc2InstanceVpcId", "type": "array" }, "ResourceAwsIamAccessKeyCreatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "The creation date/time of the IAM access key related to a finding.", "title": "ResourceAwsIamAccessKeyCreatedAt", "type": "array" }, "ResourceAwsIamAccessKeyPrincipalName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the principal that is associated with an IAM access key.", "title": "ResourceAwsIamAccessKeyPrincipalName", "type": "array" }, "ResourceAwsIamAccessKeyStatus": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The status of the IAM access key related to a finding.", "title": "ResourceAwsIamAccessKeyStatus", "type": "array" }, "ResourceAwsIamUserUserName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of an IAM user.", "title": "ResourceAwsIamUserUserName", "type": "array" }, "ResourceAwsS3BucketOwnerId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The canonical user ID of the owner of the S3 bucket.", "title": "ResourceAwsS3BucketOwnerId", "type": "array" }, "ResourceAwsS3BucketOwnerName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The display name of the owner of the S3 bucket.", "title": "ResourceAwsS3BucketOwnerName", "type": "array" }, "ResourceContainerImageId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The identifier of the image related to a finding.", "title": "ResourceContainerImageId", "type": "array" }, "ResourceContainerImageName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the image related to a finding.", "title": "ResourceContainerImageName", "type": "array" }, "ResourceContainerLaunchedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that identifies when the container was started.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "ResourceContainerLaunchedAt", "type": "array" }, "ResourceContainerName": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The name of the container related to a finding.", "title": "ResourceContainerName", "type": "array" }, "ResourceDetailsOther": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, "markdownDescription": "The details of a resource that doesn't have a specific subfield for the resource type defined.", "title": "ResourceDetailsOther", "type": "array" }, "ResourceId": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The canonical identifier for the given resource type.", "title": "ResourceId", "type": "array" }, "ResourcePartition": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The canonical AWS partition name that the Region is assigned to.", "title": "ResourcePartition", "type": "array" }, "ResourceRegion": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The canonical AWS external Region name where this resource is located.", "title": "ResourceRegion", "type": "array" }, "ResourceTags": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, "markdownDescription": "A list of AWS tags associated with a resource at the time the finding was processed.", "title": "ResourceTags", "type": "array" }, "ResourceType": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "Specifies the type of the resource that details are provided for.", "title": "ResourceType", "type": "array" }, "Sample": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.BooleanFilter" }, "markdownDescription": "Indicates whether or not sample findings are included in the filter results.", "title": "Sample", "type": "array" }, "SeverityLabel": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The label of a finding's severity.", "title": "SeverityLabel", "type": "array" }, "SourceUrl": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "A URL that links to a page about the current finding in the security findings provider's solution.", "title": "SourceUrl", "type": "array" }, "ThreatIntelIndicatorCategory": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The category of a threat intelligence indicator.", "title": "ThreatIntelIndicatorCategory", "type": "array" }, "ThreatIntelIndicatorLastObservedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that identifies the last observation of a threat intelligence indicator.", "title": "ThreatIntelIndicatorLastObservedAt", "type": "array" }, "ThreatIntelIndicatorSource": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The source of the threat intelligence.", "title": "ThreatIntelIndicatorSource", "type": "array" }, "ThreatIntelIndicatorSourceUrl": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The URL for more details from the source of the threat intelligence.", "title": "ThreatIntelIndicatorSourceUrl", "type": "array" }, "ThreatIntelIndicatorType": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The type of a threat intelligence indicator.", "title": "ThreatIntelIndicatorType", "type": "array" }, "ThreatIntelIndicatorValue": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The value of a threat intelligence indicator.", "title": "ThreatIntelIndicatorValue", "type": "array" }, "Title": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "A finding's title.", "title": "Title", "type": "array" }, "Type": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "A finding type in the format of `namespace/category/classifier` that classifies a finding.", "title": "Type", "type": "array" }, "UpdatedAt": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateFilter" }, "markdownDescription": "A timestamp that indicates when the security findings provider last updated the finding record.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "UpdatedAt", "type": "array" }, "UserDefinedFields": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.MapFilter" }, "markdownDescription": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.", "title": "UserDefinedFields", "type": "array" }, "VerificationState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The veracity of a finding.", "title": "VerificationState", "type": "array" }, "VulnerabilitiesExploitAvailable": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", "title": "VulnerabilitiesExploitAvailable", "type": "array" }, "VulnerabilitiesFixAvailable": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "Indicates whether a vulnerability is fixed in a newer version of the affected software packages. You can filter findings by this field only if you use Security Hub and Amazon Inspector.", "title": "VulnerabilitiesFixAvailable", "type": "array" }, "WorkflowState": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The workflow state of a finding.\n\nNote that this field is deprecated. To search for a finding based on its workflow status, use `WorkflowStatus` .", "title": "WorkflowState", "type": "array" }, "WorkflowStatus": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Insight.StringFilter" }, "markdownDescription": "The status of the investigation into a finding. Allowed values are the following.\n\n- `NEW` - The initial state of a finding, before it is reviewed.\n\nSecurity Hub also resets the workflow status from `NOTIFIED` or `RESOLVED` to `NEW` in the following cases:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to either `WARNING` , `FAILED` , or `NOT_AVAILABLE` .\n- `NOTIFIED` - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n\nIf one of the following occurs, the workflow status is changed automatically from `NOTIFIED` to `NEW` :\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n- `SUPPRESSED` - Indicates that you reviewed the finding and do not believe that any action is needed.\n\nThe workflow status of a `SUPPRESSED` finding does not change if `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `RESOLVED` - The finding was reviewed and remediated and is now considered resolved.\n\nThe finding remains `RESOLVED` unless one of the following occurs:\n\n- `RecordState` changes from `ARCHIVED` to `ACTIVE` .\n- `Compliance.Status` changes from `PASSED` to `FAILED` , `WARNING` , or `NOT_AVAILABLE` .\n\nIn those cases, the workflow status is automatically reset to `NEW` .\n\nFor findings from controls, if `Compliance.Status` is `PASSED` , then Security Hub automatically sets the workflow status to `RESOLVED` .", "title": "WorkflowStatus", "type": "array" } }, "type": "object" }, "AWS::SecurityHub::Insight.BooleanFilter": { "additionalProperties": false, "properties": { "Value": { "markdownDescription": "The value of the boolean.", "title": "Value", "type": "boolean" } }, "required": [ "Value" ], "type": "object" }, "AWS::SecurityHub::Insight.DateFilter": { "additionalProperties": false, "properties": { "DateRange": { "$ref": "#/definitions/AWS::SecurityHub::Insight.DateRange", "markdownDescription": "A date range for the date filter.", "title": "DateRange" }, "End": { "markdownDescription": "A timestamp that provides the end date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "End", "type": "string" }, "Start": { "markdownDescription": "A timestamp that provides the start date for the date filter.\n\nThis field accepts only the specified formats. Timestamps can end with `Z` or `(\"+\" / \"-\") time-hour [\":\" time-minute]` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:\n\n- `YYYY-MM-DDTHH:MM:SSZ` (for example, `2019-01-31T23:00:00Z` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ` (for example, `2019-01-31T23:00:00.123456789Z` )\n- `YYYY-MM-DDTHH:MM:SS+HH:MM` (for example, `2024-01-04T15:25:10+17:59` )\n- `YYYY-MM-DDTHH:MM:SS-HHMM` (for example, `2024-01-04T15:25:10-1759` )\n- `YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM` (for example, `2024-01-04T15:25:10.123456789+17:59` )", "title": "Start", "type": "string" } }, "type": "object" }, "AWS::SecurityHub::Insight.DateRange": { "additionalProperties": false, "properties": { "Unit": { "markdownDescription": "A date range unit for the date filter.", "title": "Unit", "type": "string" }, "Value": { "markdownDescription": "A date range value for the date filter.", "title": "Value", "type": "number" } }, "required": [ "Unit", "Value" ], "type": "object" }, "AWS::SecurityHub::Insight.IpFilter": { "additionalProperties": false, "properties": { "Cidr": { "markdownDescription": "A finding's CIDR value.", "title": "Cidr", "type": "string" } }, "required": [ "Cidr" ], "type": "object" }, "AWS::SecurityHub::Insight.MapFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, for the `ResourceTags` field, the filter `Department CONTAINS Security` matches findings that include the value `Security` for the `Department` tag. In the same example, a finding with a value of `Security team` for the `Department` tag is a match.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, for the `ResourceTags` field, the filter `Department EQUALS Security` matches findings that have the value `Security` for the `Department` tag.\n\n`CONTAINS` and `EQUALS` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Department CONTAINS Security OR Department CONTAINS Finance` match a finding that includes either `Security` , `Finance` , or both values.\n\nTo search for values that don't have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, for the `ResourceTags` field, the filter `Department NOT_CONTAINS Finance` matches findings that exclude the value `Finance` for the `Department` tag.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, for the `ResourceTags` field, the filter `Department NOT_EQUALS Finance` matches findings that don\u2019t have the value `Finance` for the `Department` tag.\n\n`NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance` match a finding that excludes both the `Security` and `Finance` values.\n\n`CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can\u2019t have both an `EQUALS` filter and a `NOT_EQUALS` filter on the same field. Combining filters in this way returns an error.\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, "Key": { "markdownDescription": "The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match.", "title": "Value", "type": "string" } }, "required": [ "Comparison", "Key", "Value" ], "type": "object" }, "AWS::SecurityHub::Insight.NumberFilter": { "additionalProperties": false, "properties": { "Eq": { "markdownDescription": "The equal-to condition to be applied to a single field when querying for findings.", "title": "Eq", "type": "number" }, "Gte": { "markdownDescription": "The greater-than-equal condition to be applied to a single field when querying for findings.", "title": "Gte", "type": "number" }, "Lte": { "markdownDescription": "The less-than-equal condition to be applied to a single field when querying for findings.", "title": "Lte", "type": "number" } }, "type": "object" }, "AWS::SecurityHub::Insight.StringFilter": { "additionalProperties": false, "properties": { "Comparison": { "markdownDescription": "The condition to apply to a string value when filtering Security Hub findings.\n\nTo search for values that have the filter value, use one of the following comparison operators:\n\n- To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront.\n- To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` .\n- To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match.\n\n`CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title.\n\nTo search for values that don\u2019t have the filter value, use one of the following comparison operators:\n\n- To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront.\n- To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` .\n- To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` .\n\n`NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title.\n\nYou can\u2019t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters.\n\nYou can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters.\n\nFor example, for the following filters, Security Hub first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` .\n\n- `ResourceType PREFIX AwsIam`\n- `ResourceType PREFIX AwsEc2`\n- `ResourceType NOT_EQUALS AwsIamPolicy`\n- `ResourceType NOT_EQUALS AwsEc2NetworkInterface`\n\n`CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub User Guide* .", "title": "Comparison", "type": "string" }, "Value": { "markdownDescription": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub` . If you provide `security hub` as the filter value, there's no match.", "title": "Value", "type": "string" } }, "required": [ "Comparison", "Value" ], "type": "object" }, "AWS::SecurityHub::ProductSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ProductArn": { "markdownDescription": "The ARN of the product to enable the integration for.", "title": "ProductArn", "type": "string" } }, "required": [ "ProductArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::ProductSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityHub::Standard": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DisabledStandardsControls": { "items": { "$ref": "#/definitions/AWS::SecurityHub::Standard.StandardsControl" }, "markdownDescription": "Specifies which controls are to be disabled in a standard.\n\n*Maximum* : `100`", "title": "DisabledStandardsControls", "type": "array" }, "StandardsArn": { "markdownDescription": "The ARN of the standard that you want to enable. To view a list of available Security Hub standards and their ARNs, use the [`DescribeStandards`](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API operation.", "title": "StandardsArn", "type": "string" } }, "required": [ "StandardsArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityHub::Standard" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityHub::Standard.StandardsControl": { "additionalProperties": false, "properties": { "Reason": { "markdownDescription": "A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required.", "title": "Reason", "type": "string" }, "StandardsControlArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the control.", "title": "StandardsControlArn", "type": "string" } }, "required": [ "StandardsControlArn" ], "type": "object" }, "AWS::SecurityLake::AwsLogSource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Accounts": { "items": { "type": "string" }, "markdownDescription": "Specify the AWS account information where you want to enable Security Lake.", "title": "Accounts", "type": "array" }, "DataLakeArn": { "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", "title": "DataLakeArn", "type": "string" }, "SourceName": { "markdownDescription": "The name for a AWS source. This must be a Regionally unique value. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", "title": "SourceName", "type": "string" }, "SourceVersion": { "markdownDescription": "The version for a AWS source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide. This must be a Regionally unique value.", "title": "SourceVersion", "type": "string" } }, "required": [ "DataLakeArn", "SourceName", "SourceVersion" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityLake::AwsLogSource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityLake::DataLake": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EncryptionConfiguration": { "$ref": "#/definitions/AWS::SecurityLake::DataLake.EncryptionConfiguration", "markdownDescription": "Provides encryption details of the Amazon Security Lake object.", "title": "EncryptionConfiguration" }, "LifecycleConfiguration": { "$ref": "#/definitions/AWS::SecurityLake::DataLake.LifecycleConfiguration", "markdownDescription": "You can customize Security Lake to store data in your preferred AWS Regions for your preferred amount of time. Lifecycle management can help you comply with different compliance requirements. For more details, see [Lifecycle management](https://docs.aws.amazon.com//security-lake/latest/userguide/lifecycle-management.html) in the Amazon Security Lake User Guide.", "title": "LifecycleConfiguration" }, "MetaStoreManagerRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) used to create and update the AWS Glue table. This table contains partitions generated by the ingestion and normalization of AWS log sources and custom sources.", "title": "MetaStoreManagerRoleArn", "type": "string" }, "ReplicationConfiguration": { "$ref": "#/definitions/AWS::SecurityLake::DataLake.ReplicationConfiguration", "markdownDescription": "Provides replication details of Amazon Security Lake object.", "title": "ReplicationConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of objects, one for each tag to associate with the data lake configuration. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::SecurityLake::DataLake" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::SecurityLake::DataLake.EncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The ID of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object.", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::SecurityLake::DataLake.Expiration": { "additionalProperties": false, "properties": { "Days": { "markdownDescription": "The number of days before data expires in the Amazon Security Lake object.", "title": "Days", "type": "number" } }, "type": "object" }, "AWS::SecurityLake::DataLake.LifecycleConfiguration": { "additionalProperties": false, "properties": { "Expiration": { "$ref": "#/definitions/AWS::SecurityLake::DataLake.Expiration", "markdownDescription": "Provides data expiration details of the Amazon Security Lake object.", "title": "Expiration" }, "Transitions": { "items": { "$ref": "#/definitions/AWS::SecurityLake::DataLake.Transitions" }, "markdownDescription": "Provides data storage transition details of Amazon Security Lake object. By configuring these settings, you can specify your preferred Amazon S3 storage class and the time period for S3 objects to stay in that storage class before they transition to a different storage class.", "title": "Transitions", "type": "array" } }, "type": "object" }, "AWS::SecurityLake::DataLake.ReplicationConfiguration": { "additionalProperties": false, "properties": { "Regions": { "items": { "type": "string" }, "markdownDescription": "Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter.\n\nReplication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket.", "title": "Regions", "type": "array" }, "RoleArn": { "markdownDescription": "Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake , to ensure the replication setting is correct.", "title": "RoleArn", "type": "string" } }, "type": "object" }, "AWS::SecurityLake::DataLake.Transitions": { "additionalProperties": false, "properties": { "Days": { "markdownDescription": "The number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object.", "title": "Days", "type": "number" }, "StorageClass": { "markdownDescription": "The list of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. The default storage class is S3 Standard.", "title": "StorageClass", "type": "string" } }, "type": "object" }, "AWS::SecurityLake::Subscriber": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessTypes": { "items": { "type": "string" }, "markdownDescription": "You can choose to notify subscribers of new objects with an Amazon Simple Queue Service (Amazon SQS) queue or through messaging to an HTTPS endpoint provided by the subscriber.\n\nSubscribers can consume data by directly querying AWS Lake Formation tables in your Amazon S3 bucket through services like Amazon Athena. This subscription type is defined as `LAKEFORMATION` .", "title": "AccessTypes", "type": "array" }, "DataLakeArn": { "markdownDescription": "The Amazon Resource Name (ARN) used to create the data lake.", "title": "DataLakeArn", "type": "string" }, "Sources": { "items": { "$ref": "#/definitions/AWS::SecurityLake::Subscriber.Source" }, "markdownDescription": "Amazon Security Lake supports log and event collection for natively supported AWS services . For more information, see the [Amazon Security Lake User Guide](https://docs.aws.amazon.com//security-lake/latest/userguide/source-management.html) .", "title": "Sources", "type": "array" }, "SubscriberDescription": { "markdownDescription": "The subscriber descriptions for a subscriber account. The description for a subscriber includes `subscriberName` , `accountID` , `externalID` , and `subscriberId` .", "title": "SubscriberDescription", "type": "string" }, "SubscriberIdentity": { "$ref": "#/definitions/AWS::SecurityLake::Subscriber.SubscriberIdentity", "markdownDescription": "The AWS identity used to access your data.", "title": "SubscriberIdentity" }, "SubscriberName": { "markdownDescription": "The name of your Amazon Security Lake subscriber account.", "title": "SubscriberName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of objects, one for each tag to associate with the subscriber. For each tag, you must specify both a tag key and a tag value. A tag value cannot be null, but it can be an empty string.", "title": "Tags", "type": "array" } }, "required": [ "AccessTypes", "DataLakeArn", "Sources", "SubscriberIdentity", "SubscriberName" ], "type": "object" }, "Type": { "enum": [ "AWS::SecurityLake::Subscriber" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SecurityLake::Subscriber.AwsLogSource": { "additionalProperties": false, "properties": { "SourceName": { "markdownDescription": "Source name of the natively supported AWS service that is supported as an Amazon Security Lake source. For the list of sources supported by Amazon Security Lake see [Collecting data from AWS services](https://docs.aws.amazon.com//security-lake/latest/userguide/internal-sources.html) in the Amazon Security Lake User Guide.", "title": "SourceName", "type": "string" }, "SourceVersion": { "markdownDescription": "Source version of the natively supported AWS service that is supported as an Amazon Security Lake source. For more details about source versions supported by Amazon Security Lake see [OCSF source identification](https://docs.aws.amazon.com//security-lake/latest/userguide/open-cybersecurity-schema-framework.html#ocsf-source-identification) in the Amazon Security Lake User Guide.", "title": "SourceVersion", "type": "string" } }, "type": "object" }, "AWS::SecurityLake::Subscriber.CustomLogSource": { "additionalProperties": false, "properties": { "SourceName": { "markdownDescription": "The name of the custom log source.", "title": "SourceName", "type": "string" }, "SourceVersion": { "markdownDescription": "The source version of the custom log source.", "title": "SourceVersion", "type": "string" } }, "type": "object" }, "AWS::SecurityLake::Subscriber.Source": { "additionalProperties": false, "properties": { "AwsLogSource": { "$ref": "#/definitions/AWS::SecurityLake::Subscriber.AwsLogSource", "markdownDescription": "The natively supported AWS service which is used a Amazon Security Lake source to collect logs and events from.", "title": "AwsLogSource" }, "CustomLogSource": { "$ref": "#/definitions/AWS::SecurityLake::Subscriber.CustomLogSource", "markdownDescription": "The custom log source AWS which is used a Amazon Security Lake source to collect logs and events from.", "title": "CustomLogSource" } }, "type": "object" }, "AWS::SecurityLake::Subscriber.SubscriberIdentity": { "additionalProperties": false, "properties": { "ExternalId": { "markdownDescription": "The external ID is a unique identifier that the subscriber provides to you.", "title": "ExternalId", "type": "string" }, "Principal": { "markdownDescription": "Principals can include accounts, users, roles, federated users, or AWS services.", "title": "Principal", "type": "string" } }, "required": [ "ExternalId", "Principal" ], "type": "object" }, "AWS::ServiceCatalog::AcceptedPortfolioShare": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" } }, "required": [ "PortfolioId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::AcceptedPortfolioShare" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProduct": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the product.", "title": "Description", "type": "string" }, "Distributor": { "markdownDescription": "The distributor of the product.", "title": "Distributor", "type": "string" }, "Name": { "markdownDescription": "The name of the product.", "title": "Name", "type": "string" }, "Owner": { "markdownDescription": "The owner of the product.", "title": "Owner", "type": "string" }, "ProductType": { "markdownDescription": "The type of product.", "title": "ProductType", "type": "string" }, "ProvisioningArtifactParameters": { "items": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties" }, "markdownDescription": "The configuration of the provisioning artifact (also known as a version).", "title": "ProvisioningArtifactParameters", "type": "array" }, "ReplaceProvisioningArtifacts": { "markdownDescription": "This property is turned off by default. If turned off, you can update provisioning artifacts or product attributes (such as description, distributor, name, owner, and more) and the associated provisioning artifacts will retain the same unique identifier. Provisioning artifacts are matched within the CloudFormationProduct resource, and only those that have been updated will be changed. Provisioning artifacts are matched by a combinaton of provisioning artifact template URL and name.\n\nIf turned on, provisioning artifacts will be given a new unique identifier when you update the product or provisioning artifacts.", "title": "ReplaceProvisioningArtifacts", "type": "boolean" }, "SourceConnection": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.SourceConnection", "markdownDescription": "A top level `ProductViewDetail` response containing details about the product\u2019s connection. AWS Service Catalog returns this field for the `CreateProduct` , `UpdateProduct` , `DescribeProductAsAdmin` , and `SearchProductAsAdmin` APIs. This response contains the same fields as the `ConnectionParameters` request, with the addition of the `LastSync` response.", "title": "SourceConnection" }, "SupportDescription": { "markdownDescription": "The support information about the product.", "title": "SupportDescription", "type": "string" }, "SupportEmail": { "markdownDescription": "The contact email for product support.", "title": "SupportEmail", "type": "string" }, "SupportUrl": { "markdownDescription": "The contact URL for product support.\n\n`^https?:\\/\\//` / is the pattern used to validate SupportUrl.", "title": "SupportUrl", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags.", "title": "Tags", "type": "array" } }, "required": [ "Name", "Owner" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::CloudFormationProduct" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters": { "additionalProperties": false, "properties": { "ArtifactPath": { "markdownDescription": "The absolute path wehre the artifact resides within the repo and branch, formatted as \"folder/file.json.\"", "title": "ArtifactPath", "type": "string" }, "Branch": { "markdownDescription": "The specific branch where the artifact resides.", "title": "Branch", "type": "string" }, "ConnectionArn": { "markdownDescription": "The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository.", "title": "ConnectionArn", "type": "string" }, "Repository": { "markdownDescription": "The specific repository where the product\u2019s artifact-to-be-synced resides, formatted as \"Account/Repo.\"", "title": "Repository", "type": "string" } }, "required": [ "ArtifactPath", "Branch", "ConnectionArn", "Repository" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters": { "additionalProperties": false, "properties": { "CodeStar": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.CodeStarParameters", "markdownDescription": "Provides `ConnectionType` details.", "title": "CodeStar" } }, "type": "object" }, "AWS::ServiceCatalog::CloudFormationProduct.ProvisioningArtifactProperties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the provisioning artifact, including how it differs from the previous provisioning artifact.", "title": "Description", "type": "string" }, "DisableTemplateValidation": { "markdownDescription": "If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid.", "title": "DisableTemplateValidation", "type": "boolean" }, "Info": { "markdownDescription": "Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ]\n\nThe URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows:\n\n`\"LoadTemplateFromURL\": \"https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/...\"`\n\n`ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: \u201carn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]`", "title": "Info", "type": "object" }, "Name": { "markdownDescription": "The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of provisioning artifact.\n\n- `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template\n- `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file\n- `TERRAFORM_CLOUD` - Terraform Cloud configuration file\n- `EXTERNAL` - External configuration file", "title": "Type", "type": "string" } }, "required": [ "Info" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProduct.SourceConnection": { "additionalProperties": false, "properties": { "ConnectionParameters": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct.ConnectionParameters", "markdownDescription": "The connection details based on the connection `Type` .", "title": "ConnectionParameters" }, "Type": { "markdownDescription": "The only supported `SourceConnection` type is Codestar.", "title": "Type", "type": "string" } }, "required": [ "ConnectionParameters", "Type" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProvisionedProduct": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "NotificationArns": { "items": { "type": "string" }, "markdownDescription": "Passed to AWS CloudFormation . The SNS topic ARNs to which to publish stack-related events.", "title": "NotificationArns", "type": "array" }, "PathId": { "markdownDescription": "The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", "title": "PathId", "type": "string" }, "PathName": { "markdownDescription": "The name of the path. This value is optional if the product has a default path, and required if the product has more than one path. To list the paths for a product, use [ListLaunchPaths](https://docs.aws.amazon.com/servicecatalog/latest/dg/API_ListLaunchPaths.html) .\n\n> You must provide the name or ID, but not both.", "title": "PathName", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.\n\n> You must specify either the ID or the name of the product, but not both.", "title": "ProductId", "type": "string" }, "ProductName": { "markdownDescription": "The name of the Service Catalog product.\n\nEach time a stack is created or updated, if `ProductName` is provided it will successfully resolve to `ProductId` as long as only one product exists in the account or Region with that `ProductName` .\n\n> You must specify either the name or the ID of the product, but not both.", "title": "ProductName", "type": "string" }, "ProvisionedProductName": { "markdownDescription": "A user-friendly name for the provisioned product. This value must be unique for the AWS account and cannot be updated after the product is provisioned.", "title": "ProvisionedProductName", "type": "string" }, "ProvisioningArtifactId": { "markdownDescription": "The identifier of the provisioning artifact (also known as a version).\n\n> You must specify either the ID or the name of the provisioning artifact, but not both.", "title": "ProvisioningArtifactId", "type": "string" }, "ProvisioningArtifactName": { "markdownDescription": "The name of the provisioning artifact (also known as a version) for the product. This name must be unique for the product.\n\n> You must specify either the name or the ID of the provisioning artifact, but not both. You must also specify either the name or the ID of the product, but not both.", "title": "ProvisioningArtifactName", "type": "string" }, "ProvisioningParameters": { "items": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter" }, "markdownDescription": "Parameters specified by the administrator that are required for provisioning the product.", "title": "ProvisioningParameters", "type": "array" }, "ProvisioningPreferences": { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences", "markdownDescription": "StackSet preferences that are required for provisioning the product or updating a provisioned product.", "title": "ProvisioningPreferences" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags.\n\n> Requires the provisioned product to have an [ResourceUpdateConstraint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-resourceupdateconstraint.html) resource with `TagUpdatesOnProvisionedProduct` set to `ALLOWED` to allow tag updates. If `RESOURCE_UPDATE` constraint is not present, tags updates are ignored.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::CloudFormationProvisionedProduct" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The parameter key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The parameter value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::ServiceCatalog::CloudFormationProvisionedProduct.ProvisioningPreferences": { "additionalProperties": false, "properties": { "StackSetAccounts": { "items": { "type": "string" }, "markdownDescription": "One or more AWS accounts where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all acounts from the `STACKSET` constraint.", "title": "StackSetAccounts", "type": "array" }, "StackSetFailureToleranceCount": { "markdownDescription": "The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.\n\nThe default value is `0` if no value is specified.", "title": "StackSetFailureToleranceCount", "type": "number" }, "StackSetFailureTolerancePercentage": { "markdownDescription": "The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both.", "title": "StackSetFailureTolerancePercentage", "type": "number" }, "StackSetMaxConcurrencyCount": { "markdownDescription": "The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` .\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", "title": "StackSetMaxConcurrencyCount", "type": "number" }, "StackSetMaxConcurrencyPercentage": { "markdownDescription": "The maximum percentage of accounts in which to perform this operation at one time.\n\nWhen calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead.\n\nNote that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nConditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both.", "title": "StackSetMaxConcurrencyPercentage", "type": "number" }, "StackSetOperationType": { "markdownDescription": "Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\n- **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored.\n- **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances.\n- **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product.", "title": "StackSetOperationType", "type": "string" }, "StackSetRegions": { "items": { "type": "string" }, "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", "title": "StackSetRegions", "type": "array" } }, "type": "object" }, "AWS::ServiceCatalog::LaunchNotificationConstraint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the constraint.", "title": "Description", "type": "string" }, "NotificationArns": { "items": { "type": "string" }, "markdownDescription": "The notification ARNs.", "title": "NotificationArns", "type": "array" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" } }, "required": [ "NotificationArns", "PortfolioId", "ProductId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::LaunchNotificationConstraint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::LaunchRoleConstraint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the constraint.", "title": "Description", "type": "string" }, "LocalRoleName": { "markdownDescription": "You are required to specify either the `RoleArn` or the `LocalRoleName` but can't use both.\n\nIf you specify the `LocalRoleName` property, when an account uses the launch constraint, the IAM role with that name in the account will be used. This allows launch-role constraints to be account-agnostic so the administrator can create fewer resources per shared account.\n\nThe given role name must exist in the account used to create the launch constraint and the account of the user who launches a product with this launch constraint.", "title": "LocalRoleName", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" }, "RoleArn": { "markdownDescription": "The ARN of the launch role.\n\nYou are required to specify `RoleArn` or `LocalRoleName` but can't use both.", "title": "RoleArn", "type": "string" } }, "required": [ "PortfolioId", "ProductId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::LaunchRoleConstraint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::LaunchTemplateConstraint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the constraint.", "title": "Description", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" }, "Rules": { "markdownDescription": "The constraint rules.", "title": "Rules", "type": "string" } }, "required": [ "PortfolioId", "ProductId", "Rules" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::LaunchTemplateConstraint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::Portfolio": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the portfolio.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The name to use for display purposes.", "title": "DisplayName", "type": "string" }, "ProviderName": { "markdownDescription": "The name of the portfolio provider.", "title": "ProviderName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "One or more tags.", "title": "Tags", "type": "array" } }, "required": [ "DisplayName", "ProviderName" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::Portfolio" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::PortfolioPrincipalAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "PrincipalARN": { "markdownDescription": "The ARN of the principal ( IAM user, role, or group).", "title": "PrincipalARN", "type": "string" }, "PrincipalType": { "markdownDescription": "The principal type. The supported values are `IAM` and `IAM_PATTERN` .", "title": "PrincipalType", "type": "string" } }, "required": [ "PortfolioId", "PrincipalARN", "PrincipalType" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::PortfolioPrincipalAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::PortfolioProductAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" }, "SourcePortfolioId": { "markdownDescription": "The identifier of the source portfolio.", "title": "SourcePortfolioId", "type": "string" } }, "required": [ "PortfolioId", "ProductId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::PortfolioProductAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::PortfolioShare": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "AccountId": { "markdownDescription": "The AWS account ID. For example, `123456789012` .", "title": "AccountId", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ShareTagOptions": { "markdownDescription": "Indicates whether TagOptions sharing is enabled or disabled for the portfolio share.", "title": "ShareTagOptions", "type": "boolean" } }, "required": [ "AccountId", "PortfolioId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::PortfolioShare" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::ResourceUpdateConstraint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Description": { "markdownDescription": "The description of the constraint.", "title": "Description", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" }, "TagUpdateOnProvisionedProduct": { "markdownDescription": "If set to `ALLOWED` , lets users change tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.\n\nIf set to `NOT_ALLOWED` , prevents users from changing tags in a [CloudFormationProvisionedProduct](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html) resource.", "title": "TagUpdateOnProvisionedProduct", "type": "string" } }, "required": [ "PortfolioId", "ProductId", "TagUpdateOnProvisionedProduct" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::ResourceUpdateConstraint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::ServiceAction": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `en` - English (default)\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "Definition": { "items": { "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction.DefinitionParameter" }, "markdownDescription": "A map that defines the self-service action.", "title": "Definition", "type": "array" }, "DefinitionType": { "markdownDescription": "The self-service action definition type. For example, `SSM_AUTOMATION` .", "title": "DefinitionType", "type": "string" }, "Description": { "markdownDescription": "The self-service action description.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The self-service action name.", "title": "Name", "type": "string" } }, "required": [ "Definition", "DefinitionType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::ServiceAction" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::ServiceAction.DefinitionParameter": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The parameter key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value of the parameter.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::ServiceCatalog::ServiceActionAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ProductId": { "markdownDescription": "The product identifier. For example, `prod-abcdzk7xy33qa` .", "title": "ProductId", "type": "string" }, "ProvisioningArtifactId": { "markdownDescription": "The identifier of the provisioning artifact. For example, `pa-4abcdjnxjj6ne` .", "title": "ProvisioningArtifactId", "type": "string" }, "ServiceActionId": { "markdownDescription": "The self-service action identifier. For example, `act-fs7abcd89wxyz` .", "title": "ServiceActionId", "type": "string" } }, "required": [ "ProductId", "ProvisioningArtifactId", "ServiceActionId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::ServiceActionAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::StackSetConstraint": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AcceptLanguage": { "markdownDescription": "The language code.\n\n- `jp` - Japanese\n- `zh` - Chinese", "title": "AcceptLanguage", "type": "string" }, "AccountList": { "items": { "type": "string" }, "markdownDescription": "One or more AWS accounts that will have access to the provisioned product.", "title": "AccountList", "type": "array" }, "AdminRole": { "markdownDescription": "AdminRole ARN", "title": "AdminRole", "type": "string" }, "Description": { "markdownDescription": "The description of the constraint.", "title": "Description", "type": "string" }, "ExecutionRole": { "markdownDescription": "ExecutionRole name", "title": "ExecutionRole", "type": "string" }, "PortfolioId": { "markdownDescription": "The portfolio identifier.", "title": "PortfolioId", "type": "string" }, "ProductId": { "markdownDescription": "The product identifier.", "title": "ProductId", "type": "string" }, "RegionList": { "items": { "type": "string" }, "markdownDescription": "One or more AWS Regions where the provisioned product will be available.\n\nApplicable only to a `CFN_STACKSET` provisioned product type.\n\nThe specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation.\n\nIf no values are specified, the default value is all Regions from the `STACKSET` constraint.", "title": "RegionList", "type": "array" }, "StackInstanceControl": { "markdownDescription": "Permission to create, update, and delete stack instances. Choose from ALLOWED and NOT_ALLOWED.", "title": "StackInstanceControl", "type": "string" } }, "required": [ "AccountList", "AdminRole", "Description", "ExecutionRole", "PortfolioId", "ProductId", "RegionList", "StackInstanceControl" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::StackSetConstraint" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::TagOption": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Active": { "markdownDescription": "The TagOption active state.", "title": "Active", "type": "boolean" }, "Key": { "markdownDescription": "The TagOption key.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The TagOption value.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::TagOption" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalog::TagOptionAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceId": { "markdownDescription": "The resource identifier.", "title": "ResourceId", "type": "string" }, "TagOptionId": { "markdownDescription": "The TagOption identifier.", "title": "TagOptionId", "type": "string" } }, "required": [ "ResourceId", "TagOptionId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalog::TagOptionAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalogAppRegistry::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the application.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the application. The name must be unique in the region in which you are creating the application.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Key-value pairs you can use to associate with the application.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalogAppRegistry::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalogAppRegistry::AttributeGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Attributes": { "markdownDescription": "A nested object in a JSON or YAML template that supports arbitrary definitions. Represents the attributes in an attribute group that describes an application and its components.", "title": "Attributes", "type": "object" }, "Description": { "markdownDescription": "The description of the attribute group that the user provides.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the attribute group.", "title": "Name", "type": "string" }, "Tags": { "additionalProperties": true, "markdownDescription": "Key-value pairs you can use to associate with the attribute group.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Tags", "type": "object" } }, "required": [ "Attributes", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalogAppRegistry::AttributeGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Application": { "markdownDescription": "The name or ID of the application.", "title": "Application", "type": "string" }, "AttributeGroup": { "markdownDescription": "The name or ID of the attribute group which holds the attributes that describe the application.", "title": "AttributeGroup", "type": "string" } }, "required": [ "Application", "AttributeGroup" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceCatalogAppRegistry::ResourceAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Application": { "markdownDescription": "The name or ID of the application.", "title": "Application", "type": "string" }, "Resource": { "markdownDescription": "The name or ID of the resource of which the application will be associated.", "title": "Resource", "type": "string" }, "ResourceType": { "markdownDescription": "The type of resource of which the application will be associated.", "title": "ResourceType", "type": "string" } }, "required": [ "Application", "Resource", "ResourceType" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceCatalogAppRegistry::ResourceAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceDiscovery::HttpNamespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name that you want to assign to this namespace.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceDiscovery::HttpNamespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceDiscovery::Instance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "InstanceAttributes": { "markdownDescription": "A string map that contains the following information for the service that you specify in `ServiceId` :\n\n- The attributes that apply to the records that are defined in the service.\n- For each attribute, the applicable value.\n\nSupported attribute keys include the following:\n\n- **AWS_ALIAS_DNS_NAME** - If you want AWS Cloud Map to create a Route\u00a053 alias record that routes traffic to an Elastic Load Balancing load balancer, specify the DNS name that is associated with the load balancer. For information about how to get the DNS name, see [AliasTarget->DNSName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_AliasTarget.html#Route53-Type-AliasTarget-DNSName) in the *Route\u00a053 API Reference* .\n\nNote the following:\n\n- The configuration for the service that is specified by `ServiceId` must include settings for an `A` record, an `AAAA` record, or both.\n- In the service that is specified by `ServiceId` , the value of `RoutingPolicy` must be `WEIGHTED` .\n- If the service that is specified by `ServiceId` includes `HealthCheckConfig` settings, AWS Cloud Map will create the health check, but it won't associate the health check with the alias record.\n- Auto naming currently doesn't support creating alias records that route traffic to AWS resources other than ELB load balancers.\n- If you specify a value for `AWS_ALIAS_DNS_NAME` , don't specify values for any of the `AWS_INSTANCE` attributes.\n- **AWS_EC2_INSTANCE_ID** - *HTTP namespaces only.* The Amazon EC2 instance ID for the instance. The `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address. When creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) , if the `AWS_EC2_INSTANCE_ID` attribute is specified, the only other attribute that can be specified is `AWS_INIT_HEALTH_STATUS` . After the resource has been created, the `AWS_INSTANCE_IPV4` attribute contains the primary private IPv4 address.\n- **AWS_INIT_HEALTH_STATUS** - If the service configuration includes `HealthCheckCustomConfig` , when creating resources with a type of [AWS::ServiceDiscovery::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-instance.html) you can optionally use `AWS_INIT_HEALTH_STATUS` to specify the initial status of the custom health check, `HEALTHY` or `UNHEALTHY` . If you don't specify a value for `AWS_INIT_HEALTH_STATUS` , the initial status is `HEALTHY` . This attribute can only be used when creating resources and will not be seen on existing resources.\n- **AWS_INSTANCE_CNAME** - If the service configuration includes a `CNAME` record, the domain name that you want Route\u00a053 to return in response to DNS queries, for example, `example.com` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `CNAME` record.\n- **AWS_INSTANCE_IPV4** - If the service configuration includes an `A` record, the IPv4 address that you want Route\u00a053 to return in response to DNS queries, for example, `192.0.2.44` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `A` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_IPV6** - If the service configuration includes an `AAAA` record, the IPv6 address that you want Route\u00a053 to return in response to DNS queries, for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` .\n\nThis value is required if the service specified by `ServiceId` includes settings for an `AAAA` record. If the service includes settings for an `SRV` record, you must specify a value for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both.\n- **AWS_INSTANCE_PORT** - If the service includes an `SRV` record, the value that you want Route\u00a053 to return for the port.\n\nIf the service includes `HealthCheckConfig` , the port on the endpoint that you want Route\u00a053 to send requests to.\n\nThis value is required if you specified settings for an `SRV` record or a Route\u00a053 health check when you created the service.", "title": "InstanceAttributes", "type": "object" }, "InstanceId": { "markdownDescription": "An identifier that you want to associate with the instance. Note the following:\n\n- If the service that's specified by `ServiceId` includes settings for an `SRV` record, the value of `InstanceId` is automatically included as part of the value for the `SRV` record. For more information, see [DnsRecord > Type](https://docs.aws.amazon.com/cloud-map/latest/api/API_DnsRecord.html#cloudmap-Type-DnsRecord-Type) .\n- You can use this value to update an existing instance.\n- To register a new instance, you must specify a value that's unique among instances that you register by using the same service.\n- If you specify an existing `InstanceId` and `ServiceId` , AWS Cloud Map updates the existing DNS records, if any. If there's also an existing health check, AWS Cloud Map deletes the old health check and creates a new one.\n\n> The health check isn't deleted immediately, so it will still appear for a while if you submit a `ListHealthChecks` request, for example.\n\n> Do not include sensitive information in `InstanceId` if the namespace is discoverable by public DNS queries and any `Type` member of `DnsRecord` for the service contains `SRV` because the `InstanceId` is discoverable by public DNS queries.", "title": "InstanceId", "type": "string" }, "ServiceId": { "markdownDescription": "The ID of the service that you want to use for settings for the instance.", "title": "ServiceId", "type": "string" } }, "required": [ "InstanceAttributes", "ServiceId" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceDiscovery::Instance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceDiscovery::PrivateDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name that you want to assign to this namespace. When you create a private DNS namespace, AWS Cloud Map automatically creates an Amazon Route\u00a053 private hosted zone that has the same name as the namespace.", "title": "Name", "type": "string" }, "Properties": { "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.Properties", "markdownDescription": "Properties for the private DNS namespace.", "title": "Properties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "Vpc": { "markdownDescription": "The ID of the Amazon VPC that you want to associate the namespace with.", "title": "Vpc", "type": "string" } }, "required": [ "Name", "Vpc" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceDiscovery::PrivateDnsNamespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable": { "additionalProperties": false, "properties": { "SOA": { "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.SOA", "markdownDescription": "Fields for the Start of Authority (SOA) record for the hosted zone for the private DNS namespace.", "title": "SOA" } }, "type": "object" }, "AWS::ServiceDiscovery::PrivateDnsNamespace.Properties": { "additionalProperties": false, "properties": { "DnsProperties": { "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace.PrivateDnsPropertiesMutable", "markdownDescription": "DNS properties for the private DNS namespace.", "title": "DnsProperties" } }, "type": "object" }, "AWS::ServiceDiscovery::PrivateDnsNamespace.SOA": { "additionalProperties": false, "properties": { "TTL": { "markdownDescription": "The time to live (TTL) for purposes of negative caching.", "title": "TTL", "type": "number" } }, "type": "object" }, "AWS::ServiceDiscovery::PublicDnsNamespace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description for the namespace.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name that you want to assign to this namespace.\n\n> Do not include sensitive information in the name. The name is publicly available using DNS queries.", "title": "Name", "type": "string" }, "Properties": { "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.Properties", "markdownDescription": "Properties for the public DNS namespace.", "title": "Properties" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the namespace. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::ServiceDiscovery::PublicDnsNamespace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::ServiceDiscovery::PublicDnsNamespace.Properties": { "additionalProperties": false, "properties": { "DnsProperties": { "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable", "markdownDescription": "DNS properties for the public DNS namespace.", "title": "DnsProperties" } }, "type": "object" }, "AWS::ServiceDiscovery::PublicDnsNamespace.PublicDnsPropertiesMutable": { "additionalProperties": false, "properties": { "SOA": { "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace.SOA", "markdownDescription": "Start of Authority (SOA) record for the hosted zone for the public DNS namespace.", "title": "SOA" } }, "type": "object" }, "AWS::ServiceDiscovery::PublicDnsNamespace.SOA": { "additionalProperties": false, "properties": { "TTL": { "markdownDescription": "The time to live (TTL) for purposes of negative caching.", "title": "TTL", "type": "number" } }, "type": "object" }, "AWS::ServiceDiscovery::Service": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the service.", "title": "Description", "type": "string" }, "DnsConfig": { "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsConfig", "markdownDescription": "A complex type that contains information about the Route\u00a053 DNS records that you want AWS Cloud Map to create when you register an instance.\n\n> The record types of a service can only be changed by deleting the service and recreating it with a new `Dnsconfig` .", "title": "DnsConfig" }, "HealthCheckConfig": { "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckConfig", "markdownDescription": "*Public DNS and HTTP namespaces only.* A complex type that contains settings for an optional health check. If you specify settings for a health check, AWS Cloud Map associates the health check with the records that you specify in `DnsConfig` .\n\nFor information about the charges for health checks, see [Amazon Route\u00a053 Pricing](https://docs.aws.amazon.com/route53/pricing/) .", "title": "HealthCheckConfig" }, "HealthCheckCustomConfig": { "$ref": "#/definitions/AWS::ServiceDiscovery::Service.HealthCheckCustomConfig", "markdownDescription": "A complex type that contains information about an optional custom health check.\n\n> If you specify a health check configuration, you can specify either `HealthCheckCustomConfig` or `HealthCheckConfig` but not both.", "title": "HealthCheckCustomConfig" }, "Name": { "markdownDescription": "The name of the service.", "title": "Name", "type": "string" }, "NamespaceId": { "markdownDescription": "The ID of the namespace that was used to create the service.\n\n> You must specify a value for `NamespaceId` either for the service properties or for [DnsConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html) . Don't specify a value in both places.", "title": "NamespaceId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "If present, specifies that the service instances are only discoverable using the `DiscoverInstances` API operation. No DNS records is registered for the service instances. The only valid value is `HTTP` .", "title": "Type", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::ServiceDiscovery::Service" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ServiceDiscovery::Service.DnsConfig": { "additionalProperties": false, "properties": { "DnsRecords": { "items": { "$ref": "#/definitions/AWS::ServiceDiscovery::Service.DnsRecord" }, "markdownDescription": "An array that contains one `DnsRecord` object for each Route\u00a053 DNS record that you want AWS Cloud Map to create when you register an instance.", "title": "DnsRecords", "type": "array" }, "NamespaceId": { "markdownDescription": "The ID of the namespace to use for DNS configuration.\n\n> You must specify a value for `NamespaceId` either for `DnsConfig` or for the [service properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html) . Don't specify a value in both places.", "title": "NamespaceId", "type": "string" }, "RoutingPolicy": { "markdownDescription": "The routing policy that you want to apply to all Route\u00a053 DNS records that AWS Cloud Map creates when you register an instance and specify this service.\n\n> If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. \n\nYou can specify the following values:\n\n- **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route\u00a053 returns the applicable value for up to eight instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route\u00a053 responds to every DNS query with the IP addresses for all of the healthy instances.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the values for up to eight instances.\n\nFor more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route\u00a053 Developer Guide* .\n- **WEIGHTED** - Route\u00a053 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances.\n\nFor example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route\u00a053 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route\u00a053 responds to DNS queries as if all of the instances were healthy.\n\nIf you don't define a health check for the service, Route\u00a053 assumes that all instances are healthy and returns the applicable value for one randomly selected instance.\n\nFor more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route\u00a053 Developer Guide* .", "title": "RoutingPolicy", "type": "string" } }, "required": [ "DnsRecords" ], "type": "object" }, "AWS::ServiceDiscovery::Service.DnsRecord": { "additionalProperties": false, "properties": { "TTL": { "markdownDescription": "The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record.\n\n> Alias records don't include a TTL because Route\u00a053 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records.", "title": "TTL", "type": "number" }, "Type": { "markdownDescription": "The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations:\n\n- `A`\n- `AAAA`\n- `A` and `AAAA`\n- `SRV`\n- `CNAME`\n\nIf you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` .\n\nYou specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n\nThe following values are supported:\n\n- **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44.\n- **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345.\n- **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following:\n\n- You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) .\n- You must specify `WEIGHTED` for the value of `RoutingPolicy` .\n- You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error.\n- **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values:\n\n`priority weight port service-hostname`\n\nNote the following about the values:\n\n- The values of `priority` and `weight` are both set to `1` and can't be changed.\n- The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request.\n- The value of `service-hostname` is a concatenation of the following values:\n\n- The value that you specify for `InstanceId` when you register an instance.\n- The name of the service.\n- The name of the namespace.\n\nFor example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is:\n\n`test.backend.example.com`\n\nIf you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records.", "title": "Type", "type": "string" } }, "required": [ "TTL", "Type" ], "type": "object" }, "AWS::ServiceDiscovery::Service.HealthCheckConfig": { "additionalProperties": false, "properties": { "FailureThreshold": { "markdownDescription": "The number of consecutive health checks that an endpoint must pass or fail for Route\u00a053 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", "title": "FailureThreshold", "type": "number" }, "ResourcePath": { "markdownDescription": "The path that you want Route\u00a053 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route\u00a053 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` .\n\nIf you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` .", "title": "ResourcePath", "type": "string" }, "Type": { "markdownDescription": "The type of health check that you want to create, which indicates how Route\u00a053 determines whether an endpoint is healthy.\n\n> You can't change the value of `Type` after you create a health check. \n\nYou can create the following types of health checks:\n\n- *HTTP* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400.\n- *HTTPS* : Route\u00a053 tries to establish a TCP connection. If successful, Route\u00a053 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400.\n\n> If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later.\n- *TCP* : Route\u00a053 tries to establish a TCP connection.\n\nIf you specify `TCP` for `Type` , don't specify a value for `ResourcePath` .\n\nFor more information, see [How Route\u00a053 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route\u00a053 Developer Guide* .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::ServiceDiscovery::Service.HealthCheckCustomConfig": { "additionalProperties": false, "properties": { "FailureThreshold": { "markdownDescription": "> This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. \n\nThe number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance.\n\nSending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change.", "title": "FailureThreshold", "type": "number" } }, "type": "object" }, "AWS::Shield::DRTAccess": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogBucketList": { "items": { "type": "string" }, "markdownDescription": "Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.\n\nUse this to share information with the SRT that's not available in AWS WAF logs.\n\nTo use the services of the SRT, you must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .", "title": "LogBucketList", "type": "array" }, "RoleArn": { "markdownDescription": "Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.\n\nYou can associate only one `RoleArn` with your subscription. If you submit this update for an account that already has an associated role, the new `RoleArn` will replace the existing `RoleArn` .\n\nThis change requires the following:\n\n- You must be subscribed to the [Business Support plan](https://docs.aws.amazon.com/premiumsupport/business-support/) or the [Enterprise Support plan](https://docs.aws.amazon.com/premiumsupport/enterprise-support/) .\n- The `AWSShieldDRTAccessPolicy` managed policy must be attached to the role that you specify in the request. You can access this policy in the IAM console at [AWSShieldDRTAccessPolicy](https://docs.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy) . For information, see [Adding and removing IAM identity permissions](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html) .\n- The role must trust the service principal `drt.shield.amazonaws.com` . For information, see [IAM JSON policy elements: Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html) .\n\nThe SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.", "title": "RoleArn", "type": "string" } }, "required": [ "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Shield::DRTAccess" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Shield::ProactiveEngagement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "EmergencyContactList": { "items": { "$ref": "#/definitions/AWS::Shield::ProactiveEngagement.EmergencyContact" }, "markdownDescription": "The list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support, plus any relevant notes.\n\nTo enable proactive engagement, the contact list must include at least one phone number.\n\nIf you provide more than one contact, in the notes, indicate the circumstances under which each contact should be used. Include primary and secondary contact designations, and provide the hours of availability and time zones for each contact.\n\nExample contact notes:\n\n- This is a hotline that's staffed 24x7x365. Please work with the responding analyst and they will get the appropriate person on the call.\n- Please contact the secondary phone number if the hotline doesn't respond within 5 minutes.", "title": "EmergencyContactList", "type": "array" }, "ProactiveEngagementStatus": { "markdownDescription": "Specifies whether proactive engagement is enabled or disabled.\n\nValid values:\n\n`ENABLED` - The Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.\n\n`DISABLED` - The SRT will not proactively notify contacts about escalations or to initiate proactive customer support.", "title": "ProactiveEngagementStatus", "type": "string" } }, "required": [ "EmergencyContactList", "ProactiveEngagementStatus" ], "type": "object" }, "Type": { "enum": [ "AWS::Shield::ProactiveEngagement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Shield::ProactiveEngagement.EmergencyContact": { "additionalProperties": false, "properties": { "ContactNotes": { "markdownDescription": "Additional notes regarding the contact.", "title": "ContactNotes", "type": "string" }, "EmailAddress": { "markdownDescription": "The email address for the contact.", "title": "EmailAddress", "type": "string" }, "PhoneNumber": { "markdownDescription": "The phone number for the contact.", "title": "PhoneNumber", "type": "string" } }, "required": [ "EmailAddress" ], "type": "object" }, "AWS::Shield::Protection": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationLayerAutomaticResponseConfiguration": { "$ref": "#/definitions/AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration", "markdownDescription": "The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.\n\nIf you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the `AWS::WAFv2::WebACL` resource description.", "title": "ApplicationLayerAutomaticResponseConfiguration" }, "HealthCheckArns": { "items": { "type": "string" }, "markdownDescription": "The ARN (Amazon Resource Name) of the health check to associate with the protection. Health-based detection provides improved responsiveness and accuracy in attack detection and mitigation.\n\nYou can use this option with any resource type except for Route\u00a053 hosted zones.\n\nFor more information, see [Configuring health-based detection using health checks](https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-health-checks.html) in the *AWS Shield Advanced Developer Guide* .", "title": "HealthCheckArns", "type": "array" }, "Name": { "markdownDescription": "The name of the protection. For example, `My CloudFront distributions` .\n\n> If you change the name of an existing protection, Shield Advanced deletes the protection and replaces it with a new one. While this is happening, the protection isn't available on the AWS resource.", "title": "Name", "type": "string" }, "ResourceArn": { "markdownDescription": "The ARN (Amazon Resource Name) of the AWS resource that is protected.", "title": "ResourceArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", "title": "Tags", "type": "array" } }, "required": [ "Name", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Shield::Protection" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Shield::Protection.Action": { "additionalProperties": false, "properties": { "Block": { "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Block\": {} }`\n\nExample YAML: `Block: {}`", "title": "Block", "type": "object" }, "Count": { "markdownDescription": "Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action.\n\nYou must specify exactly one action, either `Block` or `Count` .\n\nExample JSON: `{ \"Count\": {} }`\n\nExample YAML: `Count: {}`", "title": "Count", "type": "object" } }, "type": "object" }, "AWS::Shield::Protection.ApplicationLayerAutomaticResponseConfiguration": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::Shield::Protection.Action", "markdownDescription": "Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.", "title": "Action" }, "Status": { "markdownDescription": "Indicates whether automatic application layer DDoS mitigation is enabled for the protection.", "title": "Status", "type": "string" } }, "required": [ "Action", "Status" ], "type": "object" }, "AWS::Shield::ProtectionGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Aggregation": { "markdownDescription": "Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.\n\n- `Sum` - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.\n- `Mean` - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.\n- `Max` - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.", "title": "Aggregation", "type": "string" }, "Members": { "items": { "type": "string" }, "markdownDescription": "The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set `Pattern` to `ARBITRARY` and you must not set it for any other `Pattern` setting.", "title": "Members", "type": "array" }, "Pattern": { "markdownDescription": "The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.", "title": "Pattern", "type": "string" }, "ProtectionGroupId": { "markdownDescription": "The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.", "title": "ProtectionGroupId", "type": "string" }, "ResourceType": { "markdownDescription": "The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set `Pattern` to `BY_RESOURCE_TYPE` and you must not set it for any other `Pattern` setting.", "title": "ResourceType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.", "title": "Tags", "type": "array" } }, "required": [ "Aggregation", "Pattern", "ProtectionGroupId" ], "type": "object" }, "Type": { "enum": [ "AWS::Shield::ProtectionGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Signer::ProfilePermission": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The AWS Signer action permitted as part of cross-account permissions.", "title": "Action", "type": "string" }, "Principal": { "markdownDescription": "The AWS principal receiving cross-account permissions. This may be an IAM role or another AWS account ID.", "title": "Principal", "type": "string" }, "ProfileName": { "markdownDescription": "The human-readable name of the signing profile.", "title": "ProfileName", "type": "string" }, "ProfileVersion": { "markdownDescription": "The version of the signing profile.", "title": "ProfileVersion", "type": "string" }, "StatementId": { "markdownDescription": "A unique identifier for the cross-account permission statement.", "title": "StatementId", "type": "string" } }, "required": [ "Action", "Principal", "ProfileName", "StatementId" ], "type": "object" }, "Type": { "enum": [ "AWS::Signer::ProfilePermission" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Signer::SigningProfile": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "PlatformId": { "markdownDescription": "The ID of a platform that is available for use by a signing profile.", "title": "PlatformId", "type": "string" }, "SignatureValidityPeriod": { "$ref": "#/definitions/AWS::Signer::SigningProfile.SignatureValidityPeriod", "markdownDescription": "The validity period override for any signature generated using this signing profile. If unspecified, the default is 135 months.", "title": "SignatureValidityPeriod" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of tags associated with the signing profile.", "title": "Tags", "type": "array" } }, "required": [ "PlatformId" ], "type": "object" }, "Type": { "enum": [ "AWS::Signer::SigningProfile" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Signer::SigningProfile.SignatureValidityPeriod": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The time unit for signature validity: DAYS | MONTHS | YEARS.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The numerical value of the time unit for signature validity.", "title": "Value", "type": "number" } }, "type": "object" }, "AWS::SimSpaceWeaver::Simulation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MaximumDuration": { "markdownDescription": "The maximum running time of the simulation, specified as a number of minutes (m or M), hours (h or H), or days (d or D). The simulation stops when it reaches this limit. The maximum value is `14D` , or its equivalent in the other units. The default value is `14D` . A value equivalent to `0` makes the simulation immediately transition to `STOPPING` as soon as it reaches `STARTED` .", "title": "MaximumDuration", "type": "string" }, "Name": { "markdownDescription": "The name of the simulation.", "title": "Name", "type": "string" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management ( IAM ) role that the simulation assumes to perform actions. For more information about ARNs, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in the *AWS General Reference* . For more information about IAM roles, see [IAM roles](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the *AWS Identity and Access Management User Guide* .", "title": "RoleArn", "type": "string" }, "SchemaS3Location": { "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", "markdownDescription": "The location of the simulation schema in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SchemaS3Location` to start your simulation from a schema.\n\nIf you provide a `SchemaS3Location` then you can't provide a `SnapshotS3Location` .", "title": "SchemaS3Location" }, "SnapshotS3Location": { "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation.S3Location", "markdownDescription": "The location of the snapshot in Amazon Simple Storage Service ( Amazon S3 ). For more information about Amazon S3 , see the [*Amazon Simple Storage Service User Guide*](https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html) .\n\nProvide a `SnapshotS3Location` to start your simulation from a snapshot.\n\nIf you provide a `SnapshotS3Location` then you can't provide a `SchemaS3Location` .", "title": "SnapshotS3Location" } }, "required": [ "Name", "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::SimSpaceWeaver::Simulation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SimSpaceWeaver::Simulation.S3Location": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The name of an Amazon S3 bucket. For more information about buckets, see [Creating, configuring, and working with Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) in the *Amazon Simple Storage Service User Guide* .", "title": "BucketName", "type": "string" }, "ObjectKey": { "markdownDescription": "The key name of an object in Amazon S3. For more information about Amazon S3 objects and object keys, see [Uploading, downloading, and working with objects in Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/uploading-downloading-objects.html) in the *Amazon Simple Storage Service User Guide* .", "title": "ObjectKey", "type": "string" } }, "required": [ "BucketName", "ObjectKey" ], "type": "object" }, "AWS::StepFunctions::Activity": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the activity.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\nTo enable logging with CloudWatch Logs, the name should only contain 0-9, A-Z, a-z, - and _.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::StepFunctions::Activity.TagsEntry" }, "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::StepFunctions::Activity" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::StepFunctions::Activity.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The `key` for a key-value pair in a tag entry.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The `value` for a key-value pair in a tag entry.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::StepFunctions::StateMachine": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Definition": { "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON or YAML, and the format of the object must match the format of your CloudFormation template file. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", "title": "Definition", "type": "object" }, "DefinitionS3Location": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.S3Location", "markdownDescription": "The name of the S3 bucket where the state machine definition is stored. The state machine definition must be a JSON or YAML file.", "title": "DefinitionS3Location" }, "DefinitionString": { "markdownDescription": "The Amazon States Language definition of the state machine. The state machine definition must be in JSON. See [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html) .", "title": "DefinitionString", "type": "string" }, "DefinitionSubstitutions": { "additionalProperties": true, "markdownDescription": "A map (string to string) that specifies the mappings for placeholder variables in the state machine definition. This enables the customer to inject values obtained at runtime, for example from intrinsic functions, in the state machine definition. Variables can be template parameter names, resource logical IDs, resource attributes, or a variable in a key-value map.\n\nSubstitutions must follow the syntax: `${key_name}` or `${variable_1,variable_2,...}` .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "object" } }, "title": "DefinitionSubstitutions", "type": "object" }, "LoggingConfiguration": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LoggingConfiguration", "markdownDescription": "Defines what execution history events are logged and where they are logged.\n\n> By default, the `level` is set to `OFF` . For more information see [Log Levels](https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html) in the AWS Step Functions User Guide.", "title": "LoggingConfiguration" }, "RoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role to use for this state machine.", "title": "RoleArn", "type": "string" }, "StateMachineName": { "markdownDescription": "The name of the state machine.\n\nA name must *not* contain:\n\n- white space\n- brackets `< > { } [ ]`\n- wildcard characters `? *`\n- special characters `\" # % \\ ^ | ~ ` $ & , ; : /`\n- control characters ( `U+0000-001F` , `U+007F-009F` )\n\n> If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", "title": "StateMachineName", "type": "string" }, "StateMachineType": { "markdownDescription": "Determines whether a `STANDARD` or `EXPRESS` state machine is created. The default is `STANDARD` . You cannot update the `type` of a state machine once it has been created. For more information on `STANDARD` and `EXPRESS` workflows, see [Standard Versus Express Workflows](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-standard-vs-express.html) in the AWS Step Functions Developer Guide.", "title": "StateMachineType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TagsEntry" }, "markdownDescription": "The list of tags to add to a resource.\n\nTags may only contain Unicode letters, digits, white space, or these symbols: `_ . : / = + - @` .", "title": "Tags", "type": "array" }, "TracingConfiguration": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.TracingConfiguration", "markdownDescription": "Selects whether or not the state machine's AWS X-Ray tracing is enabled.", "title": "TracingConfiguration" } }, "required": [ "RoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::StepFunctions::StateMachine" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup": { "additionalProperties": false, "properties": { "LogGroupArn": { "markdownDescription": "The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*`", "title": "LogGroupArn", "type": "string" } }, "type": "object" }, "AWS::StepFunctions::StateMachine.LogDestination": { "additionalProperties": false, "properties": { "CloudWatchLogsLogGroup": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.CloudWatchLogsLogGroup", "markdownDescription": "An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the AWS CloudFormation User Guide.", "title": "CloudWatchLogsLogGroup" } }, "type": "object" }, "AWS::StepFunctions::StateMachine.LoggingConfiguration": { "additionalProperties": false, "properties": { "Destinations": { "items": { "$ref": "#/definitions/AWS::StepFunctions::StateMachine.LogDestination" }, "markdownDescription": "An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` .", "title": "Destinations", "type": "array" }, "IncludeExecutionData": { "markdownDescription": "Determines whether execution data is included in your log. When set to `false` , data is excluded.", "title": "IncludeExecutionData", "type": "boolean" }, "Level": { "markdownDescription": "Defines which category of execution history events are logged.", "title": "Level", "type": "string" } }, "type": "object" }, "AWS::StepFunctions::StateMachine.S3Location": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the S3 bucket where the state machine definition JSON or YAML file is stored.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name of the state machine definition file (Amazon S3 object name).", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "For versioning-enabled buckets, a specific version of the state machine definition.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "type": "object" }, "AWS::StepFunctions::StateMachine.TagsEntry": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The `key` for a key-value pair in a tag entry.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The `value` for a key-value pair in a tag entry.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::StepFunctions::StateMachine.TracingConfiguration": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "When set to `true` , X-Ray tracing is enabled.", "title": "Enabled", "type": "boolean" } }, "type": "object" }, "AWS::StepFunctions::StateMachineAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DeploymentPreference": { "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.DeploymentPreference", "markdownDescription": "The settings that enable gradual state machine deployments. These settings include [Alarms](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-alarms) , [Interval](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-interval) , [Percentage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-percentage) , [StateMachineVersionArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-statemachineversionarn) , and [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stepfunctions-statemachinealias-deploymentpreference.html#cfn-stepfunctions-statemachinealias-deploymentpreference-type) .\n\nCloudFormation automatically shifts traffic from the version an alias currently points to, to a new state machine version that you specify.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties. \n\nBased on the type of deployment you want to perform, you can specify one of the following settings:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any Amazon CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", "title": "DeploymentPreference" }, "Description": { "markdownDescription": "An optional description of the state machine alias.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the state machine alias. If you don't provide a name, it uses an automatically generated name based on the logical ID.", "title": "Name", "type": "string" }, "RoutingConfiguration": { "items": { "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion" }, "markdownDescription": "The routing configuration of an alias. Routing configuration splits [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) requests between one or two versions of the same state machine.\n\nUse `RoutingConfiguration` if you want to explicitly set the alias [weights](https://docs.aws.amazon.com/step-functions/latest/apireference/API_RoutingConfigurationListItem.html#StepFunctions-Type-RoutingConfigurationListItem-weight) . Weight is the percentage of traffic you want to route to a state machine version.\n\n> `RoutingConfiguration` and `DeploymentPreference` are mutually exclusive properties. You must define only one of these properties.", "title": "RoutingConfiguration", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::StepFunctions::StateMachineAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::StepFunctions::StateMachineAlias.DeploymentPreference": { "additionalProperties": false, "properties": { "Alarms": { "items": { "type": "string" }, "markdownDescription": "A list of Amazon CloudWatch alarms to be monitored during the deployment. The deployment fails and rolls back if any of these alarms go into the `ALARM` state.", "title": "Alarms", "type": "array" }, "Interval": { "markdownDescription": "The time in minutes between each traffic shifting increment.", "title": "Interval", "type": "number" }, "Percentage": { "markdownDescription": "The percentage of traffic to shift to the new version in each increment.", "title": "Percentage", "type": "number" }, "StateMachineVersionArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete.\n\nWhile performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead.", "title": "StateMachineVersionArn", "type": "string" }, "Type": { "markdownDescription": "The type of deployment you want to perform. You can specify one of the following types:\n\n- `LINEAR` - Shifts traffic to the new version in equal increments with an equal number of minutes between each increment.\n\nFor example, if you specify the increment percent as `20` with an interval of `600` minutes, this deployment increases traffic by 20 percent every 600 minutes until the new version receives 100 percent of the traffic. This deployment immediately rolls back the new version if any CloudWatch alarms are triggered.\n- `ALL_AT_ONCE` - Shifts 100 percent of traffic to the new version immediately. CloudFormation monitors the new version and rolls it back automatically to the previous version if any CloudWatch alarms are triggered.\n- `CANARY` - Shifts traffic in two increments.\n\nIn the first increment, a small percentage of traffic, for example, 10 percent is shifted to the new version. In the second increment, before a specified time interval in seconds gets over, the remaining traffic is shifted to the new version. The shift to the new version for the remaining traffic takes place only if no CloudWatch alarms are triggered during the specified time interval.", "title": "Type", "type": "string" } }, "required": [ "StateMachineVersionArn", "Type" ], "type": "object" }, "AWS::StepFunctions::StateMachineAlias.RoutingConfigurationVersion": { "additionalProperties": false, "properties": { "StateMachineVersionArn": { "markdownDescription": "The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration.\n\nIf you specify the ARN of a second version, it must belong to the same state machine as the first version.", "title": "StateMachineVersionArn", "type": "string" }, "Weight": { "markdownDescription": "The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100.", "title": "Weight", "type": "number" } }, "required": [ "StateMachineVersionArn", "Weight" ], "type": "object" }, "AWS::StepFunctions::StateMachineVersion": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "An optional description of the state machine version.", "title": "Description", "type": "string" }, "StateMachineArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the state machine.", "title": "StateMachineArn", "type": "string" }, "StateMachineRevisionId": { "markdownDescription": "Identifier for a state machine revision, which is an immutable, read-only snapshot of a state machine\u2019s definition and configuration.\n\nOnly publish the state machine version if the current state machine's revision ID matches the specified ID. Use this option to avoid publishing a version if the state machine has changed since you last updated it.\n\nTo specify the initial state machine revision, set the value as `INITIAL` .", "title": "StateMachineRevisionId", "type": "string" } }, "required": [ "StateMachineArn" ], "type": "object" }, "Type": { "enum": [ "AWS::StepFunctions::StateMachineVersion" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SupportApp::AccountAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccountAlias": { "markdownDescription": "An alias or short name for an AWS account .", "title": "AccountAlias", "type": "string" } }, "required": [ "AccountAlias" ], "type": "object" }, "Type": { "enum": [ "AWS::SupportApp::AccountAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SupportApp::SlackChannelConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ChannelId": { "markdownDescription": "The channel ID in Slack. This ID identifies a channel within a Slack workspace.", "title": "ChannelId", "type": "string" }, "ChannelName": { "markdownDescription": "The channel name in Slack. This is the channel where you invite the AWS Support App .", "title": "ChannelName", "type": "string" }, "ChannelRoleArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the IAM role for this Slack channel configuration. The AWS Support App uses this role to perform AWS Support and Service Quotas actions on your behalf.", "title": "ChannelRoleArn", "type": "string" }, "NotifyOnAddCorrespondenceToCase": { "markdownDescription": "Whether to get notified when a correspondence is added to your support cases.", "title": "NotifyOnAddCorrespondenceToCase", "type": "boolean" }, "NotifyOnCaseSeverity": { "markdownDescription": "The case severity for your support cases that you want to receive notifications. You can specify `none` , `all` , or `high` .", "title": "NotifyOnCaseSeverity", "type": "string" }, "NotifyOnCreateOrReopenCase": { "markdownDescription": "Whether to get notified when your support cases are created or reopened", "title": "NotifyOnCreateOrReopenCase", "type": "boolean" }, "NotifyOnResolveCase": { "markdownDescription": "Whether to get notified when your support cases are resolved.", "title": "NotifyOnResolveCase", "type": "boolean" }, "TeamId": { "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace.", "title": "TeamId", "type": "string" } }, "required": [ "ChannelId", "ChannelRoleArn", "NotifyOnCaseSeverity", "TeamId" ], "type": "object" }, "Type": { "enum": [ "AWS::SupportApp::SlackChannelConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SupportApp::SlackWorkspaceConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "TeamId": { "markdownDescription": "The team ID in Slack. This ID uniquely identifies a Slack workspace, such as `T012ABCDEFG` .", "title": "TeamId", "type": "string" }, "VersionId": { "markdownDescription": "An identifier used to update an existing Slack workspace configuration in AWS CloudFormation , such as `100` .", "title": "VersionId", "type": "string" } }, "required": [ "TeamId" ], "type": "object" }, "Type": { "enum": [ "AWS::SupportApp::SlackWorkspaceConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Synthetics::Canary": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ArtifactConfig": { "$ref": "#/definitions/AWS::Synthetics::Canary.ArtifactConfig", "markdownDescription": "A structure that contains the configuration for canary artifacts, including the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3.", "title": "ArtifactConfig" }, "ArtifactS3Location": { "markdownDescription": "The location in Amazon S3 where Synthetics stores artifacts from the runs of this canary. Artifacts include the log file, screenshots, and HAR files. Specify the full location path, including `s3://` at the beginning of the path.", "title": "ArtifactS3Location", "type": "string" }, "Code": { "$ref": "#/definitions/AWS::Synthetics::Canary.Code", "markdownDescription": "Use this structure to input your script code for the canary. This structure contains the Lambda handler with the location where the canary should start running the script. If the script is stored in an S3 bucket, the bucket name, key, and version are also included. If the script is passed into the canary directly, the script code is contained in the value of `Script` .", "title": "Code" }, "ExecutionRoleArn": { "markdownDescription": "The ARN of the IAM role to be used to run the canary. This role must already exist, and must include `lambda.amazonaws.com` as a principal in the trust policy. The role must also have the following permissions:\n\n- `s3:PutObject`\n- `s3:GetBucketLocation`\n- `s3:ListAllMyBuckets`\n- `cloudwatch:PutMetricData`\n- `logs:CreateLogGroup`\n- `logs:CreateLogStream`\n- `logs:PutLogEvents`", "title": "ExecutionRoleArn", "type": "string" }, "FailureRetentionPeriod": { "markdownDescription": "The number of days to retain data about failed runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.", "title": "FailureRetentionPeriod", "type": "number" }, "Name": { "markdownDescription": "The name for this canary. Be sure to give it a descriptive name that distinguishes it from other canaries in your account.\n\nDo not include secrets or proprietary information in your canary names. The canary name makes up part of the canary ARN, and the ARN is included in outbound calls over the internet. For more information, see [Security Considerations for Synthetics Canaries](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/servicelens_canaries_security.html) .", "title": "Name", "type": "string" }, "RunConfig": { "$ref": "#/definitions/AWS::Synthetics::Canary.RunConfig", "markdownDescription": "A structure that contains input information for a canary run. If you omit this structure, the frequency of the canary is used as canary's timeout value, up to a maximum of 900 seconds.", "title": "RunConfig" }, "RuntimeVersion": { "markdownDescription": "Specifies the runtime version to use for the canary. For more information about runtime versions, see [Canary Runtime Versions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_Library.html) .", "title": "RuntimeVersion", "type": "string" }, "Schedule": { "$ref": "#/definitions/AWS::Synthetics::Canary.Schedule", "markdownDescription": "A structure that contains information about how often the canary is to run, and when these runs are to stop.", "title": "Schedule" }, "StartCanaryAfterCreation": { "markdownDescription": "Specify TRUE to have the canary start making runs immediately after it is created.\n\nA canary that you create using CloudFormation can't be used to monitor the CloudFormation stack that creates the canary or to roll back that stack if there is a failure.", "title": "StartCanaryAfterCreation", "type": "boolean" }, "SuccessRetentionPeriod": { "markdownDescription": "The number of days to retain data about successful runs of this canary. If you omit this field, the default of 31 days is used. The valid range is 1 to 455 days.", "title": "SuccessRetentionPeriod", "type": "number" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value pairs that are associated with the canary.", "title": "Tags", "type": "array" }, "VPCConfig": { "$ref": "#/definitions/AWS::Synthetics::Canary.VPCConfig", "markdownDescription": "If this canary is to test an endpoint in a VPC, this structure contains information about the subnet and security groups of the VPC endpoint. For more information, see [Running a Canary in a VPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_VPC.html) .", "title": "VPCConfig" }, "VisualReference": { "$ref": "#/definitions/AWS::Synthetics::Canary.VisualReference", "markdownDescription": "If this canary performs visual monitoring by comparing screenshots, this structure contains the ID of the canary run to use as the baseline for screenshots, and the coordinates of any parts of the screen to ignore during the visual monitoring comparison.", "title": "VisualReference" } }, "required": [ "ArtifactS3Location", "Code", "ExecutionRoleArn", "Name", "RuntimeVersion", "Schedule" ], "type": "object" }, "Type": { "enum": [ "AWS::Synthetics::Canary" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Synthetics::Canary.ArtifactConfig": { "additionalProperties": false, "properties": { "S3Encryption": { "$ref": "#/definitions/AWS::Synthetics::Canary.S3Encryption", "markdownDescription": "A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3 . Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see [Encrypting canary artifacts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_artifact_encryption.html) .", "title": "S3Encryption" } }, "type": "object" }, "AWS::Synthetics::Canary.BaseScreenshot": { "additionalProperties": false, "properties": { "IgnoreCoordinates": { "items": { "type": "string" }, "markdownDescription": "Coordinates that define the part of a screen to ignore during screenshot comparisons. To obtain the coordinates to use here, use the CloudWatch console to draw the boundaries on the screen. For more information, see [Edit or delete a canary](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/synthetics_canaries_deletion.html) .", "title": "IgnoreCoordinates", "type": "array" }, "ScreenshotName": { "markdownDescription": "The name of the screenshot. This is generated the first time the canary is run after the `UpdateCanary` operation that specified for this canary to perform visual monitoring.", "title": "ScreenshotName", "type": "string" } }, "required": [ "ScreenshotName" ], "type": "object" }, "AWS::Synthetics::Canary.Code": { "additionalProperties": false, "properties": { "Handler": { "markdownDescription": "The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` .", "title": "Handler", "type": "string" }, "S3Bucket": { "markdownDescription": "If your canary script is located in S3, specify the bucket name here. The bucket must already exist.", "title": "S3Bucket", "type": "string" }, "S3Key": { "markdownDescription": "The S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) .", "title": "S3Key", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "The S3 version ID of your script.", "title": "S3ObjectVersion", "type": "string" }, "Script": { "markdownDescription": "If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB.", "title": "Script", "type": "string" }, "SourceLocationArn": { "markdownDescription": "The ARN of the Lambda layer where Synthetics stores the canary script code.", "title": "SourceLocationArn", "type": "string" } }, "required": [ "Handler" ], "type": "object" }, "AWS::Synthetics::Canary.RunConfig": { "additionalProperties": false, "properties": { "ActiveTracing": { "markdownDescription": "Specifies whether this canary is to use active AWS X-Ray tracing when it runs. Active tracing enables this canary run to be displayed in the ServiceLens and X-Ray service maps even if the canary does not hit an endpoint that has X-Ray tracing enabled. Using X-Ray tracing incurs charges. For more information, see [Canaries and X-Ray tracing](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_tracing.html) .\n\nYou can enable active tracing only for canaries that use version `syn-nodejs-2.0` or later for their canary runtime.", "title": "ActiveTracing", "type": "boolean" }, "EnvironmentVariables": { "additionalProperties": true, "markdownDescription": "Specifies the keys and values to use for any environment variables used in the canary script. Use the following format:\n\n{ \"key1\" : \"value1\", \"key2\" : \"value2\", ...}\n\nKeys must start with a letter and be at least two characters. The total size of your environment variables cannot exceed 4 KB. You can't specify any Lambda reserved environment variables as the keys for your environment variables. For more information about reserved keys, see [Runtime environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-runtime) .", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "EnvironmentVariables", "type": "object" }, "MemoryInMB": { "markdownDescription": "The maximum amount of memory that the canary can use while running. This value must be a multiple of 64. The range is 960 to 3008.", "title": "MemoryInMB", "type": "number" }, "TimeoutInSeconds": { "markdownDescription": "How long the canary is allowed to run before it must stop. You can't set this time to be longer than the frequency of the runs of this canary.\n\nIf you omit this field, the frequency of the canary is used as this value, up to a maximum of 900 seconds.", "title": "TimeoutInSeconds", "type": "number" } }, "type": "object" }, "AWS::Synthetics::Canary.S3Encryption": { "additionalProperties": false, "properties": { "EncryptionMode": { "markdownDescription": "The encryption method to use for artifacts created by this canary. Specify `SSE_S3` to use server-side encryption (SSE) with an Amazon S3-managed key. Specify `SSE-KMS` to use server-side encryption with a customer-managed AWS KMS key.\n\nIf you omit this parameter, an AWS -managed AWS KMS key is used.", "title": "EncryptionMode", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The ARN of the customer-managed AWS KMS key to use, if you specify `SSE-KMS` for `EncryptionMode`", "title": "KmsKeyArn", "type": "string" } }, "type": "object" }, "AWS::Synthetics::Canary.Schedule": { "additionalProperties": false, "properties": { "DurationInSeconds": { "markdownDescription": "How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used.", "title": "DurationInSeconds", "type": "string" }, "Expression": { "markdownDescription": "A `rate` expression or a `cron` expression that defines how often the canary is to run.\n\nFor a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` .\n\nFor example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` .\n\nSpecifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started.\n\nUse `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) .", "title": "Expression", "type": "string" } }, "required": [ "Expression" ], "type": "object" }, "AWS::Synthetics::Canary.VPCConfig": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups for this canary.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the subnets where this canary is to run.", "title": "SubnetIds", "type": "array" }, "VpcId": { "markdownDescription": "The ID of the VPC where this canary is to run.", "title": "VpcId", "type": "string" } }, "required": [ "SecurityGroupIds", "SubnetIds" ], "type": "object" }, "AWS::Synthetics::Canary.VisualReference": { "additionalProperties": false, "properties": { "BaseCanaryRunId": { "markdownDescription": "Specifies which canary run to use the screenshots from as the baseline for future visual monitoring with this canary. Valid values are `nextrun` to use the screenshots from the next run after this update is made, `lastrun` to use the screenshots from the most recent run before this update was made, or the value of `Id` in the [CanaryRun](https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/API_CanaryRun.html) from any past run of this canary.", "title": "BaseCanaryRunId", "type": "string" }, "BaseScreenshots": { "items": { "$ref": "#/definitions/AWS::Synthetics::Canary.BaseScreenshot" }, "markdownDescription": "An array of screenshots that are used as the baseline for comparisons during visual monitoring.", "title": "BaseScreenshots", "type": "array" } }, "required": [ "BaseCanaryRunId" ], "type": "object" }, "AWS::Synthetics::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A name for the group. It can include any Unicode characters.\n\nThe names for all groups in your account, across all Regions, must be unique.", "title": "Name", "type": "string" }, "ResourceArns": { "items": { "type": "string" }, "markdownDescription": "The ARNs of the canaries that you want to associate with this group.", "title": "ResourceArns", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The list of key-value pairs that are associated with the group.", "title": "Tags", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Synthetics::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SystemsManagerSAP::Application": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ApplicationId": { "markdownDescription": "The ID of the application.", "title": "ApplicationId", "type": "string" }, "ApplicationType": { "markdownDescription": "The type of the application.", "title": "ApplicationType", "type": "string" }, "Credentials": { "items": { "$ref": "#/definitions/AWS::SystemsManagerSAP::Application.Credential" }, "markdownDescription": "The credentials of the SAP application.", "title": "Credentials", "type": "array" }, "Instances": { "items": { "type": "string" }, "markdownDescription": "The Amazon EC2 instances on which your SAP application is running.", "title": "Instances", "type": "array" }, "SapInstanceNumber": { "markdownDescription": "The SAP instance number of the application.", "title": "SapInstanceNumber", "type": "string" }, "Sid": { "markdownDescription": "The System ID of the application.", "title": "Sid", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags on the application.", "title": "Tags", "type": "array" } }, "required": [ "ApplicationId", "ApplicationType" ], "type": "object" }, "Type": { "enum": [ "AWS::SystemsManagerSAP::Application" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::SystemsManagerSAP::Application.Credential": { "additionalProperties": false, "properties": { "CredentialType": { "markdownDescription": "The type of the application credentials.", "title": "CredentialType", "type": "string" }, "DatabaseName": { "markdownDescription": "The name of the SAP HANA database.", "title": "DatabaseName", "type": "string" }, "SecretId": { "markdownDescription": "The secret ID created in AWS Secrets Manager to store the credentials of the SAP application.", "title": "SecretId", "type": "string" } }, "type": "object" }, "AWS::Timestream::Database": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of the Timestream database.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", "title": "DatabaseName", "type": "string" }, "KmsKeyId": { "markdownDescription": "The identifier of the AWS KMS key used to encrypt the data stored in the database.", "title": "KmsKeyId", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the database.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Timestream::Database" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Timestream::InfluxDBInstance": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AllocatedStorage": { "markdownDescription": "The amount of storage to allocate for your DB storage type in GiB (gibibytes).", "title": "AllocatedStorage", "type": "number" }, "Bucket": { "markdownDescription": "The name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization.", "title": "Bucket", "type": "string" }, "DbInstanceType": { "markdownDescription": "The Timestream for InfluxDB DB instance type to run on.", "title": "DbInstanceType", "type": "string" }, "DbParameterGroupIdentifier": { "markdownDescription": "The name or id of the DB parameter group to assign to your DB instance. DB parameter groups specify how the database is configured. For example, DB parameter groups can specify the limit for query concurrency.", "title": "DbParameterGroupIdentifier", "type": "string" }, "DbStorageType": { "markdownDescription": "The Timestream for InfluxDB DB storage type to read and write InfluxDB data.\n\nYou can choose between 3 different types of provisioned Influx IOPS included storage according to your workloads requirements:\n\n- Influx IO Included 3000 IOPS\n- Influx IO Included 12000 IOPS\n- Influx IO Included 16000 IOPS", "title": "DbStorageType", "type": "string" }, "DeploymentType": { "markdownDescription": "Specifies whether the Timestream for InfluxDB is deployed as Single-AZ or with a MultiAZ Standby for High availability.", "title": "DeploymentType", "type": "string" }, "LogDeliveryConfiguration": { "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration", "markdownDescription": "Configuration for sending InfluxDB engine logs to a specified S3 bucket.", "title": "LogDeliveryConfiguration" }, "Name": { "markdownDescription": "The name that uniquely identifies the DB instance when interacting with the Amazon Timestream for InfluxDB API and CLI commands. This name will also be a prefix included in the endpoint. DB instance names must be unique per customer and per region.", "title": "Name", "type": "string" }, "Organization": { "markdownDescription": "The name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users.", "title": "Organization", "type": "string" }, "Password": { "markdownDescription": "The password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon SecretManager in your account.", "title": "Password", "type": "string" }, "PubliclyAccessible": { "markdownDescription": "Configures the DB instance with a public IP to facilitate access.", "title": "PubliclyAccessible", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to associate with the DB instance.", "title": "Tags", "type": "array" }, "Username": { "markdownDescription": "The username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. For example, my-user1. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. These attributes will be stored in a Secret created in Amazon Secrets Manager in your account.", "title": "Username", "type": "string" }, "VpcSecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC security group IDs to associate with the DB instance.", "title": "VpcSecurityGroupIds", "type": "array" }, "VpcSubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC subnet IDs to associate with the DB instance. Provide at least two VPC subnet IDs in different availability zones when deploying with a Multi-AZ standby.", "title": "VpcSubnetIds", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::Timestream::InfluxDBInstance" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Timestream::InfluxDBInstance.LogDeliveryConfiguration": { "additionalProperties": false, "properties": { "S3Configuration": { "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance.S3Configuration", "markdownDescription": "Configuration for S3 bucket log delivery", "title": "S3Configuration" } }, "required": [ "S3Configuration" ], "type": "object" }, "AWS::Timestream::InfluxDBInstance.S3Configuration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The bucket name of the customer S3 bucket.", "title": "BucketName", "type": "string" }, "Enabled": { "markdownDescription": "Indicates whether log delivery to the S3 bucket is enabled.", "title": "Enabled", "type": "boolean" } }, "required": [ "BucketName", "Enabled" ], "type": "object" }, "AWS::Timestream::ScheduledQuery": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ClientToken": { "markdownDescription": "Using a ClientToken makes the call to CreateScheduledQuery idempotent, in other words, making the same request repeatedly will produce the same result. Making multiple identical CreateScheduledQuery requests has the same effect as making a single request.\n\n- If CreateScheduledQuery is called without a `ClientToken` , the Query SDK generates a `ClientToken` on your behalf.\n- After 8 hours, any request with the same `ClientToken` is treated as a new request.", "title": "ClientToken", "type": "string" }, "ErrorReportConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ErrorReportConfiguration", "markdownDescription": "Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results.", "title": "ErrorReportConfiguration" }, "KmsKeyId": { "markdownDescription": "The Amazon KMS key used to encrypt the scheduled query resource, at-rest. If the Amazon KMS key is not specified, the scheduled query resource will be encrypted with a Timestream owned Amazon KMS key. To specify a KMS key, use the key ID, key ARN, alias name, or alias ARN. When using an alias name, prefix the name with *alias/*\n\nIf ErrorReportConfiguration uses `SSE_KMS` as encryption type, the same KmsKeyId is used to encrypt the error report at rest.", "title": "KmsKeyId", "type": "string" }, "NotificationConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.NotificationConfiguration", "markdownDescription": "Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it.", "title": "NotificationConfiguration" }, "QueryString": { "markdownDescription": "The query string to run. Parameter names can be specified in the query string `@` character followed by an identifier. The named Parameter `@scheduled_runtime` is reserved and can be used in the query to get the time at which the query is scheduled to run.\n\nThe timestamp calculated according to the ScheduleConfiguration parameter, will be the value of `@scheduled_runtime` paramater for each query run. For example, consider an instance of a scheduled query executing on 2021-12-01 00:00:00. For this instance, the `@scheduled_runtime` parameter is initialized to the timestamp 2021-12-01 00:00:00 when invoking the query.", "title": "QueryString", "type": "string" }, "ScheduleConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.ScheduleConfiguration", "markdownDescription": "Schedule configuration.", "title": "ScheduleConfiguration" }, "ScheduledQueryExecutionRoleArn": { "markdownDescription": "The ARN for the IAM role that Timestream will assume when running the scheduled query.", "title": "ScheduledQueryExecutionRoleArn", "type": "string" }, "ScheduledQueryName": { "markdownDescription": "A name for the query. Scheduled query names must be unique within each Region.", "title": "ScheduledQueryName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "A list of key-value pairs to label the scheduled query.", "title": "Tags", "type": "array" }, "TargetConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TargetConfiguration", "markdownDescription": "Scheduled query target store configuration.", "title": "TargetConfiguration" } }, "required": [ "ErrorReportConfiguration", "NotificationConfiguration", "QueryString", "ScheduleConfiguration", "ScheduledQueryExecutionRoleArn" ], "type": "object" }, "Type": { "enum": [ "AWS::Timestream::ScheduledQuery" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.DimensionMapping": { "additionalProperties": false, "properties": { "DimensionValueType": { "markdownDescription": "Type for the dimension: VARCHAR", "title": "DimensionValueType", "type": "string" }, "Name": { "markdownDescription": "Column name from query result.", "title": "Name", "type": "string" } }, "required": [ "DimensionValueType", "Name" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.ErrorReportConfiguration": { "additionalProperties": false, "properties": { "S3Configuration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.S3Configuration", "markdownDescription": "The S3 configuration for the error reports.", "title": "S3Configuration" } }, "required": [ "S3Configuration" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.MixedMeasureMapping": { "additionalProperties": false, "properties": { "MeasureName": { "markdownDescription": "Refers to the value of measure_name in a result row. This field is required if MeasureNameColumn is provided.", "title": "MeasureName", "type": "string" }, "MeasureValueType": { "markdownDescription": "Type of the value that is to be read from sourceColumn. If the mapping is for MULTI, use MeasureValueType.MULTI.", "title": "MeasureValueType", "type": "string" }, "MultiMeasureAttributeMappings": { "items": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, "markdownDescription": "Required when measureValueType is MULTI. Attribute mappings for MULTI value measures.", "title": "MultiMeasureAttributeMappings", "type": "array" }, "SourceColumn": { "markdownDescription": "This field refers to the source column from which measure-value is to be read for result materialization.", "title": "SourceColumn", "type": "string" }, "TargetMeasureName": { "markdownDescription": "Target measure name to be used. If not provided, the target measure name by default would be measure-name if provided, or sourceColumn otherwise.", "title": "TargetMeasureName", "type": "string" } }, "required": [ "MeasureValueType" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping": { "additionalProperties": false, "properties": { "MeasureValueType": { "markdownDescription": "Type of the attribute to be read from the source column.", "title": "MeasureValueType", "type": "string" }, "SourceColumn": { "markdownDescription": "Source column from where the attribute value is to be read.", "title": "SourceColumn", "type": "string" }, "TargetMultiMeasureAttributeName": { "markdownDescription": "Custom name to be used for attribute name in derived table. If not provided, source column name would be used.", "title": "TargetMultiMeasureAttributeName", "type": "string" } }, "required": [ "MeasureValueType", "SourceColumn" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.MultiMeasureMappings": { "additionalProperties": false, "properties": { "MultiMeasureAttributeMappings": { "items": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureAttributeMapping" }, "markdownDescription": "Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes.", "title": "MultiMeasureAttributeMappings", "type": "array" }, "TargetMultiMeasureName": { "markdownDescription": "The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name.", "title": "TargetMultiMeasureName", "type": "string" } }, "required": [ "MultiMeasureAttributeMappings" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.NotificationConfiguration": { "additionalProperties": false, "properties": { "SnsConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.SnsConfiguration", "markdownDescription": "Details on SNS configuration.", "title": "SnsConfiguration" } }, "required": [ "SnsConfiguration" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.S3Configuration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "Name of the S3 bucket under which error reports will be created.", "title": "BucketName", "type": "string" }, "EncryptionOption": { "markdownDescription": "Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default.", "title": "EncryptionOption", "type": "string" }, "ObjectKeyPrefix": { "markdownDescription": "Prefix for the error report key. Timestream by default adds the following prefix to the error report path.", "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ "BucketName" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.ScheduleConfiguration": { "additionalProperties": false, "properties": { "ScheduleExpression": { "markdownDescription": "An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression.", "title": "ScheduleExpression", "type": "string" } }, "required": [ "ScheduleExpression" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.SnsConfiguration": { "additionalProperties": false, "properties": { "TopicArn": { "markdownDescription": "SNS topic ARN that the scheduled query status notifications will be sent to.", "title": "TopicArn", "type": "string" } }, "required": [ "TopicArn" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.TargetConfiguration": { "additionalProperties": false, "properties": { "TimestreamConfiguration": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.TimestreamConfiguration", "markdownDescription": "Configuration needed to write data into the Timestream database and table.", "title": "TimestreamConfiguration" } }, "required": [ "TimestreamConfiguration" ], "type": "object" }, "AWS::Timestream::ScheduledQuery.TimestreamConfiguration": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "Name of Timestream database to which the query result will be written.", "title": "DatabaseName", "type": "string" }, "DimensionMappings": { "items": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.DimensionMapping" }, "markdownDescription": "This is to allow mapping column(s) from the query result to the dimension in the destination table.", "title": "DimensionMappings", "type": "array" }, "MeasureNameColumn": { "markdownDescription": "Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` .", "title": "MeasureNameColumn", "type": "string" }, "MixedMeasureMappings": { "items": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MixedMeasureMapping" }, "markdownDescription": "Specifies how to map measures to multi-measure records.", "title": "MixedMeasureMappings", "type": "array" }, "MultiMeasureMappings": { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery.MultiMeasureMappings", "markdownDescription": "Multi-measure mappings.", "title": "MultiMeasureMappings" }, "TableName": { "markdownDescription": "Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration.", "title": "TableName", "type": "string" }, "TimeColumn": { "markdownDescription": "Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP.", "title": "TimeColumn", "type": "string" } }, "required": [ "DatabaseName", "DimensionMappings", "TableName", "TimeColumn" ], "type": "object" }, "AWS::Timestream::Table": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DatabaseName": { "markdownDescription": "The name of the Timestream database that contains this table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", "title": "DatabaseName", "type": "string" }, "MagneticStoreWriteProperties": { "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreWriteProperties", "markdownDescription": "Contains properties to set on the table when enabling magnetic store writes.\n\nThis object has the following attributes:\n\n- *EnableMagneticStoreWrites* : A `boolean` flag to enable magnetic store writes.\n- *MagneticStoreRejectedDataLocation* : The location to write error reports for records rejected, asynchronously, during magnetic store writes. Only `S3Configuration` objects are allowed. The `S3Configuration` object has the following attributes:\n\n- *BucketName* : The name of the S3 bucket.\n- *EncryptionOption* : The encryption option for the S3 location. Valid values are S3 server-side encryption with an S3 managed key ( `SSE_S3` ) or AWS managed key ( `SSE_KMS` ).\n- *KmsKeyId* : The AWS KMS key ID to use when encrypting with an AWS managed key.\n- *ObjectKeyPrefix* : The prefix to use option for the objects stored in S3.\n\nBoth `BucketName` and `EncryptionOption` are *required* when `S3Configuration` is specified. If you specify `SSE_KMS` as your `EncryptionOption` then `KmsKeyId` is *required* .\n\n`EnableMagneticStoreWrites` attribute is *required* when `MagneticStoreWriteProperties` is specified. `MagneticStoreRejectedDataLocation` attribute is *required* when `EnableMagneticStoreWrites` is set to `true` .\n\nSee the following examples:\n\n*JSON*\n\n```json\n{ \"Type\" : AWS::Timestream::Table\", \"Properties\":{ \"DatabaseName\":\"TestDatabase\", \"TableName\":\"TestTable\", \"MagneticStoreWriteProperties\":{ \"EnableMagneticStoreWrites\":true, \"MagneticStoreRejectedDataLocation\":{ \"S3Configuration\":{ \"BucketName\":\"testbucket\", \"EncryptionOption\":\"SSE_KMS\", \"KmsKeyId\":\"1234abcd-12ab-34cd-56ef-1234567890ab\", \"ObjectKeyPrefix\":\"prefix\" } } } }\n}\n```\n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" MagneticStoreWriteProperties: EnableMagneticStoreWrites: true MagneticStoreRejectedDataLocation: S3Configuration: BucketName: \"testbucket\" EncryptionOption: \"SSE_KMS\" KmsKeyId: \"1234abcd-12ab-34cd-56ef-1234567890ab\" ObjectKeyPrefix: \"prefix\"\n```", "title": "MagneticStoreWriteProperties" }, "RetentionProperties": { "$ref": "#/definitions/AWS::Timestream::Table.RetentionProperties", "markdownDescription": "The retention duration for the memory store and magnetic store. This object has the following attributes:\n\n- *MemoryStoreRetentionPeriodInHours* : Retention duration for memory store, in hours.\n- *MagneticStoreRetentionPeriodInDays* : Retention duration for magnetic store, in days.\n\nBoth attributes are of type `string` . Both attributes are *required* when `RetentionProperties` is specified.\n\nSee the following examples:\n\n*JSON*\n\n`{ \"Type\" : AWS::Timestream::Table\", \"Properties\" : { \"DatabaseName\" : \"TestDatabase\", \"TableName\" : \"TestTable\", \"RetentionProperties\" : { \"MemoryStoreRetentionPeriodInHours\": \"24\", \"MagneticStoreRetentionPeriodInDays\": \"7\" } } }` \n\n*YAML*\n\n```\nType: AWS::Timestream::Table\nDependsOn: TestDatabase\nProperties: TableName: \"TestTable\" DatabaseName: \"TestDatabase\" RetentionProperties: MemoryStoreRetentionPeriodInHours: \"24\" MagneticStoreRetentionPeriodInDays: \"7\"\n```", "title": "RetentionProperties" }, "Schema": { "$ref": "#/definitions/AWS::Timestream::Table.Schema", "markdownDescription": "The schema of the table.", "title": "Schema" }, "TableName": { "markdownDescription": "The name of the Timestream table.\n\n*Length Constraints* : Minimum length of 3 bytes. Maximum length of 256 bytes.", "title": "TableName", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the table", "title": "Tags", "type": "array" } }, "required": [ "DatabaseName" ], "type": "object" }, "Type": { "enum": [ "AWS::Timestream::Table" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Timestream::Table.MagneticStoreRejectedDataLocation": { "additionalProperties": false, "properties": { "S3Configuration": { "$ref": "#/definitions/AWS::Timestream::Table.S3Configuration", "markdownDescription": "Configuration of an S3 location to write error reports for records rejected, asynchronously, during magnetic store writes.", "title": "S3Configuration" } }, "type": "object" }, "AWS::Timestream::Table.MagneticStoreWriteProperties": { "additionalProperties": false, "properties": { "EnableMagneticStoreWrites": { "markdownDescription": "A flag to enable magnetic store writes.", "title": "EnableMagneticStoreWrites", "type": "boolean" }, "MagneticStoreRejectedDataLocation": { "$ref": "#/definitions/AWS::Timestream::Table.MagneticStoreRejectedDataLocation", "markdownDescription": "The location to write error reports for records rejected asynchronously during magnetic store writes.", "title": "MagneticStoreRejectedDataLocation" } }, "required": [ "EnableMagneticStoreWrites" ], "type": "object" }, "AWS::Timestream::Table.PartitionKey": { "additionalProperties": false, "properties": { "EnforcementInRecord": { "markdownDescription": "The level of enforcement for the specification of a dimension key in ingested records. Options are REQUIRED (dimension key must be specified) and OPTIONAL (dimension key does not have to be specified).", "title": "EnforcementInRecord", "type": "string" }, "Name": { "markdownDescription": "The name of the attribute used for a dimension key.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The type of the partition key. Options are DIMENSION (dimension key) and MEASURE (measure key).", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Timestream::Table.RetentionProperties": { "additionalProperties": false, "properties": { "MagneticStoreRetentionPeriodInDays": { "markdownDescription": "The duration for which data must be stored in the magnetic store.", "title": "MagneticStoreRetentionPeriodInDays", "type": "string" }, "MemoryStoreRetentionPeriodInHours": { "markdownDescription": "The duration for which data must be stored in the memory store.", "title": "MemoryStoreRetentionPeriodInHours", "type": "string" } }, "type": "object" }, "AWS::Timestream::Table.S3Configuration": { "additionalProperties": false, "properties": { "BucketName": { "markdownDescription": "The bucket name of the customer S3 bucket.", "title": "BucketName", "type": "string" }, "EncryptionOption": { "markdownDescription": "The encryption option for the customer S3 location. Options are S3 server-side encryption with an S3 managed key or AWS managed key.", "title": "EncryptionOption", "type": "string" }, "KmsKeyId": { "markdownDescription": "The AWS KMS key ID for the customer S3 location when encrypting with an AWS managed key.", "title": "KmsKeyId", "type": "string" }, "ObjectKeyPrefix": { "markdownDescription": "The object key preview for the customer S3 location.", "title": "ObjectKeyPrefix", "type": "string" } }, "required": [ "BucketName", "EncryptionOption" ], "type": "object" }, "AWS::Timestream::Table.Schema": { "additionalProperties": false, "properties": { "CompositePartitionKey": { "items": { "$ref": "#/definitions/AWS::Timestream::Table.PartitionKey" }, "markdownDescription": "A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed.", "title": "CompositePartitionKey", "type": "array" } }, "type": "object" }, "AWS::Transfer::Agreement": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessRole": { "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", "title": "AccessRole", "type": "string" }, "BaseDirectory": { "markdownDescription": "The landing directory (folder) for files that are transferred by using the AS2 protocol.", "title": "BaseDirectory", "type": "string" }, "Description": { "markdownDescription": "The name or short description that's used to identify the agreement.", "title": "Description", "type": "string" }, "LocalProfileId": { "markdownDescription": "A unique identifier for the AS2 local profile.", "title": "LocalProfileId", "type": "string" }, "PartnerProfileId": { "markdownDescription": "A unique identifier for the partner profile used in the agreement.", "title": "PartnerProfileId", "type": "string" }, "ServerId": { "markdownDescription": "A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.", "title": "ServerId", "type": "string" }, "Status": { "markdownDescription": "The current status of the agreement, either `ACTIVE` or `INACTIVE` .", "title": "Status", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for agreements.", "title": "Tags", "type": "array" } }, "required": [ "AccessRole", "BaseDirectory", "LocalProfileId", "PartnerProfileId", "ServerId" ], "type": "object" }, "Type": { "enum": [ "AWS::Transfer::Agreement" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Transfer::Certificate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ActiveDate": { "markdownDescription": "An optional date that specifies when the certificate becomes active.", "title": "ActiveDate", "type": "string" }, "Certificate": { "markdownDescription": "The file name for the certificate.", "title": "Certificate", "type": "string" }, "CertificateChain": { "markdownDescription": "The list of certificates that make up the chain for the certificate.", "title": "CertificateChain", "type": "string" }, "Description": { "markdownDescription": "The name or description that's used to identity the certificate.", "title": "Description", "type": "string" }, "InactiveDate": { "markdownDescription": "An optional date that specifies when the certificate becomes inactive.", "title": "InactiveDate", "type": "string" }, "PrivateKey": { "markdownDescription": "The file that contains the private key for the certificate that's being imported.", "title": "PrivateKey", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for certificates.", "title": "Tags", "type": "array" }, "Usage": { "markdownDescription": "Specifies how this certificate is used. It can be used in the following ways:\n\n- `SIGNING` : For signing AS2 messages\n- `ENCRYPTION` : For encrypting AS2 messages\n- `TLS` : For securing AS2 communications sent over HTTPS", "title": "Usage", "type": "string" } }, "required": [ "Certificate", "Usage" ], "type": "object" }, "Type": { "enum": [ "AWS::Transfer::Certificate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Transfer::Connector": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AccessRole": { "markdownDescription": "Connectors are used to send files using either the AS2 or SFTP protocol. For the access role, provide the Amazon Resource Name (ARN) of the AWS Identity and Access Management role to use.\n\n*For AS2 connectors*\n\nWith AS2, you can send files by calling `StartFileTransfer` and specifying the file paths in the request parameter, `SendFilePaths` . We use the file\u2019s parent directory (for example, for `--send-file-paths /bucket/dir/file.txt` , parent directory is `/bucket/dir/` ) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the `AccessRole` needs to provide read and write access to the parent directory of the file location used in the `StartFileTransfer` request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with `StartFileTransfer` .\n\nIf you are using Basic authentication for your AS2 connector, the access role requires the `secretsmanager:GetSecretValue` permission for the secret. If the secret is encrypted using a customer-managed key instead of the AWS managed key in Secrets Manager, then the role also needs the `kms:Decrypt` permission for that key.\n\n*For SFTP connectors*\n\nMake sure that the access role provides read and write access to the parent directory of the file location that's used in the `StartFileTransfer` request. Additionally, make sure that the role provides `secretsmanager:GetSecretValue` permission to AWS Secrets Manager .", "title": "AccessRole", "type": "string" }, "As2Config": { "$ref": "#/definitions/AWS::Transfer::Connector.As2Config", "markdownDescription": "A structure that contains the parameters for an AS2 connector object.", "title": "As2Config" }, "LoggingRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.", "title": "LoggingRole", "type": "string" }, "SftpConfig": { "$ref": "#/definitions/AWS::Transfer::Connector.SftpConfig", "markdownDescription": "A structure that contains the parameters for an SFTP connector object.", "title": "SftpConfig" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for connectors.", "title": "Tags", "type": "array" }, "Url": { "markdownDescription": "The URL of the partner's AS2 or SFTP endpoint.", "title": "Url", "type": "string" } }, "required": [ "AccessRole", "Url" ], "type": "object" }, "Type": { "enum": [ "AWS::Transfer::Connector" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Transfer::Connector.As2Config": { "additionalProperties": false, "properties": { "BasicAuthSecretId": { "markdownDescription": "Provides Basic authentication support to the AS2 Connectors API. To use Basic authentication, you must provide the name or Amazon Resource Name (ARN) of a secret in AWS Secrets Manager .\n\nThe default value for this parameter is `null` , which indicates that Basic authentication is not enabled for the connector.\n\nIf the connector should use Basic authentication, the secret needs to be in the following format:\n\n`{ \"Username\": \"user-name\", \"Password\": \"user-password\" }`\n\nReplace `user-name` and `user-password` with the credentials for the actual user that is being authenticated.\n\nNote the following:\n\n- You are storing these credentials in Secrets Manager, *not passing them directly* into this API.\n- If you are using the API, SDKs, or CloudFormation to configure your connector, then you must create the secret before you can enable Basic authentication. However, if you are using the AWS management console, you can have the system create the secret for you.\n\nIf you have previously enabled Basic authentication for a connector, you can disable it by using the `UpdateConnector` API call. For example, if you are using the CLI, you can run the following command to remove Basic authentication:\n\n`update-connector --connector-id my-connector-id --as2-config 'BasicAuthSecretId=\"\"'`", "title": "BasicAuthSecretId", "type": "string" }, "Compression": { "markdownDescription": "Specifies whether the AS2 file is compressed.", "title": "Compression", "type": "string" }, "EncryptionAlgorithm": { "markdownDescription": "The algorithm that is used to encrypt the file.\n\nNote the following:\n\n- Do not use the `DES_EDE3_CBC` algorithm unless you must support a legacy client that requires it, as it is a weak encryption algorithm.\n- You can only specify `NONE` if the URL for your connector uses HTTPS. Using HTTPS ensures that no traffic is sent in clear text.", "title": "EncryptionAlgorithm", "type": "string" }, "LocalProfileId": { "markdownDescription": "A unique identifier for the AS2 local profile.", "title": "LocalProfileId", "type": "string" }, "MdnResponse": { "markdownDescription": "Used for outbound requests (from an AWS Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:\n\n- `SYNC` : The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).\n- `NONE` : Specifies that no MDN response is required.", "title": "MdnResponse", "type": "string" }, "MdnSigningAlgorithm": { "markdownDescription": "The signing algorithm for the MDN response.\n\n> If set to DEFAULT (or not set at all), the value for `SigningAlgorithm` is used.", "title": "MdnSigningAlgorithm", "type": "string" }, "MessageSubject": { "markdownDescription": "Used as the `Subject` HTTP header attribute in AS2 messages that are being sent with the connector.", "title": "MessageSubject", "type": "string" }, "PartnerProfileId": { "markdownDescription": "A unique identifier for the partner profile for the connector.", "title": "PartnerProfileId", "type": "string" }, "SigningAlgorithm": { "markdownDescription": "The algorithm that is used to sign the AS2 messages sent with the connector.", "title": "SigningAlgorithm", "type": "string" } }, "type": "object" }, "AWS::Transfer::Connector.SftpConfig": { "additionalProperties": false, "properties": { "TrustedHostKeys": { "items": { "type": "string" }, "markdownDescription": "The public portion of the host key, or keys, that are used to identify the external server to which you are connecting. You can use the `ssh-keyscan` command against the SFTP server to retrieve the necessary key.\n\nThe three standard SSH public key format elements are `` , `` , and an optional `` , with spaces between each element. Specify only the `` and `` : do not enter the `` portion of the key.\n\nFor the trusted host key, AWS Transfer Family accepts RSA and ECDSA keys.\n\n- For RSA keys, the `` string is `ssh-rsa` .\n- For ECDSA keys, the `` string is either `ecdsa-sha2-nistp256` , `ecdsa-sha2-nistp384` , or `ecdsa-sha2-nistp521` , depending on the size of the key you generated.\n\nRun this command to retrieve the SFTP server host key, where your SFTP server name is `ftp.host.com` .\n\n`ssh-keyscan ftp.host.com`\n\nThis prints the public host key to standard output.\n\n`ftp.host.com ssh-rsa AAAAB3Nza... The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.", "title": "Certificate", "type": "string" }, "Domain": { "markdownDescription": "Specifies the domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.", "title": "Domain", "type": "string" }, "EndpointDetails": { "$ref": "#/definitions/AWS::Transfer::Server.EndpointDetails", "markdownDescription": "The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.", "title": "EndpointDetails" }, "EndpointType": { "markdownDescription": "The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.\n\n> After May 19, 2021, you won't be able to create a server using `EndpointType=VPC_ENDPOINT` in your AWS account if your account hasn't already done so before May 19, 2021. If you have already created servers with `EndpointType=VPC_ENDPOINT` in your AWS account on or before May 19, 2021, you will not be affected. After this date, use `EndpointType` = `VPC` .\n> \n> For more information, see [Discontinuing the use of VPC_ENDPOINT](https://docs.aws.amazon.com//transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint) .\n> \n> It is recommended that you use `VPC` as the `EndpointType` . With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with `EndpointType` set to `VPC_ENDPOINT` .", "title": "EndpointType", "type": "string" }, "IdentityProviderDetails": { "$ref": "#/definitions/AWS::Transfer::Server.IdentityProviderDetails", "markdownDescription": "Required when `IdentityProviderType` is set to `AWS_DIRECTORY_SERVICE` , `AWS _LAMBDA` or `API_GATEWAY` . Accepts an array containing all of the information required to use a directory in `AWS_DIRECTORY_SERVICE` or invoke a customer-supplied authentication API, including the API Gateway URL. Not required when `IdentityProviderType` is set to `SERVICE_MANAGED` .", "title": "IdentityProviderDetails" }, "IdentityProviderType": { "markdownDescription": "The mode of authentication for a server. The default value is `SERVICE_MANAGED` , which allows you to store and access user credentials within the AWS Transfer Family service.\n\nUse `AWS_DIRECTORY_SERVICE` to provide access to Active Directory groups in AWS Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in AWS using AD Connector. This option also requires you to provide a Directory ID by using the `IdentityProviderDetails` parameter.\n\nUse the `API_GATEWAY` value to integrate with an identity provider of your choosing. The `API_GATEWAY` setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the `IdentityProviderDetails` parameter.\n\nUse the `AWS_LAMBDA` value to directly use an AWS Lambda function as your identity provider. If you choose this value, you must specify the ARN for the Lambda function in the `Function` parameter for the `IdentityProviderDetails` data type.", "title": "IdentityProviderType", "type": "string" }, "LoggingRole": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.", "title": "LoggingRole", "type": "string" }, "PostAuthenticationLoginBanner": { "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.\n\n> The SFTP protocol does not support post-authentication display banners.", "title": "PostAuthenticationLoginBanner", "type": "string" }, "PreAuthenticationLoginBanner": { "markdownDescription": "Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:\n\n`This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.`", "title": "PreAuthenticationLoginBanner", "type": "string" }, "ProtocolDetails": { "$ref": "#/definitions/AWS::Transfer::Server.ProtocolDetails", "markdownDescription": "The protocol settings that are configured for your server.\n\n- To indicate passive mode (for FTP and FTPS protocols), use the `PassiveIp` parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.\n- To ignore the error that is generated when the client attempts to use the `SETSTAT` command on a file that you are uploading to an Amazon S3 bucket, use the `SetStatOption` parameter. To have the AWS Transfer Family server ignore the `SETSTAT` command and upload files without needing to make any changes to your SFTP client, set the value to `ENABLE_NO_OP` . If you set the `SetStatOption` parameter to `ENABLE_NO_OP` , Transfer Family generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a `SETSTAT` call.\n- To determine whether your AWS Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the `TlsSessionResumptionMode` parameter.\n- `As2Transports` indicates the transport method for the AS2 messages. Currently, only HTTP is supported.\n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", "title": "ProtocolDetails" }, "Protocols": { "items": { "$ref": "#/definitions/AWS::Transfer::Server.Protocol" }, "markdownDescription": "Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:\n\n- `SFTP` (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH\n- `FTPS` (File Transfer Protocol Secure): File transfer with TLS encryption\n- `FTP` (File Transfer Protocol): Unencrypted file transfer\n- `AS2` (Applicability Statement 2): used for transporting structured business-to-business data\n\n> - If you select `FTPS` , you must choose a certificate stored in AWS Certificate Manager (ACM) which is used to identify your server when clients connect to it over FTPS.\n> - If `Protocol` includes either `FTP` or `FTPS` , then the `EndpointType` must be `VPC` and the `IdentityProviderType` must be either `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `FTP` , then `AddressAllocationIds` cannot be associated.\n> - If `Protocol` is set only to `SFTP` , the `EndpointType` can be set to `PUBLIC` and the `IdentityProviderType` can be set any of the supported identity types: `SERVICE_MANAGED` , `AWS_DIRECTORY_SERVICE` , `AWS_LAMBDA` , or `API_GATEWAY` .\n> - If `Protocol` includes `AS2` , then the `EndpointType` must be `VPC` , and domain must be Amazon S3. \n\nThe `Protocols` parameter is an array of strings.\n\n*Allowed values* : One or more of `SFTP` , `FTPS` , `FTP` , `AS2`", "title": "Protocols", "type": "array" }, "S3StorageOptions": { "$ref": "#/definitions/AWS::Transfer::Server.S3StorageOptions", "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", "title": "S3StorageOptions" }, "SecurityPolicyName": { "markdownDescription": "Specifies the name of the security policy for the server.", "title": "SecurityPolicyName", "type": "string" }, "StructuredLogDestinations": { "items": { "$ref": "#/definitions/AWS::Transfer::Server.StructuredLogDestination" }, "markdownDescription": "Specifies the log groups to which your server logs are sent.\n\nTo specify a log group, you must provide the ARN for an existing log group. In this case, the format of the log group is as follows:\n\n`arn:aws:logs:region-name:amazon-account-id:log-group:log-group-name:*`\n\nFor example, `arn:aws:logs:us-east-1:111122223333:log-group:mytestgroup:*`\n\nIf you have previously specified a log group for a server, you can clear it, and in effect turn off structured logging, by providing an empty value for this parameter in an `update-server` call. For example:\n\n`update-server --server-id s-1234567890abcdef0 --structured-log-destinations`", "title": "StructuredLogDestinations", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for servers.", "title": "Tags", "type": "array" }, "WorkflowDetails": { "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetails", "markdownDescription": "Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow.\n\nIn addition to a workflow to execute when a file is uploaded completely, `WorkflowDetails` can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.", "title": "WorkflowDetails" } }, "type": "object" }, "Type": { "enum": [ "AWS::Transfer::Server" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::Transfer::Server.As2Transport": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Transfer::Server.EndpointDetails": { "additionalProperties": false, "properties": { "AddressAllocationIds": { "items": { "type": "string" }, "markdownDescription": "A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.\n\nAn address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API.\n\nThis parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) .\n\n> This property can only be set as follows:\n> \n> - `EndpointType` must be set to `VPC`\n> - The Transfer Family server must be offline.\n> - You cannot set this parameter for Transfer Family servers that use the FTP protocol.\n> - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously).\n> - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs.\n> - Call the `UpdateServer` API to set or change this parameter.", "title": "AddressAllocationIds", "type": "array" }, "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "A list of security groups IDs that are available to attach to your server's endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC` .\n> \n> You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API.", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "A list of subnet IDs that are required to host your server endpoint in your VPC.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", "title": "SubnetIds", "type": "array" }, "VpcEndpointId": { "markdownDescription": "The ID of the VPC endpoint.\n\n> This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` .", "title": "VpcEndpointId", "type": "string" }, "VpcId": { "markdownDescription": "The VPC ID of the virtual private cloud in which the server's endpoint will be hosted.\n\n> This property can only be set when `EndpointType` is set to `VPC` .", "title": "VpcId", "type": "string" } }, "type": "object" }, "AWS::Transfer::Server.IdentityProviderDetails": { "additionalProperties": false, "properties": { "DirectoryId": { "markdownDescription": "The identifier of the AWS Directory Service directory that you want to use as your identity provider.", "title": "DirectoryId", "type": "string" }, "Function": { "markdownDescription": "The ARN for a Lambda function to use for the Identity provider.", "title": "Function", "type": "string" }, "InvocationRole": { "markdownDescription": "This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account.", "title": "InvocationRole", "type": "string" }, "SftpAuthenticationMethods": { "markdownDescription": "For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both.\n\n- `PASSWORD` - users must provide their password to connect.\n- `PUBLIC_KEY` - users must provide their private key to connect.\n- `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value.\n- `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails.", "title": "SftpAuthenticationMethods", "type": "string" }, "Url": { "markdownDescription": "Provides the location of the service endpoint used to authenticate users.", "title": "Url", "type": "string" } }, "type": "object" }, "AWS::Transfer::Server.Protocol": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Transfer::Server.ProtocolDetails": { "additionalProperties": false, "properties": { "As2Transports": { "items": { "$ref": "#/definitions/AWS::Transfer::Server.As2Transport" }, "markdownDescription": "List of `As2Transport` objects.", "title": "As2Transports", "type": "array" }, "PassiveIp": { "markdownDescription": "Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:\n\n`aws transfer update-server --protocol-details PassiveIp=0.0.0.0`\n\nReplace `0.0.0.0` in the example above with the actual IP address you want to use.\n\n> If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . \n\n*Special values*\n\nThe `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response.", "title": "PassiveIp", "type": "string" }, "SetStatOption": { "markdownDescription": "Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket.\n\nSome SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded.\n\nSet the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call.\n\n> If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family.", "title": "SetStatOption", "type": "string" }, "TlsSessionResumptionMode": { "markdownDescription": "A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default.\n\n- `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request.\n- `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.\n- `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients.\n\n> Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients.", "title": "TlsSessionResumptionMode", "type": "string" } }, "type": "object" }, "AWS::Transfer::Server.S3StorageOptions": { "additionalProperties": false, "properties": { "DirectoryListingOptimization": { "markdownDescription": "Specifies whether or not performance for your Amazon S3 directories is optimized. This is disabled by default.\n\nBy default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target.", "title": "DirectoryListingOptimization", "type": "string" } }, "type": "object" }, "AWS::Transfer::Server.StructuredLogDestination": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Transfer::Server.WorkflowDetail": { "additionalProperties": false, "properties": { "ExecutionRole": { "markdownDescription": "Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources", "title": "ExecutionRole", "type": "string" }, "WorkflowId": { "markdownDescription": "A unique identifier for the workflow.", "title": "WorkflowId", "type": "string" } }, "required": [ "ExecutionRole", "WorkflowId" ], "type": "object" }, "AWS::Transfer::Server.WorkflowDetails": { "additionalProperties": false, "properties": { "OnPartialUpload": { "items": { "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, "markdownDescription": "A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload.\n\nA *partial upload* occurs when a file is open when the session disconnects.\n\n> `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object.", "title": "OnPartialUpload", "type": "array" }, "OnUpload": { "items": { "$ref": "#/definitions/AWS::Transfer::Server.WorkflowDetail" }, "markdownDescription": "A trigger that starts a workflow: the workflow begins to execute after a file is uploaded.\n\nTo remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example.\n\n`aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{\"OnUpload\":[]}'`\n\n> `OnUpload` can contain a maximum of one `WorkflowDetail` object.", "title": "OnUpload", "type": "array" } }, "type": "object" }, "AWS::Transfer::User": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "HomeDirectory": { "markdownDescription": "The landing directory (folder) for a user when they log in to the server using the client.\n\nA `HomeDirectory` example is `/bucket_name/home/mydirectory` .\n\n> The `HomeDirectory` parameter is only used if `HomeDirectoryType` is set to `PATH` .", "title": "HomeDirectory", "type": "string" }, "HomeDirectoryMappings": { "items": { "$ref": "#/definitions/AWS::Transfer::User.HomeDirectoryMapEntry" }, "markdownDescription": "Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the `Entry` and `Target` pair, where `Entry` shows how the path is made visible and `Target` is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your AWS Identity and Access Management (IAM) role provides access to paths in `Target` . This value can be set only when `HomeDirectoryType` is set to *LOGICAL* .\n\nThe following is an `Entry` and `Target` pair example.\n\n`[ { \"Entry\": \"/directory1\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`\n\nIn most cases, you can use this value instead of the session policy to lock your user down to the designated home directory (\" `chroot` \"). To do this, you can set `Entry` to `/` and set `Target` to the value the user should see for their home directory when they log in.\n\nThe following is an `Entry` and `Target` pair example for `chroot` .\n\n`[ { \"Entry\": \"/\", \"Target\": \"/bucket_name/home/mydirectory\" } ]`", "title": "HomeDirectoryMappings", "type": "array" }, "HomeDirectoryType": { "markdownDescription": "The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to `PATH` , the user will see the absolute Amazon S3 bucket or Amazon EFS path as is in their file transfer protocol clients. If you set it to `LOGICAL` , you need to provide mappings in the `HomeDirectoryMappings` for how you want to make Amazon S3 or Amazon EFS paths visible to your users.\n\n> If `HomeDirectoryType` is `LOGICAL` , you must provide mappings, using the `HomeDirectoryMappings` parameter. If, on the other hand, `HomeDirectoryType` is `PATH` , you provide an absolute path using the `HomeDirectory` parameter. You cannot have both `HomeDirectory` and `HomeDirectoryMappings` in your template.", "title": "HomeDirectoryType", "type": "string" }, "Policy": { "markdownDescription": "A session policy for your user so you can use the same IAM role across multiple users. This policy restricts user access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include `${Transfer:UserName}` , `${Transfer:HomeDirectory}` , and `${Transfer:HomeBucket}` .\n\n> For session policies, AWS Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the `Policy` argument.\n> \n> For an example of a session policy, see [Example session policy](https://docs.aws.amazon.com/transfer/latest/userguide/session-policy.html) .\n> \n> For more information, see [AssumeRole](https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html) in the *AWS Security Token Service API Reference* .", "title": "Policy", "type": "string" }, "PosixProfile": { "$ref": "#/definitions/AWS::Transfer::User.PosixProfile", "markdownDescription": "Specifies the full POSIX identity, including user ID ( `Uid` ), group ID ( `Gid` ), and any secondary groups IDs ( `SecondaryGids` ), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.", "title": "PosixProfile" }, "Role": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that controls your users' access to your Amazon S3 bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust relationship that allows the server to access your resources when servicing your users' transfer requests.", "title": "Role", "type": "string" }, "ServerId": { "markdownDescription": "A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.", "title": "ServerId", "type": "string" }, "SshPublicKeys": { "items": { "$ref": "#/definitions/AWS::Transfer::User.SshPublicKey" }, "markdownDescription": "Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.", "title": "SshPublicKeys", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.", "title": "Tags", "type": "array" }, "UserName": { "markdownDescription": "A unique string that identifies a user and is associated with a `ServerId` . This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.", "title": "UserName", "type": "string" } }, "required": [ "Role", "ServerId", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::Transfer::User" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Transfer::User.HomeDirectoryMapEntry": { "additionalProperties": false, "properties": { "Entry": { "markdownDescription": "Represents an entry for `HomeDirectoryMappings` .", "title": "Entry", "type": "string" }, "Target": { "markdownDescription": "Represents the map target that is used in a `HomeDirectoryMapEntry` .", "title": "Target", "type": "string" }, "Type": { "markdownDescription": "Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory.\n\n> By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target.", "title": "Type", "type": "string" } }, "required": [ "Entry", "Target" ], "type": "object" }, "AWS::Transfer::User.PosixProfile": { "additionalProperties": false, "properties": { "Gid": { "markdownDescription": "The POSIX group ID used for all EFS operations by this user.", "title": "Gid", "type": "number" }, "SecondaryGids": { "items": { "type": "number" }, "markdownDescription": "The secondary POSIX group IDs used for all EFS operations by this user.", "title": "SecondaryGids", "type": "array" }, "Uid": { "markdownDescription": "The POSIX user ID used for all EFS operations by this user.", "title": "Uid", "type": "number" } }, "required": [ "Gid", "Uid" ], "type": "object" }, "AWS::Transfer::User.SshPublicKey": { "additionalProperties": false, "properties": {}, "type": "object" }, "AWS::Transfer::Workflow": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Specifies the text description for the workflow.", "title": "Description", "type": "string" }, "OnExceptionSteps": { "items": { "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, "markdownDescription": "Specifies the steps (actions) to take if errors are encountered during execution of the workflow.", "title": "OnExceptionSteps", "type": "array" }, "Steps": { "items": { "$ref": "#/definitions/AWS::Transfer::Workflow.WorkflowStep" }, "markdownDescription": "Specifies the details for the steps that are in the specified workflow.", "title": "Steps", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.", "title": "Tags", "type": "array" } }, "required": [ "Steps" ], "type": "object" }, "Type": { "enum": [ "AWS::Transfer::Workflow" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Transfer::Workflow.CopyStepDetails": { "additionalProperties": false, "properties": { "DestinationFileLocation": { "$ref": "#/definitions/AWS::Transfer::Workflow.S3FileLocation", "markdownDescription": "Specifies the location for the file being copied. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to copy uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", "title": "DestinationFileLocation" }, "Name": { "markdownDescription": "The name of the step, used as an identifier.", "title": "Name", "type": "string" }, "OverwriteExisting": { "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", "title": "OverwriteExisting", "type": "string" }, "SourceFileLocation": { "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", "title": "SourceFileLocation", "type": "string" } }, "type": "object" }, "AWS::Transfer::Workflow.CustomStepDetails": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the step, used as an identifier.", "title": "Name", "type": "string" }, "SourceFileLocation": { "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", "title": "SourceFileLocation", "type": "string" }, "Target": { "markdownDescription": "The ARN for the Lambda function that is being called.", "title": "Target", "type": "string" }, "TimeoutSeconds": { "markdownDescription": "Timeout, in seconds, for the step.", "title": "TimeoutSeconds", "type": "number" } }, "type": "object" }, "AWS::Transfer::Workflow.DecryptStepDetails": { "additionalProperties": false, "properties": { "DestinationFileLocation": { "$ref": "#/definitions/AWS::Transfer::Workflow.InputFileLocation", "markdownDescription": "Specifies the location for the file being decrypted. Use `${Transfer:UserName}` or `${Transfer:UploadDate}` in this field to parametrize the destination prefix by username or uploaded date.\n\n- Set the value of `DestinationFileLocation` to `${Transfer:UserName}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the name of the Transfer Family user that uploaded the file.\n- Set the value of `DestinationFileLocation` to `${Transfer:UploadDate}` to decrypt uploaded files to an Amazon S3 bucket that is prefixed with the date of the upload.\n\n> The system resolves `UploadDate` to a date format of *YYYY-MM-DD* , based on the date the file is uploaded in UTC.", "title": "DestinationFileLocation" }, "Name": { "markdownDescription": "The name of the step, used as an identifier.", "title": "Name", "type": "string" }, "OverwriteExisting": { "markdownDescription": "A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n\nIf the workflow is processing a file that has the same name as an existing file, the behavior is as follows:\n\n- If `OverwriteExisting` is `TRUE` , the existing file is replaced with the file being processed.\n- If `OverwriteExisting` is `FALSE` , nothing happens, and the workflow processing stops.", "title": "OverwriteExisting", "type": "string" }, "SourceFileLocation": { "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", "title": "SourceFileLocation", "type": "string" }, "Type": { "markdownDescription": "The type of encryption used. Currently, this value must be `PGP` .", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::Transfer::Workflow.DeleteStepDetails": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the step, used as an identifier.", "title": "Name", "type": "string" }, "SourceFileLocation": { "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", "title": "SourceFileLocation", "type": "string" } }, "type": "object" }, "AWS::Transfer::Workflow.EfsInputFileLocation": { "additionalProperties": false, "properties": { "FileSystemId": { "markdownDescription": "The identifier of the file system, assigned by Amazon EFS.", "title": "FileSystemId", "type": "string" }, "Path": { "markdownDescription": "The pathname for the folder being used by a workflow.", "title": "Path", "type": "string" } }, "type": "object" }, "AWS::Transfer::Workflow.InputFileLocation": { "additionalProperties": false, "properties": { "EfsFileLocation": { "$ref": "#/definitions/AWS::Transfer::Workflow.EfsInputFileLocation", "markdownDescription": "Specifies the details for the Amazon Elastic File System (Amazon EFS) file that's being decrypted.", "title": "EfsFileLocation" }, "S3FileLocation": { "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", "markdownDescription": "Specifies the details for the Amazon S3 file that's being copied or decrypted.", "title": "S3FileLocation" } }, "type": "object" }, "AWS::Transfer::Workflow.S3FileLocation": { "additionalProperties": false, "properties": { "S3FileLocation": { "$ref": "#/definitions/AWS::Transfer::Workflow.S3InputFileLocation", "markdownDescription": "Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage.", "title": "S3FileLocation" } }, "type": "object" }, "AWS::Transfer::Workflow.S3InputFileLocation": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "Specifies the S3 bucket for the customer input file.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.", "title": "Key", "type": "string" } }, "type": "object" }, "AWS::Transfer::Workflow.S3Tag": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The name assigned to the tag that you create.", "title": "Key", "type": "string" }, "Value": { "markdownDescription": "The value that corresponds to the key.", "title": "Value", "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "AWS::Transfer::Workflow.TagStepDetails": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the step, used as an identifier.", "title": "Name", "type": "string" }, "SourceFileLocation": { "markdownDescription": "Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.\n\n- To use the previous file as the input, enter `${previous.file}` . In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.\n- To use the originally uploaded file location as input for this step, enter `${original.file}` .", "title": "SourceFileLocation", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/AWS::Transfer::Workflow.S3Tag" }, "markdownDescription": "Array that contains from 1 to 10 key/value pairs.", "title": "Tags", "type": "array" } }, "type": "object" }, "AWS::Transfer::Workflow.WorkflowStep": { "additionalProperties": false, "properties": { "CopyStepDetails": { "$ref": "#/definitions/AWS::Transfer::Workflow.CopyStepDetails", "markdownDescription": "Details for a step that performs a file copy.\n\nConsists of the following values:\n\n- A description\n- An Amazon S3 location for the destination of the file copy.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .", "title": "CopyStepDetails" }, "CustomStepDetails": { "$ref": "#/definitions/AWS::Transfer::Workflow.CustomStepDetails", "markdownDescription": "Details for a step that invokes an AWS Lambda function.\n\nConsists of the Lambda function's name, target, and timeout (in seconds).", "title": "CustomStepDetails" }, "DecryptStepDetails": { "$ref": "#/definitions/AWS::Transfer::Workflow.DecryptStepDetails", "markdownDescription": "Details for a step that decrypts an encrypted file.\n\nConsists of the following values:\n\n- A descriptive name\n- An Amazon S3 or Amazon Elastic File System (Amazon EFS) location for the source file to decrypt.\n- An S3 or Amazon EFS location for the destination of the file decryption.\n- A flag that indicates whether to overwrite an existing file of the same name. The default is `FALSE` .\n- The type of encryption that's used. Currently, only PGP encryption is supported.", "title": "DecryptStepDetails" }, "DeleteStepDetails": { "$ref": "#/definitions/AWS::Transfer::Workflow.DeleteStepDetails", "markdownDescription": "Details for a step that deletes the file.", "title": "DeleteStepDetails" }, "TagStepDetails": { "$ref": "#/definitions/AWS::Transfer::Workflow.TagStepDetails", "markdownDescription": "Details for a step that creates one or more tags.\n\nYou specify one or more tags. Each tag contains a key-value pair.", "title": "TagStepDetails" }, "Type": { "markdownDescription": "Currently, the following step types are supported.\n\n- *`COPY`* - Copy the file to another location.\n- *`CUSTOM`* - Perform a custom step with an AWS Lambda function target.\n- *`DECRYPT`* - Decrypt a file that was encrypted before it was uploaded.\n- *`DELETE`* - Delete the file.\n- *`TAG`* - Add a tag to the file.", "title": "Type", "type": "string" } }, "type": "object" }, "AWS::VerifiedPermissions::IdentitySource": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Configuration": { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration", "markdownDescription": "Contains configuration information used when creating a new identity source.", "title": "Configuration" }, "PolicyStoreId": { "markdownDescription": "Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.", "title": "PolicyStoreId", "type": "string" }, "PrincipalEntityType": { "markdownDescription": "Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.", "title": "PrincipalEntityType", "type": "string" } }, "required": [ "Configuration", "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ "AWS::VerifiedPermissions::IdentitySource" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration": { "additionalProperties": false, "properties": { "GroupEntityType": { "markdownDescription": "The name of the schema entity type that's mapped to the user pool group. Defaults to `AWS::CognitoGroup` .", "title": "GroupEntityType", "type": "string" } }, "required": [ "GroupEntityType" ], "type": "object" }, "AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration": { "additionalProperties": false, "properties": { "ClientIds": { "items": { "type": "string" }, "markdownDescription": "The unique application client IDs that are associated with the specified Amazon Cognito user pool.\n\nExample: `\"ClientIds\": [\"&ExampleCogClientId;\"]`", "title": "ClientIds", "type": "array" }, "GroupConfiguration": { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoGroupConfiguration", "markdownDescription": "The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.", "title": "GroupConfiguration" }, "UserPoolArn": { "markdownDescription": "The [Amazon Resource Name (ARN)](https://docs.aws.amazon.com//general/latest/gr/aws-arns-and-namespaces.html) of the Amazon Cognito user pool that contains the identities to be authorized.", "title": "UserPoolArn", "type": "string" } }, "required": [ "UserPoolArn" ], "type": "object" }, "AWS::VerifiedPermissions::IdentitySource.IdentitySourceConfiguration": { "additionalProperties": false, "properties": { "CognitoUserPoolConfiguration": { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource.CognitoUserPoolConfiguration", "markdownDescription": "A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions .", "title": "CognitoUserPoolConfiguration" } }, "required": [ "CognitoUserPoolConfiguration" ], "type": "object" }, "AWS::VerifiedPermissions::Policy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Definition": { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.PolicyDefinition", "markdownDescription": "Specifies the policy type and content to use for the new or updated policy. The definition structure must include either a `Static` or a `TemplateLinked` element.", "title": "Definition" }, "PolicyStoreId": { "markdownDescription": "Specifies the `PolicyStoreId` of the policy store you want to store the policy in.", "title": "PolicyStoreId", "type": "string" } }, "required": [ "Definition", "PolicyStoreId" ], "type": "object" }, "Type": { "enum": [ "AWS::VerifiedPermissions::Policy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VerifiedPermissions::Policy.EntityIdentifier": { "additionalProperties": false, "properties": { "EntityId": { "markdownDescription": "The identifier of an entity.\n\n`\"entityId\":\" *identifier* \"`", "title": "EntityId", "type": "string" }, "EntityType": { "markdownDescription": "The type of an entity.\n\nExample: `\"entityType\":\" *typeName* \"`", "title": "EntityType", "type": "string" } }, "required": [ "EntityId", "EntityType" ], "type": "object" }, "AWS::VerifiedPermissions::Policy.PolicyDefinition": { "additionalProperties": false, "properties": { "Static": { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.StaticPolicyDefinition", "markdownDescription": "A structure that describes a static policy. An static policy doesn't use a template or allow placeholders for entities.", "title": "Static" }, "TemplateLinked": { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition", "markdownDescription": "A structure that describes a policy that was instantiated from a template. The template can specify placeholders for `principal` and `resource` . When you use [CreatePolicy](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_CreatePolicy.html) to create a policy from a template, you specify the exact principal and resource to use for the instantiated policy.", "title": "TemplateLinked" } }, "type": "object" }, "AWS::VerifiedPermissions::Policy.StaticPolicyDefinition": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the static policy.", "title": "Description", "type": "string" }, "Statement": { "markdownDescription": "The policy content of the static policy, written in the Cedar policy language.", "title": "Statement", "type": "string" } }, "required": [ "Statement" ], "type": "object" }, "AWS::VerifiedPermissions::Policy.TemplateLinkedPolicyDefinition": { "additionalProperties": false, "properties": { "PolicyTemplateId": { "markdownDescription": "The unique identifier of the policy template used to create this policy.", "title": "PolicyTemplateId", "type": "string" }, "Principal": { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", "markdownDescription": "The principal associated with this template-linked policy. Verified Permissions substitutes this principal for the `?principal` placeholder in the policy template when it evaluates an authorization request.", "title": "Principal" }, "Resource": { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy.EntityIdentifier", "markdownDescription": "The resource associated with this template-linked policy. Verified Permissions substitutes this resource for the `?resource` placeholder in the policy template when it evaluates an authorization request.", "title": "Resource" } }, "required": [ "PolicyTemplateId" ], "type": "object" }, "AWS::VerifiedPermissions::PolicyStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "Descriptive text that you can provide to help with identification of the current policy store.", "title": "Description", "type": "string" }, "Schema": { "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.SchemaDefinition", "markdownDescription": "Creates or updates the policy schema in a policy store. Cedar can use the schema to validate any Cedar policies and policy templates submitted to the policy store. Any changes to the schema validate only policies and templates submitted after the schema change. Existing policies and templates are not re-evaluated against the changed schema. If you later update a policy, then it is evaluated against the new schema at that time.", "title": "Schema" }, "ValidationSettings": { "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore.ValidationSettings", "markdownDescription": "Specifies the validation setting for this policy store.\n\nCurrently, the only valid and required value is `Mode` .\n\n> We recommend that you turn on `STRICT` mode only after you define a schema. If a schema doesn't exist, then `STRICT` mode causes any policy to fail validation, and Verified Permissions rejects the policy. You can turn off validation by using the [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) . Then, when you have a schema defined, use [UpdatePolicyStore](https://docs.aws.amazon.com/verifiedpermissions/latest/apireference/API_UpdatePolicyStore) again to turn validation back on.", "title": "ValidationSettings" } }, "required": [ "ValidationSettings" ], "type": "object" }, "Type": { "enum": [ "AWS::VerifiedPermissions::PolicyStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VerifiedPermissions::PolicyStore.SchemaDefinition": { "additionalProperties": false, "properties": { "CedarJson": { "markdownDescription": "A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide.", "title": "CedarJson", "type": "string" } }, "type": "object" }, "AWS::VerifiedPermissions::PolicyStore.ValidationSettings": { "additionalProperties": false, "properties": { "Mode": { "markdownDescription": "The validation mode currently configured for this policy store. The valid values are:\n\n- *OFF* \u2013 Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service.\n- *STRICT* \u2013 Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store.\n\n> If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against.\n> \n> To submit a static policy or policy template without a schema, you must turn off validation.", "title": "Mode", "type": "string" } }, "required": [ "Mode" ], "type": "object" }, "AWS::VerifiedPermissions::PolicyTemplate": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description to attach to the new or updated policy template.", "title": "Description", "type": "string" }, "PolicyStoreId": { "markdownDescription": "The unique identifier of the policy store that contains the template.", "title": "PolicyStoreId", "type": "string" }, "Statement": { "markdownDescription": "Specifies the content that you want to use for the new policy template, written in the Cedar policy language.", "title": "Statement", "type": "string" } }, "required": [ "PolicyStoreId", "Statement" ], "type": "object" }, "Type": { "enum": [ "AWS::VerifiedPermissions::PolicyTemplate" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VoiceID::Domain": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the domain.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name for the domain.", "title": "Name", "type": "string" }, "ServerSideEncryptionConfiguration": { "$ref": "#/definitions/AWS::VoiceID::Domain.ServerSideEncryptionConfiguration", "markdownDescription": "The server-side encryption configuration containing the KMS key identifier you want Voice ID to use to encrypt your data.", "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "Name", "ServerSideEncryptionConfiguration" ], "type": "object" }, "Type": { "enum": [ "AWS::VoiceID::Domain" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VoiceID::Domain.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys.", "title": "KmsKeyId", "type": "string" } }, "required": [ "KmsKeyId" ], "type": "object" }, "AWS::VpcLattice::AccessLogSubscription": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DestinationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.", "title": "DestinationArn", "type": "string" }, "ResourceIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service network or service.", "title": "ResourceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the access log subscription.", "title": "Tags", "type": "array" } }, "required": [ "DestinationArn" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::AccessLogSubscription" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::AuthPolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Policy": { "markdownDescription": "The auth policy.", "title": "Policy", "type": "object" }, "ResourceIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.", "title": "ResourceIdentifier", "type": "string" } }, "required": [ "Policy", "ResourceIdentifier" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::AuthPolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::Listener": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultAction": { "$ref": "#/definitions/AWS::VpcLattice::Listener.DefaultAction", "markdownDescription": "The action for the default rule. Each listener has a default rule. The default rule is used if no other rules match.", "title": "DefaultAction" }, "Name": { "markdownDescription": "The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, "Port": { "markdownDescription": "The listener port. You can specify a value from 1 to 65535. For HTTP, the default is 80. For HTTPS, the default is 443.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The listener protocol.", "title": "Protocol", "type": "string" }, "ServiceIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service.", "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the listener.", "title": "Tags", "type": "array" } }, "required": [ "DefaultAction", "Protocol" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::Listener" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::Listener.DefaultAction": { "additionalProperties": false, "properties": { "FixedResponse": { "$ref": "#/definitions/AWS::VpcLattice::Listener.FixedResponse", "markdownDescription": "Describes an action that returns a custom HTTP response.", "title": "FixedResponse" }, "Forward": { "$ref": "#/definitions/AWS::VpcLattice::Listener.Forward", "markdownDescription": "Describes a forward action. You can use forward actions to route requests to one or more target groups.", "title": "Forward" } }, "type": "object" }, "AWS::VpcLattice::Listener.FixedResponse": { "additionalProperties": false, "properties": { "StatusCode": { "markdownDescription": "The HTTP response code.", "title": "StatusCode", "type": "number" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::VpcLattice::Listener.Forward": { "additionalProperties": false, "properties": { "TargetGroups": { "items": { "$ref": "#/definitions/AWS::VpcLattice::Listener.WeightedTargetGroup" }, "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", "title": "TargetGroups", "type": "array" } }, "required": [ "TargetGroups" ], "type": "object" }, "AWS::VpcLattice::Listener.WeightedTargetGroup": { "additionalProperties": false, "properties": { "TargetGroupIdentifier": { "markdownDescription": "The ID of the target group.", "title": "TargetGroupIdentifier", "type": "string" }, "Weight": { "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", "title": "Weight", "type": "number" } }, "required": [ "TargetGroupIdentifier" ], "type": "object" }, "AWS::VpcLattice::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Policy": { "markdownDescription": "The Amazon Resource Name (ARN) of the service network or service.", "title": "Policy", "type": "object" }, "ResourceArn": { "markdownDescription": "An IAM policy.", "title": "ResourceArn", "type": "string" } }, "required": [ "Policy", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::VpcLattice::Rule.Action", "markdownDescription": "Describes the action for a rule.", "title": "Action" }, "ListenerIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the listener.", "title": "ListenerIdentifier", "type": "string" }, "Match": { "$ref": "#/definitions/AWS::VpcLattice::Rule.Match", "markdownDescription": "The rule match.", "title": "Match" }, "Name": { "markdownDescription": "The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.", "title": "Priority", "type": "number" }, "ServiceIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service.", "title": "ServiceIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the rule.", "title": "Tags", "type": "array" } }, "required": [ "Action", "Match", "Priority" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::Rule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::Rule.Action": { "additionalProperties": false, "properties": { "FixedResponse": { "$ref": "#/definitions/AWS::VpcLattice::Rule.FixedResponse", "markdownDescription": "The fixed response action. The rule returns a custom HTTP response.", "title": "FixedResponse" }, "Forward": { "$ref": "#/definitions/AWS::VpcLattice::Rule.Forward", "markdownDescription": "The forward action. Traffic that matches the rule is forwarded to the specified target groups.", "title": "Forward" } }, "type": "object" }, "AWS::VpcLattice::Rule.FixedResponse": { "additionalProperties": false, "properties": { "StatusCode": { "markdownDescription": "The HTTP response code.", "title": "StatusCode", "type": "number" } }, "required": [ "StatusCode" ], "type": "object" }, "AWS::VpcLattice::Rule.Forward": { "additionalProperties": false, "properties": { "TargetGroups": { "items": { "$ref": "#/definitions/AWS::VpcLattice::Rule.WeightedTargetGroup" }, "markdownDescription": "The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.\n\nThe default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group.", "title": "TargetGroups", "type": "array" } }, "required": [ "TargetGroups" ], "type": "object" }, "AWS::VpcLattice::Rule.HeaderMatch": { "additionalProperties": false, "properties": { "CaseSensitive": { "markdownDescription": "Indicates whether the match is case sensitive.", "title": "CaseSensitive", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatchType", "markdownDescription": "The header match type.", "title": "Match" }, "Name": { "markdownDescription": "The name of the header.", "title": "Name", "type": "string" } }, "required": [ "Match", "Name" ], "type": "object" }, "AWS::VpcLattice::Rule.HeaderMatchType": { "additionalProperties": false, "properties": { "Contains": { "markdownDescription": "A contains type match.", "title": "Contains", "type": "string" }, "Exact": { "markdownDescription": "An exact type match.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "A prefix type match. Matches the value with the prefix.", "title": "Prefix", "type": "string" } }, "type": "object" }, "AWS::VpcLattice::Rule.HttpMatch": { "additionalProperties": false, "properties": { "HeaderMatches": { "items": { "$ref": "#/definitions/AWS::VpcLattice::Rule.HeaderMatch" }, "markdownDescription": "The header matches. Matches incoming requests with rule based on request header value before applying rule action.", "title": "HeaderMatches", "type": "array" }, "Method": { "markdownDescription": "The HTTP method type.", "title": "Method", "type": "string" }, "PathMatch": { "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatch", "markdownDescription": "The path match.", "title": "PathMatch" } }, "type": "object" }, "AWS::VpcLattice::Rule.Match": { "additionalProperties": false, "properties": { "HttpMatch": { "$ref": "#/definitions/AWS::VpcLattice::Rule.HttpMatch", "markdownDescription": "The HTTP criteria that a rule must match.", "title": "HttpMatch" } }, "required": [ "HttpMatch" ], "type": "object" }, "AWS::VpcLattice::Rule.PathMatch": { "additionalProperties": false, "properties": { "CaseSensitive": { "markdownDescription": "Indicates whether the match is case sensitive.", "title": "CaseSensitive", "type": "boolean" }, "Match": { "$ref": "#/definitions/AWS::VpcLattice::Rule.PathMatchType", "markdownDescription": "The type of path match.", "title": "Match" } }, "required": [ "Match" ], "type": "object" }, "AWS::VpcLattice::Rule.PathMatchType": { "additionalProperties": false, "properties": { "Exact": { "markdownDescription": "An exact match of the path.", "title": "Exact", "type": "string" }, "Prefix": { "markdownDescription": "A prefix match of the path.", "title": "Prefix", "type": "string" } }, "type": "object" }, "AWS::VpcLattice::Rule.WeightedTargetGroup": { "additionalProperties": false, "properties": { "TargetGroupIdentifier": { "markdownDescription": "The ID of the target group.", "title": "TargetGroupIdentifier", "type": "string" }, "Weight": { "markdownDescription": "Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.", "title": "Weight", "type": "number" } }, "required": [ "TargetGroupIdentifier" ], "type": "object" }, "AWS::VpcLattice::Service": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthType": { "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", "title": "AuthType", "type": "string" }, "CertificateArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the certificate.", "title": "CertificateArn", "type": "string" }, "CustomDomainName": { "markdownDescription": "The custom domain name of the service.", "title": "CustomDomainName", "type": "string" }, "DnsEntry": { "$ref": "#/definitions/AWS::VpcLattice::Service.DnsEntry", "markdownDescription": "The DNS information of the service.", "title": "DnsEntry" }, "Name": { "markdownDescription": "The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the service.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::Service" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::VpcLattice::Service.DnsEntry": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The domain name of the service.", "title": "DomainName", "type": "string" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone.", "title": "HostedZoneId", "type": "string" } }, "type": "object" }, "AWS::VpcLattice::ServiceNetwork": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthType": { "markdownDescription": "The type of IAM policy.\n\n- `NONE` : The resource does not use an IAM policy. This is the default.\n- `AWS_IAM` : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.", "title": "AuthType", "type": "string" }, "Name": { "markdownDescription": "The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the service network.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::ServiceNetwork" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::VpcLattice::ServiceNetworkServiceAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DnsEntry": { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry", "markdownDescription": "The DNS information of the service.", "title": "DnsEntry" }, "ServiceIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service.", "title": "ServiceIdentifier", "type": "string" }, "ServiceNetworkIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.", "title": "ServiceNetworkIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the association.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::ServiceNetworkServiceAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::VpcLattice::ServiceNetworkServiceAssociation.DnsEntry": { "additionalProperties": false, "properties": { "DomainName": { "markdownDescription": "The domain name of the service.", "title": "DomainName", "type": "string" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone.", "title": "HostedZoneId", "type": "string" } }, "type": "object" }, "AWS::VpcLattice::ServiceNetworkVpcAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see [Control traffic to resources using security groups](https://docs.aws.amazon.com//vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* .", "title": "SecurityGroupIds", "type": "array" }, "ServiceNetworkIdentifier": { "markdownDescription": "The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN when the resources specified in the operation are in different accounts.", "title": "ServiceNetworkIdentifier", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the association.", "title": "Tags", "type": "array" }, "VpcIdentifier": { "markdownDescription": "The ID of the VPC.", "title": "VpcIdentifier", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::ServiceNetworkVpcAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::VpcLattice::TargetGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Config": { "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.TargetGroupConfig", "markdownDescription": "The target group configuration.", "title": "Config" }, "Name": { "markdownDescription": "The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.\n\nIf you don't specify a name, CloudFormation generates one. However, if you specify a name, and later want to replace the resource, you must specify a new name.", "title": "Name", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the target group.", "title": "Tags", "type": "array" }, "Targets": { "items": { "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Target" }, "markdownDescription": "Describes a target.", "title": "Targets", "type": "array" }, "Type": { "markdownDescription": "The type of target group.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::VpcLattice::TargetGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::VpcLattice::TargetGroup.HealthCheckConfig": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether health checking is enabled.", "title": "Enabled", "type": "boolean" }, "HealthCheckIntervalSeconds": { "markdownDescription": "The approximate amount of time, in seconds, between health checks of an individual target. The range is 5\u2013300 seconds. The default is 30 seconds.", "title": "HealthCheckIntervalSeconds", "type": "number" }, "HealthCheckTimeoutSeconds": { "markdownDescription": "The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1\u2013120 seconds. The default is 5 seconds.", "title": "HealthCheckTimeoutSeconds", "type": "number" }, "HealthyThresholdCount": { "markdownDescription": "The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2\u201310. The default is 5.", "title": "HealthyThresholdCount", "type": "number" }, "Matcher": { "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.Matcher", "markdownDescription": "The codes to use when checking for a successful response from a target.", "title": "Matcher" }, "Path": { "markdownDescription": "The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI.", "title": "Path", "type": "string" }, "Port": { "markdownDescription": "The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` .", "title": "Protocol", "type": "string" }, "ProtocolVersion": { "markdownDescription": "The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` .", "title": "ProtocolVersion", "type": "string" }, "UnhealthyThresholdCount": { "markdownDescription": "The number of consecutive failed health checks required before considering a target unhealthy. The range is 2\u201310. The default is 2.", "title": "UnhealthyThresholdCount", "type": "number" } }, "type": "object" }, "AWS::VpcLattice::TargetGroup.Matcher": { "additionalProperties": false, "properties": { "HttpCode": { "markdownDescription": "The HTTP code to use when checking for a successful response from a target.", "title": "HttpCode", "type": "string" } }, "required": [ "HttpCode" ], "type": "object" }, "AWS::VpcLattice::TargetGroup.Target": { "additionalProperties": false, "properties": { "Id": { "markdownDescription": "The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer.", "title": "Id", "type": "string" }, "Port": { "markdownDescription": "The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443.", "title": "Port", "type": "number" } }, "required": [ "Id" ], "type": "object" }, "AWS::VpcLattice::TargetGroup.TargetGroupConfig": { "additionalProperties": false, "properties": { "HealthCheck": { "$ref": "#/definitions/AWS::VpcLattice::TargetGroup.HealthCheckConfig", "markdownDescription": "The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` .", "title": "HealthCheck" }, "IpAddressType": { "markdownDescription": "The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` .", "title": "IpAddressType", "type": "string" }, "LambdaEventStructureVersion": { "markdownDescription": "The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` .", "title": "LambdaEventStructureVersion", "type": "string" }, "Port": { "markdownDescription": "The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` .", "title": "Port", "type": "number" }, "Protocol": { "markdownDescription": "The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` .", "title": "Protocol", "type": "string" }, "ProtocolVersion": { "markdownDescription": "The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` .", "title": "ProtocolVersion", "type": "string" }, "VpcIdentifier": { "markdownDescription": "The ID of the VPC. Not supported if the target group type is `LAMBDA` .", "title": "VpcIdentifier", "type": "string" } }, "type": "object" }, "AWS::WAF::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ByteMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAF::ByteMatchSet.ByteMatchTuple" }, "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", "title": "ByteMatchTuples", "type": "array" }, "Name": { "markdownDescription": "The name of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::ByteMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAF::ByteMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "PositionalConstraint": { "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", "title": "PositionalConstraint", "type": "string" }, "TargetString": { "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", "title": "TargetString", "type": "string" }, "TargetStringBase64": { "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", "title": "TargetStringBase64", "type": "string" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "PositionalConstraint", "TextTransformation" ], "type": "object" }, "AWS::WAF::ByteMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAF::IPSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IPSetDescriptors": { "items": { "$ref": "#/definitions/AWS::WAF::IPSet.IPSetDescriptor" }, "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from. If the `WebACL` is associated with an Amazon CloudFront distribution and the viewer did not use an HTTP proxy or a load balancer to send the request, this is the value of the c-ip field in the CloudFront access logs.", "title": "IPSetDescriptors", "type": "array" }, "Name": { "markdownDescription": "The name of the `IPSet` . You can't change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::IPSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Specify `IPV4` or `IPV6` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::WAF::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "The name of the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", "title": "Name", "type": "string" }, "Predicates": { "items": { "$ref": "#/definitions/AWS::WAF::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", "type": "array" } }, "required": [ "MetricName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::Rule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", "title": "DataId", "type": "string" }, "Negated": { "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", "title": "Negated", "type": "boolean" }, "Type": { "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ "DataId", "Negated", "Type" ], "type": "object" }, "AWS::WAF::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", "title": "Name", "type": "string" }, "SizeConstraints": { "items": { "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", "type": "array" } }, "required": [ "Name", "SizeConstraints" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::SizeConstraintSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAF::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", "title": "ComparisonOperator", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAF::SizeConstraintSet.FieldToMatch", "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "Size": { "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "Size", "type": "number" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because Amazon CloudFront forwards only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } }, "required": [ "ComparisonOperator", "FieldToMatch", "Size", "TextTransformation" ], "type": "object" }, "AWS::WAF::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", "title": "Name", "type": "string" }, "SqlInjectionMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::SqlInjectionMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAF::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "TextTransformation" ], "type": "object" }, "AWS::WAF::WebACL": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultAction": { "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { "markdownDescription": "The name of the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::WAF::WebACL.ActivatedRule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", "type": "array" } }, "required": [ "DefaultAction", "MetricName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::WebACL" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::WebACL.ActivatedRule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::WAF::WebACL.WafAction", "markdownDescription": "Specifies the action that Amazon CloudFront or AWS WAF takes when a web request matches the conditions in the `Rule` . Valid values for `Action` include the following:\n\n- `ALLOW` : CloudFront responds with the requested object.\n- `BLOCK` : CloudFront responds with an HTTP 403 (Forbidden) status code.\n- `COUNT` : AWS WAF increments a counter of requests that match the conditions in the rule and then continues to inspect the web request based on the remaining rules in the web ACL.\n\n`ActivatedRule|OverrideAction` applies only when updating or adding a `RuleGroup` to a `WebACL` . In this case, you do not use `ActivatedRule|Action` . For all other update requests, `ActivatedRule|Action` is used instead of `ActivatedRule|OverrideAction` .", "title": "Action" }, "Priority": { "markdownDescription": "Specifies the order in which the `Rules` in a `WebACL` are evaluated. Rules with a lower value for `Priority` are evaluated before `Rules` with a higher value. The value must be a unique integer. If you add multiple `Rules` to a `WebACL` , the values don't need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { "markdownDescription": "The `RuleId` for a `Rule` . You use `RuleId` to get more information about a `Rule` , update a `Rule` , insert a `Rule` into a `WebACL` or delete a one from a `WebACL` , or delete a `Rule` from AWS WAF .\n\n`RuleId` is returned by `CreateRule` and by `ListRules` .", "title": "RuleId", "type": "string" } }, "required": [ "Priority", "RuleId" ], "type": "object" }, "AWS::WAF::WebACL.WafAction": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Specifies how you want AWS WAF to respond to requests that match the settings in a `Rule` . Valid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a `WebACL` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAF::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, "XssMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAF::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", "type": "array" } }, "required": [ "Name", "XssMatchTuples" ], "type": "object" }, "Type": { "enum": [ "AWS::WAF::XssMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAF::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform. Amazon CloudFront supports the following methods: `DELETE` , `GET` , `HEAD` , `OPTIONS` , `PATCH` , `POST` , and `PUT` .\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAF::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAF::XssMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "TextTransformation" ], "type": "object" }, "AWS::WAFRegional::ByteMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ByteMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.ByteMatchTuple" }, "markdownDescription": "Specifies the bytes (typically a string that corresponds with ASCII characters) that you want AWS WAF to search for in web requests, the location in requests that you want AWS WAF to search, and other settings.", "title": "ByteMatchTuples", "type": "array" }, "Name": { "markdownDescription": "A friendly name or description of the `ByteMatchSet` . You can't change `Name` after you create a `ByteMatchSet` .", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::ByteMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::ByteMatchSet.ByteMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "PositionalConstraint": { "markdownDescription": "Within the portion of a web request that you want to search (for example, in the query string, if any), specify where you want AWS WAF to search. Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `TargetString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `TargetString` , and `TargetString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `TargetString` must be a word, which means one of the following:\n\n- `TargetString` exactly matches the value of the specified part of the web request, such as the value of a header.\n- `TargetString` is at the beginning of the specified part of the web request and is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` .\n- `TargetString` is at the end of the specified part of the web request and is preceded by a character other than an alphanumeric character or underscore (_), for example, `;BadBot` .\n- `TargetString` is in the middle of the specified part of the web request and is preceded and followed by characters other than alphanumeric characters or underscore (_), for example, `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `TargetString` .\n\n*STARTS_WITH*\n\nThe value of `TargetString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `TargetString` must appear at the end of the specified part of the web request.", "title": "PositionalConstraint", "type": "string" }, "TargetString": { "markdownDescription": "The value that you want AWS WAF to search for. AWS WAF searches for the specified string in the part of web requests that you specified in `FieldToMatch` . The maximum length of the value is 50 bytes.\n\nYou must specify this property or the `TargetStringBase64` property.\n\nValid values depend on the values that you specified for `FieldToMatch` :\n\n- `HEADER` : The value that you want AWS WAF to search for in the request header that you specified in `FieldToMatch` , for example, the value of the `User-Agent` or `Referer` header.\n- `METHOD` : The HTTP method, which indicates the type of operation specified in the request.\n- `QUERY_STRING` : The value that you want AWS WAF to search for in the query string, which is the part of a URL that appears after a `?` character.\n- `URI` : The value that you want AWS WAF to search for in the part of a URL that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but instead of inspecting a single parameter, AWS WAF inspects all parameters within the query string for the value or regex pattern that you specify in `TargetString` .\n\nIf `TargetString` includes alphabetic characters A-Z and a-z, note that the value is case sensitive.", "title": "TargetString", "type": "string" }, "TargetStringBase64": { "markdownDescription": "The base64-encoded value that AWS WAF searches for. AWS CloudFormation sends this value to AWS WAF without encoding it.\n\nYou must specify this property or the `TargetString` property.\n\nAWS WAF searches for this value in a specific part of web requests, which you define in the `FieldToMatch` property.\n\nValid values depend on the Type value in the `FieldToMatch` property. For example, for a `METHOD` type, you must specify HTTP methods such as `DELETE, GET, HEAD, OPTIONS, PATCH, POST` , and `PUT` .", "title": "TargetStringBase64", "type": "string" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "PositionalConstraint", "TextTransformation" ], "type": "object" }, "AWS::WAFRegional::ByteMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicated the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAFRegional::GeoMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "GeoMatchConstraints": { "items": { "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint" }, "markdownDescription": "An array of `GeoMatchConstraint` objects, which contain the country that you want AWS WAF to search for.", "title": "GeoMatchConstraints", "type": "array" }, "Name": { "markdownDescription": "A friendly name or description of the `GeoMatchSet` . You can't change the name of an `GeoMatchSet` after you create it.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::GeoMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::GeoMatchSet.GeoMatchConstraint": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "The type of geographical area you want AWS WAF to search for. Currently `Country` is the only valid value.", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "The country that you want AWS WAF to search for.", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::WAFRegional::IPSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IPSetDescriptors": { "items": { "$ref": "#/definitions/AWS::WAFRegional::IPSet.IPSetDescriptor" }, "markdownDescription": "The IP address type ( `IPV4` or `IPV6` ) and the IP address range (in CIDR notation) that web requests originate from.", "title": "IPSetDescriptors", "type": "array" }, "Name": { "markdownDescription": "A friendly name or description of the `IPSet` . You can't change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::IPSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::IPSet.IPSetDescriptor": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "Specify `IPV4` or `IPV6` .", "title": "Type", "type": "string" }, "Value": { "markdownDescription": "Specify an IPv4 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nSpecify an IPv6 address by using CIDR notation. For example:\n\n- To configure AWS WAF to allow, block, or count requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- To configure AWS WAF to allow, block, or count requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .", "title": "Value", "type": "string" } }, "required": [ "Type", "Value" ], "type": "object" }, "AWS::WAFRegional::RateBasedRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MatchPredicates": { "items": { "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet>` object that you want to include in a `RateBasedRule` .", "title": "MatchPredicates", "type": "array" }, "MetricName": { "markdownDescription": "A name for the metrics for a `RateBasedRule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF , including \"All\" and \"Default_Action.\" You can't change the name of the metric after you create the `RateBasedRule` .", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "A friendly name or description for a `RateBasedRule` . You can't change the name of a `RateBasedRule` after you create it.", "title": "Name", "type": "string" }, "RateKey": { "markdownDescription": "The field that AWS WAF uses to determine if requests are likely arriving from single source and thus subject to rate monitoring. The only valid value for `RateKey` is `IP` . `IP` indicates that requests arriving from the same IP address are subject to the `RateLimit` that is specified in the `RateBasedRule` .", "title": "RateKey", "type": "string" }, "RateLimit": { "markdownDescription": "The maximum number of requests, which have an identical value in the field specified by the `RateKey` , allowed in a five-minute period. If the number of requests exceeds the `RateLimit` and the other predicates specified in the rule are also met, AWS WAF triggers the action that is specified for this rule.", "title": "RateLimit", "type": "number" } }, "required": [ "MetricName", "Name", "RateKey", "RateLimit" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::RateBasedRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::RateBasedRule.Predicate": { "additionalProperties": false, "properties": { "DataId": { "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", "title": "DataId", "type": "string" }, "Negated": { "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` >. For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", "title": "Negated", "type": "boolean" }, "Type": { "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ "DataId", "Negated", "Type" ], "type": "object" }, "AWS::WAFRegional::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "A friendly name or description of the `RegexPatternSet` . You can't change `Name` after you create a `RegexPatternSet` .", "title": "Name", "type": "string" }, "RegexPatternStrings": { "items": { "type": "string" }, "markdownDescription": "Specifies the regular expression (regex) patterns that you want AWS WAF to search for, such as `B[a@]dB[o0]t` .", "title": "RegexPatternStrings", "type": "array" } }, "required": [ "Name", "RegexPatternStrings" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::RegexPatternSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::Rule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "MetricName": { "markdownDescription": "A name for the metrics for this `Rule` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `Rule` .", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "The friendly name or description for the `Rule` . You can't change the name of a `Rule` after you create it.", "title": "Name", "type": "string" }, "Predicates": { "items": { "$ref": "#/definitions/AWS::WAFRegional::Rule.Predicate" }, "markdownDescription": "The `Predicates` object contains one `Predicate` element for each `ByteMatchSet` , `IPSet` , or `SqlInjectionMatchSet` object that you want to include in a `Rule` .", "title": "Predicates", "type": "array" } }, "required": [ "MetricName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::Rule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::Rule.Predicate": { "additionalProperties": false, "properties": { "DataId": { "markdownDescription": "A unique identifier for a predicate in a `Rule` , such as `ByteMatchSetId` or `IPSetId` . The ID is returned by the corresponding `Create` or `List` command.", "title": "DataId", "type": "string" }, "Negated": { "markdownDescription": "Set `Negated` to `False` if you want AWS WAF to allow, block, or count requests based on the settings in the specified `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow or block requests based on that IP address.\n\nSet `Negated` to `True` if you want AWS WAF to allow or block a request based on the negation of the settings in the `ByteMatchSet` , `IPSet` , `SqlInjectionMatchSet` , `XssMatchSet` , `RegexMatchSet` , `GeoMatchSet` , or `SizeConstraintSet` . For example, if an `IPSet` includes the IP address `192.0.2.44` , AWS WAF will allow, block, or count requests based on all IP addresses *except* `192.0.2.44` .", "title": "Negated", "type": "boolean" }, "Type": { "markdownDescription": "The type of predicate in a `Rule` , such as `ByteMatch` or `IPSet` .", "title": "Type", "type": "string" } }, "required": [ "DataId", "Negated", "Type" ], "type": "object" }, "AWS::WAFRegional::SizeConstraintSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `SizeConstraintSet` .", "title": "Name", "type": "string" }, "SizeConstraints": { "items": { "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.SizeConstraint" }, "markdownDescription": "The size constraint and the part of the web request to check.", "title": "SizeConstraints", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::SizeConstraintSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::SizeConstraintSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAFRegional::SizeConstraintSet.SizeConstraint": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The type of comparison you want AWS WAF to perform. AWS WAF uses this in combination with the provided `Size` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\n*EQ* : Used to test if the `Size` is equal to the size of the `FieldToMatch`\n\n*NE* : Used to test if the `Size` is not equal to the size of the `FieldToMatch`\n\n*LE* : Used to test if the `Size` is less than or equal to the size of the `FieldToMatch`\n\n*LT* : Used to test if the `Size` is strictly less than the size of the `FieldToMatch`\n\n*GE* : Used to test if the `Size` is greater than or equal to the size of the `FieldToMatch`\n\n*GT* : Used to test if the `Size` is strictly greater than the size of the `FieldToMatch`", "title": "ComparisonOperator", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet.FieldToMatch", "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "Size": { "markdownDescription": "The size in bytes that you want AWS WAF to compare against the size of the specified `FieldToMatch` . AWS WAF uses this in combination with `ComparisonOperator` and `FieldToMatch` to build an expression in the form of \" `Size` `ComparisonOperator` size in bytes of `FieldToMatch` \". If that expression is true, the `SizeConstraint` is considered to match.\n\nValid values for size are 0 - 21474836480 bytes (0 - 20 GB).\n\nIf you specify `URI` for the value of `Type` , the / in the URI path that you specify counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "Size", "type": "number" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting a request for a match.\n\nYou can only specify a single type of TextTransformation.\n\nNote that if you choose `BODY` for the value of `Type` , you must choose `NONE` for `TextTransformation` because the API Gateway API or Application Load Balancer forward only the first 8192 bytes for inspection.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.", "title": "TextTransformation", "type": "string" } }, "required": [ "ComparisonOperator", "FieldToMatch", "Size", "TextTransformation" ], "type": "object" }, "AWS::WAFRegional::SqlInjectionMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `SqlInjectionMatchSet` .", "title": "Name", "type": "string" }, "SqlInjectionMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for snippets of malicious SQL code.", "title": "SqlInjectionMatchTuples", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::SqlInjectionMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAFRegional::SqlInjectionMatchSet.SqlInjectionMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specific header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "TextTransformation" ], "type": "object" }, "AWS::WAFRegional::WebACL": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DefaultAction": { "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match. The action is specified by the `WafAction` object.", "title": "DefaultAction" }, "MetricName": { "markdownDescription": "A name for the metrics for this `WebACL` . The name can contain only alphanumeric characters (A-Z, a-z, 0-9), with maximum length 128 and minimum length one. It can't contain whitespace or metric names reserved for AWS WAF, including \"All\" and \"Default_Action.\" You can't change `MetricName` after you create the `WebACL` .", "title": "MetricName", "type": "string" }, "Name": { "markdownDescription": "A friendly name or description of the `WebACL` . You can't change the name of a `WebACL` after you create it.", "title": "Name", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::WAFRegional::WebACL.Rule" }, "markdownDescription": "An array that contains the action for each `Rule` in a `WebACL` , the priority of the `Rule` , and the ID of the `Rule` .", "title": "Rules", "type": "array" } }, "required": [ "DefaultAction", "MetricName", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::WebACL" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::WebACL.Action": { "additionalProperties": false, "properties": { "Type": { "markdownDescription": "For actions that are associated with a rule, the action that AWS WAF takes when a web request matches all conditions in a rule.\n\nFor the default action of a web access control list (ACL), the action that AWS WAF takes when a web request doesn't match all conditions in any rule.\n\nValid settings include the following:\n\n- `ALLOW` : AWS WAF allows requests\n- `BLOCK` : AWS WAF blocks requests\n- `COUNT` : AWS WAF increments a counter of the requests that match all of the conditions in the rule. AWS WAF then continues to inspect the web request based on the remaining rules in the web ACL. You can't specify `COUNT` for the default action for a WebACL.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAFRegional::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::WAFRegional::WebACL.Action", "markdownDescription": "The action that AWS WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.", "title": "Action" }, "Priority": { "markdownDescription": "The order in which AWS WAF evaluates the rules in a web ACL. AWS WAF evaluates rules with a lower value before rules with a higher value. The value must be a unique integer. If you have multiple rules in a web ACL, the priority numbers do not need to be consecutive.", "title": "Priority", "type": "number" }, "RuleId": { "markdownDescription": "The ID of an AWS WAF Regional rule to associate with a web ACL.", "title": "RuleId", "type": "string" } }, "required": [ "Action", "Priority", "RuleId" ], "type": "object" }, "AWS::WAFRegional::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource to protect with the web ACL.", "title": "ResourceArn", "type": "string" }, "WebACLId": { "markdownDescription": "A unique identifier (ID) for the web ACL.", "title": "WebACLId", "type": "string" } }, "required": [ "ResourceArn", "WebACLId" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::WebACLAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::XssMatchSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name, if any, of the `XssMatchSet` .", "title": "Name", "type": "string" }, "XssMatchTuples": { "items": { "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.XssMatchTuple" }, "markdownDescription": "Specifies the parts of web requests that you want to inspect for cross-site scripting attacks.", "title": "XssMatchTuples", "type": "array" } }, "required": [ "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFRegional::XssMatchSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFRegional::XssMatchSet.FieldToMatch": { "additionalProperties": false, "properties": { "Data": { "markdownDescription": "When the value of `Type` is `HEADER` , enter the name of the header that you want AWS WAF to search, for example, `User-Agent` or `Referer` . The name of the header is not case sensitive.\n\nWhen the value of `Type` is `SINGLE_QUERY_ARG` , enter the name of the parameter that you want AWS WAF to search, for example, `UserName` or `SalesRegion` . The parameter name is not case sensitive.\n\nIf the value of `Type` is any other value, omit `Data` .", "title": "Data", "type": "string" }, "Type": { "markdownDescription": "The part of the web request that you want AWS WAF to search for a specified string. Parts of a request that you can search include the following:\n\n- `HEADER` : A specified request header, for example, the value of the `User-Agent` or `Referer` header. If you choose `HEADER` for the type, specify the name of the header in `Data` .\n- `METHOD` : The HTTP method, which indicates the type of operation that the request is asking the origin to perform.\n- `QUERY_STRING` : A query string, which is the part of a URL that appears after a `?` character, if any.\n- `URI` : The part of a web request that identifies a resource, for example, `/images/daily-ad.jpg` .\n- `BODY` : The part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. The request body immediately follows the request headers. Note that only the first `8192` bytes of the request body are forwarded to AWS WAF for inspection. To allow or block requests based on the length of the body, you can create a size constraint set.\n- `SINGLE_QUERY_ARG` : The parameter in the query string that you will inspect, such as *UserName* or *SalesRegion* . The maximum length for `SINGLE_QUERY_ARG` is 30 characters.\n- `ALL_QUERY_ARGS` : Similar to `SINGLE_QUERY_ARG` , but rather than inspecting a single parameter, AWS WAF will inspect all parameters within the query for the value or regex pattern that you specify in `TargetString` .", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WAFRegional::XssMatchSet.XssMatchTuple": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet.FieldToMatch", "markdownDescription": "The part of a web request that you want AWS WAF to inspect, such as a specified header or a query string.", "title": "FieldToMatch" }, "TextTransformation": { "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass AWS WAF . If you specify a transformation, AWS WAF performs the transformation on `FieldToMatch` before inspecting it for a match.\n\nYou can only specify a single type of TextTransformation.\n\n*CMD_LINE*\n\nWhen you're concerned that attackers are injecting an operating system command line command and using unusual formatting to disguise some or all of the command, use this option to perform the following transformations:\n\n- Delete the following characters: \\ \" ' ^\n- Delete spaces before the following characters: / (\n- Replace the following characters with a space: , ;\n- Replace multiple spaces with one space\n- Convert uppercase letters (A-Z) to lowercase (a-z)\n\n*COMPRESS_WHITE_SPACE*\n\nUse this option to replace the following characters with a space character (decimal 32):\n\n- \\f, formfeed, decimal 12\n- \\t, tab, decimal 9\n- \\n, newline, decimal 10\n- \\r, carriage return, decimal 13\n- \\v, vertical tab, decimal 11\n- non-breaking space, decimal 160\n\n`COMPRESS_WHITE_SPACE` also replaces multiple spaces with one space.\n\n*HTML_ENTITY_DECODE*\n\nUse this option to replace HTML-encoded characters with unencoded characters. `HTML_ENTITY_DECODE` performs the following operations:\n\n- Replaces `(ampersand)quot;` with `\"`\n- Replaces `(ampersand)nbsp;` with a non-breaking space, decimal 160\n- Replaces `(ampersand)lt;` with a \"less than\" symbol\n- Replaces `(ampersand)gt;` with `>`\n- Replaces characters that are represented in hexadecimal format, `(ampersand)#xhhhh;` , with the corresponding characters\n- Replaces characters that are represented in decimal format, `(ampersand)#nnnn;` , with the corresponding characters\n\n*LOWERCASE*\n\nUse this option to convert uppercase letters (A-Z) to lowercase (a-z).\n\n*URL_DECODE*\n\nUse this option to decode a URL-encoded value.\n\n*NONE*\n\nSpecify `NONE` if you don't want to perform any text transformations.", "title": "TextTransformation", "type": "string" } }, "required": [ "FieldToMatch", "TextTransformation" ], "type": "object" }, "AWS::WAFv2::IPSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Addresses": { "items": { "type": "string" }, "markdownDescription": "Contains an array of strings that specifies zero or more IP addresses or blocks of IP addresses that you want AWS WAF to inspect for in incoming requests. All addresses must be specified using Classless Inter-Domain Routing (CIDR) notation. AWS WAF supports all IPv4 and IPv6 CIDR ranges except for `/0` .\n\nExample address strings:\n\n- For requests that originated from the IP address 192.0.2.44, specify `192.0.2.44/32` .\n- For requests that originated from IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` .\n- For requests that originated from the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` .\n- For requests that originated from IP addresses 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` .\n\nFor more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) .\n\nExample JSON `Addresses` specifications:\n\n- Empty array: `\"Addresses\": []`\n- Array with one address: `\"Addresses\": [\"192.0.2.44/32\"]`\n- Array with three addresses: `\"Addresses\": [\"192.0.2.44/32\", \"192.0.2.0/24\", \"192.0.0.0/16\"]`\n- INVALID specification: `\"Addresses\": [\"\"]` INVALID", "title": "Addresses", "type": "array" }, "Description": { "markdownDescription": "A description of the IP set that helps with identification.", "title": "Description", "type": "string" }, "IPAddressVersion": { "markdownDescription": "The version of the IP addresses, either `IPV4` or `IPV6` .", "title": "IPAddressVersion", "type": "string" }, "Name": { "markdownDescription": "The name of the IP set. You cannot change the name of an `IPSet` after you create it.", "title": "Name", "type": "string" }, "Scope": { "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", "title": "Scope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", "title": "Tags", "type": "array" } }, "required": [ "Addresses", "IPAddressVersion", "Scope" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::IPSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "LogDestinationConfigs": { "items": { "type": "string" }, "markdownDescription": "The logging destination configuration that you want to associate with the web ACL.\n\n> You can associate one logging destination to a web ACL.", "title": "LogDestinationConfigs", "type": "array" }, "LoggingFilter": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LoggingFilter", "markdownDescription": "Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation.", "title": "LoggingFilter" }, "RedactedFields": { "items": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.FieldToMatch" }, "markdownDescription": "The parts of the request that you want to keep out of the logs.\n\nFor example, if you redact the `SingleHeader` field, the `HEADER` field in the logs will be `REDACTED` for all rules that use the `SingleHeader` `FieldToMatch` setting.\n\nRedaction applies only to the component that's specified in the rule's `FieldToMatch` setting, so the `SingleHeader` redaction doesn't apply to rules that use the `Headers` `FieldToMatch` .\n\n> You can specify only the following fields for redaction: `UriPath` , `QueryString` , `SingleHeader` , and `Method` . > This setting has no impact on request sampling. With request sampling, the only way to exclude fields is by disabling sampling in the web ACL visibility configuration.", "title": "RedactedFields", "type": "array" }, "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with `LogDestinationConfigs` .", "title": "ResourceArn", "type": "string" } }, "required": [ "LogDestinationConfigs", "ResourceArn" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::LoggingConfiguration" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration.ActionCondition": { "additionalProperties": false, "properties": { "Action": { "markdownDescription": "The action setting that a log record must contain in order to meet the condition. This is the action that AWS WAF applied to the web request.\n\nFor rule groups, this is either the configured rule action setting, or if you've applied a rule action override to the rule, it's the override action. The value `EXCLUDED_AS_COUNT` matches on excluded rules and also on rules that have a rule action override of Count.", "title": "Action", "type": "string" } }, "required": [ "Action" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration.Condition": { "additionalProperties": false, "properties": { "ActionCondition": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.ActionCondition", "markdownDescription": "A single action condition. This is the action setting that a log record must contain in order to meet the condition.", "title": "ActionCondition" }, "LabelNameCondition": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.LabelNameCondition", "markdownDescription": "A single label name condition. This is the fully qualified label name that a log record must contain in order to meet the condition. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", "title": "LabelNameCondition" } }, "type": "object" }, "AWS::WAFv2::LoggingConfiguration.FieldToMatch": { "additionalProperties": false, "properties": { "Method": { "markdownDescription": "Redact the indicated HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", "title": "Method", "type": "object" }, "QueryString": { "markdownDescription": "Redact the query string. This is the part of a URL that appears after a `?` character, if any.", "title": "QueryString", "type": "object" }, "SingleHeader": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.SingleHeader", "markdownDescription": "Redact a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`", "title": "SingleHeader" }, "UriPath": { "markdownDescription": "Redact the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", "type": "object" } }, "type": "object" }, "AWS::WAFv2::LoggingConfiguration.Filter": { "additionalProperties": false, "properties": { "Behavior": { "markdownDescription": "How to handle logs that satisfy the filter's conditions and requirement.", "title": "Behavior", "type": "string" }, "Conditions": { "items": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Condition" }, "markdownDescription": "Match conditions for the filter.", "title": "Conditions", "type": "array" }, "Requirement": { "markdownDescription": "Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition.", "title": "Requirement", "type": "string" } }, "required": [ "Behavior", "Conditions", "Requirement" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration.LabelNameCondition": { "additionalProperties": false, "properties": { "LabelName": { "markdownDescription": "The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label.", "title": "LabelName", "type": "string" } }, "required": [ "LabelName" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration.LoggingFilter": { "additionalProperties": false, "properties": { "DefaultBehavior": { "markdownDescription": "Default handling for logs that don't match any of the specified filtering conditions.", "title": "DefaultBehavior", "type": "string" }, "Filters": { "items": { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration.Filter" }, "markdownDescription": "The filters that you want to apply to the logs.", "title": "Filters", "type": "array" } }, "required": [ "DefaultBehavior", "Filters" ], "type": "object" }, "AWS::WAFv2::LoggingConfiguration.SingleHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query header to inspect.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::RegexPatternSet": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "A description of the set that helps with identification.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the set. You cannot change the name after you create the set.", "title": "Name", "type": "string" }, "RegularExpressionList": { "items": { "type": "string" }, "markdownDescription": "The regular expression patterns in the set.", "title": "RegularExpressionList", "type": "array" }, "Scope": { "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", "title": "Scope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", "title": "Tags", "type": "array" } }, "required": [ "RegularExpressionList", "Scope" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::RegexPatternSet" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFv2::RuleGroup": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AvailableLabels": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, "markdownDescription": "The labels that one or more rules in this rule group add to matching web requests. These labels are defined in the `RuleLabels` for a `Rule` .", "title": "AvailableLabels", "type": "array" }, "Capacity": { "markdownDescription": "The web ACL capacity units (WCUs) required for this rule group.\n\nWhen you create your own rule group, you define this, and you cannot change it after creation. When you add or modify the rules in a rule group, AWS WAF enforces this limit.\n\nAWS WAF uses WCUs to calculate and control the operating resources that are used to run your rules, rule groups, and web ACLs. AWS WAF calculates capacity differently for each rule type, to reflect the relative cost of each rule. Simple rules that cost little to run use fewer WCUs than more complex rules that use more processing power. Rule group capacity is fixed at creation, which helps users plan their web ACL WCU usage when they use a rule group. The WCU limit for web ACLs is 1,500.", "title": "Capacity", "type": "number" }, "ConsumedLabels": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelSummary" }, "markdownDescription": "The labels that one or more rules in this rule group match against in label match statements. These labels are defined in a `LabelMatchStatement` specification, in the `Statement` definition of a rule.", "title": "ConsumedLabels", "type": "array" }, "CustomResponseBodies": { "additionalProperties": false, "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the rule group, and then use them in the rules that you define in the rule group.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, "Description": { "markdownDescription": "A description of the rule group that helps with identification.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the rule group. You cannot change the name of a rule group after you create it.", "title": "Name", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Rule" }, "markdownDescription": "The rule statements used to identify the web requests that you want to allow, block, or count. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` .", "title": "Scope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", "title": "Tags", "type": "array" }, "VisibilityConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ "Capacity", "Scope", "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::RuleGroup" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFv2::RuleGroup.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", "type": "array" } }, "required": [ "Statements" ], "type": "object" }, "AWS::WAFv2::RuleGroup.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", "title": "OversizeHandling", "type": "string" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "PositionalConstraint": { "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", "title": "PositionalConstraint", "type": "string" }, "SearchString": { "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", "title": "SearchString", "type": "string" }, "SearchStringBase64": { "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", "title": "SearchStringBase64", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "PositionalConstraint", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Inspect all cookies.", "title": "All", "type": "object" }, "ExcludedCookies": { "items": { "type": "string" }, "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", "title": "ExcludedCookies", "type": "array" }, "IncludedCookies": { "items": { "type": "string" }, "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", "title": "IncludedCookies", "type": "array" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope", "OversizeHandling" ], "type": "object" }, "AWS::WAFv2::RuleGroup.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the custom header.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::WAFv2::RuleGroup.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", "type": "array" } }, "required": [ "InsertHeaders" ], "type": "object" }, "AWS::WAFv2::RuleGroup.CustomResponse": { "additionalProperties": false, "properties": { "CustomResponseBodyKey": { "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", "title": "CustomResponseBodyKey", "type": "string" }, "ResponseCode": { "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", "title": "ResponseCode", "type": "number" }, "ResponseHeaders": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "ResponseHeaders", "type": "array" } }, "required": [ "ResponseCode" ], "type": "object" }, "AWS::WAFv2::RuleGroup.CustomResponseBody": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "Content", "type": "string" }, "ContentType": { "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", "title": "ContentType", "type": "string" } }, "required": [ "Content", "ContentType" ], "type": "object" }, "AWS::WAFv2::RuleGroup.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { "markdownDescription": "Inspect all query arguments.", "title": "AllQueryArguments", "type": "object" }, "Body": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, "JsonBody": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, "Method": { "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", "title": "Method", "type": "object" }, "QueryString": { "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", "title": "QueryString", "type": "object" }, "SingleHeader": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", "type": "object" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" }, "HeaderName": { "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "HeaderName", "type": "string" } }, "required": [ "FallbackBehavior", "HeaderName" ], "type": "object" }, "AWS::WAFv2::RuleGroup.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { "items": { "type": "string" }, "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", "title": "CountryCodes", "type": "array" }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Inspect all headers.", "title": "All", "type": "object" }, "ExcludedHeaders": { "items": { "type": "string" }, "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", "title": "ExcludedHeaders", "type": "array" }, "IncludedHeaders": { "items": { "type": "string" }, "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", "title": "IncludedHeaders", "type": "array" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope", "OversizeHandling" ], "type": "object" }, "AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" }, "HeaderName": { "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "HeaderName", "type": "string" }, "Position": { "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", "title": "Position", "type": "string" } }, "required": [ "FallbackBehavior", "HeaderName", "Position" ], "type": "object" }, "AWS::WAFv2::RuleGroup.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", "title": "Arn", "type": "string" }, "IPSetForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } }, "required": [ "Arn" ], "type": "object" }, "AWS::WAFv2::RuleGroup.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", "title": "ImmunityTime", "type": "number" } }, "required": [ "ImmunityTime" ], "type": "object" }, "AWS::WAFv2::RuleGroup.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" } }, "required": [ "FallbackBehavior" ], "type": "object" }, "AWS::WAFv2::RuleGroup.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", "title": "InvalidFallbackBehavior", "type": "string" }, "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope" ], "type": "object" }, "AWS::WAFv2::RuleGroup.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", "title": "All", "type": "object" }, "IncludedPaths": { "items": { "type": "string" }, "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", "title": "IncludedPaths", "type": "array" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.Label": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The label string.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::RuleGroup.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", "title": "Key", "type": "string" }, "Scope": { "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", "title": "Scope", "type": "string" } }, "required": [ "Key", "Scope" ], "type": "object" }, "AWS::WAFv2::RuleGroup.LabelSummary": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "An individual label specification.", "title": "Name", "type": "string" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.NotStatement": { "additionalProperties": false, "properties": { "Statement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } }, "required": [ "Statement" ], "type": "object" }, "AWS::WAFv2::RuleGroup.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", "type": "array" } }, "required": [ "Statements" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", "title": "AggregateKeyType", "type": "string" }, "CustomKeys": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", "type": "array" }, "EvaluationWindowSec": { "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", "title": "EvaluationWindowSec", "type": "number" }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, "Limit": { "markdownDescription": "The limit on requests per 5-minute period for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", "title": "Limit", "type": "number" }, "ScopeDownStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } }, "required": [ "AggregateKeyType", "Limit" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { "Cookie": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, "ForwardedIP": { "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", "title": "ForwardedIP", "type": "object" }, "HTTPMethod": { "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", "title": "HTTPMethod", "type": "object" }, "Header": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, "IP": { "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", "title": "IP", "type": "object" }, "LabelNamespace": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the cookie to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the header to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "The namespace to use for aggregation.", "title": "Namespace", "type": "string" } }, "required": [ "Namespace" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query argument to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "RegexString": { "markdownDescription": "The string representing the regular expression.", "title": "RegexString", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "RegexString", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", "title": "Arn", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "Arn", "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.Rule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RuleAction", "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting.", "title": "Action" }, "CaptchaConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, "Name": { "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", "title": "Name", "type": "string" }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", "type": "number" }, "RuleLabels": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } }, "required": [ "Name", "Priority", "Statement", "VisibilityConfig" ], "type": "object" }, "AWS::WAFv2::RuleGroup.RuleAction": { "additionalProperties": false, "properties": { "Allow": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.SingleHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query header to inspect.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::RuleGroup.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query argument to inspect.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::RuleGroup.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The operator to use to compare the request part to the size setting.", "title": "ComparisonOperator", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "Size": { "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", "title": "Size", "type": "number" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "ComparisonOperator", "FieldToMatch", "Size", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "SensitivityLevel": { "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", "title": "SensitivityLevel", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::RuleGroup.Statement": { "additionalProperties": false, "properties": { "AndStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, "ByteMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, "NotStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, "SizeConstraintStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, "AWS::WAFv2::RuleGroup.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", "type": "number" }, "Type": { "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", "title": "Type", "type": "string" } }, "required": [ "Priority", "Type" ], "type": "object" }, "AWS::WAFv2::RuleGroup.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", "title": "CloudWatchMetricsEnabled", "type": "boolean" }, "MetricName": { "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", "title": "MetricName", "type": "string" }, "SampledRequestsEnabled": { "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration.", "title": "SampledRequestsEnabled", "type": "boolean" } }, "required": [ "CloudWatchMetricsEnabled", "MetricName", "SampledRequestsEnabled" ], "type": "object" }, "AWS::WAFv2::RuleGroup.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::RuleGroup.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssociationConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AssociationConfig", "markdownDescription": "Specifies custom configurations for the associations between the web ACL and protected resources.\n\nUse this to customize the maximum size of the request body that your protected resources forward to AWS WAF for inspection. You can customize this setting for CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resources. The default setting is 16 KB (16,384 bytes).\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", "title": "AssociationConfig" }, "CaptchaConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations for rules that don't have their own `CaptchaConfig` settings. If you don't specify this, AWS WAF uses its default settings for `CaptchaConfig` .", "title": "CaptchaConfig" }, "ChallengeConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle challenge evaluations for rules that don't have their own `ChallengeConfig` settings. If you don't specify this, AWS WAF uses its default settings for `ChallengeConfig` .", "title": "ChallengeConfig" }, "CustomResponseBodies": { "additionalProperties": false, "markdownDescription": "A map of custom response keys and content bodies. When you create a rule with a block action, you can send a custom response to the web request. You define these for the web ACL, and then use them in the rules and default actions that you define in the web ACL.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponseBody" } }, "title": "CustomResponseBodies", "type": "object" }, "DefaultAction": { "$ref": "#/definitions/AWS::WAFv2::WebACL.DefaultAction", "markdownDescription": "The action to perform if none of the `Rules` contained in the `WebACL` match.", "title": "DefaultAction" }, "Description": { "markdownDescription": "A description of the web ACL that helps with identification.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the web ACL. You cannot change the name of a web ACL after you create it.", "title": "Name", "type": "string" }, "Rules": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Rule" }, "markdownDescription": "The rule statements used to identify the web requests that you want to manage. Each rule includes one top-level statement that AWS WAF uses to identify matching web requests, and parameters that govern how AWS WAF handles them.", "title": "Rules", "type": "array" }, "Scope": { "markdownDescription": "Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AWS AppSync GraphQL API, an Amazon Cognito user pool, an AWS App Runner service, or an AWS Verified Access instance. Valid Values are `CLOUDFRONT` and `REGIONAL` .\n\n> For `CLOUDFRONT` , you must create your WAFv2 resources in the US East (N. Virginia) Region, `us-east-1` . \n\nFor information about how to define the association of the web ACL with your resource, see `WebACLAssociation` .", "title": "Scope", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "Key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as \"environment\") and the tag value represents a specific value within that category (such as \"test,\" \"development,\" or \"production\"). You can add up to 50 tags to each AWS resource.\n\n> To modify tags on existing resources, use the AWS WAF APIs or command line interface. With AWS CloudFormation , you can only add tags to AWS WAF resources during resource creation.", "title": "Tags", "type": "array" }, "TokenDomains": { "items": { "type": "string" }, "markdownDescription": "Specifies the domains that AWS WAF should accept in a web request token. This enables the use of tokens across multiple protected websites. When AWS WAF provides a token, it uses the domain of the AWS resource that the web ACL is protecting. If you don't specify a list of token domains, AWS WAF accepts tokens only for the domain of the protected resource. With a token domain list, AWS WAF accepts the resource's host domain plus all domains in the token domain list, including their prefixed subdomains.", "title": "TokenDomains", "type": "array" }, "VisibilityConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.", "title": "VisibilityConfig" } }, "required": [ "DefaultAction", "Scope", "VisibilityConfig" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::WebACL" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet": { "additionalProperties": false, "properties": { "CreationPath": { "markdownDescription": "The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests.\n\nFor example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` .", "title": "CreationPath", "type": "string" }, "EnableRegexInPath": { "markdownDescription": "Allow the use of regular expressions in the registration page path and the account creation path.", "title": "EnableRegexInPath", "type": "boolean" }, "RegistrationPagePath": { "markdownDescription": "The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users.\n\n> This page must accept `GET` text/html requests. \n\nFor example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` .", "title": "RegistrationPagePath", "type": "string" }, "RequestInspection": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspectionACFP", "markdownDescription": "The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts.", "title": "RequestInspection" }, "ResponseInspection": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", "markdownDescription": "The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time.", "title": "ResponseInspection" } }, "required": [ "CreationPath", "RegistrationPagePath", "RequestInspection" ], "type": "object" }, "AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet": { "additionalProperties": false, "properties": { "EnableRegexInPath": { "markdownDescription": "Allow the use of regular expressions in the login page path.", "title": "EnableRegexInPath", "type": "boolean" }, "LoginPath": { "markdownDescription": "The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` .\n\nThe rule group inspects only HTTP `POST` requests to your specified login endpoint.", "title": "LoginPath", "type": "string" }, "RequestInspection": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestInspection", "markdownDescription": "The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage.", "title": "RequestInspection" }, "ResponseInspection": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspection", "markdownDescription": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.\n\n> Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. \n\nThe ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time.", "title": "ResponseInspection" } }, "required": [ "LoginPath" ], "type": "object" }, "AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet": { "additionalProperties": false, "properties": { "EnableMachineLearning": { "markdownDescription": "Applies only to the targeted inspection level.\n\nDetermines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which\ninspect for anomalous behavior that might indicate distributed, coordinated bot activity.\n\nFor more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* .\n\nDefault: `TRUE`", "title": "EnableMachineLearning", "type": "boolean" }, "InspectionLevel": { "markdownDescription": "The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* .", "title": "InspectionLevel", "type": "string" } }, "required": [ "InspectionLevel" ], "type": "object" }, "AWS::WAFv2::WebACL.AllowAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::WebACL.AndStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with AND logic. You can use any statements that can be nested.", "title": "Statements", "type": "array" } }, "required": [ "Statements" ], "type": "object" }, "AWS::WAFv2::WebACL.AssociationConfig": { "additionalProperties": false, "properties": { "RequestBody": { "additionalProperties": false, "markdownDescription": "Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types.\n\n> You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . \n\nExample JSON: `{ \"API_GATEWAY\": \"KB_48\", \"APP_RUNNER_SERVICE\": \"KB_32\" }`\n\nFor Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).", "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig" } }, "title": "RequestBody", "type": "object" } }, "type": "object" }, "AWS::WAFv2::WebACL.BlockAction": { "additionalProperties": false, "properties": { "CustomResponse": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomResponse", "markdownDescription": "Defines a custom response for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomResponse" } }, "type": "object" }, "AWS::WAFv2::WebACL.Body": { "additionalProperties": false, "properties": { "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", "title": "OversizeHandling", "type": "string" } }, "type": "object" }, "AWS::WAFv2::WebACL.ByteMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "PositionalConstraint": { "markdownDescription": "The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following:\n\n*CONTAINS*\n\nThe specified part of the web request must include the value of `SearchString` , but the location doesn't matter.\n\n*CONTAINS_WORD*\n\nThe specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true:\n\n- `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` .\n- `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` .\n\n*EXACTLY*\n\nThe value of the specified part of the web request must exactly match the value of `SearchString` .\n\n*STARTS_WITH*\n\nThe value of `SearchString` must appear at the beginning of the specified part of the web request.\n\n*ENDS_WITH*\n\nThe value of `SearchString` must appear at the end of the specified part of the web request.", "title": "PositionalConstraint", "type": "string" }, "SearchString": { "markdownDescription": "A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive.\n\nDon't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you.\n\nFor example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` .\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", "title": "SearchString", "type": "string" }, "SearchStringBase64": { "markdownDescription": "String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead.\n\nYou must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` .", "title": "SearchStringBase64", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "PositionalConstraint", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.CaptchaAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::WebACL.CaptchaConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle.", "title": "ImmunityTimeProperty" } }, "type": "object" }, "AWS::WAFv2::WebACL.ChallengeAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::WebACL.ChallengeConfig": { "additionalProperties": false, "properties": { "ImmunityTimeProperty": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ImmunityTimeProperty", "markdownDescription": "Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge.", "title": "ImmunityTimeProperty" } }, "type": "object" }, "AWS::WAFv2::WebACL.CookieMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Inspect all cookies.", "title": "All", "type": "object" }, "ExcludedCookies": { "items": { "type": "string" }, "markdownDescription": "Inspect only the cookies whose keys don't match any of the strings specified here.", "title": "ExcludedCookies", "type": "array" }, "IncludedCookies": { "items": { "type": "string" }, "markdownDescription": "Inspect only the cookies that have a key that matches one of the strings specified here.", "title": "IncludedCookies", "type": "array" } }, "type": "object" }, "AWS::WAFv2::WebACL.Cookies": { "additionalProperties": false, "properties": { "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CookieMatchPattern", "markdownDescription": "The filter to use to identify the subset of cookies to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` .\n\nExample JSON: `\"MatchPattern\": { \"IncludedCookies\": [ \"session-id-time\", \"session-id\" ] }`", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope", "OversizeHandling" ], "type": "object" }, "AWS::WAFv2::WebACL.CountAction": { "additionalProperties": false, "properties": { "CustomRequestHandling": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomRequestHandling", "markdownDescription": "Defines custom handling for the web request.\n\nFor information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* .", "title": "CustomRequestHandling" } }, "type": "object" }, "AWS::WAFv2::WebACL.CustomHTTPHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the custom header.\n\nFor custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` .", "title": "Name", "type": "string" }, "Value": { "markdownDescription": "The value of the custom header.", "title": "Value", "type": "string" } }, "required": [ "Name", "Value" ], "type": "object" }, "AWS::WAFv2::WebACL.CustomRequestHandling": { "additionalProperties": false, "properties": { "InsertHeaders": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to insert into the request. Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "InsertHeaders", "type": "array" } }, "required": [ "InsertHeaders" ], "type": "object" }, "AWS::WAFv2::WebACL.CustomResponse": { "additionalProperties": false, "properties": { "CustomResponseBodyKey": { "markdownDescription": "References the response body that you want AWS WAF to return to the web request client. You can define a custom response for a rule action or a default web ACL action that is set to block. To do this, you first define the response body key and value in the `CustomResponseBodies` setting for the `WebACL` or `RuleGroup` where you want to use it. Then, in the rule action or web ACL default action `BlockAction` setting, you reference the response body using this key.", "title": "CustomResponseBodyKey", "type": "string" }, "ResponseCode": { "markdownDescription": "The HTTP status code to return to the client.\n\nFor a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* .", "title": "ResponseCode", "type": "number" }, "ResponseHeaders": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CustomHTTPHeader" }, "markdownDescription": "The HTTP headers to use in the response. You can specify any header name except for `content-type` . Duplicate header names are not allowed.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "ResponseHeaders", "type": "array" } }, "required": [ "ResponseCode" ], "type": "object" }, "AWS::WAFv2::WebACL.CustomResponseBody": { "additionalProperties": false, "properties": { "Content": { "markdownDescription": "The payload of the custom response.\n\nYou can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting.\n\nFor information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* .", "title": "Content", "type": "string" }, "ContentType": { "markdownDescription": "The type of content in the payload that you are defining in the `Content` string.", "title": "ContentType", "type": "string" } }, "required": [ "Content", "ContentType" ], "type": "object" }, "AWS::WAFv2::WebACL.DefaultAction": { "additionalProperties": false, "properties": { "Allow": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Specifies that AWS WAF should allow requests by default.", "title": "Allow" }, "Block": { "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Specifies that AWS WAF should block requests by default.", "title": "Block" } }, "type": "object" }, "AWS::WAFv2::WebACL.ExcludedRule": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the rule whose action you want to override to `Count` .", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::WebACL.FieldIdentifier": { "additionalProperties": false, "properties": { "Identifier": { "markdownDescription": "The name of the field.\n\nWhen the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nWhen the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` .\n\nFor more information, see the descriptions for each field type in the request inspection properties.", "title": "Identifier", "type": "string" } }, "required": [ "Identifier" ], "type": "object" }, "AWS::WAFv2::WebACL.FieldToMatch": { "additionalProperties": false, "properties": { "AllQueryArguments": { "markdownDescription": "Inspect all query arguments.", "title": "AllQueryArguments", "type": "object" }, "Body": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Body", "markdownDescription": "Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `Body` object configuration.", "title": "Body" }, "Cookies": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Cookies", "markdownDescription": "Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service.", "title": "Cookies" }, "Headers": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Headers", "markdownDescription": "Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects.\n\nOnly the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service.", "title": "Headers" }, "JA3Fingerprint": { "$ref": "#/definitions/AWS::WAFv2::WebACL.JA3Fingerprint", "markdownDescription": "Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information.\n\n> You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . \n\nYou can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* .\n\nProvide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration.", "title": "JA3Fingerprint" }, "JsonBody": { "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonBody", "markdownDescription": "Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nFor information about how to handle oversized request bodies, see the `JsonBody` object configuration.", "title": "JsonBody" }, "Method": { "markdownDescription": "Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform.", "title": "Method", "type": "object" }, "QueryString": { "markdownDescription": "Inspect the query string. This is the part of a URL that appears after a `?` character, if any.", "title": "QueryString", "type": "object" }, "SingleHeader": { "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleHeader", "markdownDescription": "Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive.\n\nExample JSON: `\"SingleHeader\": { \"Name\": \"haystack\" }`\n\nAlternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting.", "title": "SingleHeader" }, "SingleQueryArgument": { "$ref": "#/definitions/AWS::WAFv2::WebACL.SingleQueryArgument", "markdownDescription": "Inspect a single query argument. Provide the name of the query argument to inspect, such as *UserName* or *SalesRegion* . The name can be up to 30 characters long and isn't case sensitive.\n\nExample JSON: `\"SingleQueryArgument\": { \"Name\": \"myArgument\" }`", "title": "SingleQueryArgument" }, "UriPath": { "markdownDescription": "Inspect the request URI path. This is the part of the web request that identifies a resource, for example, `/images/daily-ad.jpg` .", "title": "UriPath", "type": "object" } }, "type": "object" }, "AWS::WAFv2::WebACL.ForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" }, "HeaderName": { "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "HeaderName", "type": "string" } }, "required": [ "FallbackBehavior", "HeaderName" ], "type": "object" }, "AWS::WAFv2::WebACL.GeoMatchStatement": { "additionalProperties": false, "properties": { "CountryCodes": { "items": { "type": "string" }, "markdownDescription": "An array of two-character country codes that you want to match against, for example, `[ \"US\", \"CN\" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard.\n\nWhen you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site.", "title": "CountryCodes", "type": "array" }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "ForwardedIPConfig" } }, "type": "object" }, "AWS::WAFv2::WebACL.HeaderMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Inspect all headers.", "title": "All", "type": "object" }, "ExcludedHeaders": { "items": { "type": "string" }, "markdownDescription": "Inspect only the headers whose keys don't match any of the strings specified here.", "title": "ExcludedHeaders", "type": "array" }, "IncludedHeaders": { "items": { "type": "string" }, "markdownDescription": "Inspect only the headers that have a key that matches one of the strings specified here.", "title": "IncludedHeaders", "type": "array" } }, "type": "object" }, "AWS::WAFv2::WebACL.Headers": { "additionalProperties": false, "properties": { "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::WebACL.HeaderMatchPattern", "markdownDescription": "The filter to use to identify the subset of headers to inspect in a web request.\n\nYou must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` .\n\nExample JSON: `\"MatchPattern\": { \"ExcludedHeaders\": [ \"KeyToExclude1\", \"KeyToExclude2\" ] }`", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the headers of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF .\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope", "OversizeHandling" ], "type": "object" }, "AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a valid IP address in the specified position.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" }, "HeaderName": { "markdownDescription": "The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` .\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "HeaderName", "type": "string" }, "Position": { "markdownDescription": "The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through.\n\nThe options for this setting are the following:\n\n- FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP.\n- LAST - Inspect the last IP address in the list of IP addresses in the header.\n- ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10.", "title": "Position", "type": "string" } }, "required": [ "FallbackBehavior", "HeaderName", "Position" ], "type": "object" }, "AWS::WAFv2::WebACL.IPSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `IPSet` that this statement references.", "title": "Arn", "type": "string" }, "IPSetForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all.", "title": "IPSetForwardedIPConfig" } }, "required": [ "Arn" ], "type": "object" }, "AWS::WAFv2::WebACL.ImmunityTimeProperty": { "additionalProperties": false, "properties": { "ImmunityTime": { "markdownDescription": "The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300.\n\nFor the Challenge action, the minimum setting is 300.", "title": "ImmunityTime", "type": "number" } }, "required": [ "ImmunityTime" ], "type": "object" }, "AWS::WAFv2::WebACL.JA3Fingerprint": { "additionalProperties": false, "properties": { "FallbackBehavior": { "markdownDescription": "The match status to assign to the web request if the request doesn't have a JA3 fingerprint.\n\nYou can specify the following fallback behaviors:\n\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.", "title": "FallbackBehavior", "type": "string" } }, "required": [ "FallbackBehavior" ], "type": "object" }, "AWS::WAFv2::WebACL.JsonBody": { "additionalProperties": false, "properties": { "InvalidFallbackBehavior": { "markdownDescription": "What AWS WAF should do if it fails to completely parse the JSON body. The options are the following:\n\n- `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nIf you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters.\n\n> AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* .", "title": "InvalidFallbackBehavior", "type": "string" }, "MatchPattern": { "$ref": "#/definitions/AWS::WAFv2::WebACL.JsonMatchPattern", "markdownDescription": "The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria.", "title": "MatchPattern" }, "MatchScope": { "markdownDescription": "The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values.\n\n`All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values.", "title": "MatchScope", "type": "string" }, "OversizeHandling": { "markdownDescription": "What AWS WAF should do if the body is larger than AWS WAF can inspect.\n\nAWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection.\n\n- For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes).\n- For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees.\n\nThe options for oversize handling are the following:\n\n- `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria.\n- `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request.\n- `NO_MATCH` - Treat the web request as not matching the rule statement.\n\nYou can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit.\n\nDefault: `CONTINUE`", "title": "OversizeHandling", "type": "string" } }, "required": [ "MatchPattern", "MatchScope" ], "type": "object" }, "AWS::WAFv2::WebACL.JsonMatchPattern": { "additionalProperties": false, "properties": { "All": { "markdownDescription": "Match all of the elements. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nYou must specify either this setting or the `IncludedPaths` setting, but not both.", "title": "All", "type": "object" }, "IncludedPaths": { "items": { "type": "string" }, "markdownDescription": "Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification.\n\nProvide the include paths using JSON Pointer syntax. For example, `\"IncludedPaths\": [\"/dogs/0/name\", \"/dogs/1/name\"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nYou must specify either this setting or the `All` setting, but not both.\n\n> Don't use this option to include all paths. Instead, use the `All` setting.", "title": "IncludedPaths", "type": "array" } }, "type": "object" }, "AWS::WAFv2::WebACL.Label": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The label string.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::WebACL.LabelMatchStatement": { "additionalProperties": false, "properties": { "Key": { "markdownDescription": "The string to match against. The setting you provide for this depends on the match statement's `Scope` setting:\n\n- If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name.\n- If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates.\n\nLabels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` .", "title": "Key", "type": "string" }, "Scope": { "markdownDescription": "Specify whether you want to match using the label name or just the namespace.", "title": "Scope", "type": "string" } }, "required": [ "Key", "Scope" ], "type": "object" }, "AWS::WAFv2::WebACL.ManagedRuleGroupConfig": { "additionalProperties": false, "properties": { "AWSManagedRulesACFPRuleSet": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesACFPRuleSet", "markdownDescription": "Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests.\n\nFor information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* .", "title": "AWSManagedRulesACFPRuleSet" }, "AWSManagedRulesATPRuleSet": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesATPRuleSet", "markdownDescription": "Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.\n\nThis configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration.\n\nFor information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* .", "title": "AWSManagedRulesATPRuleSet" }, "AWSManagedRulesBotControlRuleSet": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AWSManagedRulesBotControlRuleSet", "markdownDescription": "Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* .", "title": "AWSManagedRulesBotControlRuleSet" }, "LoginPath": { "markdownDescription": "> Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` .", "title": "LoginPath", "type": "string" }, "PasswordField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", "title": "PasswordField" }, "PayloadType": { "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", "title": "PayloadType", "type": "string" }, "UsernameField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "> Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` .", "title": "UsernameField" } }, "type": "object" }, "AWS::WAFv2::WebACL.ManagedRuleGroupStatement": { "additionalProperties": false, "properties": { "ExcludedRules": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" }, "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", "title": "ExcludedRules", "type": "array" }, "ManagedRuleGroupConfigs": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupConfig" }, "markdownDescription": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.\n\nThe rule groups used for intelligent threat mitigation require additional configuration:\n\n- Use the `AWSManagedRulesACFPRuleSet` configuration object to configure the account creation fraud prevention managed rule group. The configuration includes the registration and sign-up pages of your application and the locations in the account creation request payload of data, such as the user email and phone number fields.\n- Use the `AWSManagedRulesATPRuleSet` configuration object to configure the account takeover prevention managed rule group. The configuration includes the sign-in page of your application and the locations in the login request payload of data such as the username and password.\n- Use the `AWSManagedRulesBotControlRuleSet` configuration object to configure the protection level that you want the Bot Control rule group to use.", "title": "ManagedRuleGroupConfigs", "type": "array" }, "Name": { "markdownDescription": "The name of the managed rule group. You use this, along with the vendor name, to identify the rule group.", "title": "Name", "type": "string" }, "RuleActionOverrides": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" }, "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", "title": "RuleActionOverrides", "type": "array" }, "ScopeDownStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" }, "VendorName": { "markdownDescription": "The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group.", "title": "VendorName", "type": "string" }, "Version": { "markdownDescription": "The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings.", "title": "Version", "type": "string" } }, "required": [ "Name", "VendorName" ], "type": "object" }, "AWS::WAFv2::WebACL.NotStatement": { "additionalProperties": false, "properties": { "Statement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The statement to negate. You can use any statement that can be nested.", "title": "Statement" } }, "required": [ "Statement" ], "type": "object" }, "AWS::WAFv2::WebACL.OrStatement": { "additionalProperties": false, "properties": { "Statements": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement" }, "markdownDescription": "The statements to combine with OR logic. You can use any statements that can be nested.", "title": "Statements", "type": "array" } }, "required": [ "Statements" ], "type": "object" }, "AWS::WAFv2::WebACL.OverrideAction": { "additionalProperties": false, "properties": { "Count": { "markdownDescription": "Override the rule group evaluation result to count only.\n\n> This option is usually set to none. It does not affect how the rules in the rule group are evaluated. If you want the rules in the rule group to only count matches, do not use this and instead use the rule action override option, with `Count` action, in your rule group reference statement settings.", "title": "Count", "type": "object" }, "None": { "markdownDescription": "Don't override the rule group evaluation result. This is the most common setting.", "title": "None", "type": "object" } }, "type": "object" }, "AWS::WAFv2::WebACL.RateBasedStatement": { "additionalProperties": false, "properties": { "AggregateKeyType": { "markdownDescription": "Setting that indicates how to aggregate the request counts.\n\n> Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. \n\n- `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement.\n\nWith this option, you must configure the `ScopeDownStatement` property.\n- `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys.\n\nWith this option, you must specify the aggregate keys in the `CustomKeys` property.\n\nTo aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` .\n- `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header.\n\nWith this option, you must specify the header to use in the `ForwardedIPConfig` property.\n\nTo aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` .\n- `IP` - Aggregate the request counts on the IP address from the web request origin.\n\nTo aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` .", "title": "AggregateKeyType", "type": "string" }, "CustomKeys": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatementCustomKey" }, "markdownDescription": "Specifies the aggregate keys to use in a rate-base rule.", "title": "CustomKeys", "type": "array" }, "EvaluationWindowSec": { "markdownDescription": "The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600.\n\nThis setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds.\n\nDefault: `300` (5 minutes)", "title": "EvaluationWindowSec", "type": "number" }, "ForwardedIPConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ForwardedIPConfiguration", "markdownDescription": "The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name.\n\n> If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. \n\nThis is required if you specify a forwarded IP in the rule's aggregate key settings.", "title": "ForwardedIPConfig" }, "Limit": { "markdownDescription": "The limit on requests per 5-minute period for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement.\n\nExamples:\n\n- If you aggregate on just the IP address, this is the limit on requests from any single IP address.\n- If you aggregate on the HTTP method and the query argument name \"city\", then this is the limit on requests for any single method, city pair.", "title": "Limit", "type": "number" }, "ScopeDownStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement.", "title": "ScopeDownStatement" } }, "required": [ "AggregateKeyType", "Limit" ], "type": "object" }, "AWS::WAFv2::WebACL.RateBasedStatementCustomKey": { "additionalProperties": false, "properties": { "Cookie": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitCookie", "markdownDescription": "Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance.", "title": "Cookie" }, "ForwardedIP": { "markdownDescription": "Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` .\n\nWith this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property.", "title": "ForwardedIP", "type": "object" }, "HTTPMethod": { "markdownDescription": "Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance.", "title": "HTTPMethod", "type": "object" }, "Header": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitHeader", "markdownDescription": "Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance.", "title": "Header" }, "IP": { "markdownDescription": "Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance.\n\nWhen you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` .", "title": "IP", "type": "object" }, "LabelNamespace": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitLabelNamespace", "markdownDescription": "Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance.\n\nThis uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL.\n\nFor information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* .", "title": "LabelNamespace" }, "QueryArgument": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryArgument", "markdownDescription": "Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance.", "title": "QueryArgument" }, "QueryString": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitQueryString", "markdownDescription": "Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance.", "title": "QueryString" }, "UriPath": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateLimitUriPath", "markdownDescription": "Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance.", "title": "UriPath" } }, "type": "object" }, "AWS::WAFv2::WebACL.RateLimitCookie": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the cookie to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RateLimitHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the header to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RateLimitLabelNamespace": { "additionalProperties": false, "properties": { "Namespace": { "markdownDescription": "The namespace to use for aggregation.", "title": "Namespace", "type": "string" } }, "required": [ "Namespace" ], "type": "object" }, "AWS::WAFv2::WebACL.RateLimitQueryArgument": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query argument to use.", "title": "Name", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "Name", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RateLimitQueryString": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RateLimitUriPath": { "additionalProperties": false, "properties": { "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents.", "title": "TextTransformations", "type": "array" } }, "required": [ "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RegexMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "RegexString": { "markdownDescription": "The string representing the regular expression.", "title": "RegexString", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "RegexString", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references.", "title": "Arn", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "Arn", "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.RequestBodyAssociatedResourceTypeConfig": { "additionalProperties": false, "properties": { "DefaultSizeInspectionLimit": { "markdownDescription": "Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body.\n\nDefault: `16 KB (16,384 bytes)`", "title": "DefaultSizeInspectionLimit", "type": "string" } }, "required": [ "DefaultSizeInspectionLimit" ], "type": "object" }, "AWS::WAFv2::WebACL.RequestInspection": { "additionalProperties": false, "properties": { "PasswordField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", "title": "PasswordField" }, "PayloadType": { "markdownDescription": "The payload type for your login endpoint, either JSON or form encoded.", "title": "PayloadType", "type": "string" }, "UsernameField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", "title": "UsernameField" } }, "required": [ "PasswordField", "PayloadType", "UsernameField" ], "type": "object" }, "AWS::WAFv2::WebACL.RequestInspectionACFP": { "additionalProperties": false, "properties": { "AddressFields": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" }, "markdownDescription": "The names of the fields in the request payload that contain your customer's primary physical address.\n\nOrder the address fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the address fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryaddressline1\": \"THE_ADDRESS1\", \"primaryaddressline2\": \"THE_ADDRESS2\", \"primaryaddressline3\": \"THE_ADDRESS3\" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` .", "title": "AddressFields", "type": "array" }, "EmailField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "The name of the field in the request payload that contains your customer's email.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"email\": \"THE_EMAIL\" } }` , the email field specification is `/form/email` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `email1` , the email field specification is `email1` .", "title": "EmailField" }, "PasswordField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "The name of the field in the request payload that contains your customer's password.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"password\": \"THE_PASSWORD\" } }` , the password field specification is `/form/password` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `password1` , the password field specification is `password1` .", "title": "PasswordField" }, "PayloadType": { "markdownDescription": "The payload type for your account creation endpoint, either JSON or form encoded.", "title": "PayloadType", "type": "string" }, "PhoneNumberFields": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier" }, "markdownDescription": "The names of the fields in the request payload that contain your customer's primary phone number.\n\nOrder the phone number fields in the array exactly as they are ordered in the request payload.\n\nHow you specify the phone number fields depends on the request inspection payload type.\n\n- For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"primaryphoneline1\": \"THE_PHONE1\", \"primaryphoneline2\": \"THE_PHONE2\", \"primaryphoneline3\": \"THE_PHONE3\" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` .", "title": "PhoneNumberFields", "type": "array" }, "UsernameField": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldIdentifier", "markdownDescription": "The name of the field in the request payload that contains your customer's username.\n\nHow you specify this depends on the request inspection payload type.\n\n- For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) .\n\nFor example, for the JSON payload `{ \"form\": { \"username\": \"THE_USERNAME\" } }` , the username field specification is `/form/username` .\n- For form encoded payload types, use the HTML form names.\n\nFor example, for an HTML form with the input element named `username1` , the username field specification is `username1`", "title": "UsernameField" } }, "required": [ "PayloadType" ], "type": "object" }, "AWS::WAFv2::WebACL.ResponseInspection": { "additionalProperties": false, "properties": { "BodyContains": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionBodyContains", "markdownDescription": "Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body.", "title": "BodyContains" }, "Header": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionHeader", "markdownDescription": "Configures inspection of the response header for success and failure indicators.", "title": "Header" }, "Json": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionJson", "markdownDescription": "Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON.", "title": "Json" }, "StatusCode": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ResponseInspectionStatusCode", "markdownDescription": "Configures inspection of the response status code for success and failure indicators.", "title": "StatusCode" } }, "type": "object" }, "AWS::WAFv2::WebACL.ResponseInspectionBodyContains": { "additionalProperties": false, "properties": { "FailureStrings": { "items": { "type": "string" }, "markdownDescription": "Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON example: `\"FailureStrings\": [ \"Request failed\" ]`", "title": "FailureStrings", "type": "array" }, "SuccessStrings": { "items": { "type": "string" }, "markdownDescription": "Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.\n\nJSON examples: `\"SuccessStrings\": [ \"Login successful\" ]` and `\"SuccessStrings\": [ \"Account creation successful\", \"Welcome to our site!\" ]`", "title": "SuccessStrings", "type": "array" } }, "required": [ "FailureStrings", "SuccessStrings" ], "type": "object" }, "AWS::WAFv2::WebACL.ResponseInspectionHeader": { "additionalProperties": false, "properties": { "FailureValues": { "items": { "type": "string" }, "markdownDescription": "Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]` and `\"FailureValues\": [ \"AccountCreationFailed\" ]`", "title": "FailureValues", "type": "array" }, "Name": { "markdownDescription": "The name of the header to match against. The name must be an exact match, including case.\n\nJSON example: `\"Name\": [ \"RequestResult\" ]`", "title": "Name", "type": "string" }, "SuccessValues": { "items": { "type": "string" }, "markdownDescription": "Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON examples: `\"SuccessValues\": [ \"LoginPassed\", \"Successful login\" ]` and `\"SuccessValues\": [ \"AccountCreated\", \"Successful account creation\" ]`", "title": "SuccessValues", "type": "array" } }, "required": [ "FailureValues", "Name", "SuccessValues" ], "type": "object" }, "AWS::WAFv2::WebACL.ResponseInspectionJson": { "additionalProperties": false, "properties": { "FailureValues": { "items": { "type": "string" }, "markdownDescription": "Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"FailureValues\": [ \"False\", \"Failed\" ]`", "title": "FailureValues", "type": "array" }, "Identifier": { "markdownDescription": "The identifier for the value to match against in the JSON. The identifier must be an exact match, including case.\n\nJSON examples: `\"Identifier\": [ \"/login/success\" ]` and `\"Identifier\": [ \"/sign-up/success\" ]`", "title": "Identifier", "type": "string" }, "SuccessValues": { "items": { "type": "string" }, "markdownDescription": "Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values.\n\nJSON example: `\"SuccessValues\": [ \"True\", \"Succeeded\" ]`", "title": "SuccessValues", "type": "array" } }, "required": [ "FailureValues", "Identifier", "SuccessValues" ], "type": "object" }, "AWS::WAFv2::WebACL.ResponseInspectionStatusCode": { "additionalProperties": false, "properties": { "FailureCodes": { "items": { "type": "number" }, "markdownDescription": "Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"FailureCodes\": [ 400, 404 ]`", "title": "FailureCodes", "type": "array" }, "SuccessCodes": { "items": { "type": "number" }, "markdownDescription": "Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes.\n\nJSON example: `\"SuccessCodes\": [ 200, 201 ]`", "title": "SuccessCodes", "type": "array" } }, "required": [ "FailureCodes", "SuccessCodes" ], "type": "object" }, "AWS::WAFv2::WebACL.Rule": { "additionalProperties": false, "properties": { "Action": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", "markdownDescription": "The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting.\n\nThis is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nYou must set either this `Action` setting or the rule's `OverrideAction` , but not both:\n\n- If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting.\n- If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group.", "title": "Action" }, "CaptchaConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaConfig", "markdownDescription": "Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL.", "title": "CaptchaConfig" }, "ChallengeConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeConfig", "markdownDescription": "Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL.", "title": "ChallengeConfig" }, "Name": { "markdownDescription": "The name of the rule.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name.", "title": "Name", "type": "string" }, "OverrideAction": { "$ref": "#/definitions/AWS::WAFv2::WebACL.OverrideAction", "markdownDescription": "The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` .\n\nSet the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings.\n\nYou must set either this `OverrideAction` setting or the `Action` setting, but not both:\n\n- If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting.\n- If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting.", "title": "OverrideAction" }, "Priority": { "markdownDescription": "If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", "type": "number" }, "RuleLabels": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Label" }, "markdownDescription": "Labels to apply to web requests that match the rule match statement. AWS WAF applies fully qualified labels to matching web requests. A fully qualified label is the concatenation of a label namespace and a rule label. The rule's rule group or web ACL defines the label namespace.\n\nRules that run after this rule in the web ACL can match against these labels using a `LabelMatchStatement` .\n\nFor each label, provide a case-sensitive string containing optional namespaces and a label name, according to the following guidelines:\n\n- Separate each component of the label with a colon.\n- Each namespace or name can have up to 128 characters.\n- You can specify up to 5 namespaces in a label.\n- Don't use the following reserved words in your label specification: `aws` , `waf` , `managed` , `rulegroup` , `webacl` , `regexpatternset` , or `ipset` .\n\nFor example, `myLabelName` or `nameSpace1:nameSpace2:myLabelName` .", "title": "RuleLabels", "type": "array" }, "Statement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.Statement", "markdownDescription": "The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` .", "title": "Statement" }, "VisibilityConfig": { "$ref": "#/definitions/AWS::WAFv2::WebACL.VisibilityConfig", "markdownDescription": "Defines and enables Amazon CloudWatch metrics and web request sample collection.\n\nIf you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name.", "title": "VisibilityConfig" } }, "required": [ "Name", "Priority", "Statement", "VisibilityConfig" ], "type": "object" }, "AWS::WAFv2::WebACL.RuleAction": { "additionalProperties": false, "properties": { "Allow": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AllowAction", "markdownDescription": "Instructs AWS WAF to allow the web request.", "title": "Allow" }, "Block": { "$ref": "#/definitions/AWS::WAFv2::WebACL.BlockAction", "markdownDescription": "Instructs AWS WAF to block the web request.", "title": "Block" }, "Captcha": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CaptchaAction", "markdownDescription": "Specifies that AWS WAF should run a `CAPTCHA` check against the request:\n\n- If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` .\n- If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination.\n\nAWS WAF generates a response that it sends back to the client, which includes the following:\n\n- The header `x-amzn-waf-action` with a value of `captcha` .\n- The HTTP status code `405 Method Not Allowed` .\n- If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge.\n\nYou can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting.\n\nThis action option is available for rules. It isn't available for web ACL default actions.", "title": "Captcha" }, "Challenge": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ChallengeAction", "markdownDescription": "Instructs AWS WAF to run a `Challenge` check against the web request.", "title": "Challenge" }, "Count": { "$ref": "#/definitions/AWS::WAFv2::WebACL.CountAction", "markdownDescription": "Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL.", "title": "Count" } }, "type": "object" }, "AWS::WAFv2::WebACL.RuleActionOverride": { "additionalProperties": false, "properties": { "ActionToUse": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleAction", "markdownDescription": "The override action to use, in place of the configured action of the rule in the rule group.", "title": "ActionToUse" }, "Name": { "markdownDescription": "The name of the rule to override.", "title": "Name", "type": "string" } }, "required": [ "ActionToUse", "Name" ], "type": "object" }, "AWS::WAFv2::WebACL.RuleGroupReferenceStatement": { "additionalProperties": false, "properties": { "Arn": { "markdownDescription": "The Amazon Resource Name (ARN) of the entity.", "title": "Arn", "type": "string" }, "ExcludedRules": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ExcludedRule" }, "markdownDescription": "Rules in the referenced rule group whose actions are set to `Count` .\n\n> Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` .", "title": "ExcludedRules", "type": "array" }, "RuleActionOverrides": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleActionOverride" }, "markdownDescription": "Action settings to use in the place of the rule actions that are configured inside the rule group. You specify one override for each rule whose action you want to change.\n\nYou can use overrides for testing, for example you can override all of rule actions to `Count` and then monitor the resulting count metrics to understand how the rule group would handle your web traffic. You can also permanently override some or all actions, to modify how the rule group manages your web traffic.", "title": "RuleActionOverrides", "type": "array" } }, "required": [ "Arn" ], "type": "object" }, "AWS::WAFv2::WebACL.SingleHeader": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query header to inspect.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::WebACL.SingleQueryArgument": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "The name of the query argument to inspect.", "title": "Name", "type": "string" } }, "required": [ "Name" ], "type": "object" }, "AWS::WAFv2::WebACL.SizeConstraintStatement": { "additionalProperties": false, "properties": { "ComparisonOperator": { "markdownDescription": "The operator to use to compare the request part to the size setting.", "title": "ComparisonOperator", "type": "string" }, "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "Size": { "markdownDescription": "The size, in byte, to compare to the request part, after any transformations.", "title": "Size", "type": "number" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "ComparisonOperator", "FieldToMatch", "Size", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.SqliMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "SensitivityLevel": { "markdownDescription": "The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks.\n\n`HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* .\n\n`LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives.\n\nDefault: `LOW`", "title": "SensitivityLevel", "type": "string" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACL.Statement": { "additionalProperties": false, "properties": { "AndStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.AndStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` .", "title": "AndStatement" }, "ByteMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ByteMatchStatement", "markdownDescription": "A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement.", "title": "ByteMatchStatement" }, "GeoMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.GeoMatchStatement", "markdownDescription": "A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match.\n\n- To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array.\n- Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed.\n\nAWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` .\n\nIf you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` .\n\nIf you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` .\n\nFor additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) .", "title": "GeoMatchStatement" }, "IPSetReferenceStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.IPSetReferenceStatement", "markdownDescription": "A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement.\n\nEach IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "IPSetReferenceStatement" }, "LabelMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.LabelMatchStatement", "markdownDescription": "A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL.\n\nThe label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement.", "title": "LabelMatchStatement" }, "ManagedRuleGroupStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.ManagedRuleGroupStatement", "markdownDescription": "A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` .\n\nYou cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule.\n\n> You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) .", "title": "ManagedRuleGroupStatement" }, "NotStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.NotStatement", "markdownDescription": "A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` .", "title": "NotStatement" }, "OrStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.OrStatement", "markdownDescription": "A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` .", "title": "OrStatement" }, "RateBasedStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RateBasedStatement", "markdownDescription": "A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance.\n\n> If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. \n\nYou can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie.\n\nEach unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition.\n\nFor example, assume the rule evaluates web requests with the following IP address and HTTP method values:\n\n- IP address 10.1.1.1, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n- IP address 127.0.0.0, HTTP method POST\n- IP address 10.1.1.1, HTTP method GET\n\nThe rule would create different aggregation instances according to your aggregation criteria, for example:\n\n- If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1: count 3\n- IP address 127.0.0.0: count 1\n- If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- HTTP method POST: count 2\n- HTTP method GET: count 2\n- If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following:\n\n- IP address 10.1.1.1, HTTP method POST: count 1\n- IP address 10.1.1.1, HTTP method GET: count 2\n- IP address 127.0.0.0, HTTP method POST: count 1\n\nFor any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually.\n\nYou can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule.\n\nYou cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group.\n\nFor additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* .\n\nIf you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations.\n\nAWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF .", "title": "RateBasedStatement" }, "RegexMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexMatchStatement", "markdownDescription": "A rule statement used to search web request components for a match against a single regular expression.", "title": "RegexMatchStatement" }, "RegexPatternSetReferenceStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RegexPatternSetReferenceStatement", "markdownDescription": "A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set.\n\nEach regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it.", "title": "RegexPatternSetReferenceStatement" }, "RuleGroupReferenceStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.RuleGroupReferenceStatement", "markdownDescription": "A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement.\n\nYou cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL.", "title": "RuleGroupReferenceStatement" }, "SizeConstraintStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.SizeConstraintStatement", "markdownDescription": "A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes.\n\nIf you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type.\n\nIf you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long.", "title": "SizeConstraintStatement" }, "SqliMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.SqliMatchStatement", "markdownDescription": "A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it.", "title": "SqliMatchStatement" }, "XssMatchStatement": { "$ref": "#/definitions/AWS::WAFv2::WebACL.XssMatchStatement", "markdownDescription": "A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers.", "title": "XssMatchStatement" } }, "type": "object" }, "AWS::WAFv2::WebACL.TextTransformation": { "additionalProperties": false, "properties": { "Priority": { "markdownDescription": "Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different.", "title": "Priority", "type": "number" }, "Type": { "markdownDescription": "For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* .", "title": "Type", "type": "string" } }, "required": [ "Priority", "Type" ], "type": "object" }, "AWS::WAFv2::WebACL.VisibilityConfig": { "additionalProperties": false, "properties": { "CloudWatchMetricsEnabled": { "markdownDescription": "Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* .\n\nFor web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information,\nsee [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* .", "title": "CloudWatchMetricsEnabled", "type": "boolean" }, "MetricName": { "markdownDescription": "A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` .", "title": "MetricName", "type": "string" }, "SampledRequestsEnabled": { "markdownDescription": "Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console.\n\n> Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. The only way to exclude fields from request sampling is by disabling sampling in the web ACL visibility configuration.", "title": "SampledRequestsEnabled", "type": "boolean" } }, "required": [ "CloudWatchMetricsEnabled", "MetricName", "SampledRequestsEnabled" ], "type": "object" }, "AWS::WAFv2::WebACL.XssMatchStatement": { "additionalProperties": false, "properties": { "FieldToMatch": { "$ref": "#/definitions/AWS::WAFv2::WebACL.FieldToMatch", "markdownDescription": "The part of the web request that you want AWS WAF to inspect.", "title": "FieldToMatch" }, "TextTransformations": { "items": { "$ref": "#/definitions/AWS::WAFv2::WebACL.TextTransformation" }, "markdownDescription": "Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match.", "title": "TextTransformations", "type": "array" } }, "required": [ "FieldToMatch", "TextTransformations" ], "type": "object" }, "AWS::WAFv2::WebACLAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ResourceArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the resource to associate with the web ACL.\n\nThe ARN must be in one of the following formats:\n\n- For an Application Load Balancer: `arn: *partition* :elasticloadbalancing: *region* : *account-id* :loadbalancer/app/ *load-balancer-name* / *load-balancer-id*`\n- For an Amazon API Gateway REST API: `arn: *partition* :apigateway: *region* ::/restapis/ *api-id* /stages/ *stage-name*`\n- For an AWS AppSync GraphQL API: `arn: *partition* :appsync: *region* : *account-id* :apis/ *GraphQLApiId*`\n- For an Amazon Cognito user pool: `arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*`\n- For an AWS App Runner service: `arn: *partition* :apprunner: *region* : *account-id* :service/ *apprunner-service-name* / *apprunner-service-id*`\n- For an AWS Verified Access instance: `arn: *partition* :ec2: *region* : *account-id* :verified-access-instance/ *instance-id*`", "title": "ResourceArn", "type": "string" }, "WebACLArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the web ACL that you want to associate with the resource.", "title": "WebACLArn", "type": "string" } }, "required": [ "ResourceArn", "WebACLArn" ], "type": "object" }, "Type": { "enum": [ "AWS::WAFv2::WebACLAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Wisdom::Assistant": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the assistant.", "title": "Description", "type": "string" }, "Name": { "markdownDescription": "The name of the assistant.", "title": "Name", "type": "string" }, "ServerSideEncryptionConfiguration": { "$ref": "#/definitions/AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration", "markdownDescription": "The configuration information for the customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) .", "title": "ServerSideEncryptionConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" }, "Type": { "markdownDescription": "The type of assistant.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "type": "object" }, "Type": { "enum": [ "AWS::Wisdom::Assistant" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Wisdom::Assistant.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::Wisdom::AssistantAssociation": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AssistantId": { "markdownDescription": "The identifier of the Wisdom assistant.", "title": "AssistantId", "type": "string" }, "Association": { "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation.AssociationData", "markdownDescription": "The identifier of the associated resource.", "title": "Association" }, "AssociationType": { "markdownDescription": "The type of association.", "title": "AssociationType", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "AssistantId", "Association", "AssociationType" ], "type": "object" }, "Type": { "enum": [ "AWS::Wisdom::AssistantAssociation" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Wisdom::AssistantAssociation.AssociationData": { "additionalProperties": false, "properties": { "KnowledgeBaseId": { "markdownDescription": "The identifier of the knowledge base.", "title": "KnowledgeBaseId", "type": "string" } }, "required": [ "KnowledgeBaseId" ], "type": "object" }, "AWS::Wisdom::KnowledgeBase": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description.", "title": "Description", "type": "string" }, "KnowledgeBaseType": { "markdownDescription": "The type of knowledge base. Only CUSTOM knowledge bases allow you to upload your own content. EXTERNAL knowledge bases support integrations with third-party systems whose content is synchronized automatically.", "title": "KnowledgeBaseType", "type": "string" }, "Name": { "markdownDescription": "The name of the knowledge base.", "title": "Name", "type": "string" }, "RenderingConfiguration": { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.RenderingConfiguration", "markdownDescription": "Information about how to render the content.", "title": "RenderingConfiguration" }, "ServerSideEncryptionConfiguration": { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration", "markdownDescription": "This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* .", "title": "ServerSideEncryptionConfiguration" }, "SourceConfiguration": { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.SourceConfiguration", "markdownDescription": "The source of the knowledge base content. Only set this argument for EXTERNAL knowledge bases.", "title": "SourceConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags used to organize, track, or control access for this resource.", "title": "Tags", "type": "array" } }, "required": [ "KnowledgeBaseType", "Name" ], "type": "object" }, "Type": { "enum": [ "AWS::Wisdom::KnowledgeBase" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration": { "additionalProperties": false, "properties": { "AppIntegrationArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AppIntegrations DataIntegration to use for ingesting content.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` as source fields.\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , your AppIntegrations DataIntegration must have an ObjectConfiguration if objectFields is not provided, including at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` as source fields.\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , your AppIntegrations DataIntegration must have an ObjectConfiguration if `objectFields` is not provided, including at least `id` , `title` , `updated_at` , and `draft` as source fields.\n- For [SharePoint](https://docs.aws.amazon.com/https://learn.microsoft.com/en-us/sharepoint/dev/sp-add-ins/sharepoint-net-server-csom-jsom-and-rest-api-index) , your AppIntegrations DataIntegration must have a FileConfiguration, including only file extensions that are among `docx` , `pdf` , `html` , `htm` , and `txt` .\n- For [Amazon S3](https://docs.aws.amazon.com/https://aws.amazon.com/s3/) , the ObjectConfiguration and FileConfiguration of your AppIntegrations DataIntegration must be null. The `SourceURI` of your DataIntegration must use the following format: `s3://your_s3_bucket_name` .\n\n> The bucket policy of the corresponding S3 bucket must allow the AWS principal `app-integrations.amazonaws.com` to perform `s3:ListBucket` , `s3:GetObject` , and `s3:GetBucketLocation` against the bucket.", "title": "AppIntegrationArn", "type": "string" }, "ObjectFields": { "items": { "type": "string" }, "markdownDescription": "The fields from the source that are made available to your agents in Amazon Q in Connect. Optional if ObjectConfiguration is included in the provided DataIntegration.\n\n- For [Salesforce](https://docs.aws.amazon.com/https://developer.salesforce.com/docs/atlas.en-us.knowledge_dev.meta/knowledge_dev/sforce_api_objects_knowledge__kav.htm) , you must include at least `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , and `IsDeleted` .\n- For [ServiceNow](https://docs.aws.amazon.com/https://developer.servicenow.com/dev.do#!/reference/api/rome/rest/knowledge-management-api) , you must include at least `number` , `short_description` , `sys_mod_count` , `workflow_state` , and `active` .\n- For [Zendesk](https://docs.aws.amazon.com/https://developer.zendesk.com/api-reference/help_center/help-center-api/articles/) , you must include at least `id` , `title` , `updated_at` , and `draft` .\n\nMake sure to include additional fields. These fields are indexed and used to source recommendations.", "title": "ObjectFields", "type": "array" } }, "required": [ "AppIntegrationArn" ], "type": "object" }, "AWS::Wisdom::KnowledgeBase.RenderingConfiguration": { "additionalProperties": false, "properties": { "TemplateUri": { "markdownDescription": "A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following:\n\n- Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted`\n- ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active`\n- Zendesk: `id` , `title` , `updated_at` , or `draft`\n\nThe variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) .", "title": "TemplateUri", "type": "string" } }, "type": "object" }, "AWS::Wisdom::KnowledgeBase.ServerSideEncryptionConfiguration": { "additionalProperties": false, "properties": { "KmsKeyId": { "markdownDescription": "The customer managed key used for encryption.\n\nThis customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom.\n\nFor more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) .", "title": "KmsKeyId", "type": "string" } }, "type": "object" }, "AWS::Wisdom::KnowledgeBase.SourceConfiguration": { "additionalProperties": false, "properties": { "AppIntegrations": { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase.AppIntegrationsConfiguration", "markdownDescription": "Configuration information for Amazon AppIntegrations to automatically ingest content.", "title": "AppIntegrations" } }, "required": [ "AppIntegrations" ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "ConnectionString": { "markdownDescription": "The connection string specified for the connection alias. The connection string must be in the form of a fully qualified domain name (FQDN), such as `www.example.com` .", "title": "ConnectionString", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to associate with the connection alias.", "title": "Tags", "type": "array" } }, "required": [ "ConnectionString" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpaces::ConnectionAlias" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpaces::ConnectionAlias.ConnectionAliasAssociation": { "additionalProperties": false, "properties": { "AssociatedAccountId": { "markdownDescription": "The identifier of the AWS account that associated the connection alias with a directory.", "title": "AssociatedAccountId", "type": "string" }, "AssociationStatus": { "markdownDescription": "The association status of the connection alias.", "title": "AssociationStatus", "type": "string" }, "ConnectionIdentifier": { "markdownDescription": "The identifier of the connection alias association. You use the connection identifier in the DNS TXT record when you're configuring your DNS routing policies.", "title": "ConnectionIdentifier", "type": "string" }, "ResourceId": { "markdownDescription": "The identifier of the directory associated with a connection alias.", "title": "ResourceId", "type": "string" } }, "type": "object" }, "AWS::WorkSpaces::Workspace": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BundleId": { "markdownDescription": "The identifier of the bundle for the WorkSpace.", "title": "BundleId", "type": "string" }, "DirectoryId": { "markdownDescription": "The identifier of the AWS Directory Service directory for the WorkSpace.", "title": "DirectoryId", "type": "string" }, "RootVolumeEncryptionEnabled": { "markdownDescription": "Indicates whether the data stored on the root volume is encrypted.", "title": "RootVolumeEncryptionEnabled", "type": "boolean" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags for the WorkSpace.", "title": "Tags", "type": "array" }, "UserName": { "markdownDescription": "The user name of the user for the WorkSpace. This user name must exist in the AWS Directory Service directory for the WorkSpace.", "title": "UserName", "type": "string" }, "UserVolumeEncryptionEnabled": { "markdownDescription": "Indicates whether the data stored on the user volume is encrypted.", "title": "UserVolumeEncryptionEnabled", "type": "boolean" }, "VolumeEncryptionKey": { "markdownDescription": "The symmetric AWS KMS key used to encrypt data stored on your WorkSpace. Amazon WorkSpaces does not support asymmetric KMS keys.", "title": "VolumeEncryptionKey", "type": "string" }, "WorkspaceProperties": { "$ref": "#/definitions/AWS::WorkSpaces::Workspace.WorkspaceProperties", "markdownDescription": "The WorkSpace properties.", "title": "WorkspaceProperties" } }, "required": [ "BundleId", "DirectoryId", "UserName" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpaces::Workspace" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpaces::Workspace.WorkspaceProperties": { "additionalProperties": false, "properties": { "ComputeTypeName": { "markdownDescription": "The compute type. For more information, see [Amazon WorkSpaces Bundles](https://docs.aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles) .", "title": "ComputeTypeName", "type": "string" }, "RootVolumeSizeGib": { "markdownDescription": "The size of the root volume. For important information about how to modify the size of the root and user volumes, see [Modify a WorkSpace](https://docs.aws.amazon.com/workspaces/latest/adminguide/modify-workspaces.html) .", "title": "RootVolumeSizeGib", "type": "number" }, "RunningMode": { "markdownDescription": "The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html) .", "title": "RunningMode", "type": "string" }, "RunningModeAutoStopTimeoutInMinutes": { "markdownDescription": "The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals.", "title": "RunningModeAutoStopTimeoutInMinutes", "type": "number" }, "UserVolumeSizeGib": { "markdownDescription": "The size of the user storage. For important information about how to modify the size of the root and user volumes, see [Modify a WorkSpace](https://docs.aws.amazon.com/workspaces/latest/adminguide/modify-workspaces.html) .", "title": "UserVolumeSizeGib", "type": "number" } }, "type": "object" }, "AWS::WorkSpacesThinClient::Environment": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "DesiredSoftwareSetId": { "markdownDescription": "The ID of the software set to apply.", "title": "DesiredSoftwareSetId", "type": "string" }, "DesktopArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the desktop to stream from Amazon WorkSpaces, WorkSpaces Web, or AppStream 2.0.", "title": "DesktopArn", "type": "string" }, "DesktopEndpoint": { "markdownDescription": "The URL for the identity provider login (only for environments that use AppStream 2.0).", "title": "DesktopEndpoint", "type": "string" }, "KmsKeyArn": { "markdownDescription": "The Amazon Resource Name (ARN) of the AWS Key Management Service key used to encrypt the environment.", "title": "KmsKeyArn", "type": "string" }, "MaintenanceWindow": { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment.MaintenanceWindow", "markdownDescription": "A specification for a time window to apply software updates.", "title": "MaintenanceWindow" }, "Name": { "markdownDescription": "The name of the environment.", "title": "Name", "type": "string" }, "SoftwareSetUpdateMode": { "markdownDescription": "An option to define which software updates to apply.", "title": "SoftwareSetUpdateMode", "type": "string" }, "SoftwareSetUpdateSchedule": { "markdownDescription": "An option to define if software updates should be applied within a maintenance window.", "title": "SoftwareSetUpdateSchedule", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.\n\nFor more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) .", "title": "Tags", "type": "array" } }, "required": [ "DesktopArn" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesThinClient::Environment" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesThinClient::Environment.MaintenanceWindow": { "additionalProperties": false, "properties": { "ApplyTimeOf": { "markdownDescription": "The option to set the maintenance window during the device local time or Universal Coordinated Time (UTC).", "title": "ApplyTimeOf", "type": "string" }, "DaysOfTheWeek": { "items": { "type": "string" }, "markdownDescription": "The days of the week during which the maintenance window is open.", "title": "DaysOfTheWeek", "type": "array" }, "EndTimeHour": { "markdownDescription": "The hour for the maintenance window end ( `00` - `23` ).", "title": "EndTimeHour", "type": "number" }, "EndTimeMinute": { "markdownDescription": "The minutes for the maintenance window end ( `00` - `59` ).", "title": "EndTimeMinute", "type": "number" }, "StartTimeHour": { "markdownDescription": "The hour for the maintenance window start ( `00` - `23` ).", "title": "StartTimeHour", "type": "number" }, "StartTimeMinute": { "markdownDescription": "The minutes past the hour for the maintenance window start ( `00` - `59` ).", "title": "StartTimeMinute", "type": "number" }, "Type": { "markdownDescription": "An option to select the default or custom maintenance window.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WorkSpacesWeb::BrowserSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalEncryptionContext": { "additionalProperties": true, "markdownDescription": "Additional encryption context of the browser settings.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalEncryptionContext", "type": "object" }, "BrowserPolicy": { "markdownDescription": "A JSON string containing Chrome Enterprise policies that will be applied to all streaming sessions.", "title": "BrowserPolicy", "type": "string" }, "CustomerManagedKey": { "markdownDescription": "The custom managed key of the browser settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", "title": "CustomerManagedKey", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the browser settings resource. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::BrowserSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WorkSpacesWeb::IdentityProvider": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "IdentityProviderDetails": { "additionalProperties": true, "markdownDescription": "The identity provider details. The following list describes the provider detail keys for each identity provider type.\n\n- For Google and Login with Amazon:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- For Facebook:\n\n- `client_id`\n- `client_secret`\n- `authorize_scopes`\n- `api_version`\n- For Sign in with Apple:\n\n- `client_id`\n- `team_id`\n- `key_id`\n- `private_key`\n- `authorize_scopes`\n- For OIDC providers:\n\n- `client_id`\n- `client_secret`\n- `attributes_request_method`\n- `oidc_issuer`\n- `authorize_scopes`\n- `authorize_url` *if not available from discovery URL specified by oidc_issuer key*\n- `token_url` *if not available from discovery URL specified by oidc_issuer key*\n- `attributes_url` *if not available from discovery URL specified by oidc_issuer key*\n- `jwks_uri` *if not available from discovery URL specified by oidc_issuer key*\n- For SAML providers:\n\n- `MetadataFile` OR `MetadataURL`\n- `IDPSignout` (boolean) *optional*\n- `IDPInit` (boolean) *optional*\n- `RequestSigningAlgorithm` (string) *optional* - Only accepts `rsa-sha256`\n- `EncryptedResponses` (boolean) *optional*", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "IdentityProviderDetails", "type": "object" }, "IdentityProviderName": { "markdownDescription": "The identity provider name.", "title": "IdentityProviderName", "type": "string" }, "IdentityProviderType": { "markdownDescription": "The identity provider type.", "title": "IdentityProviderType", "type": "string" }, "PortalArn": { "markdownDescription": "The ARN of the identity provider.", "title": "PortalArn", "type": "string" } }, "required": [ "IdentityProviderDetails", "IdentityProviderName", "IdentityProviderType" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::IdentityProvider" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::IpAccessSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalEncryptionContext": { "additionalProperties": true, "markdownDescription": "Additional encryption context of the IP access settings.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalEncryptionContext", "type": "object" }, "CustomerManagedKey": { "markdownDescription": "The custom managed key of the IP access settings.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", "title": "CustomerManagedKey", "type": "string" }, "Description": { "markdownDescription": "The description of the IP access settings.", "title": "Description", "type": "string" }, "DisplayName": { "markdownDescription": "The display name of the IP access settings.", "title": "DisplayName", "type": "string" }, "IpRules": { "items": { "$ref": "#/definitions/AWS::WorkSpacesWeb::IpAccessSettings.IpRule" }, "markdownDescription": "The IP rules of the IP access settings.", "title": "IpRules", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the IP access settings resource. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "required": [ "IpRules" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::IpAccessSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::IpAccessSettings.IpRule": { "additionalProperties": false, "properties": { "Description": { "markdownDescription": "The description of the IP rule.", "title": "Description", "type": "string" }, "IpRange": { "markdownDescription": "The IP range of the IP rule. This can either be a single IP address or a range using CIDR notation.", "title": "IpRange", "type": "string" } }, "required": [ "IpRange" ], "type": "object" }, "AWS::WorkSpacesWeb::NetworkSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SecurityGroupIds": { "items": { "type": "string" }, "markdownDescription": "One or more security groups used to control access from streaming instances to your VPC.\n\n*Pattern* : `^[\\w+\\-]+$`", "title": "SecurityGroupIds", "type": "array" }, "SubnetIds": { "items": { "type": "string" }, "markdownDescription": "The subnets in which network interfaces are created to connect streaming instances to your VPC. At least two of these subnets must be in different availability zones.\n\n*Pattern* : `^subnet-([0-9a-f]{8}|[0-9a-f]{17})$`", "title": "SubnetIds", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the network settings resource. A tag is a key-value pair.", "title": "Tags", "type": "array" }, "VpcId": { "markdownDescription": "The VPC that streaming instances will connect to.\n\n*Pattern* : `^vpc-[0-9a-z]*$`", "title": "VpcId", "type": "string" } }, "required": [ "SecurityGroupIds", "SubnetIds", "VpcId" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::NetworkSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::Portal": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalEncryptionContext": { "additionalProperties": true, "markdownDescription": "The additional encryption context of the portal.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalEncryptionContext", "type": "object" }, "AuthenticationType": { "markdownDescription": "The type of authentication integration points used when signing into the web portal. Defaults to `Standard` .\n\n`Standard` web portals are authenticated directly through your identity provider (IdP). User and group access to your web portal is controlled through your IdP. You need to include an IdP resource in your template to integrate your IdP with your web portal. Completing the configuration for your IdP requires exchanging WorkSpaces Secure Browser\u2019s SP metadata with your IdP\u2019s IdP metadata. If your IdP requires the SP metadata first before returning the IdP metadata, you should follow these steps:\n\n1. Create and deploy a CloudFormation template with a `Standard` portal with no `IdentityProvider` resource.\n\n2. Retrieve the SP metadata using `Fn:GetAtt` , the WorkSpaces Secure Browser console, or by the calling the `GetPortalServiceProviderMetadata` API.\n\n3. Submit the data to your IdP.\n\n4. Add an `IdentityProvider` resource to your CloudFormation template.\n\n`IAM Identity Center` web portals are authenticated through AWS IAM Identity Center . They provide additional features, such as IdP-initiated authentication. Identity sources (including external identity provider integration) and other identity provider information must be configured in IAM Identity Center . User and group assignment must be done through the WorkSpaces Secure Browser console. These cannot be configured in CloudFormation.", "title": "AuthenticationType", "type": "string" }, "BrowserSettingsArn": { "markdownDescription": "The ARN of the browser settings that is associated with this web portal.", "title": "BrowserSettingsArn", "type": "string" }, "CustomerManagedKey": { "markdownDescription": "The customer managed key of the web portal.\n\n*Pattern* : `^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$`", "title": "CustomerManagedKey", "type": "string" }, "DisplayName": { "markdownDescription": "The name of the web portal.", "title": "DisplayName", "type": "string" }, "InstanceType": { "markdownDescription": "The type and resources of the underlying instance.", "title": "InstanceType", "type": "string" }, "IpAccessSettingsArn": { "markdownDescription": "The ARN of the IP access settings that is associated with the web portal.", "title": "IpAccessSettingsArn", "type": "string" }, "MaxConcurrentSessions": { "markdownDescription": "The maximum number of concurrent sessions for the portal.", "title": "MaxConcurrentSessions", "type": "number" }, "NetworkSettingsArn": { "markdownDescription": "The ARN of the network settings that is associated with the web portal.", "title": "NetworkSettingsArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the web portal. A tag is a key-value pair.", "title": "Tags", "type": "array" }, "TrustStoreArn": { "markdownDescription": "The ARN of the trust store that is associated with the web portal.", "title": "TrustStoreArn", "type": "string" }, "UserAccessLoggingSettingsArn": { "markdownDescription": "The ARN of the user access logging settings that is associated with the web portal.", "title": "UserAccessLoggingSettingsArn", "type": "string" }, "UserSettingsArn": { "markdownDescription": "The ARN of the user settings that is associated with the web portal.", "title": "UserSettingsArn", "type": "string" } }, "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::Portal" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::WorkSpacesWeb::TrustStore": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "CertificateList": { "items": { "type": "string" }, "markdownDescription": "A list of CA certificates to be added to the trust store.", "title": "CertificateList", "type": "array" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the trust store. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "required": [ "CertificateList" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::TrustStore" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::UserAccessLoggingSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "KinesisStreamArn": { "markdownDescription": "The ARN of the Kinesis stream.", "title": "KinesisStreamArn", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the user access logging settings resource. A tag is a key-value pair.", "title": "Tags", "type": "array" } }, "required": [ "KinesisStreamArn" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::UserAccessLoggingSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::UserSettings": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AdditionalEncryptionContext": { "additionalProperties": true, "markdownDescription": "The additional encryption context of the user settings.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "AdditionalEncryptionContext", "type": "object" }, "CookieSynchronizationConfiguration": { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration", "markdownDescription": "The configuration that specifies which cookies should be synchronized from the end user's local browser to the remote browser.", "title": "CookieSynchronizationConfiguration" }, "CopyAllowed": { "markdownDescription": "Specifies whether the user can copy text from the streaming session to the local device.", "title": "CopyAllowed", "type": "string" }, "CustomerManagedKey": { "markdownDescription": "The customer managed key used to encrypt sensitive information in the user settings.", "title": "CustomerManagedKey", "type": "string" }, "DisconnectTimeoutInMinutes": { "markdownDescription": "The amount of time that a streaming session remains active after users disconnect.", "title": "DisconnectTimeoutInMinutes", "type": "number" }, "DownloadAllowed": { "markdownDescription": "Specifies whether the user can download files from the streaming session to the local device.", "title": "DownloadAllowed", "type": "string" }, "IdleDisconnectTimeoutInMinutes": { "markdownDescription": "The amount of time that users can be idle (inactive) before they are disconnected from their streaming session and the disconnect timeout interval begins.", "title": "IdleDisconnectTimeoutInMinutes", "type": "number" }, "PasteAllowed": { "markdownDescription": "Specifies whether the user can paste text from the local device to the streaming session.", "title": "PasteAllowed", "type": "string" }, "PrintAllowed": { "markdownDescription": "Specifies whether the user can print to the local device.", "title": "PrintAllowed", "type": "string" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "The tags to add to the user settings resource. A tag is a key-value pair.", "title": "Tags", "type": "array" }, "UploadAllowed": { "markdownDescription": "Specifies whether the user can upload files from the local device to the streaming session.", "title": "UploadAllowed", "type": "string" } }, "required": [ "CopyAllowed", "DownloadAllowed", "PasteAllowed", "PrintAllowed", "UploadAllowed" ], "type": "object" }, "Type": { "enum": [ "AWS::WorkSpacesWeb::UserSettings" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::WorkSpacesWeb::UserSettings.CookieSpecification": { "additionalProperties": false, "properties": { "Domain": { "markdownDescription": "The domain of the cookie.", "title": "Domain", "type": "string" }, "Name": { "markdownDescription": "The name of the cookie.", "title": "Name", "type": "string" }, "Path": { "markdownDescription": "The path of the cookie.", "title": "Path", "type": "string" } }, "required": [ "Domain" ], "type": "object" }, "AWS::WorkSpacesWeb::UserSettings.CookieSynchronizationConfiguration": { "additionalProperties": false, "properties": { "Allowlist": { "items": { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" }, "markdownDescription": "The list of cookie specifications that are allowed to be synchronized to the remote browser.", "title": "Allowlist", "type": "array" }, "Blocklist": { "items": { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings.CookieSpecification" }, "markdownDescription": "The list of cookie specifications that are blocked from being synchronized to the remote browser.", "title": "Blocklist", "type": "array" } }, "required": [ "Allowlist" ], "type": "object" }, "AWS::XRay::Group": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "FilterExpression": { "markdownDescription": "The filter expression defining the parameters to include traces.", "title": "FilterExpression", "type": "string" }, "GroupName": { "markdownDescription": "The unique case-sensitive name of the group.", "title": "GroupName", "type": "string" }, "InsightsConfiguration": { "$ref": "#/definitions/AWS::XRay::Group.InsightsConfiguration", "markdownDescription": "The structure containing configurations related to insights.\n\n- The InsightsEnabled boolean can be set to true to enable insights for the group or false to disable insights for the group.\n- The NotificationsEnabled boolean can be set to true to enable insights notifications through Amazon EventBridge for the group.", "title": "InsightsConfiguration" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "required": [ "GroupName" ], "type": "object" }, "Type": { "enum": [ "AWS::XRay::Group" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::XRay::Group.InsightsConfiguration": { "additionalProperties": false, "properties": { "InsightsEnabled": { "markdownDescription": "Set the InsightsEnabled value to true to enable insights or false to disable insights.", "title": "InsightsEnabled", "type": "boolean" }, "NotificationsEnabled": { "markdownDescription": "Set the NotificationsEnabled value to true to enable insights notifications. Notifications can only be enabled on a group with InsightsEnabled set to true.", "title": "NotificationsEnabled", "type": "boolean" } }, "type": "object" }, "AWS::XRay::ResourcePolicy": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "BypassPolicyLockoutCheck": { "markdownDescription": "A flag to indicate whether to bypass the resource-based policy lockout safety check.", "title": "BypassPolicyLockoutCheck", "type": "boolean" }, "PolicyDocument": { "markdownDescription": "The resource-based policy document, which can be up to 5kb in size.", "title": "PolicyDocument", "type": "string" }, "PolicyName": { "markdownDescription": "The name of the resource-based policy. Must be unique within a specific AWS account.", "title": "PolicyName", "type": "string" } }, "required": [ "PolicyDocument", "PolicyName" ], "type": "object" }, "Type": { "enum": [ "AWS::XRay::ResourcePolicy" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "AWS::XRay::SamplingRule": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "SamplingRule": { "$ref": "#/definitions/AWS::XRay::SamplingRule.SamplingRule", "markdownDescription": "The sampling rule to be created or updated.", "title": "SamplingRule" }, "Tags": { "items": { "$ref": "#/definitions/Tag" }, "markdownDescription": "An array of key-value pairs to apply to this resource.", "title": "Tags", "type": "array" } }, "type": "object" }, "Type": { "enum": [ "AWS::XRay::SamplingRule" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "AWS::XRay::SamplingRule.SamplingRule": { "additionalProperties": false, "properties": { "Attributes": { "additionalProperties": true, "markdownDescription": "Matches attributes derived from the request.\n\n*Map Entries:* Maximum number of 5 items.\n\n*Key Length Constraints:* Minimum length of 1. Maximum length of 32.\n\n*Value Length Constraints:* Minimum length of 1. Maximum length of 32.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Attributes", "type": "object" }, "FixedRate": { "markdownDescription": "The percentage of matching requests to instrument, after the reservoir is exhausted.", "title": "FixedRate", "type": "number" }, "HTTPMethod": { "markdownDescription": "Matches the HTTP method of a request.", "title": "HTTPMethod", "type": "string" }, "Host": { "markdownDescription": "Matches the hostname from a request URL.", "title": "Host", "type": "string" }, "Priority": { "markdownDescription": "The priority of the sampling rule.", "title": "Priority", "type": "number" }, "ReservoirSize": { "markdownDescription": "A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively.", "title": "ReservoirSize", "type": "number" }, "ResourceARN": { "markdownDescription": "Matches the ARN of the AWS resource on which the service runs.", "title": "ResourceARN", "type": "string" }, "RuleARN": { "markdownDescription": "The ARN of the sampling rule. Specify a rule by either name or ARN, but not both.\n\n> Specifying a sampling rule by name is recommended, as specifying by ARN will be deprecated in future.", "title": "RuleARN", "type": "string" }, "RuleName": { "markdownDescription": "The name of the sampling rule. Specify a rule by either name or ARN, but not both.", "title": "RuleName", "type": "string" }, "ServiceName": { "markdownDescription": "Matches the `name` that the service uses to identify itself in segments.", "title": "ServiceName", "type": "string" }, "ServiceType": { "markdownDescription": "Matches the `origin` that the service uses to identify its type in segments.", "title": "ServiceType", "type": "string" }, "URLPath": { "markdownDescription": "Matches the path from a request URL.", "title": "URLPath", "type": "string" }, "Version": { "markdownDescription": "The version of the sampling rule. `Version` can only be set when creating a new sampling rule.", "title": "Version", "type": "number" } }, "required": [ "FixedRate", "HTTPMethod", "Host", "Priority", "ReservoirSize", "ResourceARN", "ServiceName", "ServiceType", "URLPath" ], "type": "object" }, "Alexa::ASK::Skill": { "additionalProperties": false, "properties": { "Condition": { "type": "string" }, "DeletionPolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" }, "DependsOn": { "anyOf": [ { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, { "items": { "pattern": "^[a-zA-Z0-9]+$", "type": "string" }, "type": "array" } ] }, "Metadata": { "type": "object" }, "Properties": { "additionalProperties": false, "properties": { "AuthenticationConfiguration": { "$ref": "#/definitions/Alexa::ASK::Skill.AuthenticationConfiguration", "markdownDescription": "Login with Amazon (LWA) configuration used to authenticate with the Alexa service. Only Login with Amazon clients created through the are supported. The client ID, client secret, and refresh token are required.", "title": "AuthenticationConfiguration" }, "SkillPackage": { "$ref": "#/definitions/Alexa::ASK::Skill.SkillPackage", "markdownDescription": "Configuration for the skill package that contains the components of the Alexa skill. Skill packages are retrieved from an Amazon S3 bucket and key and used to create and update the skill. For more information about the skill package format, see the .", "title": "SkillPackage" }, "VendorId": { "markdownDescription": "The vendor ID associated with the Amazon developer account that will host the skill. Details for retrieving the vendor ID are in . The provided LWA credentials must be linked to the developer account associated with this vendor ID.", "title": "VendorId", "type": "string" } }, "required": [ "AuthenticationConfiguration", "SkillPackage", "VendorId" ], "type": "object" }, "Type": { "enum": [ "Alexa::ASK::Skill" ], "type": "string" }, "UpdateReplacePolicy": { "enum": [ "Delete", "Retain", "Snapshot" ], "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "Alexa::ASK::Skill.AuthenticationConfiguration": { "additionalProperties": false, "properties": { "ClientId": { "markdownDescription": "Client ID from Login with Amazon (LWA).", "title": "ClientId", "type": "string" }, "ClientSecret": { "markdownDescription": "Client secret from Login with Amazon (LWA).", "title": "ClientSecret", "type": "string" }, "RefreshToken": { "markdownDescription": "Refresh token from Login with Amazon (LWA). This token is secret.", "title": "RefreshToken", "type": "string" } }, "required": [ "ClientId", "ClientSecret", "RefreshToken" ], "type": "object" }, "Alexa::ASK::Skill.Overrides": { "additionalProperties": false, "properties": { "Manifest": { "markdownDescription": "Overrides to apply to the skill manifest inside of the skill package. The skill manifest contains metadata about the skill. For more information, see .", "title": "Manifest", "type": "object" } }, "type": "object" }, "Alexa::ASK::Skill.SkillPackage": { "additionalProperties": false, "properties": { "Overrides": { "$ref": "#/definitions/Alexa::ASK::Skill.Overrides", "markdownDescription": "Overrides to the skill package to apply when creating or updating the skill. Values provided here do not modify the contents of the original skill package. Currently, only overriding values inside of the skill manifest component of the package is supported.", "title": "Overrides" }, "S3Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where the .zip file that contains the skill package is stored.", "title": "S3Bucket", "type": "string" }, "S3BucketRole": { "markdownDescription": "ARN of the IAM role that grants the Alexa service ( `alexa-appkit.amazon.com` ) permission to access the bucket and retrieve the skill package. This property is optional. If you do not provide it, the bucket must be publicly accessible or configured with a policy that allows this access. Otherwise, AWS CloudFormation cannot create the skill.", "title": "S3BucketRole", "type": "string" }, "S3Key": { "markdownDescription": "The location and name of the skill package .zip file.", "title": "S3Key", "type": "string" }, "S3ObjectVersion": { "markdownDescription": "If you have S3 versioning enabled, the version ID of the skill package.zip file.", "title": "S3ObjectVersion", "type": "string" } }, "required": [ "S3Bucket", "S3Key" ], "type": "object" }, "AlexaSkillEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/AlexaSkillEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "AlexaSkill" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "title": "AlexaSkillEvent", "type": "object" }, "AlexaSkillEventProperties": { "additionalProperties": false, "properties": { "SkillId": { "markdownDescription": "The Alexa Skill ID for your Alexa Skill\\. For more information about Skill ID see [Configure the trigger for a Lambda function](https://developer.amazon.com/docs/custom-skills/host-a-custom-skill-as-an-aws-lambda-function.html#configuring-the-alexa-skills-kit-trigger) in the Alexa Skills Kit documentation\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SkillId", "type": "string" } }, "title": "AlexaSkillEventProperties", "type": "object" }, "ApiAuth": { "additionalProperties": false, "properties": { "ApiKeyRequired": { "markdownDescription": "Requires an API key for this API, path, and method\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ApiKeyRequired", "type": "boolean" }, "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "The authorization scopes to apply to this API, path, and method\\. \nThe scopes that you specify will override any scopes applied by the `DefaultAuthorizer` property if you have specified it\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "Authorizer": { "markdownDescription": "The `Authorizer` for a specific Function \nIf you have specified a Global Authorizer on the API and want to make a specific Function public, override by setting `Authorizer` to `NONE`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Authorizer", "type": "string" }, "InvokeRole": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specifies the `InvokeRole` to use for `AWS_IAM` authorization\\. \n*Type*: String \n*Required*: No \n*Default*: `CALLER_CREDENTIALS` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: `CALLER_CREDENTIALS` maps to `arn:aws:iam::*:user/*`, which uses the caller credentials to invoke the endpoint\\.", "title": "InvokeRole" }, "OverrideApiAuth": { "title": "Overrideapiauth", "type": "boolean" }, "ResourcePolicy": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ResourcePolicy" } ], "markdownDescription": "Configure Resource Policy for this path on an API\\. \n*Type*: [ResourcePolicyStatement](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-resourcepolicystatement.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ResourcePolicy" } }, "title": "ApiAuth", "type": "object" }, "ApiKey": { "additionalProperties": false, "properties": { "ApiKeyId": { "$ref": "#/definitions/PassThroughProp" }, "Description": { "$ref": "#/definitions/PassThroughProp" }, "ExpiresOn": { "$ref": "#/definitions/PassThroughProp" } }, "title": "ApiKey", "type": "object" }, "Authorizer": { "additionalProperties": false, "properties": { "LambdaAuthorizer": { "$ref": "#/definitions/LambdaAuthorizerConfig" }, "OpenIDConnect": { "$ref": "#/definitions/OpenIDConnectConfig" }, "Type": { "enum": [ "AWS_IAM", "API_KEY", "AWS_LAMBDA", "OPENID_CONNECT", "AMAZON_COGNITO_USER_POOLS" ], "title": "Type", "type": "string" }, "UserPool": { "$ref": "#/definitions/UserPoolConfig" } }, "required": [ "Type" ], "title": "Authorizer", "type": "object" }, "Cache": { "additionalProperties": false, "properties": { "ApiCachingBehavior": { "$ref": "#/definitions/PassThroughProp" }, "AtRestEncryptionEnabled": { "$ref": "#/definitions/PassThroughProp" }, "TransitEncryptionEnabled": { "$ref": "#/definitions/PassThroughProp" }, "Ttl": { "$ref": "#/definitions/PassThroughProp" }, "Type": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "ApiCachingBehavior", "Ttl", "Type" ], "title": "Cache", "type": "object" }, "Caching": { "additionalProperties": false, "properties": { "CachingKeys": { "items": { "$ref": "#/definitions/PassThroughProp" }, "title": "Cachingkeys", "type": "array" }, "Ttl": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Ttl" ], "title": "Caching", "type": "object" }, "CloudWatchLogsEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/CloudWatchLogsEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "CloudWatchLogs" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "CloudWatchLogsEvent", "type": "object" }, "CloudWatchLogsEventProperties": { "additionalProperties": false, "properties": { "FilterPattern": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The filtering expressions that restrict what gets delivered to the destination AWS resource\\. For more information about the filter pattern syntax, see [Filter and Pattern Syntax](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterPattern`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-subscriptionfilter.html#cfn-cwl-subscriptionfilter-filterpattern) property of an `AWS::Logs::SubscriptionFilter` resource\\.", "title": "FilterPattern" }, "LogGroupName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The log group to associate with the subscription filter\\. All log events that are uploaded to this log group are filtered and delivered to the specified AWS resource if the filter pattern matches the log events\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`LogGroupName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-subscriptionfilter.html#cfn-cwl-subscriptionfilter-loggroupname) property of an `AWS::Logs::SubscriptionFilter` resource\\.", "title": "LogGroupName" } }, "required": [ "FilterPattern", "LogGroupName" ], "title": "CloudWatchLogsEventProperties", "type": "object" }, "CodeUri": { "additionalProperties": false, "properties": { "Bucket": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "An Amazon S3 bucket in the same AWS Region as your function\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3Bucket`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3bucket) property of the `AWS::Lambda::Function` `Code` data type\\.", "title": "Bucket" }, "Key": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The Amazon S3 key of the deployment package\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3Key`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3key) property of the `AWS::Lambda::Function` `Code` data type\\.", "title": "Key" }, "Version": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "For versioned objects, the version of the deployment package object to use\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3ObjectVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3objectversion) property of the `AWS::Lambda::Function` `Code` data type\\.", "title": "Version" } }, "required": [ "Bucket", "Key" ], "title": "CodeUri", "type": "object" }, "CognitoAuthorizer": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "List of authorization scopes for this authorizer\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "Identity": { "allOf": [ { "$ref": "#/definitions/CognitoAuthorizerIdentity" } ], "markdownDescription": "This property can be used to specify an `IdentitySource` in an incoming request for an authorizer\\. \n*Type*: [CognitoAuthorizationIdentity](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-cognitoauthorizationidentity.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Identity" }, "UserPoolArn": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Can refer to a user pool/specify a userpool arn to which you want to add this cognito authorizer \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "UserPoolArn" } }, "required": [ "UserPoolArn" ], "title": "CognitoAuthorizer", "type": "object" }, "CognitoAuthorizerIdentity": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "Specify the header name for Authorization in the OpenApi definition\\. \n*Type*: String \n*Required*: No \n*Default*: Authorization \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Header", "type": "string" }, "ReauthorizeEvery": { "anyOf": [ { "type": "object" }, { "type": "integer" } ], "markdownDescription": "The time\\-to\\-live \\(TTL\\) period, in seconds, that specifies how long API Gateway caches authorizer results\\. If you specify a value greater than 0, API Gateway caches the authorizer responses\\. By default, API Gateway sets this property to 300\\. The maximum value is 3600, or 1 hour\\. \n*Type*: Integer \n*Required*: No \n*Default*: 300 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ReauthorizeEvery" }, "ValidationExpression": { "markdownDescription": "Specify a validation expression for validating the incoming Identity \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ValidationExpression", "type": "string" } }, "title": "CognitoAuthorizerIdentity", "type": "object" }, "CognitoEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/CognitoEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Cognito" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "CognitoEvent", "type": "object" }, "CognitoEventProperties": { "additionalProperties": false, "properties": { "Trigger": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Lambda trigger configuration information for the new user pool\\. \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`LambdaConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html) property of an `AWS::Cognito::UserPool` resource\\.", "title": "Trigger" }, "UserPool": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Reference to UserPool defined in the same template \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "UserPool" } }, "required": [ "Trigger", "UserPool" ], "title": "CognitoEventProperties", "type": "object" }, "ContentUri": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The Amazon S3 bucket of the layer archive\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3Bucket`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3bucket) property of the `AWS::Lambda::LayerVersion` `Content` data type\\.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The Amazon S3 key of the layer archive\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3Key`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3key) property of the `AWS::Lambda::LayerVersion` `Content` data type\\.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "For versioned objects, the version of the layer archive object to use\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`S3ObjectVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3objectversion) property of the `AWS::Lambda::LayerVersion` `Content` data type\\.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "title": "ContentUri", "type": "object" }, "Cors": { "additionalProperties": false, "properties": { "AllowCredentials": { "markdownDescription": "Boolean indicating whether request is allowed to contain credentials\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AllowCredentials", "type": "boolean" }, "AllowHeaders": { "markdownDescription": "String of headers to allow\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AllowHeaders", "type": "string" }, "AllowMethods": { "markdownDescription": "String containing the HTTP methods to allow\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AllowMethods", "type": "string" }, "AllowOrigin": { "markdownDescription": "String of origin to allow\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AllowOrigin", "type": "string" }, "MaxAge": { "markdownDescription": "String containing the number of seconds to cache CORS Preflight request\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "MaxAge", "type": "string" } }, "required": [ "AllowOrigin" ], "title": "Cors", "type": "object" }, "CustomResource": { "additionalProperties": false, "properties": { "Properties": { "additionalProperties": true, "properties": { "ServiceToken": { "type": "string" } }, "required": [ "ServiceToken" ], "type": "object" }, "Type": { "pattern": "^Custom::[a-zA-Z_@-]+$", "type": "string" } }, "required": [ "Type", "Properties" ], "type": "object" }, "DataSources": { "additionalProperties": false, "properties": { "DynamoDb": { "additionalProperties": { "$ref": "#/definitions/DynamoDBDataSource" }, "title": "Dynamodb", "type": "object" }, "Lambda": { "additionalProperties": { "$ref": "#/definitions/LambdaDataSource" }, "title": "Lambda", "type": "object" } }, "title": "DataSources", "type": "object" }, "DeadLetterQueue": { "additionalProperties": false, "properties": { "TargetArn": { "markdownDescription": "The Amazon Resource Name \\(ARN\\) of an Amazon SQS queue or Amazon SNS topic\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TargetArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-deadletterconfig.html#cfn-lambda-function-deadletterconfig-targetarn) property of the `AWS::Lambda::Function` `DeadLetterConfig` data type\\.", "title": "TargetArn", "type": "string" }, "Type": { "enum": [ "SNS", "SQS" ], "markdownDescription": "The type of dead letter queue\\. \n*Valid values*: `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "TargetArn", "Type" ], "title": "DeadLetterQueue", "type": "object" }, "DeltaSync": { "additionalProperties": false, "properties": { "BaseTableTTL": { "$ref": "#/definitions/PassThroughProp" }, "DeltaSyncTableName": { "$ref": "#/definitions/PassThroughProp" }, "DeltaSyncTableTTL": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "BaseTableTTL", "DeltaSyncTableName", "DeltaSyncTableTTL" ], "title": "DeltaSync", "type": "object" }, "DeploymentPreference": { "additionalProperties": false, "properties": { "Alarms": { "anyOf": [ { "type": "object" }, { "items": { "type": "object" }, "type": "array" } ], "markdownDescription": "A list of CloudWatch alarms that you want to be triggered by any errors raised by the deployment\\. \nThis property accepts the `Fn::If` intrinsic function\\. See the Examples section at the bottom of this topic for an example template that uses `Fn::If`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Alarms" }, "Enabled": { "anyOf": [ { "type": "object" }, { "type": "boolean" } ], "markdownDescription": "Whether this deployment preference is enabled\\. \n*Type*: Boolean \n*Required*: No \n*Default*: True \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Enabled" }, "Hooks": { "allOf": [ { "$ref": "#/definitions/Hooks" } ], "markdownDescription": "Validation Lambda functions that are run before and after traffic shifting\\. \n*Type*: [Hooks](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-hooks.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Hooks" }, "PassthroughCondition": { "anyOf": [ { "type": "object" }, { "type": "boolean" } ], "markdownDescription": "If True, and if this deployment preference is enabled, the function's Condition will be passed through to the generated CodeDeploy resource\\. Generally, you should set this to True\\. Otherwise, the CodeDeploy resource would be created even if the function's Condition resolves to False\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PassthroughCondition" }, "Role": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "An IAM role ARN that CodeDeploy will use for traffic shifting\\. An IAM role will not be created if this is provided\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Role" }, "TriggerConfigurations": { "items": { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup.TriggerConfig" }, "markdownDescription": "A list of trigger configurations you want to associate with the deployment group\\. Used to notify an SNS topic on lifecycle events\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TriggerConfigurations`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-deploymentgroup.html#cfn-codedeploy-deploymentgroup-triggerconfigurations) property of an `AWS::CodeDeploy::DeploymentGroup` resource\\.", "title": "TriggerConfigurations", "type": "array" }, "Type": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "There are two categories of deployment types at the moment: Linear and Canary\\. For more information about available deployment types see [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type" } }, "title": "DeploymentPreference", "type": "object" }, "DocumentDBEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/DocumentDBEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "DocumentDB" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "DocumentDBEvent", "type": "object" }, "DocumentDBEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ BatchSize](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "BatchSize" }, "Cluster": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the Amazon DocumentDB cluster\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ EventSourceArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Cluster" }, "CollectionName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the collection to consume within the database\\. If you do not specify a collection, Lambda consumes all collections\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ CollectionName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-collectionname)` property of an `AWS::Lambda::EventSourceMapping` `DocumentDBEventSourceConfig` data type\\.", "title": "CollectionName" }, "DatabaseName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the database to consume within the Amazon DocumentDB cluster\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ DatabaseName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-databasename)` property of an `AWS::Lambda::EventSourceMapping` `DocumentDBEventSourceConfig`data type\\.", "title": "DatabaseName" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "If `true`, the event source mapping is active\\. To pause polling and invocation, set to `false`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ Enabled](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An object that defines the criteria that determines whether Lambda should process an event\\. For more information, see [ Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "FullDocument": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Determines what Amazon DocumentDB sends to your event stream during document update operations\\. If set to `UpdateLookup`, Amazon DocumentDB sends a delta describing the changes, along with a copy of the entire document\\. Otherwise, Amazon DocumentDB sends only a partial document that contains the changes\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ FullDocument](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-fulldocument)` property of an `AWS::Lambda::EventSourceMapping` `DocumentDBEventSourceConfig` data type\\.", "title": "FullDocument" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time to gather records before invoking the function, in seconds\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ MaximumBatchingWindowInSeconds](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "SecretsManagerKmsKeyId": { "markdownDescription": "The AWS Key Management Service \\(AWS KMS\\) key ID of a customer managed key from AWS Secrets Manager\\. Required when you use a customer managed key from Secrets Manager with a Lambda execution role that doesn\u2019t include the `kms:Decrypt` permission\\. \nThe value of this property is a UUID\\. For example: `1abc23d4-567f-8ab9-cde0-1fab234c5d67`\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn\u2019t have an AWS CloudFormation equivalent\\.", "title": "SecretsManagerKmsKeyId", "type": "string" }, "SourceAccessConfigurations": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An array of the authentication protocol or virtual host\\. Specify this using the [ SourceAccessConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html) data type\\. \nFor the `DocumentDB` event source type, the only valid configuration type is `BASIC_AUTH`\\. \n+ `BASIC_AUTH` \u2013 The Secrets Manager secret that stores your broker credentials\\. For this type, the credential must be in the following format: `{\"username\": \"your-username\", \"password\": \"your-password\"}`\\. Only one object of type `BASIC_AUTH` is allowed\\.\n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ SourceAccessConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-sourceaccessconfigurations)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "SourceAccessConfigurations" }, "StartingPosition": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The position in a stream from which to start reading\\. \n+ `AT_TIMESTAMP` \u2013 Specify a time from which to start reading records\\.\n+ `LATEST` \u2013 Read only new records\\.\n+ `TRIM_HORIZON` \u2013 Process all available records\\.\n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ StartingPosition](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingposition)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPosition" }, "StartingPositionTimestamp": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The time from which to start reading, in Unix time seconds\\. Define `StartingPositionTimestamp` when `StartingPosition` is specified as `AT_TIMESTAMP`\\. \n*Type*: Double \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ StartingPositionTimestamp](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingpositiontimestamp)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPositionTimestamp" } }, "required": [ "Cluster", "DatabaseName", "SourceAccessConfigurations" ], "title": "DocumentDBEventProperties", "type": "object" }, "DomainName": { "additionalProperties": false, "properties": { "CertificateArn": { "$ref": "#/definitions/PassThroughProp" }, "Description": { "$ref": "#/definitions/PassThroughProp" }, "DomainName": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "CertificateArn", "DomainName" ], "title": "DomainName", "type": "object" }, "DynamoDBDataSource": { "additionalProperties": false, "properties": { "DeltaSync": { "$ref": "#/definitions/DeltaSync" }, "Description": { "$ref": "#/definitions/PassThroughProp" }, "Name": { "$ref": "#/definitions/PassThroughProp" }, "Permissions": { "items": { "enum": [ "Read", "Write" ], "type": "string" }, "title": "Permissions", "type": "array" }, "Region": { "$ref": "#/definitions/PassThroughProp" }, "ServiceRoleArn": { "$ref": "#/definitions/PassThroughProp" }, "TableArn": { "$ref": "#/definitions/PassThroughProp" }, "TableName": { "$ref": "#/definitions/PassThroughProp" }, "UseCallerCredentials": { "$ref": "#/definitions/PassThroughProp" }, "Versioned": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "TableName" ], "title": "DynamoDBDataSource", "type": "object" }, "DynamoDBEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/DynamoDBEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "DynamoDB" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "DynamoDBEvent", "type": "object" }, "DynamoDBEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch\\. \n*Type*: Integer \n*Required*: No \n*Default*: 100 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BatchSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize) property of an `AWS::Lambda::EventSourceMapping` resource\\. \n*Minimum*: `1` \n*Maximum*: `1000`", "title": "BatchSize" }, "BisectBatchOnFunctionError": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "If the function returns an error, split the batch in two and retry\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BisectBatchOnFunctionError`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-bisectbatchonfunctionerror) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "BisectBatchOnFunctionError" }, "DestinationConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An Amazon Simple Queue Service \\(Amazon SQS\\) queue or Amazon Simple Notification Service \\(Amazon SNS\\) topic destination for discarded records\\. \n*Type*: [DestinationConfig](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-destinationconfig) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DestinationConfig`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-destinationconfig) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "DestinationConfig" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Disables the event source mapping to pause polling and invocation\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Enabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria to determine whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "FunctionResponseTypes": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A list of the response types currently applied to the event source mapping\\. For more information, see [Reporting batch item failures](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: `ReportBatchItemFailures` \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FunctionResponseTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-functionresponsetypes) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FunctionResponseTypes" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time to gather records before invoking the function, in seconds\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumBatchingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "MaximumRecordAgeInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum age of a record that Lambda sends to a function for processing\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumRecordAgeInSeconds`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumrecordageinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumRecordAgeInSeconds" }, "MaximumRetryAttempts": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of times to retry when the function returns an error\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumRetryAttempts`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumretryattempts) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumRetryAttempts" }, "ParallelizationFactor": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The number of batches to process from each shard concurrently\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ParallelizationFactor`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-parallelizationfactor) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "ParallelizationFactor" }, "StartingPosition": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The position in a stream from which to start reading\\. \n+ `AT_TIMESTAMP` \u2013 Specify a time from which to start reading records\\.\n+ `LATEST` \u2013 Read only new records\\.\n+ `TRIM_HORIZON` \u2013 Process all available records\\.\n*Valid values*: `AT_TIMESTAMP` \\| `LATEST` \\| `TRIM_HORIZON` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPosition`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingposition) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPosition" }, "StartingPositionTimestamp": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The time from which to start reading, in Unix time seconds\\. Define `StartingPositionTimestamp` when `StartingPosition` is specified as `AT_TIMESTAMP`\\. \n*Type*: Double \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPositionTimestamp`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingpositiontimestamp) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPositionTimestamp" }, "Stream": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the DynamoDB stream\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventSourceArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Stream" }, "TumblingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The duration, in seconds, of a processing window\\. The valid range is 1 to 900 \\(15 minutes\\)\\. \nFor more information, see [Tumbling windows](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#streams-tumbling) in the *AWS Lambda Developer Guide*\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TumblingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-tumblingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "TumblingWindowInSeconds" } }, "required": [ "Stream" ], "title": "DynamoDBEventProperties", "type": "object" }, "EmbeddedConnector": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/EmbeddedConnectorProperties" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Properties" ], "title": "EmbeddedConnector", "type": "object" }, "EmbeddedConnectorProperties": { "additionalProperties": false, "properties": { "Destination": { "anyOf": [ { "$ref": "#/definitions/ResourceReference" }, { "items": { "$ref": "#/definitions/ResourceReference" }, "type": "array" } ], "markdownDescription": "The destination resource\\. \n*Type*: [ ResourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-resourcereference.html) \\| List of [ResourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-resourcereference.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Destination" }, "Permissions": { "items": { "enum": [ "Read", "Write" ], "type": "string" }, "markdownDescription": "The permission type that the source resource is allowed to perform on the destination resource\\. \n`Read` includes AWS Identity and Access Management \\(IAM\\) actions that allow reading data from the resource\\. \n`Write` inclues IAM actions that allow initiating and writing data to a resource\\. \n*Valid values*: `Read` or `Write` \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Permissions", "type": "array" }, "SourceReference": { "allOf": [ { "$ref": "#/definitions/SourceReferenceProperties" } ], "markdownDescription": "The source resource\\. \nUse with the embedded connectors syntax when defining additional properties for the source resource\\.\n*Type*: [SourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-sourcereference.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceReference" } }, "required": [ "Destination", "Permissions" ], "title": "EmbeddedConnectorProperties", "type": "object" }, "EndpointConfiguration": { "additionalProperties": false, "properties": { "Type": { "items": { "type": "string" }, "markdownDescription": "The endpoint type of a REST API\\. \n*Valid values*: `EDGE` or `REGIONAL` or `PRIVATE` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Types`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-types) property of the `AWS::ApiGateway::RestApi` `EndpointConfiguration` data type\\.", "title": "Type", "type": "array" }, "VPCEndpointIds": { "items": { "type": "string" }, "markdownDescription": "A list of VPC endpoint IDs of a REST API against which to create Route53 aliases\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`VpcEndpointIds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-endpointconfiguration.html#cfn-apigateway-restapi-endpointconfiguration-vpcendpointids) property of the `AWS::ApiGateway::RestApi` `EndpointConfiguration` data type\\.", "title": "VPCEndpointIds", "type": "array" } }, "title": "EndpointConfiguration", "type": "object" }, "EventInvokeConfig": { "additionalProperties": false, "properties": { "DestinationConfig": { "allOf": [ { "$ref": "#/definitions/EventInvokeDestinationConfig" } ], "markdownDescription": "A configuration object that specifies the destination of an event after Lambda processes it\\. \n*Type*: [EventInvokeDestinationConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventinvokedestinationconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DestinationConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig.html) property of an `AWS::Lambda::EventInvokeConfig` resource\\. SAM requires an extra parameter, \"Type\", that does not exist in CloudFormation\\.", "title": "DestinationConfig" }, "MaximumEventAgeInSeconds": { "markdownDescription": "The maximum age of a request that Lambda sends to a function for processing\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumEventAgeInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-maximumeventageinseconds) property of an `AWS::Lambda::EventInvokeConfig` resource\\.", "title": "MaximumEventAgeInSeconds", "type": "integer" }, "MaximumRetryAttempts": { "markdownDescription": "The maximum number of times to retry before the function returns an error\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumRetryAttempts`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-maximumretryattempts) property of an `AWS::Lambda::EventInvokeConfig` resource\\.", "title": "MaximumRetryAttempts", "type": "integer" } }, "title": "EventInvokeConfig", "type": "object" }, "EventInvokeDestinationConfig": { "additionalProperties": false, "properties": { "OnFailure": { "allOf": [ { "$ref": "#/definitions/EventInvokeOnFailure" } ], "markdownDescription": "A destination for events that failed processing\\. \n*Type*: [OnFailure](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-onfailure.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`OnFailure`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig-onfailure.html) property of an `AWS::Lambda::EventInvokeConfig` resource\\. Requires `Type`, an additional SAM\\-only property\\.", "title": "OnFailure" }, "OnSuccess": { "allOf": [ { "$ref": "#/definitions/EventInvokeOnSuccess" } ], "markdownDescription": "A destination for events that were processed successfully\\. \n*Type*: [OnSuccess](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-onsuccess.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`OnSuccess`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig-onsuccess.html) property of an `AWS::Lambda::EventInvokeConfig` resource\\. Requires `Type`, an additional SAM\\-only property\\.", "title": "OnSuccess" } }, "title": "EventInvokeDestinationConfig", "type": "object" }, "EventInvokeOnFailure": { "additionalProperties": false, "properties": { "Destination": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the destination resource\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is similar to the [`OnFailure`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig-onfailure.html#cfn-lambda-eventinvokeconfig-destinationconfig-onfailure-destination) property of an `AWS::Lambda::EventInvokeConfig` resource\\. SAM will add any necessary permissions to the auto\\-generated IAM Role associated with this function to access the resource referenced in this property\\. \n*Additional notes*: If the type is Lambda/EventBridge, Destination is required\\.", "title": "Destination" }, "Type": { "enum": [ "SQS", "SNS", "Lambda", "EventBridge" ], "markdownDescription": "Type of the resource referenced in the destination\\. Supported types are `SQS`, `SNS`, `Lambda`, and `EventBridge`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: If the type is SQS/SNS and the `Destination` property is left blank, then the SQS/SNS resource is auto generated by SAM\\. To reference the resource, use `.DestinationQueue` for SQS or `.DestinationTopic` for SNS\\. If the type is Lambda/EventBridge, `Destination` is required\\.", "title": "Type", "type": "string" } }, "title": "EventInvokeOnFailure", "type": "object" }, "EventInvokeOnSuccess": { "additionalProperties": false, "properties": { "Destination": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the destination resource\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is similar to the [`OnSuccess`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig-onsuccess.html#cfn-lambda-eventinvokeconfig-destinationconfig-onsuccess-destination) property of an `AWS::Lambda::EventInvokeConfig` resource\\. SAM will add any necessary permissions to the auto\\-generated IAM Role associated with this function to access the resource referenced in this property\\. \n*Additional notes*: If the type is Lambda/EventBridge, Destination is required\\.", "title": "Destination" }, "Type": { "enum": [ "SQS", "SNS", "Lambda", "EventBridge" ], "markdownDescription": "Type of the resource referenced in the destination\\. Supported types are `SQS`, `SNS`, `Lambda`, and `EventBridge`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: If the type is SQS/SNS and the `Destination` property is left blank, then the SQS/SNS resource is auto generated by SAM\\. To reference the resource, use `.DestinationQueue` for SQS or `.DestinationTopic` for SNS\\. If the type is Lambda/EventBridge, `Destination` is required\\.", "title": "Type", "type": "string" } }, "title": "EventInvokeOnSuccess", "type": "object" }, "EventsScheduleProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \nThe [AWS::Serverless::Function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html) resource type has a similar data type, `DeadLetterQueue`, which handles failures that occur after successful invocation of the target Lambda function\\. Examples of these types of failures include Lambda throttling, or errors returned by the Lambda target function\\. For more information about the function `DeadLetterQueue` property, see [AWS Lambda function dead\\-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) in the *AWS Lambda Developer Guide*\\.\n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-scheduledeadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-deadletterconfig) property of the `AWS::Events::Rule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the rule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-description) property of an `AWS::Events::Rule` resource\\.", "title": "Description" }, "Enabled": { "markdownDescription": "Indicates whether the rule is enabled\\. \nTo disable the rule, set this property to `false`\\. \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\. If this property is set to `true` then AWS SAM passes `ENABLED`, otherwise it passes `DISABLED`\\.", "title": "Enabled", "type": "boolean" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the rule\\. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-name) property of an `AWS::Events::Rule` resource\\.", "title": "Name" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "RetryPolicy" }, "Schedule": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The scheduling expression that determines when and how often the rule runs\\. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpression`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-scheduleexpression) property of an `AWS::Events::Rule` resource\\.", "title": "Schedule" }, "State": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The state of the rule\\. \n*Accepted values:* `DISABLED | ENABLED` \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\.", "title": "State" } }, "title": "EventsScheduleProperties", "type": "object" }, "Function": { "additionalProperties": false, "properties": { "CodeUri": { "$ref": "#/definitions/PassThroughProp" }, "DataSource": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "title": "Datasource" }, "Description": { "$ref": "#/definitions/PassThroughProp" }, "Id": { "$ref": "#/definitions/PassThroughProp" }, "InlineCode": { "$ref": "#/definitions/PassThroughProp" }, "MaxBatchSize": { "$ref": "#/definitions/PassThroughProp" }, "Name": { "title": "Name", "type": "string" }, "Runtime": { "$ref": "#/definitions/Runtime" }, "Sync": { "$ref": "#/definitions/Sync" } }, "title": "Function", "type": "object" }, "FunctionUrlConfig": { "additionalProperties": false, "properties": { "AuthType": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The type of authorization for your function URL\\. To use AWS Identity and Access Management \\(IAM\\) to authorize requests, set to `AWS_IAM`\\. For open access, set to `NONE`\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AuthType`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-authtype) property of an `AWS::Lambda::Url` resource\\.", "title": "AuthType" }, "Cors": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The cross\\-origin resource sharing \\(CORS\\) settings for your function URL\\. \n*Type*: [Cors](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Cors`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html) property of an `AWS::Lambda::Url` resource\\.", "title": "Cors" }, "InvokeMode": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "AuthType" ], "title": "FunctionUrlConfig", "type": "object" }, "Hooks": { "additionalProperties": false, "properties": { "PostTraffic": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Lambda function that is run after traffic shifting\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PostTraffic" }, "PreTraffic": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Lambda function that is run before traffic shifting\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PreTraffic" } }, "title": "Hooks", "type": "object" }, "HttpApiAuth": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "The authorization scopes to apply to this API, path, and method\\. \nScopes listed here will override any scopes applied by the `DefaultAuthorizer` if one exists\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "Authorizer": { "markdownDescription": "The `Authorizer` for a specific Function\\. To use IAM authorization, specify `AWS_IAM` and specify `true` for `EnableIamAuthorizer` in the `Globals` section of your template\\. \nIf you have specified a Global Authorizer on the API and want to make a specific Function public, override by setting `Authorizer` to `NONE`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Authorizer", "type": "string" } }, "title": "HttpApiAuth", "type": "object" }, "HttpApiEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/HttpApiEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "HttpApi" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type" ], "title": "HttpApiEvent", "type": "object" }, "HttpApiEventProperties": { "additionalProperties": false, "properties": { "ApiId": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Identifier of an [AWS::Serverless::HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-httpapi.html) resource defined in this template\\. \nIf not defined, a default [AWS::Serverless::HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-httpapi.html) resource is created called `ServerlessHttpApi` using a generated OpenApi document containing a union of all paths and methods defined by Api events defined in this template that do not specify an `ApiId`\\. \nThis cannot reference an [AWS::Serverless::HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-httpapi.html) resource defined in another template\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ApiId" }, "Auth": { "allOf": [ { "$ref": "#/definitions/HttpApiAuth" } ], "markdownDescription": "Auth configuration for this specific Api\\+Path\\+Method\\. \nUseful for overriding the API's `DefaultAuthorizer` or setting auth config on an individual path when no `DefaultAuthorizer` is specified\\. \n*Type*: [HttpApiFunctionAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapifunctionauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "Method": { "markdownDescription": "HTTP method for which this function is invoked\\. \nIf no `Path` and `Method` are specified, SAM will create a default API path that routes any request that doesn't map to a different endpoint to this Lambda function\\. Only one of these default paths can exist per API\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Method", "type": "string" }, "Path": { "markdownDescription": "Uri path for which this function is invoked\\. Must start with `/`\\. \nIf no `Path` and `Method` are specified, SAM will create a default API path that routes any request that doesn't map to a different endpoint to this Lambda function\\. Only one of these default paths can exist per API\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Path", "type": "string" }, "PayloadFormatVersion": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specifies the format of the payload sent to an integration\\. \nNOTE: PayloadFormatVersion requires SAM to modify your OpenAPI definition, so it only works with inline OpenApi defined in the `DefinitionBody` property\\. \n*Type*: String \n*Required*: No \n*Default*: 2\\.0 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PayloadFormatVersion" }, "RouteSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The per\\-route route settings for this HTTP API\\. For more information about route settings, see [AWS::ApiGatewayV2::Stage RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-stage-routesettings.html) in the *API Gateway Developer Guide*\\. \nNote: If RouteSettings are specified in both the HttpApi resource and event source, AWS SAM merges them with the event source properties taking precedence\\. \n*Type*: [RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RouteSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "RouteSettings" }, "TimeoutInMillis": { "anyOf": [ { "type": "object" }, { "type": "integer" } ], "markdownDescription": "Custom timeout between 50 and 29,000 milliseconds\\. \nNOTE: TimeoutInMillis requires SAM to modify your OpenAPI definition, so it only works with inline OpenApi defined in the `DefinitionBody` property\\. \n*Type*: Integer \n*Required*: No \n*Default*: 5000 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "TimeoutInMillis" } }, "title": "HttpApiEventProperties", "type": "object" }, "IoTRuleEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/IoTRuleEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "IoTRule" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "IoTRuleEvent", "type": "object" }, "IoTRuleEventProperties": { "additionalProperties": false, "properties": { "AwsIotSqlVersion": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The version of the SQL rules engine to use when evaluating the rule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AwsIotSqlVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-topicrule-topicrulepayload.html#cfn-iot-topicrule-topicrulepayload-awsiotsqlversion) property of an `AWS::IoT::TopicRule TopicRulePayload` resource\\.", "title": "AwsIotSqlVersion" }, "Sql": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The SQL statement used to query the topic\\. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the *AWS IoT Developer Guide*\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Sql`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-iot-topicrule-topicrulepayload.html#cfn-iot-topicrule-topicrulepayload-sql) property of an `AWS::IoT::TopicRule TopicRulePayload` resource\\.", "title": "Sql" } }, "required": [ "Sql" ], "title": "IoTRuleEventProperties", "type": "object" }, "KinesisEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/KinesisEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Kinesis" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "KinesisEvent", "type": "object" }, "KinesisEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch\\. \n*Type*: Integer \n*Required*: No \n*Default*: 100 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BatchSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize) property of an `AWS::Lambda::EventSourceMapping` resource\\. \n*Minimum*: `1` \n*Maximum*: `10000`", "title": "BatchSize" }, "BisectBatchOnFunctionError": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "If the function returns an error, split the batch in two and retry\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BisectBatchOnFunctionError`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-bisectbatchonfunctionerror) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "BisectBatchOnFunctionError" }, "DestinationConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An Amazon Simple Queue Service \\(Amazon SQS\\) queue or Amazon Simple Notification Service \\(Amazon SNS\\) topic destination for discarded records\\. \n*Type*: [DestinationConfig](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-destinationconfig) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DestinationConfig`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-destinationconfig) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "DestinationConfig" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Disables the event source mapping to pause polling and invocation\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Enabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria to determine whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "FunctionResponseTypes": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A list of the response types currently applied to the event source mapping\\. For more information, see [Reporting batch item failures](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-batchfailurereporting) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: `ReportBatchItemFailures` \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FunctionResponseTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-functionresponsetypes) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FunctionResponseTypes" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time to gather records before invoking the function, in seconds\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumBatchingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "MaximumRecordAgeInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum age of a record that Lambda sends to a function for processing\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumRecordAgeInSeconds`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumrecordageinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumRecordAgeInSeconds" }, "MaximumRetryAttempts": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of times to retry when the function returns an error\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumRetryAttempts`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumretryattempts) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumRetryAttempts" }, "ParallelizationFactor": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The number of batches to process from each shard concurrently\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ParallelizationFactor`](http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-parallelizationfactor) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "ParallelizationFactor" }, "StartingPosition": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The position in a stream from which to start reading\\. \n+ `AT_TIMESTAMP` \u2013 Specify a time from which to start reading records\\.\n+ `LATEST` \u2013 Read only new records\\.\n+ `TRIM_HORIZON` \u2013 Process all available records\\.\n*Valid values*: `AT_TIMESTAMP` \\| `LATEST` \\| `TRIM_HORIZON` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPosition`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingposition) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPosition" }, "StartingPositionTimestamp": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The time from which to start reading, in Unix time seconds\\. Define `StartingPositionTimestamp` when `StartingPosition` is specified as `AT_TIMESTAMP`\\. \n*Type*: Double \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPositionTimestamp`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingpositiontimestamp) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPositionTimestamp" }, "Stream": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the data stream or a stream consumer\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventSourceArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Stream" }, "TumblingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The duration, in seconds, of a processing window\\. The valid range is 1 to 900 \\(15 minutes\\)\\. \nFor more information, see [Tumbling windows](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#streams-tumbling) in the *AWS Lambda Developer Guide*\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TumblingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-tumblingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "TumblingWindowInSeconds" } }, "required": [ "Stream" ], "title": "KinesisEventProperties", "type": "object" }, "LambdaAuthorizer": { "additionalProperties": false, "properties": { "AuthorizerPayloadFormatVersion": { "anyOf": [ { "enum": [ "1.0", "2.0" ], "type": "string" }, { "type": "number" } ], "markdownDescription": "Specifies the format of the payload sent to an HTTP API Lambda authorizer\\. Required for HTTP API Lambda authorizers\\. \nThis is passed through to the `authorizerPayloadFormatVersion` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \n*Valid values*: `1.0` or `2.0` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizerPayloadFormatVersion" }, "EnableFunctionDefaultPermissions": { "title": "Enablefunctiondefaultpermissions", "type": "boolean" }, "EnableSimpleResponses": { "markdownDescription": "Specifies whether a Lambda authorizer returns a response in a simple format\\. By default, a Lambda authorizer must return an AWS Identity and Access Management \\(IAM\\) policy\\. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy\\. \nThis is passed through to the `enableSimpleResponses` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EnableSimpleResponses", "type": "boolean" }, "FunctionArn": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the Lambda function that provides authorization for the API\\. \nThis is passed through to the `authorizerUri` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionArn" }, "FunctionInvokeRole": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The ARN of the IAM role that has the credentials required for API Gateway to invoke the authorizer function\\. Specify this parameter if your function's resource\\-based policy doesn't grant API Gateway `lambda:InvokeFunction` permission\\. \nThis is passed through to the `authorizerCredentials` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \nFor more information, see [Create a Lambda authorizer](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html#http-api-lambda-authorizer.example-create) in the *API Gateway Developer Guide*\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionInvokeRole" }, "Identity": { "allOf": [ { "$ref": "#/definitions/LambdaAuthorizerIdentity" } ], "markdownDescription": "Specifies an `IdentitySource` in an incoming request for an authorizer\\. \nThis is passed through to the `identitySource` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \n*Type*: [LambdaAuthorizationIdentity](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-lambdaauthorizationidentity.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Identity" } }, "required": [ "AuthorizerPayloadFormatVersion", "FunctionArn" ], "title": "LambdaAuthorizer", "type": "object" }, "LambdaAuthorizerConfig": { "additionalProperties": false, "properties": { "AuthorizerResultTtlInSeconds": { "$ref": "#/definitions/PassThroughProp" }, "AuthorizerUri": { "$ref": "#/definitions/PassThroughProp" }, "IdentityValidationExpression": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "AuthorizerUri" ], "title": "LambdaAuthorizerConfig", "type": "object" }, "LambdaAuthorizerIdentity": { "additionalProperties": false, "properties": { "Context": { "items": { "type": "string" }, "markdownDescription": "Converts the given context strings to a list of mapping expressions in the format `$context.contextString`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Context", "type": "array" }, "Headers": { "items": { "type": "string" }, "markdownDescription": "Converts the headers to a list of mapping expressions in the format `$request.header.name`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Headers", "type": "array" }, "QueryStrings": { "items": { "type": "string" }, "markdownDescription": "Converts the given query strings to a list of mapping expressions in the format `$request.querystring.queryString`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueryStrings", "type": "array" }, "ReauthorizeEvery": { "markdownDescription": "The time\\-to\\-live \\(TTL\\) period, in seconds, that specifies how long API Gateway caches authorizer results\\. If you specify a value greater than 0, API Gateway caches the authorizer responses\\. The maximum value is 3600, or 1 hour\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ReauthorizeEvery", "type": "integer" }, "StageVariables": { "items": { "type": "string" }, "markdownDescription": "Converts the given stage variables to a list of mapping expressions in the format `$stageVariables.stageVariable`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "StageVariables", "type": "array" } }, "title": "LambdaAuthorizerIdentity", "type": "object" }, "LambdaConflictHandlerConfig": { "additionalProperties": false, "properties": { "LambdaConflictHandlerArn": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "LambdaConflictHandlerArn" ], "title": "LambdaConflictHandlerConfig", "type": "object" }, "LambdaDataSource": { "additionalProperties": false, "properties": { "Description": { "$ref": "#/definitions/PassThroughProp" }, "FunctionArn": { "$ref": "#/definitions/PassThroughProp" }, "Name": { "$ref": "#/definitions/PassThroughProp" }, "ServiceRoleArn": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "FunctionArn" ], "title": "LambdaDataSource", "type": "object" }, "LambdaRequestAuthorizer": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "List of authorization scopes for this authorizer\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "DisableFunctionDefaultPermissions": { "markdownDescription": "Specify `true` to prevent AWS SAM from automatically creating an `AWS::Lambda::Permissions` resource to provision permissions between your `AWS::Serverless::Api` resource and authorizer Lambda function\\. \n*Default value*: `false` \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "DisableFunctionDefaultPermissions", "type": "boolean" }, "FunctionArn": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specify the function ARN of the Lambda function which provides authorization for the API\\. \nAWS SAM will automatically create an `AWS::Lambda::Permissions` resource when `FunctionArn` is specified for `AWS::Serverless::Api`\\. The `AWS::Lambda::Permissions` resource provisions permissions between your API and authorizer Lambda function\\.\n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionArn" }, "FunctionInvokeRole": { "markdownDescription": "Adds authorizer credentials to the OpenApi definition of the Lambda authorizer\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionInvokeRole", "type": "string" }, "FunctionPayloadType": { "enum": [ "REQUEST" ], "markdownDescription": "This property can be used to define the type of Lambda Authorizer for an API\\. \n*Valid values*: `TOKEN` or `REQUEST` \n*Type*: String \n*Required*: No \n*Default*: `TOKEN` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionPayloadType", "type": "string" }, "Identity": { "allOf": [ { "$ref": "#/definitions/LambdaRequestAuthorizerIdentity" } ], "markdownDescription": "This property can be used to specify an `IdentitySource` in an incoming request for an authorizer\\. This property is only required if the `FunctionPayloadType` property is set to `REQUEST`\\. \n*Type*: [LambdaRequestAuthorizationIdentity](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-lambdarequestauthorizationidentity.html) \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Identity" } }, "required": [ "FunctionArn" ], "title": "LambdaRequestAuthorizer", "type": "object" }, "LambdaRequestAuthorizerIdentity": { "additionalProperties": false, "properties": { "Context": { "items": { "type": "string" }, "markdownDescription": "Converts the given context strings to the mapping expressions of format `context.contextString`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Context", "type": "array" }, "Headers": { "items": { "type": "string" }, "markdownDescription": "Converts the headers to comma\\-separated string of mapping expressions of format `method.request.header.name`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Headers", "type": "array" }, "QueryStrings": { "items": { "type": "string" }, "markdownDescription": "Converts the given query strings to comma\\-separated string of mapping expressions of format `method.request.querystring.queryString`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueryStrings", "type": "array" }, "ReauthorizeEvery": { "anyOf": [ { "type": "object" }, { "type": "integer" } ], "markdownDescription": "The time\\-to\\-live \\(TTL\\) period, in seconds, that specifies how long API Gateway caches authorizer results\\. If you specify a value greater than 0, API Gateway caches the authorizer responses\\. By default, API Gateway sets this property to 300\\. The maximum value is 3600, or 1 hour\\. \n*Type*: Integer \n*Required*: No \n*Default*: 300 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ReauthorizeEvery" }, "StageVariables": { "items": { "type": "string" }, "markdownDescription": "Converts the given stage variables to comma\\-separated string of mapping expressions of format `stageVariables.stageVariable`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "StageVariables", "type": "array" } }, "title": "LambdaRequestAuthorizerIdentity", "type": "object" }, "LambdaTokenAuthorizer": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "List of authorization scopes for this authorizer\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "DisableFunctionDefaultPermissions": { "markdownDescription": "Specify `true` to prevent AWS SAM from automatically creating an `AWS::Lambda::Permissions` resource to provision permissions between your `AWS::Serverless::Api` resource and authorizer Lambda function\\. \n*Default value*: `false` \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "DisableFunctionDefaultPermissions", "type": "boolean" }, "FunctionArn": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specify the function ARN of the Lambda function which provides authorization for the API\\. \nAWS SAM will automatically create an `AWS::Lambda::Permissions` resource when `FunctionArn` is specified for `AWS::Serverless::Api`\\. The `AWS::Lambda::Permissions` resource provisions permissions between your API and authorizer Lambda function\\.\n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionArn" }, "FunctionInvokeRole": { "markdownDescription": "Adds authorizer credentials to the OpenApi definition of the Lambda authorizer\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionInvokeRole", "type": "string" }, "FunctionPayloadType": { "enum": [ "TOKEN" ], "markdownDescription": "This property can be used to define the type of Lambda Authorizer for an Api\\. \n*Valid values*: `TOKEN` or `REQUEST` \n*Type*: String \n*Required*: No \n*Default*: `TOKEN` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionPayloadType", "type": "string" }, "Identity": { "allOf": [ { "$ref": "#/definitions/LambdaTokenAuthorizerIdentity" } ], "markdownDescription": "This property can be used to specify an `IdentitySource` in an incoming request for an authorizer\\. This property is only required if the `FunctionPayloadType` property is set to `REQUEST`\\. \n*Type*: [LambdaTokenAuthorizationIdentity](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-lambdatokenauthorizationidentity.html) \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Identity" } }, "required": [ "FunctionArn" ], "title": "LambdaTokenAuthorizer", "type": "object" }, "LambdaTokenAuthorizerIdentity": { "additionalProperties": false, "properties": { "Header": { "markdownDescription": "Specify the header name for Authorization in the OpenApi definition\\. \n*Type*: String \n*Required*: No \n*Default*: Authorization \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Header", "type": "string" }, "ReauthorizeEvery": { "anyOf": [ { "type": "object" }, { "type": "integer" } ], "markdownDescription": "The time\\-to\\-live \\(TTL\\) period, in seconds, that specifies how long API Gateway caches authorizer results\\. If you specify a value greater than 0, API Gateway caches the authorizer responses\\. By default, API Gateway sets this property to 300\\. The maximum value is 3600, or 1 hour\\. \n*Type*: Integer \n*Required*: No \n*Default*: 300 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ReauthorizeEvery" }, "ValidationExpression": { "markdownDescription": "Specify a validation expression for validating the incoming Identity\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ValidationExpression", "type": "string" } }, "title": "LambdaTokenAuthorizerIdentity", "type": "object" }, "Location": { "additionalProperties": false, "properties": { "ApplicationId": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the application\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ApplicationId" }, "SemanticVersion": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The semantic version of the application\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SemanticVersion" } }, "required": [ "ApplicationId", "SemanticVersion" ], "title": "Location", "type": "object" }, "Logging": { "additionalProperties": false, "properties": { "CloudWatchLogsRoleArn": { "$ref": "#/definitions/PassThroughProp" }, "ExcludeVerboseContent": { "$ref": "#/definitions/PassThroughProp" }, "FieldLogLevel": { "$ref": "#/definitions/PassThroughProp" } }, "title": "Logging", "type": "object" }, "MQEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/MQEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "MQ" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "MQEvent", "type": "object" }, "MQEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch\\. \n*Type*: Integer \n*Required*: No \n*Default*: 100 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BatchSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize) property of an `AWS::Lambda::EventSourceMapping` resource\\. \n*Minimum*: `1` \n*Maximum*: `10000`", "title": "BatchSize" }, "Broker": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the Amazon MQ broker\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventSourceArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Broker" }, "DynamicPolicyName": { "markdownDescription": "By default, the AWS Identity and Access Management \\(IAM\\) policy name is `SamAutoGeneratedAMQPolicy` for backward compatibility\\. Specify `true` to use an auto\\-generated name for your IAM policy\\. This name will include the Amazon MQ event source logical ID\\. \nWhen using more than one Amazon MQ event source, specify `true` to avoid duplicate IAM policy names\\.\n*Type*: Boolean \n*Required*: No \n*Default*: `false` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "DynamicPolicyName", "type": "boolean" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "If `true`, the event source mapping is active\\. To pause polling and invocation, set to `false`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Enabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria that determines whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time to gather records before invoking the function, in seconds\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumBatchingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "Queues": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the Amazon MQ broker destination queue to consume\\. \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Queues`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-queues) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Queues" }, "SecretsManagerKmsKeyId": { "markdownDescription": "The AWS Key Management Service \\(AWS KMS\\) key ID of a customer managed key from AWS Secrets Manager\\. Required when you use a customer managed key from Secrets Manager with a Lambda execution role that doesn't included the `kms:Decrypt` permission\\. \nThe value of this property is a UUID\\. For example: `1abc23d4-567f-8ab9-cde0-1fab234c5d67`\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SecretsManagerKmsKeyId", "type": "string" }, "SourceAccessConfigurations": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An array of the authentication protocol or vitual host\\. Specify this using the [SourceAccessConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html) data type\\. \nFor the `MQ` event source type, the only valid configuration types are `BASIC_AUTH` and `VIRTUAL_HOST`\\. \n+ **`BASIC_AUTH`** \u2013 The Secrets Manager secret that stores your broker credentials\\. For this type, the credential must be in the following format: `{\"username\": \"your-username\", \"password\": \"your-password\"}`\\. Only one object of type `BASIC_AUTH` is allowed\\.\n+ **`VIRTUAL_HOST`** \u2013 The name of the virtual host in your RabbitMQ broker\\. Lambda will use this Rabbit MQ's host as the event source\\. Only one object of type `VIRTUAL_HOST` is allowed\\.\n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SourceAccessConfigurations`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-sourceaccessconfigurations) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "SourceAccessConfigurations" } }, "required": [ "Broker", "Queues", "SourceAccessConfigurations" ], "title": "MQEventProperties", "type": "object" }, "MSKEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/MSKEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "MSK" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "MSKEvent", "type": "object" }, "MSKEventProperties": { "additionalProperties": false, "properties": { "ConsumerGroupId": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A string that configures how events will be read from Kafka topics\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AmazonManagedKafkaConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "ConsumerGroupId" }, "DestinationConfig": { "$ref": "#/definitions/PassThroughProp" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria that determines whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time to gather records before invoking the function, in seconds\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumBatchingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "SourceAccessConfigurations": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source\\. \n*Valid values*: `CLIENT_CERTIFICATE_TLS_AUTH` \n*Type*: List of [SourceAccessConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SourceAccessConfigurations`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-sourceaccessconfigurations) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "SourceAccessConfigurations" }, "StartingPosition": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The position in a stream from which to start reading\\. \n+ `AT_TIMESTAMP` \u2013 Specify a time from which to start reading records\\.\n+ `LATEST` \u2013 Read only new records\\.\n+ `TRIM_HORIZON` \u2013 Process all available records\\.\n*Valid values*: `AT_TIMESTAMP` \\| `LATEST` \\| `TRIM_HORIZON` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPosition`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingposition) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPosition" }, "StartingPositionTimestamp": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The time from which to start reading, in Unix time seconds\\. Define `StartingPositionTimestamp` when `StartingPosition` is specified as `AT_TIMESTAMP`\\. \n*Type*: Double \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartingPositionTimestamp`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingpositiontimestamp) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "StartingPositionTimestamp" }, "Stream": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the data stream or a stream consumer\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventSourceArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Stream" }, "Topics": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the Kafka topic\\. \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Topics`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-topics) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Topics" } }, "required": [ "Stream", "Topics" ], "title": "MSKEventProperties", "type": "object" }, "OAuth2Authorizer": { "additionalProperties": false, "properties": { "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "List of authorization scopes for this authorizer\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "IdentitySource": { "markdownDescription": "Identity source expression for this authorizer\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IdentitySource", "type": "string" }, "JwtConfiguration": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "JWT configuration for this authorizer\\. \nThis is passed through to the `jwtConfiguration` section of an `x-amazon-apigateway-authorizer` in the `securitySchemes` section of an OpenAPI definition\\. \nProperties `issuer` and `audience` are case insensitive and can be used either lowercase as in OpenAPI or uppercase `Issuer` and `Audience` as in [ AWS::ApiGatewayV2::Authorizer](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-authorizer-jwtconfiguration.html)\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "JwtConfiguration" } }, "title": "OAuth2Authorizer", "type": "object" }, "OpenIDConnectConfig": { "additionalProperties": false, "properties": { "AuthTTL": { "$ref": "#/definitions/PassThroughProp" }, "ClientId": { "$ref": "#/definitions/PassThroughProp" }, "IatTTL": { "$ref": "#/definitions/PassThroughProp" }, "Issuer": { "$ref": "#/definitions/PassThroughProp" } }, "title": "OpenIDConnectConfig", "type": "object" }, "Parameter": { "additionalProperties": false, "properties": { "AllowedPattern": { "type": "string" }, "AllowedValues": { "type": "array" }, "ConstraintDescription": { "type": "string" }, "Default": { "type": "string" }, "Description": { "type": "string" }, "MaxLength": { "type": "string" }, "MaxValue": { "type": "string" }, "MinLength": { "type": "string" }, "MinValue": { "type": "string" }, "NoEcho": { "type": [ "string", "boolean" ] }, "Type": { "enum": [ "String", "Number", "List", "CommaDelimitedList", "AWS::EC2::AvailabilityZone::Name", "AWS::EC2::Image::Id", "AWS::EC2::Instance::Id", "AWS::EC2::KeyPair::KeyName", "AWS::EC2::SecurityGroup::GroupName", "AWS::EC2::SecurityGroup::Id", "AWS::EC2::Subnet::Id", "AWS::EC2::Volume::Id", "AWS::EC2::VPC::Id", "AWS::Route53::HostedZone::Id", "List", "List", "List", "List", "List", "List", "List", "List", "List", "List", "AWS::SSM::Parameter::Name", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>", "AWS::SSM::Parameter::Value>" ], "type": "string" } }, "required": [ "Type" ], "type": "object" }, "PassThroughProp": {}, "PrimaryKey": { "additionalProperties": false, "properties": { "Name": { "markdownDescription": "Attribute name of the primary key\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AttributeName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-attributedef.html#cfn-dynamodb-attributedef-attributename) property of the `AWS::DynamoDB::Table` `AttributeDefinition` data type\\. \n*Additional notes*: This property is also passed to the [AttributeName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-keyschema.html#aws-properties-dynamodb-keyschema-attributename) property of an `AWS::DynamoDB::Table KeySchema` data type\\.", "title": "Name", "type": "string" }, "Type": { "markdownDescription": "The data type for the primary key\\. \n*Valid values*: `String`, `Number`, `Binary` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AttributeType`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-attributedef.html#cfn-dynamodb-attributedef-attributename-attributetype) property of the `AWS::DynamoDB::Table` `AttributeDefinition` data type\\.", "title": "Type", "type": "string" } }, "required": [ "Name", "Type" ], "title": "PrimaryKey", "type": "object" }, "Ref": { "additionalProperties": false, "properties": { "Ref": { "title": "Ref", "type": "string" } }, "required": [ "Ref" ], "title": "Ref", "type": "object" }, "RequestModel": { "additionalProperties": false, "properties": { "Model": { "markdownDescription": "Name of a model defined in the Models property of the [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Model", "type": "string" }, "Required": { "markdownDescription": "Adds a `required` property in the parameters section of the OpenApi definition for the given API endpoint\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Required", "type": "boolean" }, "ValidateBody": { "markdownDescription": "Specifies whether API Gateway uses the `Model` to validate the request body\\. For more information, see [Enable request validation in API Gateway](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html) in the *API Gateway Developer Guide*\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ValidateBody", "type": "boolean" }, "ValidateParameters": { "markdownDescription": "Specifies whether API Gateway uses the `Model` to validate request path parameters, query strings, and headers\\. For more information, see [Enable request validation in API Gateway](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-method-request-validation.html) in the *API Gateway Developer Guide*\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ValidateParameters", "type": "boolean" } }, "required": [ "Model" ], "title": "RequestModel", "type": "object" }, "RequestParameters": { "additionalProperties": false, "properties": { "Caching": { "markdownDescription": "Adds `cacheKeyParameters` section to the API Gateway OpenApi definition \n*Type*: Boolean \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Caching", "type": "boolean" }, "Required": { "markdownDescription": "This field specifies whether a parameter is required \n*Type*: Boolean \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Required", "type": "boolean" } }, "title": "RequestParameters", "type": "object" }, "Resolver": { "additionalProperties": false, "properties": { "Caching": { "$ref": "#/definitions/Caching" }, "CodeUri": { "$ref": "#/definitions/PassThroughProp" }, "FieldName": { "title": "Fieldname", "type": "string" }, "InlineCode": { "$ref": "#/definitions/PassThroughProp" }, "MaxBatchSize": { "$ref": "#/definitions/PassThroughProp" }, "Pipeline": { "items": { "type": "string" }, "title": "Pipeline", "type": "array" }, "Runtime": { "$ref": "#/definitions/Runtime" }, "Sync": { "$ref": "#/definitions/Sync" } }, "title": "Resolver", "type": "object" }, "ResourceReference": { "additionalProperties": false, "properties": { "Arn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of a resource\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Arn" }, "Id": { "markdownDescription": "The [logical ID](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/resources-section-structure.html) of a resource in the same template\\. \nWhen `Id` is specified, if the connector generates AWS Identity and Access Management \\(IAM\\) policies, the IAM role associated to those policies will be inferred from the resource `Id`\\. When `Id` is not specified, provide `RoleName` of the resource for connectors to attach generated IAM policies to an IAM role\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Id", "type": "string" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of a resource\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Name" }, "Qualifier": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A qualifier for a resource that narrows its scope\\. `Qualifier` replaces the `*` value at the end of a resource constraint ARN\\. For an example, see [API Gateway invoking a Lambda function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/#sam-property-connector-resourcereference--examples--api-gateway-invoking-a-lambda-function.html#sam-property-connector-resourcereference--examples--api-gateway-invoking-a-lambda-function)\\. \nQualifier definition varies per resource type\\. For a list of supported source and destination resource types, see [AWS SAM connector reference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/reference-sam-connector.html)\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Qualifier" }, "QueueUrl": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon SQS queue URL\\. This property only applies to Amazon SQS resources\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueueUrl" }, "ResourceId": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ID of a resource\\. For example, the API Gateway API ID\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ResourceId" }, "RoleName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The role name associated with a resource\\. \nWhen `Id` is specified, if the connector generates IAM policies, the IAM role associated to those policies will be inferred from the resource `Id`\\. When `Id` is not specified, provide `RoleName` of the resource for connectors to attach generated IAM policies to an IAM role\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "RoleName" }, "Type": { "markdownDescription": "The AWS CloudFormation type of a resource\\. For more information, go to [AWS resource and property types reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html)\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "title": "ResourceReference", "type": "object" }, "Runtime": { "additionalProperties": false, "properties": { "Name": { "$ref": "#/definitions/PassThroughProp" }, "Version": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Name", "Version" ], "title": "Runtime", "type": "object" }, "S3Event": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/S3EventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "S3" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Properties", "Type" ], "title": "S3Event", "type": "object" }, "S3EventProperties": { "additionalProperties": false, "properties": { "Bucket": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "S3 bucket name\\. This bucket must exist in the same template\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is similar to the [`BucketName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#cfn-s3-bucket-name) property of an `AWS::S3::Bucket` resource\\. This is a required field in SAM\\. This field only accepts a reference to the S3 bucket created in this template", "title": "Bucket" }, "Events": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon S3 bucket event for which to invoke the Lambda function\\. See [Amazon S3 supported event types](http://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#supported-notification-event-types) for a list of valid values\\. \n*Type*: String \\| List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Event`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfig-lambdaconfig.html#cfn-s3-bucket-notificationconfig-lambdaconfig-event) property of the `AWS::S3::Bucket` `LambdaConfiguration` data type\\.", "title": "Events" }, "Filter": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The filtering rules that determine which Amazon S3 objects invoke the Lambda function\\. For information about Amazon S3 key name filtering, see [Configuring Amazon S3 Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon Simple Storage Service User Guide*\\. \n*Type*: [NotificationFilter](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Filter`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-notificationconfiguration-config-filter.html) property of the `AWS::S3::Bucket` `LambdaConfiguration` data type\\.", "title": "Filter" } }, "required": [ "Bucket", "Events" ], "title": "S3EventProperties", "type": "object" }, "SNSEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/SNSEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "SNS" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Properties", "Type" ], "title": "SNSEvent", "type": "object" }, "SNSEventProperties": { "additionalProperties": false, "properties": { "FilterPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The filter policy JSON assigned to the subscription\\. For more information, see [GetSubscriptionAttributes](https://docs.aws.amazon.com/sns/latest/api/API_GetSubscriptionAttributes.html) in the Amazon Simple Notification Service API Reference\\. \n*Type*: [SnsFilterPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html#cfn-sns-subscription-filterpolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html#cfn-sns-subscription-filterpolicy) property of an `AWS::SNS::Subscription` resource\\.", "title": "FilterPolicy" }, "FilterPolicyScope": { "$ref": "#/definitions/PassThroughProp" }, "Region": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "For cross\\-region subscriptions, the region in which the topic resides\\. \nIf no region is specified, CloudFormation uses the region of the caller as the default\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Region`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html#cfn-sns-subscription-region) property of an `AWS::SNS::Subscription` resource\\.", "title": "Region" }, "SqsSubscription": { "anyOf": [ { "type": "boolean" }, { "$ref": "#/definitions/SqsSubscription" } ], "markdownDescription": "Set this property to true, or specify `SqsSubscriptionObject` to enable batching SNS topic notifications in an SQS queue\\. Setting this property to `true` creates a new SQS queue, whereas specifying a `SqsSubscriptionObject` uses an existing SQS queue\\. \n*Type*: Boolean \\| [SqsSubscriptionObject](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqssubscriptionobject.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SqsSubscription" }, "Topic": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the topic to subscribe to\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TopicArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html#topicarn) property of an `AWS::SNS::Subscription` resource\\.", "title": "Topic" } }, "required": [ "Topic" ], "title": "SNSEventProperties", "type": "object" }, "SQSEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/SQSEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "SQS" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "SQSEvent", "type": "object" }, "SQSEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch\\. \n*Type*: Integer \n*Required*: No \n*Default*: 10 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BatchSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize) property of an `AWS::Lambda::EventSourceMapping` resource\\. \n*Minimum*: `1` \n*Maximum*: `10000`", "title": "BatchSize" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Disables the event source mapping to pause polling and invocation\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Enabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria to determine whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "FunctionResponseTypes": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A list of the response types currently applied to the event source mapping\\. For more information, see [ Reporting batch item failures](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#services-sqs-batchfailurereporting) in the *AWS Lambda Developer Guide*\\. \n *Valid values*: `ReportBatchItemFailures` \n *Type*: List \n *Required*: No \n *AWS CloudFormation compatibility*: This property is passed directly to the [`FunctionResponseTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-functionresponsetypes) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FunctionResponseTypes" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "MaximumBatchingWindowInSeconds": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum amount of time, in seconds, to gather records before invoking the function\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MaximumBatchingWindowInSeconds`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "MaximumBatchingWindowInSeconds" }, "Queue": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the queue\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventSourceArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Queue" }, "ScalingConfig": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Queue" ], "title": "SQSEventProperties", "type": "object" }, "ScheduleEventProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinescheduledeadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-deadletterconfig) property of the `AWS::Events::Rule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the rule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-description) property of an `AWS::Events::Rule` resource\\.", "title": "Description" }, "Enabled": { "markdownDescription": "Indicates whether the rule is enabled\\. \nTo disable the rule, set this property to `false`\\. \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\. If this property is set to `true` then AWS SAM passes `ENABLED`, otherwise it passes `DISABLED`\\.", "title": "Enabled", "type": "boolean" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the rule\\. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the rule name\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-name) property of an `AWS::Events::Rule` resource\\.", "title": "Name" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "RetryPolicy" }, "RoleArn": { "$ref": "#/definitions/PassThroughProp" }, "Schedule": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The scheduling expression that determines when and how often the rule runs\\. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpression`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-scheduleexpression) property of an `AWS::Events::Rule` resource\\.", "title": "Schedule" }, "State": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The state of the rule\\. \n*Accepted values:* `DISABLED | ENABLED` \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\.", "title": "State" }, "Target": { "allOf": [ { "$ref": "#/definitions/ScheduleTarget" } ], "markdownDescription": "The AWS resource that EventBridge invokes when a rule is triggered\\. You can use this property to specify the logical ID of the target\\. If this property is not specified, then AWS SAM generates the logical ID of the target\\. \n*Type*: [Target](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinetarget.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Targets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-targets) property of an `AWS::Events::Rule` resource\\. The AWS SAM version of this property only allows you to specify the logical ID of a single target\\.", "title": "Target" } }, "title": "ScheduleEventProperties", "type": "object" }, "ScheduleTarget": { "additionalProperties": false, "properties": { "Id": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The logical ID of the target\\. \nThe value of `Id` can include alphanumeric characters, periods \\(`.`\\), hyphens \\(`-`\\), and underscores \\(`_`\\)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Id`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-id) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "Id" } }, "required": [ "Id" ], "title": "ScheduleTarget", "type": "object" }, "SelfManagedKafkaEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/SelfManagedKafkaEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "SelfManagedKafka" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "SelfManagedKafkaEvent", "type": "object" }, "SelfManagedKafkaEventProperties": { "additionalProperties": false, "properties": { "BatchSize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of records in each batch that Lambda pulls from your stream and sends to your function\\. \n*Type*: Integer \n*Required*: No \n*Default*: 100 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`BatchSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize) property of an `AWS::Lambda::EventSourceMapping` resource\\. \n*Minimum*: `1` \n*Maximum*: `10000`", "title": "BatchSize" }, "ConsumerGroupId": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A string that configures how events will be read from Kafka topics\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SelfManagedKafkaConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "ConsumerGroupId" }, "Enabled": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Disables the event source mapping to pause polling and invocation\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Enabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Enabled" }, "FilterCriteria": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A object that defines the criteria to determine whether Lambda should process an event\\. For more information, see [AWS Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FilterCriteria](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FilterCriteria`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "FilterCriteria" }, "KafkaBootstrapServers": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of bootstrap servers for your Kafka brokers\\. Include the port, for example `broker.example.com:xxxx` \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "KafkaBootstrapServers", "type": "array" }, "KmsKeyArn": { "$ref": "#/definitions/PassThroughProp" }, "SourceAccessConfigurations": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An array of the authentication protocol, VPC components, or virtual host to secure and define your event source\\. \n*Valid values*: `BASIC_AUTH | CLIENT_CERTIFICATE_TLS_AUTH | SASL_SCRAM_256_AUTH | SASL_SCRAM_512_AUTH | SERVER_ROOT_CA_CERTIFICATE` \n*Type*: List of [SourceAccessConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ SourceAccessConfigurations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-sourceaccessconfigurations)` property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "SourceAccessConfigurations" }, "StartingPosition": { "$ref": "#/definitions/PassThroughProp" }, "StartingPositionTimestamp": { "$ref": "#/definitions/PassThroughProp" }, "Topics": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the Kafka topic\\. \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Topics`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-topics) property of an `AWS::Lambda::EventSourceMapping` resource\\.", "title": "Topics" } }, "required": [ "SourceAccessConfigurations", "Topics" ], "title": "SelfManagedKafkaEventProperties", "type": "object" }, "SourceReferenceProperties": { "additionalProperties": false, "properties": { "Qualifier": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A qualifier for a resource that narrows its scope\\. `Qualifier` replaces the `*` value at the end of a resource constraint ARN\\. \nQualifier definition varies per resource type\\. For a list of supported source and destination resource types, see [AWS SAM connector reference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/reference-sam-connector.html)\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Qualifier" } }, "title": "SourceReferenceProperties", "type": "object" }, "SqsSubscription": { "additionalProperties": false, "properties": { "BatchSize": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The maximum number of items to retrieve in a single batch for the SQS queue\\. \n*Type*: String \n*Required*: No \n*Default*: 10 \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "BatchSize" }, "Enabled": { "markdownDescription": "Disables the SQS event source mapping to pause polling and invocation\\. \n*Type*: Boolean \n*Required*: No \n*Default*: True \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Enabled", "type": "boolean" }, "QueueArn": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specify an existing SQS queue arn\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueueArn" }, "QueuePolicyLogicalId": { "markdownDescription": "Give a custom logicalId name for the [AWS::SQS::QueuePolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-policy.html) resource\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueuePolicyLogicalId", "type": "string" }, "QueueUrl": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specify the queue URL associated with the `QueueArn` property\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueueUrl" } }, "required": [ "QueueArn", "QueueUrl" ], "title": "SqsSubscription", "type": "object" }, "Sync": { "additionalProperties": false, "properties": { "ConflictDetection": { "$ref": "#/definitions/PassThroughProp" }, "ConflictHandler": { "$ref": "#/definitions/PassThroughProp" }, "LambdaConflictHandlerConfig": { "$ref": "#/definitions/LambdaConflictHandlerConfig" } }, "required": [ "ConflictDetection" ], "title": "Sync", "type": "object" }, "Tag": { "additionalProperties": false, "properties": { "Key": { "type": "string" }, "Value": { "type": "string" } }, "required": [ "Key", "Value" ], "type": "object" }, "UsagePlan": { "additionalProperties": false, "properties": { "CreateUsagePlan": { "anyOf": [ { "type": "object" }, { "enum": [ "PER_API", "SHARED", "NONE" ], "type": "string" } ], "markdownDescription": "Determines how this usage plan is configured\\. Valid values are `PER_API`, `SHARED`, and `NONE`\\. \n`PER_API` creates [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html), [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html), and [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html) resources that are specific to this API\\. These resources have logical IDs of `UsagePlan`, `ApiKey`, and `UsagePlanKey`, respectively\\. \n`SHARED` creates [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html), [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html), and [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html) resources that are shared across any API that also has `CreateUsagePlan: SHARED` in the same AWS SAM template\\. These resources have logical IDs of `ServerlessUsagePlan`, `ServerlessApiKey`, and `ServerlessUsagePlanKey`, respectively\\. If you use this option, we recommend that you add additional configuration for this usage plan on only one API resource to avoid conflicting definitions and an uncertain state\\. \n`NONE` disables the creation or association of a usage plan with this API\\. This is only necessary if `SHARED` or `PER_API` is specified in the [Globals section of the AWS SAM template](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-template-anatomy-globals.html)\\. \n*Valid values*: `PER_API`, `SHARED`, and `NONE` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CreateUsagePlan" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the usage plan\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-description) property of an `AWS::ApiGateway::UsagePlan` resource\\.", "title": "Description" }, "Quota": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configures the number of requests that users can make within a given interval\\. \n*Type*: [QuotaSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-quota) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Quota`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-quota) property of an `AWS::ApiGateway::UsagePlan` resource\\.", "title": "Quota" }, "Tags": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "An array of arbitrary tags \\(key\\-value pairs\\) to associate with the usage plan\\. \nThis property uses the [CloudFormation Tag Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-tags) property of an `AWS::ApiGateway::UsagePlan` resource\\.", "title": "Tags" }, "Throttle": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configures the overall request rate \\(average requests per second\\) and burst capacity\\. \n*Type*: [ThrottleSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-throttle) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Throttle`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-throttle) property of an `AWS::ApiGateway::UsagePlan` resource\\.", "title": "Throttle" }, "UsagePlanName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A name for the usage plan\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`UsagePlanName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html#cfn-apigateway-usageplan-usageplanname) property of an `AWS::ApiGateway::UsagePlan` resource\\.", "title": "UsagePlanName" } }, "required": [ "CreateUsagePlan" ], "title": "UsagePlan", "type": "object" }, "UserPoolConfig": { "additionalProperties": false, "properties": { "AppIdClientRegex": { "$ref": "#/definitions/PassThroughProp" }, "AwsRegion": { "$ref": "#/definitions/PassThroughProp" }, "DefaultAction": { "$ref": "#/definitions/PassThroughProp" }, "UserPoolId": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "UserPoolId" ], "title": "UserPoolConfig", "type": "object" }, "__main____Globals": { "additionalProperties": false, "properties": { "Api": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Globals" }, "Function": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__Globals" }, "HttpApi": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Globals" }, "SimpleTable": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_simpletable__Globals" }, "StateMachine": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__Globals" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Auth": { "additionalProperties": false, "properties": { "AddApiKeyRequiredToCorsPreflight": { "title": "Addapikeyrequiredtocorspreflight", "type": "boolean" }, "AddDefaultAuthorizerToCorsPreflight": { "markdownDescription": "If the `DefaultAuthorizer` and `Cors` properties are set, then setting `AddDefaultAuthorizerToCorsPreflight` will cause the default authorizer to be added to the `Options` property in the OpenAPI section\\. \n*Type*: Boolean \n*Required*: No \n*Default*: True \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AddDefaultAuthorizerToCorsPreflight", "type": "boolean" }, "ApiKeyRequired": { "markdownDescription": "If set to true then an API key is required for all API events\\. For more information about API keys see [Create and Use Usage Plans with API Keys](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html) in the *API Gateway Developer Guide*\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ApiKeyRequired", "type": "boolean" }, "Authorizers": { "additionalProperties": { "anyOf": [ { "$ref": "#/definitions/CognitoAuthorizer" }, { "$ref": "#/definitions/LambdaTokenAuthorizer" }, { "$ref": "#/definitions/LambdaRequestAuthorizer" } ] }, "markdownDescription": "The authorizer used to control access to your API Gateway API\\. \nFor more information, see [Controlling access to API Gateway APIs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-controlling-access-to-apis.html)\\. \n*Type*: [CognitoAuthorizer](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-cognitoauthorizer.html) \\| [LambdaTokenAuthorizer](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-lambdatokenauthorizer.html) \\| [LambdaRequestAuthorizer](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-lambdarequestauthorizer.html) \n*Required*: No \n*Default*: None \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: SAM adds the Authorizers to the OpenApi definition of an Api\\.", "title": "Authorizers", "type": "object" }, "DefaultAuthorizer": { "markdownDescription": "Specify a default authorizer for an API Gateway API, which will be used for authorizing API calls by default\\. \nIf the Api EventSource for the function associated with this API is configured to use IAM Permissions, then this property must be set to `AWS_IAM`, otherwise an error will result\\.\n*Type*: String \n*Required*: No \n*Default*: None \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "DefaultAuthorizer", "type": "string" }, "InvokeRole": { "markdownDescription": "Sets integration credentials for all resources and methods to this value\\. \n`CALLER_CREDENTIALS` maps to `arn:aws:iam::*:user/*`, which uses the caller credentials to invoke the endpoint\\. \n*Valid values*: `CALLER_CREDENTIALS`, `NONE`, `IAMRoleArn` \n*Type*: String \n*Required*: No \n*Default*: `CALLER_CREDENTIALS` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "InvokeRole", "type": "string" }, "ResourcePolicy": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__ResourcePolicy" } ], "markdownDescription": "Configure Resource Policy for all methods and paths on an API\\. \n*Type*: [ResourcePolicyStatement](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-resourcepolicystatement.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: This setting can also be defined on individual `AWS::Serverless::Function` using the [ApiFunctionAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-apifunctionauth.html)\\. This is required for APIs with `EndpointConfiguration: PRIVATE`\\.", "title": "ResourcePolicy" }, "UsagePlan": { "allOf": [ { "$ref": "#/definitions/UsagePlan" } ], "markdownDescription": "Configures a usage plan associated with this API\\. For more information about usage plans see [Create and Use Usage Plans with API Keys](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-usage-plans.html) in the *API Gateway Developer Guide*\\. \nThis AWS SAM property generates three additional AWS CloudFormation resources when this property is set: an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html), an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplankey.html), and an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html)\\. For information about this scenario, see [UsagePlan property is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-api.html#sam-specification-generated-resources-api-usage-plan)\\. For general information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: [ApiUsagePlan](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apiusageplan.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "UsagePlan" } }, "title": "Auth", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__DefinitionUri": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where the OpenAPI file is stored\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Bucket`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-s3location.html#cfn-apigateway-restapi-s3location-bucket) property of the `AWS::ApiGateway::RestApi` `S3Location` data type\\.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The Amazon S3 key of the OpenAPI file\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Key`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-s3location.html#cfn-apigateway-restapi-s3location-key) property of the `AWS::ApiGateway::RestApi` `S3Location` data type\\.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "For versioned objects, the version of the OpenAPI file\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Version`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-restapi-s3location.html#cfn-apigateway-restapi-s3location-version) property of the `AWS::ApiGateway::RestApi` `S3Location` data type\\.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "title": "DefinitionUri", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Domain": { "additionalProperties": false, "properties": { "BasePath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A list of the basepaths to configure with the Amazon API Gateway domain name\\. \n*Type*: List \n*Required*: No \n*Default*: / \n*AWS CloudFormation compatibility*: This property is similar to the [`BasePath`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-basepathmapping.html#cfn-apigateway-basepathmapping-basepath) property of an `AWS::ApiGateway::BasePathMapping` resource\\. AWS SAM creates multiple `AWS::ApiGateway::BasePathMapping` resources, one per `BasePath` specified in this property\\.", "title": "BasePath" }, "CertificateArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of an AWS managed certificate this domain name's endpoint\\. AWS Certificate Manager is the only supported source\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is similar to the [`CertificateArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-certificatearn) property of an `AWS::ApiGateway::DomainName` resource\\. If `EndpointConfiguration` is set to `REGIONAL` \\(the default value\\), `CertificateArn` maps to [RegionalCertificateArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-regionalcertificatearn) in `AWS::ApiGateway::DomainName`\\. If the `EndpointConfiguration` is set to `EDGE`, `CertificateArn` maps to [CertificateArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-certificatearn) in `AWS::ApiGateway::DomainName`\\. \n*Additional notes*: For an `EDGE` endpoint, you must create the certificate in the `us-east-1` AWS Region\\.", "title": "CertificateArn" }, "DomainName": { "markdownDescription": "The custom domain name for your API Gateway API\\. Uppercase letters are not supported\\. \nAWS SAM generates an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html) resource when this property is set\\. For information about this scenario, see [DomainName property is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-api.html#sam-specification-generated-resources-api-domain-name)\\. For information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DomainName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-domainname) property of an `AWS::ApiGateway::DomainName` resource\\.", "title": "DomainName", "type": "string" }, "EndpointConfiguration": { "anyOf": [ { "type": "object" }, { "enum": [ "REGIONAL", "EDGE" ], "type": "string" } ], "markdownDescription": "Defines the type of API Gateway endpoint to map to the custom domain\\. The value of this property determines how the `CertificateArn` property is mapped in AWS CloudFormation\\. \n*Valid values*: `REGIONAL` or `EDGE` \n*Type*: String \n*Required*: No \n*Default*: `REGIONAL` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EndpointConfiguration" }, "MutualTlsAuthentication": { "$ref": "#/definitions/AWS::ApiGateway::DomainName.MutualTlsAuthentication", "markdownDescription": "The mutual Transport Layer Security \\(TLS\\) authentication configuration for a custom domain name\\. \n*Type*: [MutualTlsAuthentication](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-mutualtlsauthentication) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MutualTlsAuthentication`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-mutualtlsauthentication) property of an `AWS::ApiGateway::DomainName` resource\\.", "title": "MutualTlsAuthentication" }, "NormalizeBasePath": { "markdownDescription": "Indicates whether non\\-alphanumeric characters are allowed in basepaths defined by the `BasePath` property\\. When set to `True`, non\\-alphanumeric characters are removed from basepaths\\. \nUse `NormalizeBasePath` with the `BasePath` property\\. \n*Type*: Boolean \n*Required*: No \n*Default*: True \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "NormalizeBasePath", "type": "boolean" }, "OwnershipVerificationCertificateArn": { "markdownDescription": "The ARN of the public certificate issued by ACM to validate ownership of your custom domain\\. Required only when you configure mutual TLS and you specify an ACM imported or private CA certificate ARN for the `CertificateArn`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`OwnershipVerificationCertificateArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-ownershipverificationcertificatearn) property of an `AWS::ApiGateway::DomainName` resource\\.", "title": "OwnershipVerificationCertificateArn", "type": "string" }, "Route53": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Route53" } ], "markdownDescription": "Defines an Amazon Route\u00a053 configuration\\. \n*Type*: [Route53Configuration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-route53configuration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Route53" }, "SecurityPolicy": { "markdownDescription": "The TLS version plus cipher suite for this domain name\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SecurityPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html#cfn-apigateway-domainname-securitypolicy) property of an `AWS::ApiGateway::DomainName` resource\\.", "title": "SecurityPolicy", "type": "string" } }, "required": [ "CertificateArn", "DomainName" ], "title": "Domain", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Globals": { "additionalProperties": false, "properties": { "AccessLogSetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.AccessLogSetting", "markdownDescription": "Configures Access Log Setting for a stage\\. \n*Type*: [AccessLogSetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-accesslogsetting) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AccessLogSetting`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-accesslogsetting) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "AccessLogSetting" }, "AlwaysDeploy": { "markdownDescription": "Always deploys the API, even when no changes to the API have been detected\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AlwaysDeploy", "type": "boolean" }, "Auth": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Auth" } ], "markdownDescription": "Configure authorization to control access to your API Gateway API\\. \nFor more information about configuring access using AWS SAM see [Controlling access to API Gateway APIs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-controlling-access-to-apis.html)\\. \n*Type*: [ApiAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apiauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "BinaryMediaTypes": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "List of MIME types that your API could return\\. Use this to enable binary support for APIs\\. Use \\~1 instead of / in the mime types\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`BinaryMediaTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-binarymediatypes) property of an `AWS::ApiGateway::RestApi` resource\\. The list of BinaryMediaTypes is added to both the AWS CloudFormation resource and the OpenAPI document\\.", "title": "BinaryMediaTypes" }, "CacheClusterEnabled": { "markdownDescription": "Indicates whether caching is enabled for the stage\\. To cache responses, you must also set `CachingEnabled` to `true` under `MethodSettings`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CacheClusterEnabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CacheClusterEnabled", "type": "boolean" }, "CacheClusterSize": { "markdownDescription": "The stage's cache cluster size\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CacheClusterSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclustersize) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CacheClusterSize", "type": "string" }, "CanarySetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.CanarySetting", "markdownDescription": "Configure a canary setting to a stage of a regular deployment\\. \n*Type*: [CanarySetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-canarysetting) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CanarySetting`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-canarysetting) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CanarySetting" }, "Cors": { "anyOf": [ { "type": "object" }, { "type": "string" }, { "$ref": "#/definitions/Cors" } ], "markdownDescription": "Manage Cross\\-origin resource sharing \\(CORS\\) for all your API Gateway APIs\\. Specify the domain to allow as a string or specify a dictionary with additional Cors configuration\\. NOTE: CORS requires AWS SAM to modify your OpenAPI definition\\. So, it works only if inline OpenApi is defined with DefinitionBody\\. \nFor more information about CORS, see [Enable CORS for an API Gateway REST API Resource](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html) in the *API Gateway Developer Guide*\\. \n*Type*: String \\| [CorsConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-corsconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Cors" }, "DefinitionUri": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Amazon S3 Uri, local file path, or location object of the the OpenAPI document defining the API\\. The Amazon S3 object this property references must be a valid OpenAPI file\\. If neither `DefinitionUri` nor `DefinitionBody` are specified, SAM will generate a `DefinitionBody` for you based on your template configuration\\. \nIf a local file path is provided, the template must go through the workflow that includes the `sam deploy` or `sam package` command, in order for the definition to be transformed properly\\. \nIntrinsic functions are not supported in external OpenApi files referenced by `DefinitionUri`\\. Use instead the `DefinitionBody` property with the [Include Transform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/create-reusable-transform-function-snippets-and-add-to-your-template-with-aws-include-transform.html) to import an OpenApi definition into the template\\. \n*Type*: String \\| [ApiDefinition](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apidefinition.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`BodyS3Location`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-bodys3location) property of an `AWS::ApiGateway::RestApi` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "DefinitionUri" }, "Domain": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Domain" } ], "markdownDescription": "Configures a custom domain for this API Gateway API\\. \n*Type*: [DomainConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Domain" }, "EndpointConfiguration": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The endpoint type of a REST API\\. \n*Type*: [EndpointConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-endpointconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`EndpointConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-endpointconfiguration) property of an `AWS::ApiGateway::RestApi` resource\\. The nested configuration properties are named differently\\.", "title": "EndpointConfiguration" }, "GatewayResponses": { "markdownDescription": "Configures Gateway Responses for an API\\. Gateway Responses are responses returned by API Gateway, either directly or through the use of Lambda Authorizers\\. For more information, see the documentation for the [Api Gateway OpenApi extension for Gateway Responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-gateway-responses.html)\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "GatewayResponses", "type": "object" }, "MergeDefinitions": { "markdownDescription": "AWS SAM generates an OpenAPI specification from your API event source\\. Specify `true` to have AWS SAM merge this into the inline OpenAPI specification defined in your `AWS::Serverless::Api` resource\\. Specify `false` to not merge\\. \n`MergeDefinitions` requires the `DefinitionBody` property for `AWS::Serverless::Api` to be defined\\. `MergeDefinitions` is not compatible with the `DefinitionUri` property for `AWS::Serverless::Api`\\. \n*Default value*: `false` \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "MergeDefinitions", "type": "boolean" }, "MethodSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configures all settings for API stage including Logging, Metrics, CacheTTL, Throttling\\. \n*Type*: List of [ MethodSetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-methodsetting.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MethodSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-methodsettings) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "MethodSettings" }, "MinimumCompressionSize": { "markdownDescription": "Allow compression of response bodies based on client's Accept\\-Encoding header\\. Compression is triggered when response body size is greater than or equal to your configured threshold\\. The maximum body size threshold is 10 MB \\(10,485,760 Bytes\\)\\. \\- The following compression types are supported: gzip, deflate, and identity\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MinimumCompressionSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-minimumcompressionsize) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "MinimumCompressionSize", "type": "number" }, "Name": { "markdownDescription": "A name for the API Gateway RestApi resource \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-name) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "Name", "type": "string" }, "OpenApiVersion": { "anyOf": [ { "type": "number" }, { "type": "string" } ], "markdownDescription": "Version of OpenApi to use\\. This can either be `2.0` for the Swagger specification, or one of the OpenApi 3\\.0 versions, like `3.0.1`\\. For more information about OpenAPI, see the [OpenAPI Specification](https://swagger.io/specification/)\\. \n AWS SAM creates a stage called `Stage` by default\\. Setting this property to any valid value will prevent the creation of the stage `Stage`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "OpenApiVersion" }, "PropagateTags": { "title": "Propagatetags", "type": "boolean" }, "TracingEnabled": { "markdownDescription": "Indicates whether active tracing with X\\-Ray is enabled for the stage\\. For more information about X\\-Ray, see [Tracing user requests to REST APIs using X\\-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide*\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TracingEnabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "TracingEnabled", "type": "boolean" }, "Variables": { "additionalProperties": true, "markdownDescription": "A map \\(string to string\\) that defines the stage variables, where the variable name is the key and the variable value is the value\\. Variable names are limited to alphanumeric characters\\. Values must match the following regular expression: `[A-Za-z0-9._~:/?#&=,-]+`\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Variables`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-variables) property of an `AWS::ApiGateway::Stage` resource\\.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Variables", "type": "object" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Properties": { "additionalProperties": false, "properties": { "AccessLogSetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.AccessLogSetting", "markdownDescription": "Configures Access Log Setting for a stage\\. \n*Type*: [AccessLogSetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-accesslogsetting) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AccessLogSetting`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-accesslogsetting) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "AccessLogSetting" }, "AlwaysDeploy": { "markdownDescription": "Always deploys the API, even when no changes to the API have been detected\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AlwaysDeploy", "type": "boolean" }, "ApiKeySourceType": { "markdownDescription": "The source of the API key for metering requests according to a usage plan\\. Valid values are `HEADER` and `AUTHORIZER`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ApiKeySourceType`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-apikeysourcetype) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "ApiKeySourceType", "type": "string" }, "Auth": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Auth" } ], "markdownDescription": "Configure authorization to control access to your API Gateway API\\. \nFor more information about configuring access using AWS SAM see [Controlling access to API Gateway APIs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-controlling-access-to-apis.html)\\. \n*Type*: [ApiAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apiauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "BinaryMediaTypes": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "List of MIME types that your API could return\\. Use this to enable binary support for APIs\\. Use \\~1 instead of / in the mime types\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`BinaryMediaTypes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-binarymediatypes) property of an `AWS::ApiGateway::RestApi` resource\\. The list of BinaryMediaTypes is added to both the AWS CloudFormation resource and the OpenAPI document\\.", "title": "BinaryMediaTypes" }, "CacheClusterEnabled": { "markdownDescription": "Indicates whether caching is enabled for the stage\\. To cache responses, you must also set `CachingEnabled` to `true` under `MethodSettings`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CacheClusterEnabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclusterenabled) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CacheClusterEnabled", "type": "boolean" }, "CacheClusterSize": { "markdownDescription": "The stage's cache cluster size\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CacheClusterSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-cacheclustersize) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CacheClusterSize", "type": "string" }, "CanarySetting": { "$ref": "#/definitions/AWS::ApiGateway::Stage.CanarySetting", "markdownDescription": "Configure a canary setting to a stage of a regular deployment\\. \n*Type*: [CanarySetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-canarysetting) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CanarySetting`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-canarysetting) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "CanarySetting" }, "Cors": { "anyOf": [ { "type": "object" }, { "type": "string" }, { "$ref": "#/definitions/Cors" } ], "markdownDescription": "Manage Cross\\-origin resource sharing \\(CORS\\) for all your API Gateway APIs\\. Specify the domain to allow as a string or specify a dictionary with additional Cors configuration\\. NOTE: CORS requires AWS SAM to modify your OpenAPI definition\\. So, it works only if inline OpenApi is defined with DefinitionBody\\. \nFor more information about CORS, see [Enable CORS for an API Gateway REST API Resource](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-cors.html) in the *API Gateway Developer Guide*\\. \n*Type*: String \\| [CorsConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-corsconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Cors" }, "DefinitionBody": { "markdownDescription": "OpenAPI specification that describes your API\\. If neither `DefinitionUri` nor `DefinitionBody` are specified, SAM will generate a `DefinitionBody` for you based on your template configuration\\. \nTo reference a local OpenAPI file that defines your API, use the `AWS::Include` transform\\. To learn more, see [Upload local files at deployment](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/deploy-upload-local-files.html)\\. \n*Type*: JSON \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Body`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-body) property of an `AWS::ApiGateway::RestApi` resource\\. If certain properties are provided, content may be inserted or modified into the DefinitionBody before being passed to CloudFormation\\. Properties include `Auth`, `BinaryMediaTypes`, `Cors`, `GatewayResponses`, `Models`, and an `EventSource` of type Api for a corresponding `AWS::Serverless::Function`\\.", "title": "DefinitionBody", "type": "object" }, "DefinitionUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__DefinitionUri" } ], "markdownDescription": "Amazon S3 Uri, local file path, or location object of the the OpenAPI document defining the API\\. The Amazon S3 object this property references must be a valid OpenAPI file\\. If neither `DefinitionUri` nor `DefinitionBody` are specified, SAM will generate a `DefinitionBody` for you based on your template configuration\\. \nIf a local file path is provided, the template must go through the workflow that includes the `sam deploy` or `sam package` command, in order for the definition to be transformed properly\\. \nIntrinsic functions are not supported in external OpenApi files referenced by `DefinitionUri`\\. Use instead the `DefinitionBody` property with the [Include Transform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/create-reusable-transform-function-snippets-and-add-to-your-template-with-aws-include-transform.html) to import an OpenApi definition into the template\\. \n*Type*: String \\| [ApiDefinition](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-apidefinition.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`BodyS3Location`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-bodys3location) property of an `AWS::ApiGateway::RestApi` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "DefinitionUri" }, "Description": { "markdownDescription": "A description of the Api resource\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-description) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "Description", "type": "string" }, "DisableExecuteApiEndpoint": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Specifies whether clients can invoke your API by using the default `execute-api` endpoint\\. By default, clients can invoke your API with the default `https://{api_id}.execute-api.{region}.amazonaws.com`\\. To require that clients use a custom domain name to invoke your API, specify `True`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the `[ DisableExecuteApiEndpoint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-disableexecuteapiendpoint)` property of an `AWS::ApiGateway::RestApi` resource\\. It is passed directly to the `disableExecuteApiEndpoint` property of an `[ x\\-amazon\\-apigateway\\-endpoint\\-configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html)` extension, which gets added to the ` [ Body](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-body)` property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "DisableExecuteApiEndpoint" }, "Domain": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Domain" } ], "markdownDescription": "Configures a custom domain for this API Gateway API\\. \n*Type*: [DomainConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-domainconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Domain" }, "EndpointConfiguration": { "anyOf": [ { "type": "object" }, { "$ref": "#/definitions/EndpointConfiguration" } ], "markdownDescription": "The endpoint type of a REST API\\. \n*Type*: [EndpointConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-api-endpointconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`EndpointConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-endpointconfiguration) property of an `AWS::ApiGateway::RestApi` resource\\. The nested configuration properties are named differently\\.", "title": "EndpointConfiguration" }, "FailOnWarnings": { "markdownDescription": "Specifies whether to roll back the API creation \\(`true`\\) or not \\(`false`\\) when a warning is encountered\\. The default value is `false`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FailOnWarnings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-failonwarnings) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "FailOnWarnings", "type": "boolean" }, "GatewayResponses": { "markdownDescription": "Configures Gateway Responses for an API\\. Gateway Responses are responses returned by API Gateway, either directly or through the use of Lambda Authorizers\\. For more information, see the documentation for the [Api Gateway OpenApi extension for Gateway Responses](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-gateway-responses.html)\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "GatewayResponses", "type": "object" }, "MergeDefinitions": { "markdownDescription": "AWS SAM generates an OpenAPI specification from your API event source\\. Specify `true` to have AWS SAM merge this into the inline OpenAPI specification defined in your `AWS::Serverless::Api` resource\\. Specify `false` to not merge\\. \n`MergeDefinitions` requires the `DefinitionBody` property for `AWS::Serverless::Api` to be defined\\. `MergeDefinitions` is not compatible with the `DefinitionUri` property for `AWS::Serverless::Api`\\. \n*Default value*: `false` \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "MergeDefinitions", "type": "boolean" }, "MethodSettings": { "items": { "$ref": "#/definitions/AWS::ApiGateway::Stage.MethodSetting" }, "markdownDescription": "Configures all settings for API stage including Logging, Metrics, CacheTTL, Throttling\\. \n*Type*: List of [ MethodSetting](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-stage-methodsetting.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MethodSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-methodsettings) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "MethodSettings", "type": "array" }, "MinimumCompressionSize": { "markdownDescription": "Allow compression of response bodies based on client's Accept\\-Encoding header\\. Compression is triggered when response body size is greater than or equal to your configured threshold\\. The maximum body size threshold is 10 MB \\(10,485,760 Bytes\\)\\. \\- The following compression types are supported: gzip, deflate, and identity\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MinimumCompressionSize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-minimumcompressionsize) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "MinimumCompressionSize", "type": "number" }, "Mode": { "markdownDescription": "This property applies only when you use OpenAPI to define your REST API\\. The `Mode` determines how API Gateway handles resource updates\\. For more information, see [Mode](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-mode) property of the [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource type\\. \n*Valid values*: `overwrite` or `merge` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Mode`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-mode) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "Mode", "type": "string" }, "Models": { "markdownDescription": "The schemas to be used by your API methods\\. These schemas can be described using JSON or YAML\\. See the Examples section at the bottom of this page for example models\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Models", "type": "object" }, "Name": { "markdownDescription": "A name for the API Gateway RestApi resource \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html#cfn-apigateway-restapi-name) property of an `AWS::ApiGateway::RestApi` resource\\.", "title": "Name", "type": "string" }, "OpenApiVersion": { "anyOf": [ { "type": "number" }, { "type": "string" } ], "markdownDescription": "Version of OpenApi to use\\. This can either be `2.0` for the Swagger specification, or one of the OpenApi 3\\.0 versions, like `3.0.1`\\. For more information about OpenAPI, see the [OpenAPI Specification](https://swagger.io/specification/)\\. \n AWS SAM creates a stage called `Stage` by default\\. Setting this property to any valid value will prevent the creation of the stage `Stage`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "OpenApiVersion" }, "PropagateTags": { "title": "Propagatetags", "type": "boolean" }, "StageName": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The name of the stage, which API Gateway uses as the first path segment in the invoke Uniform Resource Identifier \\(URI\\)\\. \nTo reference the stage resource, use `.Stage`\\. For more information about referencing resources generated when an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/#sam-resource-api.html#sam-resource-api) resource is specified, see [AWS CloudFormation resources generated when AWS::Serverless::Api is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-api.html)\\. For general information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is similar to the [`StageName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-stagename) property of an `AWS::ApiGateway::Stage` resource\\. It is required in SAM, but not required in API Gateway \n*Additional notes*: The Implicit API has a stage name of \"Prod\"\\.", "title": "StageName" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags to be added to this API Gateway stage\\. For details about valid keys and values for tags, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide*\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tags) property of an `AWS::ApiGateway::Stage` resource\\. The Tags property in SAM consists of Key:Value pairs; in CloudFormation it consists of a list of Tag objects\\.", "title": "Tags", "type": "object" }, "TracingEnabled": { "markdownDescription": "Indicates whether active tracing with X\\-Ray is enabled for the stage\\. For more information about X\\-Ray, see [Tracing user requests to REST APIs using X\\-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide*\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TracingEnabled`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-tracingenabled) property of an `AWS::ApiGateway::Stage` resource\\.", "title": "TracingEnabled", "type": "boolean" }, "Variables": { "additionalProperties": true, "markdownDescription": "A map \\(string to string\\) that defines the stage variables, where the variable name is the key and the variable value is the value\\. Variable names are limited to alphanumeric characters\\. Values must match the following regular expression: `[A-Za-z0-9._~:/?#&=,-]+`\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Variables`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html#cfn-apigateway-stage-variables) property of an `AWS::ApiGateway::Stage` resource\\.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Variables", "type": "object" } }, "required": [ "StageName" ], "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Properties" }, "Type": { "enum": [ "AWS::Serverless::Api" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__ResourcePolicy": { "additionalProperties": false, "properties": { "AwsAccountBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to block\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountBlacklist", "type": "array" }, "AwsAccountWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to allow\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountWhitelist", "type": "array" }, "CustomStatements": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "A list of custom resource policy statements to apply to this API\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CustomStatements", "type": "array" }, "IntrinsicVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of virtual private clouds \\(VPCs\\) to block, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcBlacklist", "type": "array" }, "IntrinsicVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPCs to allow, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcWhitelist", "type": "array" }, "IntrinsicVpceBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to block, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceBlacklist", "type": "array" }, "IntrinsicVpceWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to allow, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceWhitelist", "type": "array" }, "IpRangeBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to block\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeBlacklist", "type": "array" }, "IpRangeWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to allow\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeWhitelist", "type": "array" }, "SourceVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to block\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcBlacklist", "type": "array" }, "SourceVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to allow\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcWhitelist", "type": "array" } }, "title": "ResourcePolicy", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_api__Route53": { "additionalProperties": false, "properties": { "DistributionDomainName": { "markdownDescription": "Configures a custom distribution of the API custom domain name\\. \n*Type*: String \n*Required*: No \n*Default*: Use the API Gateway distribution\\. \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DNSName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget-1.html#cfn-route53-aliastarget-dnshostname) property of an `AWS::Route53::RecordSetGroup AliasTarget` resource\\. \n*Additional notes*: The domain name of a [CloudFront distribution](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html)\\.", "title": "DistributionDomainName", "type": "string" }, "EvaluateTargetHealth": { "markdownDescription": "When EvaluateTargetHealth is true, an alias record inherits the health of the referenced AWS resource, such as an Elastic Load Balancing load balancer or another record in the hosted zone\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EvaluateTargetHealth`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-evaluatetargethealth) property of an `AWS::Route53::RecordSetGroup AliasTarget` resource\\. \n*Additional notes*: You can't set EvaluateTargetHealth to true when the alias target is a CloudFront distribution\\.", "title": "EvaluateTargetHealth", "type": "boolean" }, "HostedZoneId": { "markdownDescription": "The ID of the hosted zone that you want to create records in\\. \nSpecify either `HostedZoneName` or `HostedZoneId`, but not both\\. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`HostedZoneId`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset-1.html#cfn-route53-recordset-hostedzoneid) property of an `AWS::Route53::RecordSetGroup RecordSet` resource\\.", "title": "HostedZoneId", "type": "string" }, "HostedZoneName": { "markdownDescription": "The name of the hosted zone that you want to create records in\\. \nSpecify either `HostedZoneName` or `HostedZoneId`, but not both\\. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`HostedZoneName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset-1.html#cfn-route53-recordset-hostedzonename) property of an `AWS::Route53::RecordSetGroup RecordSet` resource\\.", "title": "HostedZoneName", "type": "string" }, "IpV6": { "markdownDescription": "When this property is set, AWS SAM creates a `AWS::Route53::RecordSet` resource and sets [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-type) to `AAAA` for the provided HostedZone\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpV6", "type": "boolean" }, "Region": { "$ref": "#/definitions/PassThroughProp" }, "SeparateRecordSetGroup": { "title": "Separaterecordsetgroup", "type": "boolean" }, "SetIdentifier": { "$ref": "#/definitions/PassThroughProp" } }, "title": "Route53", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_application__Properties": { "additionalProperties": false, "properties": { "Location": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/Location" } ], "markdownDescription": "Template URL, file path, or location object of a nested application\\. \nIf a template URL is provided, it must follow the format specified in the [CloudFormation TemplateUrl documentation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-templateurl) and contain a valid CloudFormation or SAM template\\. An [ApplicationLocationObject](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-application-applicationlocationobject.html) can be used to specify an application that has been published to the [AWS Serverless Application Repository](https://docs.aws.amazon.com/serverlessrepo/latest/devguide/what-is-serverlessrepo.html)\\. \nIf a local file path is provided, the template must go through the workflow that includes the `sam deploy` or `sam package` command, in order for the application to be transformed properly\\. \n*Type*: String \\| [ApplicationLocationObject](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-application-applicationlocationobject.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is similar to the [`TemplateURL`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-templateurl) property of an `AWS::CloudFormation::Stack` resource\\. The CloudFormation version does not take an [ApplicationLocationObject](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-application-applicationlocationobject.html) to retrieve an application from the AWS Serverless Application Repository\\.", "title": "Location" }, "NotificationARNs": { "items": { "type": "string" }, "markdownDescription": "A list of existing Amazon SNS topics where notifications about stack events are sent\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`NotificationARNs`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-notificationarns) property of an `AWS::CloudFormation::Stack` resource\\.", "title": "NotificationARNs", "type": "array" }, "Parameters": { "additionalProperties": true, "markdownDescription": "Application parameter values\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Parameters`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-parameters) property of an `AWS::CloudFormation::Stack` resource\\.", "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "string" } }, "title": "Parameters", "type": "object" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags to be added to this application\\. Keys and values are limited to alphanumeric characters\\. Keys can be 1 to 127 Unicode characters in length and cannot be prefixed with aws:\\. Values can be 1 to 255 Unicode characters in length\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-tags) property of an `AWS::CloudFormation::Stack` resource\\. The Tags property in SAM consists of Key:Value pairs; in CloudFormation it consists of a list of Tag objects\\. When the stack is created, SAM will automatically add a `lambda:createdBy:SAM` tag to this application\\. In addition, if this application is from the AWS Serverless Application Repository, then SAM will also automatically the two additional tags `serverlessrepo:applicationId:ApplicationId` and `serverlessrepo:semanticVersion:SemanticVersion`\\.", "title": "Tags", "type": "object" }, "TimeoutInMinutes": { "markdownDescription": "The length of time, in minutes, that AWS CloudFormation waits for the nested stack to reach the `CREATE_COMPLETE` state\\. The default is no timeout\\. When AWS CloudFormation detects that the nested stack has reached the `CREATE_COMPLETE` state, it marks the nested stack resource as `CREATE_COMPLETE` in the parent stack and resumes creating the parent stack\\. If the timeout period expires before the nested stack reaches `CREATE_COMPLETE`, AWS CloudFormation marks the nested stack as failed and rolls back both the nested stack and parent stack\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TimeoutInMinutes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-stack.html#cfn-cloudformation-stack-timeoutinminutes) property of an `AWS::CloudFormation::Stack` resource\\.", "title": "TimeoutInMinutes", "type": "number" } }, "required": [ "Location" ], "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_application__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_application__Properties" }, "Type": { "enum": [ "AWS::Serverless::Application" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_connector__Properties": { "additionalProperties": false, "properties": { "Destination": { "anyOf": [ { "$ref": "#/definitions/ResourceReference" }, { "items": { "$ref": "#/definitions/ResourceReference" }, "type": "array" } ], "markdownDescription": "The destination resource\\. \n*Type*: [ ResourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-resourcereference.html) \\| List of [ResourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-resourcereference.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Destination" }, "Permissions": { "items": { "enum": [ "Read", "Write" ], "type": "string" }, "markdownDescription": "The permission type that the source resource is allowed to perform on the destination resource\\. \n`Read` includes AWS Identity and Access Management \\(IAM\\) actions that allow reading data from the resource\\. \n`Write` inclues IAM actions that allow initiating and writing data to a resource\\. \n*Valid values*: `Read` or `Write` \n*Type*: List \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Permissions", "type": "array" }, "Source": { "allOf": [ { "$ref": "#/definitions/ResourceReference" } ], "markdownDescription": "The source resource\\. Required when using the `AWS::Serverless::Connector` syntax\\. \n*Type*: [ResourceReference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-connector-resourcereference.html) \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Source" } }, "required": [ "Source", "Destination", "Permissions" ], "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_connector__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_connector__Properties" }, "Type": { "enum": [ "AWS::Serverless::Connector" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ApiEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ApiEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Api" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ApiEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ApiEventProperties": { "additionalProperties": false, "properties": { "Auth": { "allOf": [ { "$ref": "#/definitions/ApiAuth" } ], "markdownDescription": "Auth configuration for this specific Api\\+Path\\+Method\\. \nUseful for overriding the API's `DefaultAuthorizer` setting auth config on an individual path when no `DefaultAuthorizer` is specified or overriding the default `ApiKeyRequired` setting\\. \n*Type*: [ApiFunctionAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-apifunctionauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "Method": { "markdownDescription": "HTTP method for which this function is invoked\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Method", "type": "string" }, "Path": { "markdownDescription": "Uri path for which this function is invoked\\. Must start with `/`\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Path", "type": "string" }, "RequestModel": { "allOf": [ { "$ref": "#/definitions/RequestModel" } ], "markdownDescription": "Request model to use for this specific Api\\+Path\\+Method\\. This should reference the name of a model specified in the `Models` section of an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource\\. \n*Type*: [RequestModel](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-requestmodel.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "RequestModel" }, "RequestParameters": { "items": { "anyOf": [ { "type": "string" }, { "additionalProperties": { "$ref": "#/definitions/RequestParameters" }, "type": "object" } ] }, "markdownDescription": "Request parameters configuration for this specific Api\\+Path\\+Method\\. All parameter names must start with `method.request` and must be limited to `method.request.header`, `method.request.querystring`, or `method.request.path`\\. \nA list can contain both parameter name strings and [RequestParameter](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-requestparameter.html) objects\\. For strings, the `Required` and `Caching` properties will default to `false`\\. \n*Type*: List of \\[ String \\| [RequestParameter](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-requestparameter.html) \\] \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "RequestParameters", "type": "array" }, "RestApiId": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/Ref" } ], "markdownDescription": "Identifier of a RestApi resource, which must contain an operation with the given path and method\\. Typically, this is set to reference an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource defined in this template\\. \nIf you don't define this property, AWS SAM creates a default [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource using a generated `OpenApi` document\\. That resource contains a union of all paths and methods defined by `Api` events in the same template that do not specify a `RestApiId`\\. \nThis cannot reference an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource defined in another template\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "RestApiId" }, "TimeoutInMillis": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Method", "Path" ], "title": "ApiEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__CloudWatchEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__CloudWatchEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "CloudWatchEvent" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "CloudWatchEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__CloudWatchEventProperties": { "additionalProperties": false, "properties": { "Enabled": { "markdownDescription": "Indicates whether the rule is enabled\\. \nTo disable the rule, set this property to `false`\\. \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\. If this property is set to `true` then AWS SAM passes `ENABLED`, otherwise it passes `DISABLED`\\.", "title": "Enabled", "type": "boolean" }, "EventBusName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The event bus to associate with this rule\\. If you omit this property, AWS SAM uses the default event bus\\. \n*Type*: String \n*Required*: No \n*Default*: Default event bus \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventBusName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventbusname) property of an `AWS::Events::Rule` resource\\.", "title": "EventBusName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "InputPath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "When you don't want to pass the entire matched event to the target, use the `InputPath` property to describe which part of the event to pass\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`InputPath`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-inputpath) property of an `AWS::Events::Rule Target` resource\\.", "title": "InputPath" }, "Pattern": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Describes which events are routed to the specified target\\. For more information, see [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [EventPattern](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventPattern`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) property of an `AWS::Events::Rule` resource\\.", "title": "Pattern" }, "State": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The state of the rule\\. \n*Accepted values:* `DISABLED | ENABLED` \nSpecify either the `Enabled` or `State` property, but not both\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-state) property of an `AWS::Events::Rule` resource\\.", "title": "State" } }, "title": "CloudWatchEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__DeadLetterConfig": { "additionalProperties": false, "properties": { "Arn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the Amazon SQS queue specified as the target for the dead\\-letter queue\\. \nSpecify either the `Type` property or `Arn` property, but not both\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Arn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-deadletterconfig.html#cfn-events-rule-deadletterconfig-arn) property of the `AWS::Events::Rule` `DeadLetterConfig` data type\\.", "title": "Arn" }, "QueueLogicalId": { "markdownDescription": "The custom name of the dead letter queue that AWS SAM creates if `Type` is specified\\. \nIf the `Type` property is not set, this property is ignored\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueueLogicalId", "type": "string" }, "Type": { "enum": [ "SQS" ], "markdownDescription": "The type of the queue\\. When this property is set, AWS SAM automatically creates a dead\\-letter queue and attaches necessary [resource\\-based policy](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-perms) to grant permission to rule resource to send events to the queue\\. \nSpecify either the `Type` property or `Arn` property, but not both\\.\n*Valid values*: `SQS` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "title": "DeadLetterConfig", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleEventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "EventBridgeRule" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "EventBridgeRuleEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleEventProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \nThe [AWS::Serverless::Function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html) resource type has a similar data type, `DeadLetterQueue`, which handles failures that occur after successful invocation of the target Lambda function\\. Examples of these types of failures include Lambda throttling, or errors returned by the Lambda target function\\. For more information about the function `DeadLetterQueue` property, see [AWS Lambda function dead\\-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) in the *AWS Lambda Developer Guide*\\.\n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-deadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-deadletterconfig) property of the `AWS::Events::Rule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "EventBusName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The event bus to associate with this rule\\. If you omit this property, AWS SAM uses the default event bus\\. \n*Type*: String \n*Required*: No \n*Default*: Default event bus \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventBusName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventbusname) property of an `AWS::Events::Rule` resource\\.", "title": "EventBusName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "InputPath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "When you don't want to pass the entire matched event to the target, use the `InputPath` property to describe which part of the event to pass\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`InputPath`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-inputpath) property of an `AWS::Events::Rule Target` resource\\.", "title": "InputPath" }, "InputTransformer": { "$ref": "#/definitions/PassThroughProp" }, "Pattern": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Describes which events are routed to the specified target\\. For more information, see [Amazon EventBridge events](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-events.html) and [EventBridge event patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-event-patterns.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [EventPattern](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventPattern`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) property of an `AWS::Events::Rule` resource\\.", "title": "Pattern" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "RetryPolicy" }, "RuleName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the rule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-name) property of an `AWS::Events::Rule` resource\\.", "title": "RuleName" }, "Target": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleTarget" } ], "markdownDescription": "The AWS resource that EventBridge invokes when a rule is triggered\\. You can use this property to specify the logical ID of the target\\. If this property is not specified, then AWS SAM generates the logical ID of the target\\. \n*Type*: [Target](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-target.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Targets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-targets) property of an `AWS::Events::Rule` resource\\. The AWS SAM version of this property only allows you to specify the logical ID of a single target\\.", "title": "Target" } }, "required": [ "Pattern" ], "title": "EventBridgeRuleEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleTarget": { "additionalProperties": false, "properties": { "Id": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The logical ID of the target\\. \nThe value of `Id` can include alphanumeric characters, periods \\(`.`\\), hyphens \\(`-`\\), and underscores \\(`_`\\)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Id`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-id) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "Id" } }, "required": [ "Id" ], "title": "EventBridgeRuleTarget", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__Globals": { "additionalProperties": false, "properties": { "Architectures": { "items": { "type": "string" }, "markdownDescription": "The instruction set architecture for the function\\. \nFor more information about this property, see [Lambda instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: One of `x86_64` or `arm64` \n*Type*: List \n*Required*: No \n*Default*: `x86_64` \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Architectures`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-architectures) property of an `AWS::Lambda::Function` resource\\.", "title": "Architectures", "type": "array" }, "AssumeRolePolicyDocument": { "markdownDescription": "Adds an AssumeRolePolicyDocument for the default created `Role` for this function\\. If this property isn't specified, AWS SAM adds a default assume role for this function\\. \n*Type*: JSON \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`AssumeRolePolicyDocument`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument) property of an `AWS::IAM::Role` resource\\. AWS SAM adds this property to the generated IAM role for this function\\. If a role's Amazon Resource Name \\(ARN\\) is provided for this function, this property does nothing\\.", "title": "AssumeRolePolicyDocument", "type": "object" }, "AutoPublishAlias": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The name of the Lambda alias\\. For more information about Lambda aliases, see [Lambda function aliases](https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html) in the *AWS Lambda Developer Guide*\\. For examples that use this property, see [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\. \nAWS SAM generates [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html) and [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html) resources when this property is set\\. For information about this scenario, see [AutoPublishAlias property is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-function.html#sam-specification-generated-resources-function-autopublishalias)\\. For general information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AutoPublishAlias" }, "CodeUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/CodeUri" } ], "markdownDescription": "The code for the function\\. Accepted values include: \n+ The function's Amazon S3 URI\\. For example, `s3://bucket-123456789/sam-app/1234567890abcdefg`\\.\n+ The local path to the function\\. For example, `hello_world/`\\.\n+ A [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) object\\.\nIf you provide a function's Amazon S3 URI or [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) object, you must reference a valid [Lambda deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html)\\. \nIf you provide a local file path, use the AWS SAM\u00a0CLI to upload the local file at deployment\\. To learn more, see [Using the AWS SAM\u00a0CLI to upload local files at deployment](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/deploy-upload-local-files.html)\\. \n*Type*: \\[ String \\| [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) \\] \n*Required*: Conditional\\. When `PackageType` is set to `Zip`, one of `CodeUri` or `InlineCode` is required\\. \n*AWS CloudFormation compatibility*: This property is similar to the `[ Code](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-code)` property of an `AWS::Lambda::Function` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "CodeUri" }, "DeadLetterQueue": { "anyOf": [ { "type": "object" }, { "$ref": "#/definitions/DeadLetterQueue" } ], "markdownDescription": "Configures an Amazon Simple Notification Service \\(Amazon SNS\\) topic or Amazon Simple Queue Service \\(Amazon SQS\\) queue where Lambda sends events that it can't process\\. For more information about dead\\-letter queue functionality, see [AWS Lambda function dead letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) in the *AWS Lambda Developer Guide*\\. \nIf your Lambda function's event source is an Amazon SQS queue, configure a dead\\-letter queue for the source queue, not for the Lambda function\\. The dead\\-letter queue that you configure for a function is used for the function's [asynchronous invocation queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html), not for event source queues\\.\n*Type*: Map \\| [DeadLetterQueue](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-deadletterqueue.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-deadletterconfig.html) property of an `AWS::Lambda::Function` resource\\. In AWS CloudFormation the type is derived from the `TargetArn`, whereas in AWS SAM you must pass the type along with the `TargetArn`\\.", "title": "DeadLetterQueue" }, "DeploymentPreference": { "allOf": [ { "$ref": "#/definitions/DeploymentPreference" } ], "markdownDescription": "The settings to enable gradual Lambda deployments\\. \nIf a `DeploymentPreference` object is specified, AWS SAM creates an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-application.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-application.html) called `ServerlessDeploymentApplication` \\(one per stack\\), an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-deploymentgroup.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-deploymentgroup.html) called `DeploymentGroup`, and an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html) called `CodeDeployServiceRole`\\. \n*Type*: [DeploymentPreference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-deploymentpreference.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*See also*: For more information about this property, see [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\.", "title": "DeploymentPreference" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the function\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-description) property of an `AWS::Lambda::Function` resource\\.", "title": "Description" }, "Environment": { "$ref": "#/definitions/AWS::Lambda::Function.Environment", "markdownDescription": "The configuration for the runtime environment\\. \n*Type*: [Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html) property of an `AWS::Lambda::Function` resource\\.", "title": "Environment" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", "markdownDescription": "An object that specifies the disk space, in MB, available to your Lambda function in `/tmp`\\. \nFor more information about this property, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [EphemeralStorage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-ephemeralstorage) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EphemeralStorage`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-ephemeralstorage) property of an `AWS::Lambda::Function` resource\\.", "title": "EphemeralStorage" }, "EventInvokeConfig": { "allOf": [ { "$ref": "#/definitions/EventInvokeConfig" } ], "markdownDescription": "The object that describes event invoke configuration on a Lambda function\\. \n*Type*: [EventInvokeConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventinvokeconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EventInvokeConfig" }, "Handler": { "markdownDescription": "The function within your code that is called to begin execution\\. This property is only required if the `PackageType` property is set to `Zip`\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Handler`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-handler) property of an `AWS::Lambda::Function` resource\\.", "title": "Handler", "type": "string" }, "KmsKeyArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of an AWS Key Management Service \\(AWS KMS\\) key that Lambda uses to encrypt and decrypt your function's environment variables\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`KmsKeyArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-kmskeyarn) property of an `AWS::Lambda::Function` resource\\.", "title": "KmsKeyArn" }, "Layers": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The list of `LayerVersion` ARNs that this function should use\\. The order specified here is the order in which they will be imported when running the Lambda function\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Layers`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-layers) property of an `AWS::Lambda::Function` resource\\.", "title": "Layers" }, "LoggingConfig": { "$ref": "#/definitions/PassThroughProp" }, "MemorySize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The size of the memory in MB allocated per invocation of the function\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MemorySize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-memorysize) property of an `AWS::Lambda::Function` resource\\.", "title": "MemorySize" }, "PermissionsBoundary": { "markdownDescription": "The ARN of a permissions boundary to use for this function's execution role\\. This property works only if the role is generated for you\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PermissionsBoundary`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary) property of an `AWS::IAM::Role` resource\\.", "title": "PermissionsBoundary", "type": "string" }, "PropagateTags": { "markdownDescription": "Indicate whether or not to pass tags from the `Tags` property to your [AWS::Serverless::Function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-function.html) generated resources\\. Specify `True` to propagate tags in your generated resources\\. \n*Type*: Boolean \n*Required*: No \n*Default*: `False` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PropagateTags", "type": "boolean" }, "ProvisionedConcurrencyConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The provisioned concurrency configuration of a function's alias\\. \n`ProvisionedConcurrencyConfig` can be specified only if the `AutoPublishAlias` is set\\. Otherwise, an error results\\.\n*Type*: [ProvisionedConcurrencyConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-provisionedconcurrencyconfig) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ProvisionedConcurrencyConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-provisionedconcurrencyconfig) property of an `AWS::Lambda::Alias` resource\\.", "title": "ProvisionedConcurrencyConfig" }, "RecursiveLoop": { "$ref": "#/definitions/PassThroughProp" }, "ReservedConcurrentExecutions": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of concurrent executions that you want to reserve for the function\\. \nFor more information about this property, see [Lambda Function Scaling](https://docs.aws.amazon.com/lambda/latest/dg/scaling.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ReservedConcurrentExecutions`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-reservedconcurrentexecutions) property of an `AWS::Lambda::Function` resource\\.", "title": "ReservedConcurrentExecutions" }, "RolePath": { "markdownDescription": "The path to the function's IAM execution role\\. \nUse this property when the role is generated for you\\. Do not use when the role is specified with the `Role` property\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Path`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-path) property of an `AWS::IAM::Role` resource\\.", "title": "RolePath", "type": "string" }, "Runtime": { "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)\\. This property is only required if the `PackageType` property is set to `Zip`\\. \nIf you specify the `provided` identifier for this property, you can use the `Metadata` resource attribute to instruct AWS SAM to build the custom runtime that this function requires\\. For more information about building custom runtimes, see [Building custom runtimes](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/building-custom-runtimes.html)\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Runtime`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-runtime) property of an `AWS::Lambda::Function` resource\\.", "title": "Runtime", "type": "string" }, "RuntimeManagementConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configure runtime management options for your Lambda functions such as runtime environment updates, rollback behavior, and selecting a specific runtime version\\. To learn more, see [Lambda runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [RuntimeManagementConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ RuntimeManagementConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html)` property of an `AWS::Lambda::Function` resource\\.", "title": "RuntimeManagementConfig" }, "SnapStart": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Create a snapshot of any new Lambda function version\\. A snapshot is a cached state of your initialized function, including all of its dependencies\\. The function is initialized just once and the cached state is reused for all future invocations, improving application performance by reducing the number of times your function must be initialized\\. To learn more, see [Improving startup performance with Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [SnapStart](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SnapStart`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html) property of an `AWS::Lambda::Function` resource\\.", "title": "SnapStart" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags added to this function\\. For details about valid keys and values for tags, see [Tag Key and Value Requirements](https://docs.aws.amazon.com/lambda/latest/dg/configuration-tags.html#configuration-tags-restrictions) in the *AWS Lambda Developer Guide*\\. \nWhen the stack is created, AWS SAM automatically adds a `lambda:createdBy:SAM` tag to this Lambda function, and to the default roles that are generated for this function\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tags) property of an `AWS::Lambda::Function` resource\\. The `Tags` property in AWS SAM consists of key\\-value pairs \\(whereas in AWS CloudFormation this property consists of a list of `Tag` objects\\)\\. Also, AWS SAM automatically adds a `lambda:createdBy:SAM` tag to this Lambda function, and to the default roles that are generated for this function\\.", "title": "Tags", "type": "object" }, "Timeout": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum time in seconds that the function can run before it is stopped\\. \n*Type*: Integer \n*Required*: No \n*Default*: 3 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Timeout`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-timeout) property of an `AWS::Lambda::Function` resource\\.", "title": "Timeout" }, "Tracing": { "anyOf": [ { "type": "object" }, { "enum": [ "Active", "PassThrough", "Disabled" ], "type": "string" } ], "markdownDescription": "The string that specifies the function's X\\-Ray tracing mode\\. \n+ `Active` \u2013 Activates X\\-Ray tracing for the function\\.\n+ `Disabled` \u2013 Deactivates X\\-Ray for the function\\.\n+ `PassThrough` \u2013 Activates X\\-Ray tracing for the function\\. Sampling decision is delegated to the downstream services\\.\nIf specified as `Active` or `PassThrough` and the `Role` property is not set, AWS SAM adds the `arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess` policy to the Lambda execution role that it creates for you\\. \nFor more information about X\\-Ray, see [Using AWS Lambda with AWS X\\-Ray](https://docs.aws.amazon.com/lambda/latest/dg/lambda-x-ray.html) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: \\[`Active`\\|`Disabled`\\|`PassThrough`\\] \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`TracingConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tracingconfig) property of an `AWS::Lambda::Function` resource\\.", "title": "Tracing" }, "VpcConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The configuration that enables this function to access private resources within your virtual private cloud \\(VPC\\)\\. \n*Type*: [VpcConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`VpcConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html) property of an `AWS::Lambda::Function` resource\\.", "title": "VpcConfig" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__Properties": { "additionalProperties": false, "properties": { "Architectures": { "items": { "type": "string" }, "markdownDescription": "The instruction set architecture for the function\\. \nFor more information about this property, see [Lambda instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: One of `x86_64` or `arm64` \n*Type*: List \n*Required*: No \n*Default*: `x86_64` \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Architectures`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-architectures) property of an `AWS::Lambda::Function` resource\\.", "title": "Architectures", "type": "array" }, "AssumeRolePolicyDocument": { "markdownDescription": "Adds an AssumeRolePolicyDocument for the default created `Role` for this function\\. If this property isn't specified, AWS SAM adds a default assume role for this function\\. \n*Type*: JSON \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`AssumeRolePolicyDocument`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-assumerolepolicydocument) property of an `AWS::IAM::Role` resource\\. AWS SAM adds this property to the generated IAM role for this function\\. If a role's Amazon Resource Name \\(ARN\\) is provided for this function, this property does nothing\\.", "title": "AssumeRolePolicyDocument", "type": "object" }, "AutoPublishAlias": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The name of the Lambda alias\\. For more information about Lambda aliases, see [Lambda function aliases](https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html) in the *AWS Lambda Developer Guide*\\. For examples that use this property, see [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\. \nAWS SAM generates [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html) and [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html) resources when this property is set\\. For information about this scenario, see [AutoPublishAlias property is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-function.html#sam-specification-generated-resources-function-autopublishalias)\\. For general information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AutoPublishAlias" }, "AutoPublishAliasAllProperties": { "markdownDescription": "Specifies when a new [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html) is created\\. When `true`, a new Lambda version is created when any property in the Lambda function is modified\\. When `false`, a new Lambda version is created only when any of the following properties are modified: \n+ `Environment`, `MemorySize`, or `SnapStart`\\.\n+ Any change that results in an update to the `Code` property, such as `CodeDict`, `ImageUri`, or `InlineCode`\\.\nThis property requires `AutoPublishAlias` to be defined\\. \nIf `AutoPublishSha256` is also specified, its behavior takes precedence over `AutoPublishAliasAllProperties: true`\\. \n*Type*: Boolean \n*Required*: No \n*Default value*: `false` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AutoPublishAliasAllProperties", "type": "boolean" }, "AutoPublishCodeSha256": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The string value that is used, along with the value in `CodeUri`, to determine whether a new Lambda version should be published\\. This property is only used when `AutoPublishAlias` is also defined\\. \nThis property addresses a problem that occurs when an AWS SAM template has the following characteristics: the `DeploymentPreference` object is configured for gradual deployments \\(as described in [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\), the `AutoPublishAlias` property is set and doesn't change between deployments, and the `CodeUri` property is set and doesn't change between deployments\\. \nThis scenario can occur when the deployment package stored in an Amazon Simple Storage Service \\(Amazon S3\\) location is replaced by a new deployment package that contains updated Lambda function code, but the `CodeUri` property remains unchanged \\(as opposed to the new deployment package being uploaded to a new Amazon S3 location and the `CodeUri` being changed to the new location\\)\\. \nIn this scenario, to trigger the gradual deployment successfully, you must provide a unique value for `AutoPublishCodeSha256`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AutoPublishCodeSha256" }, "CodeSigningConfigArn": { "markdownDescription": "The ARN of the [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html) resource, used to enable code signing for this function\\. For more information about code signing, see [Configuring code signing for AWS SAM applications](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/authoring-codesigning.html)\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CodeSigningConfigArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-codesigningconfigarn) property of an `AWS::Lambda::Function` resource\\.", "title": "CodeSigningConfigArn", "type": "string" }, "CodeUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/CodeUri" } ], "markdownDescription": "The code for the function\\. Accepted values include: \n+ The function's Amazon S3 URI\\. For example, `s3://bucket-123456789/sam-app/1234567890abcdefg`\\.\n+ The local path to the function\\. For example, `hello_world/`\\.\n+ A [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) object\\.\nIf you provide a function's Amazon S3 URI or [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) object, you must reference a valid [Lambda deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html)\\. \nIf you provide a local file path, use the AWS SAM\u00a0CLI to upload the local file at deployment\\. To learn more, see [Using the AWS SAM\u00a0CLI to upload local files at deployment](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/deploy-upload-local-files.html)\\. \n*Type*: \\[ String \\| [FunctionCode](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functioncode.html) \\] \n*Required*: Conditional\\. When `PackageType` is set to `Zip`, one of `CodeUri` or `InlineCode` is required\\. \n*AWS CloudFormation compatibility*: This property is similar to the `[ Code](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-code)` property of an `AWS::Lambda::Function` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "CodeUri" }, "DeadLetterQueue": { "anyOf": [ { "type": "object" }, { "$ref": "#/definitions/DeadLetterQueue" } ], "markdownDescription": "Configures an Amazon Simple Notification Service \\(Amazon SNS\\) topic or Amazon Simple Queue Service \\(Amazon SQS\\) queue where Lambda sends events that it can't process\\. For more information about dead\\-letter queue functionality, see [AWS Lambda function dead letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) in the *AWS Lambda Developer Guide*\\. \nIf your Lambda function's event source is an Amazon SQS queue, configure a dead\\-letter queue for the source queue, not for the Lambda function\\. The dead\\-letter queue that you configure for a function is used for the function's [asynchronous invocation queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html), not for event source queues\\.\n*Type*: Map \\| [DeadLetterQueue](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-deadletterqueue.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-deadletterconfig.html) property of an `AWS::Lambda::Function` resource\\. In AWS CloudFormation the type is derived from the `TargetArn`, whereas in AWS SAM you must pass the type along with the `TargetArn`\\.", "title": "DeadLetterQueue" }, "DeploymentPreference": { "allOf": [ { "$ref": "#/definitions/DeploymentPreference" } ], "markdownDescription": "The settings to enable gradual Lambda deployments\\. \nIf a `DeploymentPreference` object is specified, AWS SAM creates an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-application.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-application.html) called `ServerlessDeploymentApplication` \\(one per stack\\), an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-deploymentgroup.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codedeploy-deploymentgroup.html) called `DeploymentGroup`, and an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html) called `CodeDeployServiceRole`\\. \n*Type*: [DeploymentPreference](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-deploymentpreference.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*See also*: For more information about this property, see [Deploying serverless applications gradually](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/automating-updates-to-serverless-apps.html)\\.", "title": "DeploymentPreference" }, "Description": { "markdownDescription": "A description of the function\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-description) property of an `AWS::Lambda::Function` resource\\.", "title": "Description", "type": "string" }, "Environment": { "$ref": "#/definitions/AWS::Lambda::Function.Environment", "markdownDescription": "The configuration for the runtime environment\\. \n*Type*: [Environment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Environment`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html) property of an `AWS::Lambda::Function` resource\\.", "title": "Environment" }, "EphemeralStorage": { "$ref": "#/definitions/AWS::Lambda::Function.EphemeralStorage", "markdownDescription": "An object that specifies the disk space, in MB, available to your Lambda function in `/tmp`\\. \nFor more information about this property, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [EphemeralStorage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-ephemeralstorage) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EphemeralStorage`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-ephemeralstorage) property of an `AWS::Lambda::Function` resource\\.", "title": "EphemeralStorage" }, "EventInvokeConfig": { "allOf": [ { "$ref": "#/definitions/EventInvokeConfig" } ], "markdownDescription": "The object that describes event invoke configuration on a Lambda function\\. \n*Type*: [EventInvokeConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventinvokeconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EventInvokeConfig" }, "Events": { "additionalProperties": { "anyOf": [ { "$ref": "#/definitions/S3Event" }, { "$ref": "#/definitions/SNSEvent" }, { "$ref": "#/definitions/KinesisEvent" }, { "$ref": "#/definitions/DynamoDBEvent" }, { "$ref": "#/definitions/DocumentDBEvent" }, { "$ref": "#/definitions/SQSEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ApiEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ScheduleEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ScheduleV2Event" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__CloudWatchEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__EventBridgeRuleEvent" }, { "$ref": "#/definitions/CloudWatchLogsEvent" }, { "$ref": "#/definitions/IoTRuleEvent" }, { "$ref": "#/definitions/AlexaSkillEvent" }, { "$ref": "#/definitions/CognitoEvent" }, { "$ref": "#/definitions/HttpApiEvent" }, { "$ref": "#/definitions/MSKEvent" }, { "$ref": "#/definitions/MQEvent" }, { "$ref": "#/definitions/SelfManagedKafkaEvent" } ] }, "markdownDescription": "Specifies the events that trigger this function\\. Events consist of a type and a set of properties that depend on the type\\. \n*Type*: [EventSource](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventsource.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Events", "type": "object" }, "FileSystemConfigs": { "items": { "$ref": "#/definitions/AWS::Lambda::Function.FileSystemConfig" }, "markdownDescription": "List of [FileSystemConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-filesystemconfig.html) objects that specify the connection settings for an Amazon Elastic File System \\(Amazon EFS\\) file system\\. \nIf your template contains an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a `DependsOn` resource attribute to ensure that the mount target is created or updated before the function\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FileSystemConfigs`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-filesystemconfigs) property of an `AWS::Lambda::Function` resource\\.", "title": "FileSystemConfigs", "type": "array" }, "FunctionName": { "markdownDescription": "A name for the function\\. If you don't specify a name, a unique name is generated for you\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FunctionName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-functionname) property of an `AWS::Lambda::Function` resource\\.", "title": "FunctionName", "type": "string" }, "FunctionUrlConfig": { "allOf": [ { "$ref": "#/definitions/FunctionUrlConfig" } ], "markdownDescription": "The object that describes a function URL\\. A function URL is an HTTPS endpoint that you can use to invoke your function\\. \nFor more information, see [Function URLs](https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [FunctionUrlConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-functionurlconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "FunctionUrlConfig" }, "Handler": { "markdownDescription": "The function within your code that is called to begin execution\\. This property is only required if the `PackageType` property is set to `Zip`\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Handler`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-handler) property of an `AWS::Lambda::Function` resource\\.", "title": "Handler", "type": "string" }, "ImageConfig": { "$ref": "#/definitions/AWS::Lambda::Function.ImageConfig", "markdownDescription": "The object used to configure Lambda container image settings\\. For more information, see [Using container images with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [ImageConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-imageconfig) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ImageConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-imageconfig) property of an `AWS::Lambda::Function` resource\\.", "title": "ImageConfig" }, "ImageUri": { "markdownDescription": "The URI of the Amazon Elastic Container Registry \\(Amazon ECR\\) repository for the Lambda function's container image\\. This property only applies if the `PackageType` property is set to `Image`, otherwise it is ignored\\. For more information, see [Using container images with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the *AWS Lambda Developer Guide*\\. \nIf the `PackageType` property is set to `Image`, then either `ImageUri` is required, or you must build your application with necessary `Metadata` entries in the AWS SAM template file\\. For more information, see [Building applications](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-build.html)\\.\nBuilding your application with necessary `Metadata` entries takes precedence over `ImageUri`, so if you specify both then `ImageUri` is ignored\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ImageUri`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri) property of the `AWS::Lambda::Function` `Code` data type\\.", "title": "ImageUri", "type": "string" }, "InlineCode": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Lambda function code that is written directly in the template\\. This property only applies if the `PackageType` property is set to `Zip`, otherwise it is ignored\\. \nIf the `PackageType` property is set to `Zip` \\(default\\), then one of `CodeUri` or `InlineCode` is required\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ZipFile`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile) property of the `AWS::Lambda::Function` `Code` data type\\.", "title": "InlineCode" }, "KmsKeyArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of an AWS Key Management Service \\(AWS KMS\\) key that Lambda uses to encrypt and decrypt your function's environment variables\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`KmsKeyArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-kmskeyarn) property of an `AWS::Lambda::Function` resource\\.", "title": "KmsKeyArn" }, "Layers": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The list of `LayerVersion` ARNs that this function should use\\. The order specified here is the order in which they will be imported when running the Lambda function\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Layers`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-layers) property of an `AWS::Lambda::Function` resource\\.", "title": "Layers" }, "LoggingConfig": { "$ref": "#/definitions/PassThroughProp" }, "MemorySize": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The size of the memory in MB allocated per invocation of the function\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MemorySize`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-memorysize) property of an `AWS::Lambda::Function` resource\\.", "title": "MemorySize" }, "PackageType": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The deployment package type of the Lambda function\\. For more information, see [Lambda deployment packages](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) in the *AWS Lambda Developer Guide*\\. \n**Notes**: \n1\\. If this property is set to `Zip` \\(default\\), then either `CodeUri` or `InlineCode` applies, and `ImageUri` is ignored\\. \n2\\. If this property is set to `Image`, then only `ImageUri` applies, and both `CodeUri` and `InlineCode` are ignored\\. The Amazon ECR repository required to store the function's container image can be auto created by the AWS SAM\u00a0CLI\\. For more information, see [sam deploy](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-deploy.html)\\. \n*Valid values*: `Zip` or `Image` \n*Type*: String \n*Required*: No \n*Default*: `Zip` \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PackageType`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-packagetype) property of an `AWS::Lambda::Function` resource\\.", "title": "PackageType" }, "PermissionsBoundary": { "markdownDescription": "The ARN of a permissions boundary to use for this function's execution role\\. This property works only if the role is generated for you\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PermissionsBoundary`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary) property of an `AWS::IAM::Role` resource\\.", "title": "PermissionsBoundary", "type": "string" }, "Policies": { "anyOf": [ { "type": "string" }, { "type": "object" }, { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "type": "array" } ], "markdownDescription": "Permission policies for this function\\. Policies will be appended to the function's default AWS Identity and Access Management \\(IAM\\) execution role\\. \nThis property accepts a single value or list of values\\. Allowed values include: \n+ [AWS SAM policy templates](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html)\\.\n+ The ARN of an [AWS managed policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) or [ customer managed policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#customer-managed-policies)\\.\n+ The name of an AWS managed policy from the following [ list](https://github.com/aws/serverless-application-model/blob/develop/samtranslator/internal/data/aws_managed_policies.json)\\.\n+ An [ inline IAM policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#inline-policies) formatted in YAML as a map\\.\nIf you set the `Role` property, this property is ignored\\.\n*Type*: String \\| List \\| Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Policies`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-policies) property of an `AWS::IAM::Role` resource\\.", "title": "Policies" }, "PropagateTags": { "markdownDescription": "Indicate whether or not to pass tags from the `Tags` property to your [AWS::Serverless::Function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-function.html) generated resources\\. Specify `True` to propagate tags in your generated resources\\. \n*Type*: Boolean \n*Required*: No \n*Default*: `False` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PropagateTags", "type": "boolean" }, "ProvisionedConcurrencyConfig": { "$ref": "#/definitions/AWS::Lambda::Alias.ProvisionedConcurrencyConfiguration", "markdownDescription": "The provisioned concurrency configuration of a function's alias\\. \n`ProvisionedConcurrencyConfig` can be specified only if the `AutoPublishAlias` is set\\. Otherwise, an error results\\.\n*Type*: [ProvisionedConcurrencyConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-provisionedconcurrencyconfig) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ProvisionedConcurrencyConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-provisionedconcurrencyconfig) property of an `AWS::Lambda::Alias` resource\\.", "title": "ProvisionedConcurrencyConfig" }, "RecursiveLoop": { "$ref": "#/definitions/PassThroughProp" }, "ReservedConcurrentExecutions": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum number of concurrent executions that you want to reserve for the function\\. \nFor more information about this property, see [Lambda Function Scaling](https://docs.aws.amazon.com/lambda/latest/dg/scaling.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: Integer \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ReservedConcurrentExecutions`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-reservedconcurrentexecutions) property of an `AWS::Lambda::Function` resource\\.", "title": "ReservedConcurrentExecutions" }, "Role": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The ARN of an IAM role to use as this function's execution role\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Role`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-role) property of an `AWS::Lambda::Function` resource\\. This is required in AWS CloudFormation but not in AWS SAM\\. If a role isn't specified, one is created for you with a logical ID of `Role`\\.", "title": "Role" }, "RolePath": { "markdownDescription": "The path to the function's IAM execution role\\. \nUse this property when the role is generated for you\\. Do not use when the role is specified with the `Role` property\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Path`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-path) property of an `AWS::IAM::Role` resource\\.", "title": "RolePath", "type": "string" }, "Runtime": { "markdownDescription": "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)\\. This property is only required if the `PackageType` property is set to `Zip`\\. \nIf you specify the `provided` identifier for this property, you can use the `Metadata` resource attribute to instruct AWS SAM to build the custom runtime that this function requires\\. For more information about building custom runtimes, see [Building custom runtimes](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/building-custom-runtimes.html)\\.\n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Runtime`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-runtime) property of an `AWS::Lambda::Function` resource\\.", "title": "Runtime", "type": "string" }, "RuntimeManagementConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configure runtime management options for your Lambda functions such as runtime environment updates, rollback behavior, and selecting a specific runtime version\\. To learn more, see [Lambda runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [RuntimeManagementConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ RuntimeManagementConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html)` property of an `AWS::Lambda::Function` resource\\.", "title": "RuntimeManagementConfig" }, "SnapStart": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Create a snapshot of any new Lambda function version\\. A snapshot is a cached state of your initialized function, including all of its dependencies\\. The function is initialized just once and the cached state is reused for all future invocations, improving application performance by reducing the number of times your function must be initialized\\. To learn more, see [Improving startup performance with Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) in the *AWS Lambda Developer Guide*\\. \n*Type*: [SnapStart](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SnapStart`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html) property of an `AWS::Lambda::Function` resource\\.", "title": "SnapStart" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags added to this function\\. For details about valid keys and values for tags, see [Tag Key and Value Requirements](https://docs.aws.amazon.com/lambda/latest/dg/configuration-tags.html#configuration-tags-restrictions) in the *AWS Lambda Developer Guide*\\. \nWhen the stack is created, AWS SAM automatically adds a `lambda:createdBy:SAM` tag to this Lambda function, and to the default roles that are generated for this function\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tags) property of an `AWS::Lambda::Function` resource\\. The `Tags` property in AWS SAM consists of key\\-value pairs \\(whereas in AWS CloudFormation this property consists of a list of `Tag` objects\\)\\. Also, AWS SAM automatically adds a `lambda:createdBy:SAM` tag to this Lambda function, and to the default roles that are generated for this function\\.", "title": "Tags", "type": "object" }, "Timeout": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The maximum time in seconds that the function can run before it is stopped\\. \n*Type*: Integer \n*Required*: No \n*Default*: 3 \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Timeout`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-timeout) property of an `AWS::Lambda::Function` resource\\.", "title": "Timeout" }, "Tracing": { "anyOf": [ { "type": "object" }, { "enum": [ "Active", "PassThrough", "Disabled" ], "type": "string" } ], "markdownDescription": "The string that specifies the function's X\\-Ray tracing mode\\. \n+ `Active` \u2013 Activates X\\-Ray tracing for the function\\.\n+ `Disabled` \u2013 Deactivates X\\-Ray for the function\\.\n+ `PassThrough` \u2013 Activates X\\-Ray tracing for the function\\. Sampling decision is delegated to the downstream services\\.\nIf specified as `Active` or `PassThrough` and the `Role` property is not set, AWS SAM adds the `arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess` policy to the Lambda execution role that it creates for you\\. \nFor more information about X\\-Ray, see [Using AWS Lambda with AWS X\\-Ray](https://docs.aws.amazon.com/lambda/latest/dg/lambda-x-ray.html) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: \\[`Active`\\|`Disabled`\\|`PassThrough`\\] \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`TracingConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tracingconfig) property of an `AWS::Lambda::Function` resource\\.", "title": "Tracing" }, "VersionDescription": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Specifies the `Description` field that is added on the new Lambda version resource\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-description) property of an `AWS::Lambda::Version` resource\\.", "title": "VersionDescription" }, "VpcConfig": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The configuration that enables this function to access private resources within your virtual private cloud \\(VPC\\)\\. \n*Type*: [VpcConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`VpcConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html) property of an `AWS::Lambda::Function` resource\\.", "title": "VpcConfig" } }, "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__Properties" }, "Type": { "enum": [ "AWS::Serverless::Function" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ResourcePolicy": { "additionalProperties": false, "properties": { "AwsAccountBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to block\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountBlacklist", "type": "array" }, "AwsAccountWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to allow\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountWhitelist", "type": "array" }, "CustomStatements": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "A list of custom resource policy statements to apply to this API\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CustomStatements", "type": "array" }, "IntrinsicVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of virtual private clouds \\(VPCs\\) to block, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcBlacklist", "type": "array" }, "IntrinsicVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPCs to allow, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcWhitelist", "type": "array" }, "IntrinsicVpceBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to block, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceBlacklist", "type": "array" }, "IntrinsicVpceWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to allow, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceWhitelist", "type": "array" }, "IpRangeBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to block\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeBlacklist", "type": "array" }, "IpRangeWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to allow\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeWhitelist", "type": "array" }, "SourceVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to block\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcBlacklist", "type": "array" }, "SourceVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to allow\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcWhitelist", "type": "array" } }, "title": "ResourcePolicy", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ScheduleEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/EventsScheduleProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Schedule" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ScheduleEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ScheduleV2Event": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__ScheduleV2EventProperties" } ], "markdownDescription": "Object describing properties of this event mapping\\. The set of properties must conform to the defined Type\\. \n*Type*: [AlexaSkill](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-alexaskill.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-api.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchevent.html) \\| [CloudWatchLogs](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cloudwatchlogs.html) \\| [Cognito](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-cognito.html) \\| [DocumentDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-documentdb.html) \\| [DynamoDB](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-dynamodb.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-eventbridgerule.html) \\| [HttpApi](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-httpapi.html) \\| [IoTRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-iotrule.html) \\| [Kinesis](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-kinesis.html) \\| [MQ](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-mq.html) \\| [MSK](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-msk.html) \\| [S3](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-s3.html) \\| [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-schedulev2.html) \\| [SelfManagedKafka](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-selfmanagedkafka.html) \\| [SNS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sns.html) \\| [SQS](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-sqs.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "ScheduleV2" ], "markdownDescription": "The event type\\. \n*Valid values*: `AlexaSkill`, `Api`, `CloudWatchEvent`, `CloudWatchLogs`, `Cognito`, `DocumentDB`, `DynamoDB`, `EventBridgeRule`, `HttpApi`, `IoTRule`, `Kinesis`, `MQ`, `MSK`, `S3`, `Schedule`, `ScheduleV2`, `SelfManagedKafka`, `SNS`, `SQS` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ScheduleV2Event", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_function__ScheduleV2EventProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Configuring a dead\\-letter queue for EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/configuring-schedule-dlq.html) in the *EventBridge Scheduler User Guide*\\. \nThe [AWS::Serverless::Function](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-function.html) resource type has a similar data type, `DeadLetterQueue`, which handles failures that occur after successful invocation of the target Lambda function\\. Examples of these types of failures include Lambda throttling, or errors returned by the Lambda target function\\. For more information about the function `DeadLetterQueue` property, see [AWS Lambda function dead\\-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) in the *AWS Lambda Developer Guide*\\.\n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-function-scheduledeadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-deadletterconfig) property of the `AWS::Scheduler::Schedule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the schedule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-description) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "Description" }, "EndDate": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The date, in UTC, before which the schedule can invoke its target\\. Depending on the schedule's recurrence expression, invocations might stop on, or before, the EndDate you specify\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EndDate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-enddate) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "EndDate" }, "FlexibleTimeWindow": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Allows configuration of a window within which a schedule can be invoked\\. \n*Type*: [FlexibleTimeWindow](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-flexibletimewindow) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FlexibleTimeWindow`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-flexibletimewindow) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "FlexibleTimeWindow" }, "GroupName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the schedule group to associate with this schedule\\. If not defined, the default group is used\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`GroupName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-groupname) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "GroupName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-input) property of an `AWS::Scheduler::Schedule Target` resource\\.", "title": "Input" }, "KmsKeyArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN for a KMS Key that will be used to encrypt customer data\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`KmsKeyArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-kmskeyarn) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "KmsKeyArn" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the schedule\\. If you don't specify a name, AWS SAM generates a name in the format `Function-Logical-IDEvent-Source-Name` and uses that ID for the schedule name\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-name) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "Name" }, "OmitName": { "title": "Omitname", "type": "boolean" }, "PermissionsBoundary": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role\\. \nIf `PermissionsBoundary` is defined, AWS SAM will apply the same boundaries to the scheduler schedule's target IAM role\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PermissionsBoundary`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary) property of an `AWS::IAM::Role` resource\\.", "title": "PermissionsBoundary" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A RetryPolicy object that includes information about the retry policy settings\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-retrypolicy) property of the `AWS::Scheduler::Schedule` `Target` data type\\.", "title": "RetryPolicy" }, "RoleArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the IAM role that EventBridge Scheduler will use for the target when the schedule is invoked\\. \n*Type*: [RoleArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-rolearn) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RoleArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-rolearn) property of the `AWS::Scheduler::Schedule` `Target` data type\\.", "title": "RoleArn" }, "ScheduleExpression": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The scheduling expression that determines when and how often the scheduler schedule event runs\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpression`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-scheduleexpression) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "ScheduleExpression" }, "ScheduleExpressionTimezone": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The timezone in which the scheduling expression is evaluated\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpressionTimezone`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-scheduleexpressiontimezone) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "ScheduleExpressionTimezone" }, "StartDate": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The date, in UTC, after which the schedule can begin invoking a target\\. Depending on the schedule's recurrence expression, invocations might occur on, or after, the StartDate you specify\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartDate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-startdate) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "StartDate" }, "State": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The state of the Scheduler schedule\\. \n*Accepted values:* `DISABLED | ENABLED` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-state) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "State" } }, "title": "ScheduleV2EventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_graphqlapi__Auth": { "additionalProperties": false, "properties": { "Additional": { "items": { "$ref": "#/definitions/Authorizer" }, "title": "Additional", "type": "array" }, "LambdaAuthorizer": { "$ref": "#/definitions/LambdaAuthorizerConfig" }, "OpenIDConnect": { "$ref": "#/definitions/OpenIDConnectConfig" }, "Type": { "enum": [ "AWS_IAM", "API_KEY", "AWS_LAMBDA", "OPENID_CONNECT", "AMAZON_COGNITO_USER_POOLS" ], "title": "Type", "type": "string" }, "UserPool": { "$ref": "#/definitions/UserPoolConfig" } }, "required": [ "Type" ], "title": "Auth", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_graphqlapi__Properties": { "additionalProperties": false, "properties": { "ApiKeys": { "additionalProperties": { "$ref": "#/definitions/ApiKey" }, "title": "Apikeys", "type": "object" }, "Auth": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_graphqlapi__Auth" }, "Cache": { "$ref": "#/definitions/Cache" }, "DataSources": { "$ref": "#/definitions/DataSources" }, "DomainName": { "$ref": "#/definitions/DomainName" }, "Functions": { "additionalProperties": { "$ref": "#/definitions/Function" }, "title": "Functions", "type": "object" }, "Logging": { "anyOf": [ { "$ref": "#/definitions/Logging" }, { "type": "boolean" } ], "title": "Logging" }, "Name": { "$ref": "#/definitions/PassThroughProp" }, "OwnerContact": { "$ref": "#/definitions/PassThroughProp" }, "Resolvers": { "additionalProperties": { "additionalProperties": { "$ref": "#/definitions/Resolver" }, "type": "object" }, "title": "Resolvers", "type": "object" }, "SchemaInline": { "$ref": "#/definitions/PassThroughProp" }, "SchemaUri": { "$ref": "#/definitions/PassThroughProp" }, "Tags": { "title": "Tags", "type": "object" }, "Visibility": { "$ref": "#/definitions/PassThroughProp" }, "XrayEnabled": { "title": "Xrayenabled", "type": "boolean" } }, "required": [ "Auth" ], "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_graphqlapi__Resource": { "additionalProperties": false, "properties": { "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_graphqlapi__Properties" }, "Type": { "enum": [ "AWS::Serverless::GraphQLApi" ], "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Auth": { "additionalProperties": false, "properties": { "Authorizers": { "additionalProperties": { "anyOf": [ { "$ref": "#/definitions/OAuth2Authorizer" }, { "$ref": "#/definitions/LambdaAuthorizer" } ] }, "markdownDescription": "The authorizer used to control access to your API Gateway API\\. \n*Type*: [OAuth2Authorizer](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-oauth2authorizer.html) \\| [LambdaAuthorizer](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-lambdaauthorizer.html) \n*Required*: No \n*Default*: None \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: AWS SAM adds the authorizers to the OpenAPI definition\\.", "title": "Authorizers", "type": "object" }, "DefaultAuthorizer": { "markdownDescription": "Specify the default authorizer to use for authorizing API calls to your API Gateway API\\. You can specify `AWS_IAM` as a default authorizer if `EnableIamAuthorizer` is set to `true`\\. Otherwise, specify an authorizer that you've defined in `Authorizers`\\. \n*Type*: String \n*Required*: No \n*Default*: None \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "DefaultAuthorizer", "type": "string" }, "EnableIamAuthorizer": { "markdownDescription": "Specify whether to use IAM authorization for the API route\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EnableIamAuthorizer", "type": "boolean" } }, "title": "Auth", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__DefinitionUri": { "additionalProperties": false, "properties": { "Bucket": { "markdownDescription": "The name of the Amazon S3 bucket where the OpenAPI file is stored\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Bucket`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-api-bodys3location.html#cfn-apigatewayv2-api-bodys3location-bucket) property of the `AWS::ApiGatewayV2::Api` `BodyS3Location` data type\\.", "title": "Bucket", "type": "string" }, "Key": { "markdownDescription": "The Amazon S3 key of the OpenAPI file\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Key`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-api-bodys3location.html#cfn-apigatewayv2-api-bodys3location-key) property of the `AWS::ApiGatewayV2::Api` `BodyS3Location` data type\\.", "title": "Key", "type": "string" }, "Version": { "markdownDescription": "For versioned objects, the version of the OpenAPI file\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Version`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-api-bodys3location.html#cfn-apigatewayv2-api-bodys3location-version) property of the `AWS::ApiGatewayV2::Api` `BodyS3Location` data type\\.", "title": "Version", "type": "string" } }, "required": [ "Bucket", "Key" ], "title": "DefinitionUri", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Domain": { "additionalProperties": false, "properties": { "BasePath": { "items": { "type": "string" }, "markdownDescription": "A list of the basepaths to configure with the Amazon API Gateway domain name\\. \n*Type*: List \n*Required*: No \n*Default*: / \n*AWS CloudFormation compatibility*: This property is similar to the [`ApiMappingKey`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-apimapping.html#cfn-apigatewayv2-apimapping-apimappingkey) property of an `AWS::ApiGatewayV2::ApiMapping` resource\\. AWS SAM creates multiple `AWS::ApiGatewayV2::ApiMapping` resources, one per value specified in this property\\.", "title": "BasePath", "type": "array" }, "CertificateArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of an AWS managed certificate for this domain name's endpoint\\. AWS Certificate Manager is the only supported source\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CertificateArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html#cfn-apigatewayv2-domainname-domainnameconfiguration-certificatearn) property of an `AWS::ApiGateway2::DomainName DomainNameConfiguration` resource\\.", "title": "CertificateArn" }, "DomainName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The custom domain name for your API Gateway API\\. Uppercase letters are not supported\\. \nAWS SAM generates an `AWS::ApiGatewayV2::DomainName` resource when this property is set\\. For information about this scenario, see [DomainName property is specified](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources-httpapi.html#sam-specification-generated-resources-httpapi-domain-name)\\. For information about generated AWS CloudFormation resources, see [Generated AWS CloudFormation resources](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DomainName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html#cfn-apigatewayv2-domainname-domainname) property of an `AWS::ApiGateway2::DomainName` resource\\.", "title": "DomainName" }, "EndpointConfiguration": { "anyOf": [ { "type": "object" }, { "enum": [ "REGIONAL" ], "type": "string" } ], "markdownDescription": "Defines the type of API Gateway endpoint to map to the custom domain\\. The value of this property determines how the `CertificateArn` property is mapped in AWS CloudFormation\\. \nThe only valid value for HTTP APIs is `REGIONAL`\\. \n*Type*: String \n*Required*: No \n*Default*: `REGIONAL` \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "EndpointConfiguration" }, "MutualTlsAuthentication": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The mutual transport layer security \\(TLS\\) authentication configuration for a custom domain name\\. \n*Type*: [MutualTlsAuthentication](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html#cfn-apigatewayv2-domainname-mutualtlsauthentication) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`MutualTlsAuthentication`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html#cfn-apigatewayv2-domainname-mutualtlsauthentication) property of an `AWS::ApiGatewayV2::DomainName` resource\\.", "title": "MutualTlsAuthentication" }, "OwnershipVerificationCertificateArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the public certificate issued by ACM to validate ownership of your custom domain\\. Required only when you configure mutual TLS and you specify an ACM imported or private CA certificate ARN for the `CertificateArn`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`OwnershipVerificationCertificateArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html#cfn-apigatewayv2-domainname-domainnameconfiguration-ownershipverificationcertificatearn) property of the `AWS::ApiGatewayV2::DomainName` `DomainNameConfiguration` data type\\.", "title": "OwnershipVerificationCertificateArn" }, "Route53": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Route53" } ], "markdownDescription": "Defines an Amazon Route\u00a053 configuration\\. \n*Type*: [Route53Configuration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-route53configuration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Route53" }, "SecurityPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The TLS version of the security policy for this domain name\\. \nThe only valid value for HTTP APIs is `TLS_1_2`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SecurityPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigatewayv2-domainname-domainnameconfiguration.html#cfn-apigatewayv2-domainname-domainnameconfiguration-securitypolicy) property of the `AWS::ApiGatewayV2::DomainName` `DomainNameConfiguration` data type\\.", "title": "SecurityPolicy" } }, "required": [ "CertificateArn", "DomainName" ], "title": "Domain", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Globals": { "additionalProperties": false, "properties": { "AccessLogSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The settings for access logging in a stage\\. \n*Type*: [AccessLogSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AccessLogSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "AccessLogSettings" }, "Auth": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Auth" } ], "markdownDescription": "Configures authorization for controlling access to your API Gateway HTTP API\\. \nFor more information, see [Controlling access to HTTP APIs with JWT authorizers](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html) in the *API Gateway Developer Guide*\\. \n*Type*: [HttpApiAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapiauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "CorsConfiguration": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Manages cross\\-origin resource sharing \\(CORS\\) for all your API Gateway HTTP APIs\\. Specify the domain to allow as a string, or specify an `HttpApiCorsConfiguration` object\\. Note that CORS requires AWS SAM to modify your OpenAPI definition, so CORS works only if the `DefinitionBody` property is specified\\. \nFor more information, see [Configuring CORS for an HTTP API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) in the *API Gateway Developer Guide*\\. \nIf `CorsConfiguration` is set both in an OpenAPI definition and at the property level, then AWS SAM merges both configuration sources with the properties taking precedence\\. If this property is set to `true`, then all origins are allowed\\.\n*Type*: String \\| [HttpApiCorsConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapicorsconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CorsConfiguration" }, "DefaultRouteSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The default route settings for this HTTP API\\. These settings apply to all routes unless overridden by the `RouteSettings` property for certain routes\\. \n*Type*: [RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RouteSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "DefaultRouteSettings" }, "Domain": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Domain" } ], "markdownDescription": "Configures a custom domain for this API Gateway HTTP API\\. \n*Type*: [HttpApiDomainConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapidomainconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Domain" }, "FailOnWarnings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Specifies whether to roll back the HTTP API creation \\(`true`\\) or not \\(`false`\\) when a warning is encountered\\. The default value is `false`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FailOnWarnings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-failonwarnings) property of an `AWS::ApiGatewayV2::Api` resource\\.", "title": "FailOnWarnings" }, "PropagateTags": { "title": "Propagatetags", "type": "boolean" }, "RouteSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The route settings, per route, for this HTTP API\\. For more information, see [Working with routes for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html) in the *API Gateway Developer Guide*\\. \n*Type*: [RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RouteSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "RouteSettings" }, "StageVariables": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A map that defines the stage variables\\. Variable names can have alphanumeric and underscore characters\\. The values must match \\[A\\-Za\\-z0\\-9\\-\\.\\_\\~:/?\\#&=,\\]\\+\\. \n*Type*: [Json](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-stagevariables) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StageVariables`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-stagevariables) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "StageVariables" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags to add to this API Gateway stage\\. Keys can be 1 to 128 Unicode characters in length and cannot include the prefix `aws:`\\. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_`, `.`, `/`, `=`, `+`, and `-`\\. Values can be 1 to 256 Unicode characters in length\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: The `Tags` property requires AWS SAM to modify your OpenAPI definition, so tags are added only if the `DefinitionBody` property is specified\u2014no tags are added if the `DefinitionUri` property is specified\\. AWS SAM automatically adds an `httpapi:createdBy:SAM` tag\\. Tags are also added to the `AWS::ApiGatewayV2::Stage` resource and the `AWS::ApiGatewayV2::DomainName` resource \\(if `DomainName` is specified\\)\\.", "title": "Tags", "type": "object" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Properties": { "additionalProperties": false, "properties": { "AccessLogSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The settings for access logging in a stage\\. \n*Type*: [AccessLogSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`AccessLogSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-accesslogsettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "AccessLogSettings" }, "Auth": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Auth" } ], "markdownDescription": "Configures authorization for controlling access to your API Gateway HTTP API\\. \nFor more information, see [Controlling access to HTTP APIs with JWT authorizers](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html) in the *API Gateway Developer Guide*\\. \n*Type*: [HttpApiAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapiauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "CorsConfiguration": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Manages cross\\-origin resource sharing \\(CORS\\) for all your API Gateway HTTP APIs\\. Specify the domain to allow as a string, or specify an `HttpApiCorsConfiguration` object\\. Note that CORS requires AWS SAM to modify your OpenAPI definition, so CORS works only if the `DefinitionBody` property is specified\\. \nFor more information, see [Configuring CORS for an HTTP API](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) in the *API Gateway Developer Guide*\\. \nIf `CorsConfiguration` is set both in an OpenAPI definition and at the property level, then AWS SAM merges both configuration sources with the properties taking precedence\\. If this property is set to `true`, then all origins are allowed\\.\n*Type*: String \\| [HttpApiCorsConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapicorsconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CorsConfiguration" }, "DefaultRouteSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The default route settings for this HTTP API\\. These settings apply to all routes unless overridden by the `RouteSettings` property for certain routes\\. \n*Type*: [RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RouteSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "DefaultRouteSettings" }, "DefinitionBody": { "markdownDescription": "The OpenAPI definition that describes your HTTP API\\. If you don't specify a `DefinitionUri` or a `DefinitionBody`, AWS SAM generates a `DefinitionBody` for you based on your template configuration\\. \n*Type*: JSON \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Body`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-body) property of an `AWS::ApiGatewayV2::Api` resource\\. If certain properties are provided, AWS SAM may insert content into or modify the `DefinitionBody` before it is passed to AWS CloudFormation\\. Properties include `Auth` and an `EventSource` of type HttpApi for a corresponding `AWS::Serverless::Function` resource\\.", "title": "DefinitionBody", "type": "object" }, "DefinitionUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__DefinitionUri" } ], "markdownDescription": "The Amazon Simple Storage Service \\(Amazon S3\\) URI, local file path, or location object of the the OpenAPI definition that defines the HTTP API\\. The Amazon S3 object that this property references must be a valid OpenAPI definition file\\. If you don't specify a `DefinitionUri` or a `DefinitionBody` are specified, AWS SAM generates a `DefinitionBody` for you based on your template configuration\\. \nIf you provide a local file path, the template must go through the workflow that includes the `sam deploy` or `sam package` command for the definition to be transformed properly\\. \nIntrinsic functions are not supported in external OpenApi definition files that you reference with `DefinitionUri`\\. To import an OpenApi definition into the template, use the `DefinitionBody` property with the [Include transform](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/create-reusable-transform-function-snippets-and-add-to-your-template-with-aws-include-transform.html)\\. \n*Type*: String \\| [HttpApiDefinition](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapidefinition.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`BodyS3Location`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-bodys3location) property of an `AWS::ApiGatewayV2::Api` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "DefinitionUri" }, "Description": { "markdownDescription": "The description of the HTTP API resource\\. \nWhen you specify `Description`, AWS SAM will modify the HTTP API resource's OpenApi definition by setting the `description` field\\. The following scenarios will result in an error: \n+ The `DefinitionBody` property is specified with the `description` field set in the Open API definition \u2013 This results in a conflict of the `description` field that AWS SAM won't resolve\\.\n+ The `DefinitionUri` property is specified \u2013 AWS SAM won't modify an Open API definition that is retrieved from Amazon S3\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Description", "type": "string" }, "DisableExecuteApiEndpoint": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Specifies whether clients can invoke your HTTP API by using the default `execute-api` endpoint `https://{api_id}.execute-api.{region}.amazonaws.com`\\. By default, clients can invoke your API with the default endpoint\\. To require that clients only use a custom domain name to invoke your API, disable the default endpoint\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the `[ DisableExecuteApiEndpoint](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-disableexecuteapiendpoint)` property of an `AWS::ApiGatewayV2::Api` resource\\. It is passed directly to the `disableExecuteApiEndpoint` property of an `[ x\\-amazon\\-apigateway\\-endpoint\\-configuration](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-swagger-extensions-endpoint-configuration.html)` extension, which gets added to the ` [ Body](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-body)` property of an `AWS::ApiGatewayV2::Api` resource\\.", "title": "DisableExecuteApiEndpoint" }, "Domain": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Domain" } ], "markdownDescription": "Configures a custom domain for this API Gateway HTTP API\\. \n*Type*: [HttpApiDomainConfiguration](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-httpapi-httpapidomainconfiguration.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Domain" }, "FailOnWarnings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Specifies whether to roll back the HTTP API creation \\(`true`\\) or not \\(`false`\\) when a warning is encountered\\. The default value is `false`\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FailOnWarnings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-api.html#cfn-apigatewayv2-api-failonwarnings) property of an `AWS::ApiGatewayV2::Api` resource\\.", "title": "FailOnWarnings" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the HTTP API resource\\. \nWhen you specify `Name`, AWS SAM will modify the HTTP API resource's OpenAPI definition by setting the `title` field\\. The following scenarios will result in an error: \n+ The `DefinitionBody` property is specified with the `title` field set in the Open API definition \u2013 This results in a conflict of the `title` field that AWS SAM won't resolve\\.\n+ The `DefinitionUri` property is specified \u2013 AWS SAM won't modify an Open API definition that is retrieved from Amazon S3\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Name" }, "PropagateTags": { "title": "Propagatetags", "type": "boolean" }, "RouteSettings": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The route settings, per route, for this HTTP API\\. For more information, see [Working with routes for HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-routes.html) in the *API Gateway Developer Guide*\\. \n*Type*: [RouteSettings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RouteSettings`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-routesettings) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "RouteSettings" }, "StageName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the API stage\\. If no name is specified, AWS SAM uses the `$default` stage from API Gateway\\. \n*Type*: String \n*Required*: No \n*Default*: $default \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StageName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-stagename) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "StageName" }, "StageVariables": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A map that defines the stage variables\\. Variable names can have alphanumeric and underscore characters\\. The values must match \\[A\\-Za\\-z0\\-9\\-\\.\\_\\~:/?\\#&=,\\]\\+\\. \n*Type*: [Json](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-stagevariables) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StageVariables`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-stage.html#cfn-apigatewayv2-stage-stagevariables) property of an `AWS::ApiGatewayV2::Stage` resource\\.", "title": "StageVariables" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags to add to this API Gateway stage\\. Keys can be 1 to 128 Unicode characters in length and cannot include the prefix `aws:`\\. You can use any of the following characters: the set of Unicode letters, digits, whitespace, `_`, `.`, `/`, `=`, `+`, and `-`\\. Values can be 1 to 256 Unicode characters in length\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: The `Tags` property requires AWS SAM to modify your OpenAPI definition, so tags are added only if the `DefinitionBody` property is specified\u2014no tags are added if the `DefinitionUri` property is specified\\. AWS SAM automatically adds an `httpapi:createdBy:SAM` tag\\. Tags are also added to the `AWS::ApiGatewayV2::Stage` resource and the `AWS::ApiGatewayV2::DomainName` resource \\(if `DomainName` is specified\\)\\.", "title": "Tags", "type": "object" } }, "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Properties" }, "Type": { "enum": [ "AWS::Serverless::HttpApi" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_httpapi__Route53": { "additionalProperties": false, "properties": { "DistributionDomainName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Configures a custom distribution of the API custom domain name\\. \n*Type*: String \n*Required*: No \n*Default*: Use the API Gateway distribution\\. \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DNSName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget-1.html#cfn-route53-aliastarget-dnshostname) property of an `AWS::Route53::RecordSetGroup AliasTarget` resource\\. \n*Additional notes*: The domain name of a [CloudFront distribution](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html)\\.", "title": "DistributionDomainName" }, "EvaluateTargetHealth": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "When EvaluateTargetHealth is true, an alias record inherits the health of the referenced AWS resource, such as an Elastic Load Balancing load balancer or another record in the hosted zone\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EvaluateTargetHealth`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-evaluatetargethealth) property of an `AWS::Route53::RecordSetGroup AliasTarget` resource\\. \n*Additional notes*: You can't set EvaluateTargetHealth to true when the alias target is a CloudFront distribution\\.", "title": "EvaluateTargetHealth" }, "HostedZoneId": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ID of the hosted zone that you want to create records in\\. \nSpecify either `HostedZoneName` or `HostedZoneId`, but not both\\. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`HostedZoneId`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset-1.html#cfn-route53-recordset-hostedzoneid) property of an `AWS::Route53::RecordSetGroup RecordSet` resource\\.", "title": "HostedZoneId" }, "HostedZoneName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the hosted zone that you want to create records in\\. You must include a trailing dot \\(for example, `www.example.com.`\\) as part of the `HostedZoneName`\\. \nSpecify either `HostedZoneName` or `HostedZoneId`, but not both\\. If you have multiple hosted zones with the same domain name, you must specify the hosted zone using `HostedZoneId`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`HostedZoneName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset-1.html#cfn-route53-recordset-hostedzonename) property of an `AWS::Route53::RecordSetGroup RecordSet` resource\\.", "title": "HostedZoneName" }, "IpV6": { "markdownDescription": "When this property is set, AWS SAM creates a `AWS::Route53::RecordSet` resource and sets [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-recordset.html#cfn-route53-recordset-type) to `AAAA` for the provided HostedZone\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpV6", "type": "boolean" }, "Region": { "$ref": "#/definitions/PassThroughProp" }, "SetIdentifier": { "$ref": "#/definitions/PassThroughProp" } }, "title": "Route53", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_layerversion__Properties": { "additionalProperties": false, "properties": { "CompatibleArchitectures": { "items": { "type": "string" }, "markdownDescription": "Specifies the supported instruction set architectures for the layer version\\. \nFor more information about this property, see [Lambda instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) in the *AWS Lambda Developer Guide*\\. \n*Valid values*: `x86_64`, `arm64` \n*Type*: List \n*Required*: No \n*Default*: `x86_64` \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CompatibleArchitectures`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatiblearchitectures) property of an `AWS::Lambda::LayerVersion` resource\\.", "title": "CompatibleArchitectures", "type": "array" }, "CompatibleRuntimes": { "items": { "type": "string" }, "markdownDescription": "List of runtimes compatible with this LayerVersion\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`CompatibleRuntimes`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatibleruntimes) property of an `AWS::Lambda::LayerVersion` resource\\.", "title": "CompatibleRuntimes", "type": "array" }, "ContentUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/ContentUri" } ], "markdownDescription": "Amazon S3 Uri, path to local folder, or LayerContent object of the layer code\\. \nIf an Amazon S3 Uri or LayerContent object is provided, The Amazon S3 object referenced must be a valid ZIP archive that contains the contents of an [Lambda layer](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)\\. \nIf a path to a local folder is provided, for the content to be transformed properly the template must go through the workflow that includes [sam build](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-build.html) followed by either [sam deploy](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-deploy.html) or [sam package](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-package.html)\\. By default, relative paths are resolved with respect to the AWS SAM template's location\\. \n*Type*: String \\| [LayerContent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-layerversion-layercontent.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is similar to the [`Content`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-content) property of an `AWS::Lambda::LayerVersion` resource\\. The nested Amazon S3 properties are named differently\\.", "title": "ContentUri" }, "Description": { "markdownDescription": "Description of this layer\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-description) property of an `AWS::Lambda::LayerVersion` resource\\.", "title": "Description", "type": "string" }, "LayerName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name or Amazon Resource Name \\(ARN\\) of the layer\\. \n*Type*: String \n*Required*: No \n*Default*: Resource logical id \n*AWS CloudFormation compatibility*: This property is similar to the [`LayerName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-layername) property of an `AWS::Lambda::LayerVersion` resource\\. If you don't specify a name, the logical id of the resource will be used as the name\\.", "title": "LayerName" }, "LicenseInfo": { "markdownDescription": "Information about the license for this LayerVersion\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`LicenseInfo`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-licenseinfo) property of an `AWS::Lambda::LayerVersion` resource\\.", "title": "LicenseInfo", "type": "string" }, "RetentionPolicy": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "Specifies whether old versions of your LayerVersion are retained or deleted after an update\\. \n*Valid values*: `Retain` or `Delete` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\. \n*Additional notes*: When you specify `Retain`, AWS SAM adds a [Resource attributes](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-resource-attributes.html) of `DeletionPolicy: Retain` to the transformed `AWS::Lambda::LayerVersion` resource\\.", "title": "RetentionPolicy" } }, "required": [ "ContentUri" ], "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_layerversion__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_layerversion__Properties" }, "Type": { "enum": [ "AWS::Serverless::LayerVersion" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_simpletable__Globals": { "additionalProperties": false, "properties": { "SSESpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", "markdownDescription": "Specifies the settings to enable server\\-side encryption\\. \n*Type*: [SSESpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SSESpecification`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html) property of an `AWS::DynamoDB::Table` resource\\.", "title": "SSESpecification" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_simpletable__Properties": { "additionalProperties": false, "properties": { "PointInTimeRecoverySpecification": { "$ref": "#/definitions/PassThroughProp" }, "PrimaryKey": { "allOf": [ { "$ref": "#/definitions/PrimaryKey" } ], "markdownDescription": "Attribute name and type to be used as the table's primary key\\. If not provided, the primary key will be a `String` with a value of `id`\\. \nThe value of this property cannot be modified after this resource is created\\.\n*Type*: [PrimaryKeyObject](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-simpletable-primarykeyobject.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "PrimaryKey" }, "ProvisionedThroughput": { "$ref": "#/definitions/AWS::DynamoDB::Table.ProvisionedThroughput", "markdownDescription": "Read and write throughput provisioning information\\. \nIf `ProvisionedThroughput` is not specified `BillingMode` will be specified as `PAY_PER_REQUEST`\\. \n*Type*: [ProvisionedThroughput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-provisionedthroughput.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ProvisionedThroughput`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-provisionedthroughput.html) property of an `AWS::DynamoDB::Table` resource\\.", "title": "ProvisionedThroughput" }, "SSESpecification": { "$ref": "#/definitions/AWS::DynamoDB::Table.SSESpecification", "markdownDescription": "Specifies the settings to enable server\\-side encryption\\. \n*Type*: [SSESpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`SSESpecification`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-dynamodb-table-ssespecification.html) property of an `AWS::DynamoDB::Table` resource\\.", "title": "SSESpecification" }, "TableName": { "markdownDescription": "Name for the DynamoDB Table\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TableName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-tablename) property of an `AWS::DynamoDB::Table` resource\\.", "title": "TableName", "type": "string" }, "Tags": { "markdownDescription": "A map \\(string to string\\) that specifies the tags to be added to this SimpleTable\\. For details about valid keys and values for tags, see [Resource tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the *AWS CloudFormation User Guide*\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-table.html#cfn-dynamodb-table-tags) property of an `AWS::DynamoDB::Table` resource\\. The Tags property in SAM consists of Key:Value pairs; in CloudFormation it consists of a list of Tag objects\\.", "title": "Tags", "type": "object" } }, "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_simpletable__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_simpletable__Properties" }, "Type": { "enum": [ "AWS::Serverless::SimpleTable" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ApiEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ApiEventProperties" } ], "markdownDescription": "An object describing the properties of this event mapping\\. The set of properties must conform to the defined `Type`\\. \n*Type*: [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedulev2.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinecloudwatchevent.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventbridgerule.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineapi.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Api" ], "markdownDescription": "The event type\\. \n*Valid values*: `Api`, `Schedule`, `ScheduleV2`, `CloudWatchEvent`, `EventBridgeRule` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ApiEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ApiEventProperties": { "additionalProperties": false, "properties": { "Auth": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__Auth" } ], "markdownDescription": "The authorization configuration for this API, path, and method\\. \nUse this property to override the API's `DefaultAuthorizer` setting for an individual path, when no `DefaultAuthorizer` is specified, or to override the default `ApiKeyRequired` setting\\. \n*Type*: [ApiStateMachineAuth](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-apistatemachineauth.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Auth" }, "Method": { "markdownDescription": "The HTTP method for which this function is invoked\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Method", "type": "string" }, "Path": { "markdownDescription": "The URI path for which this function is invoked\\. The value must start with `/`\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Path", "type": "string" }, "RestApiId": { "anyOf": [ { "type": "object" }, { "type": "string" } ], "markdownDescription": "The identifier of a `RestApi` resource, which must contain an operation with the given path and method\\. Typically, this is set to reference an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource that is defined in this template\\. \nIf you don't define this property, AWS SAM creates a default [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource using a generated `OpenApi` document\\. That resource contains a union of all paths and methods defined by `Api` events in the same template that do not specify a `RestApiId`\\. \nThis property can't reference an [AWS::Serverless::Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-api.html) resource that is defined in another template\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "RestApiId" }, "UnescapeMappingTemplate": { "markdownDescription": "Unescapes single quotes, by replacing `\\'` with `'`, on the input that is passed to the state machine\\. Use when your input contains single quotes\\. \nIf set to `False` and your input contains single quotes, an error will occur\\.\n*Type*: Boolean \n*Required*: No \n*Default*: False \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "UnescapeMappingTemplate", "type": "boolean" } }, "required": [ "Method", "Path" ], "title": "ApiEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__Auth": { "additionalProperties": false, "properties": { "ApiKeyRequired": { "markdownDescription": "Requires an API key for this API, path, and method\\. \n*Type*: Boolean \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ApiKeyRequired", "type": "boolean" }, "AuthorizationScopes": { "items": { "type": "string" }, "markdownDescription": "The authorization scopes to apply to this API, path, and method\\. \nThe scopes that you specify will override any scopes applied by the `DefaultAuthorizer` property if you have specified it\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AuthorizationScopes", "type": "array" }, "Authorizer": { "markdownDescription": "The `Authorizer` for a specific state machine\\. \nIf you have specified a global authorizer for the API and want to make this state machine public, override the global authorizer by setting `Authorizer` to `NONE`\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Authorizer", "type": "string" }, "ResourcePolicy": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ResourcePolicy" } ], "markdownDescription": "Configure the resource policy for this API and path\\. \n*Type*: [ResourcePolicyStatement](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-resourcepolicystatement.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "ResourcePolicy" } }, "title": "Auth", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__CloudWatchEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__CloudWatchEventProperties" } ], "markdownDescription": "An object describing the properties of this event mapping\\. The set of properties must conform to the defined `Type`\\. \n*Type*: [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedulev2.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinecloudwatchevent.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventbridgerule.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineapi.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "CloudWatchEvent" ], "markdownDescription": "The event type\\. \n*Valid values*: `Api`, `Schedule`, `ScheduleV2`, `CloudWatchEvent`, `EventBridgeRule` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "CloudWatchEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__CloudWatchEventProperties": { "additionalProperties": false, "properties": { "EventBusName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The event bus to associate with this rule\\. If you omit this property, AWS SAM uses the default event bus\\. \n*Type*: String \n*Required*: No \n*Default*: Default event bus \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventBusName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventbusname) property of an `AWS::Events::Rule` resource\\.", "title": "EventBusName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "InputPath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "When you don't want to pass the entire matched event to the target, use the `InputPath` property to describe which part of the event to pass\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`InputPath`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-inputpath) property of an `AWS::Events::Rule Target` resource\\.", "title": "InputPath" }, "Pattern": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Describes which events are routed to the specified target\\. For more information, see [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [EventPattern](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventPattern`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) property of an `AWS::Events::Rule` resource\\.", "title": "Pattern" } }, "title": "CloudWatchEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__DeadLetterConfig": { "additionalProperties": false, "properties": { "Arn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Resource Name \\(ARN\\) of the Amazon SQS queue specified as the target for the dead\\-letter queue\\. \nSpecify either the `Type` property or `Arn` property, but not both\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Arn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-deadletterconfig.html#cfn-events-rule-deadletterconfig-arn) property of the `AWS::Events::Rule` `DeadLetterConfig` data type\\.", "title": "Arn" }, "QueueLogicalId": { "markdownDescription": "The custom name of the dead letter queue that AWS SAM creates if `Type` is specified\\. \nIf the `Type` property is not set, this property is ignored\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "QueueLogicalId", "type": "string" }, "Type": { "enum": [ "SQS" ], "markdownDescription": "The type of the queue\\. When this property is set, AWS SAM automatically creates a dead\\-letter queue and attaches necessary [resource\\-based policy](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-perms) to grant permission to rule resource to send events to the queue\\. \nSpecify either the `Type` property or `Arn` property, but not both\\.\n*Valid values*: `SQS` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "title": "DeadLetterConfig", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleEventProperties" } ], "markdownDescription": "An object describing the properties of this event mapping\\. The set of properties must conform to the defined `Type`\\. \n*Type*: [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedulev2.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinecloudwatchevent.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventbridgerule.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineapi.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "EventBridgeRule" ], "markdownDescription": "The event type\\. \n*Valid values*: `Api`, `Schedule`, `ScheduleV2`, `CloudWatchEvent`, `EventBridgeRule` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "EventBridgeRuleEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleEventProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinedeadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-deadletterconfig) property of the `AWS::Events::Rule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "EventBusName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The event bus to associate with this rule\\. If you omit this property, AWS SAM uses the default event bus\\. \n*Type*: String \n*Required*: No \n*Default*: Default event bus \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventBusName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventbusname) property of an `AWS::Events::Rule` resource\\.", "title": "EventBusName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-input) property of an `AWS::Events::Rule Target` resource\\.", "title": "Input" }, "InputPath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "When you don't want to pass the entire matched event to the target, use the `InputPath` property to describe which part of the event to pass\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`InputPath`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-inputpath) property of an `AWS::Events::Rule Target` resource\\.", "title": "InputPath" }, "InputTransformer": { "$ref": "#/definitions/PassThroughProp" }, "Pattern": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Describes which events are routed to the specified target\\. For more information, see [Events and Event Patterns in EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [EventPattern](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EventPattern`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-eventpattern) property of an `AWS::Events::Rule` resource\\.", "title": "Pattern" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings\\. For more information, see [Event retry policy and using dead\\-letter queues](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html) in the *Amazon EventBridge User Guide*\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-retrypolicy) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "RetryPolicy" }, "RuleName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the rule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-name) property of an `AWS::Events::Rule` resource\\.", "title": "RuleName" }, "Target": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleTarget" } ], "markdownDescription": "The AWS resource that EventBridge invokes when a rule is triggered\\. You can use this property to specify the logical ID of the target\\. If this property is not specified, then AWS SAM generates the logical ID of the target\\. \n*Type*: [Target](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinetarget.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Targets`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-events-rule.html#cfn-events-rule-targets) property of an `AWS::Events::Rule` resource\\. The AWS SAM version of this property only allows you to specify the logical ID of a single target\\.", "title": "Target" } }, "title": "EventBridgeRuleEventProperties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleTarget": { "additionalProperties": false, "properties": { "Id": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The logical ID of the target\\. \nThe value of `Id` can include alphanumeric characters, periods \\(`.`\\), hyphens \\(`-`\\), and underscores \\(`_`\\)\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Id`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html#cfn-events-rule-target-id) property of the `AWS::Events::Rule` `Target` data type\\.", "title": "Id" } }, "required": [ "Id" ], "title": "EventBridgeRuleTarget", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__Globals": { "additionalProperties": false, "properties": { "PropagateTags": { "title": "Propagatetags", "type": "boolean" } }, "title": "Globals", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__Properties": { "additionalProperties": false, "properties": { "AutoPublishAlias": { "$ref": "#/definitions/PassThroughProp" }, "Definition": { "markdownDescription": "The state machine definition is an object, where the format of the object matches the format of your AWS SAM template file, for example, JSON or YAML\\. State machine definitions adhere to the [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html)\\. \nFor an example of an inline state machine definition, see [Examples](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/#sam-resource-statemachine--examples.html#sam-resource-statemachine--examples)\\. \nYou must provide either a `Definition` or a `DefinitionUri`\\. \n*Type*: Map \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Definition", "type": "object" }, "DefinitionSubstitutions": { "markdownDescription": "A string\\-to\\-string map that specifies the mappings for placeholder variables in the state machine definition\\. This enables you to inject values obtained at runtime \\(for example, from intrinsic functions\\) into the state machine definition\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DefinitionSubstitutions`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-definitionsubstitutions) property of an `AWS::StepFunctions::StateMachine` resource\\. If any intrinsic functions are specified in an inline state machine definition, AWS SAM adds entries to this property to inject them into the state machine definition\\.", "title": "DefinitionSubstitutions", "type": "object" }, "DefinitionUri": { "anyOf": [ { "type": "string" }, { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The Amazon Simple Storage Service \\(Amazon S3\\) URI or local file path of the state machine definition written in the [Amazon States Language](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html)\\. \nIf you provide a local file path, the template must go through the workflow that includes the `sam deploy` or `sam package` command to correctly transform the definition\\. To do this, you must use version 0\\.52\\.0 or later of the AWS SAM CLI\\. \nYou must provide either a `Definition` or a `DefinitionUri`\\. \n*Type*: String \\| [S3Location](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-definitions3location) \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`DefinitionS3Location`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-definitions3location) property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "DefinitionUri" }, "DeploymentPreference": { "$ref": "#/definitions/PassThroughProp" }, "Events": { "additionalProperties": { "anyOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleV2Event" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__CloudWatchEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__EventBridgeRuleEvent" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ApiEvent" } ] }, "markdownDescription": "Specifies the events that trigger this state machine\\. Events consist of a type and a set of properties that depend on the type\\. \n*Type*: [EventSource](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventsource.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Events", "type": "object" }, "Logging": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Defines which execution history events are logged and where they are logged\\. \n*Type*: [LoggingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-loggingconfiguration) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`LoggingConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-loggingconfiguration) property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "Logging" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the state machine\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StateMachineName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-statemachinename) property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "Name" }, "PermissionsBoundary": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of a permissions boundary to use for this state machine's execution role\\. This property only works if the role is generated for you\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PermissionsBoundary`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary) property of an `AWS::IAM::Role` resource\\.", "title": "PermissionsBoundary" }, "Policies": { "anyOf": [ { "type": "string" }, { "type": "object" }, { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "type": "array" } ], "markdownDescription": "Permission policies for this state machine\\. Policies will be appended to the state machine's default AWS Identity and Access Management \\(IAM\\) execution role\\. \nThis property accepts a single value or list of values\\. Allowed values include: \n+ [AWS SAM policy templates](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-policy-templates.html)\\.\n+ The ARN of an [AWS managed policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#aws-managed-policies) or [customer managed policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#customer-managed-policies)\\.\n+ The name of an AWS managed policy from the following [ list](https://github.com/aws/serverless-application-model/blob/develop/samtranslator/internal/data/aws_managed_policies.json)\\.\n+ An [ inline IAM policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#inline-policies) formatted in YAML as a map\\.\nIf you set the `Role` property, this property is ignored\\.\n*Type*: String \\| List \\| Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Policies" }, "PropagateTags": { "title": "Propagatetags", "type": "boolean" }, "Role": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of an IAM role to use as this state machine's execution role\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the `[ RoleArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-rolearn)` property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "Role" }, "RolePath": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The path to the state machine's IAM execution role\\. \nUse this property when the role is generated for you\\. Do not use when the role is specified with the `Role` property\\. \n*Type*: String \n*Required*: Conditional \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Path`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-path) property of an `AWS::IAM::Role` resource\\.", "title": "RolePath" }, "Tags": { "markdownDescription": "A string\\-to\\-string map that specifies the tags added to the state machine and the corresponding execution role\\. For information about valid keys and values for tags, see the [Tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-tags) property of an [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html) resource\\. \n*Type*: Map \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`Tags`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-tags) property of an `AWS::StepFunctions::StateMachine` resource\\. AWS SAM automatically adds a `stateMachine:createdBy:SAM` tag to this resource, and to the default role that is generated for it\\.", "title": "Tags", "type": "object" }, "Tracing": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Selects whether or not AWS X\\-Ray is enabled for the state machine\\. For more information about using X\\-Ray with Step Functions, see [AWS X\\-Ray and Step Functions](https://docs.aws.amazon.com/step-functions/latest/dg/concepts-xray-tracing.html) in the *AWS Step Functions Developer Guide*\\. \n*Type*: [TracingConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-tracingconfiguration) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`TracingConfiguration`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-tracingconfiguration) property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "Tracing" }, "Type": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The type of the state machine\\. \n*Valid values*: `STANDARD` or `EXPRESS` \n*Type*: String \n*Required*: No \n*Default*: `STANDARD` \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StateMachineType`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachine.html#cfn-stepfunctions-statemachine-statemachinetype) property of an `AWS::StepFunctions::StateMachine` resource\\.", "title": "Type" } }, "title": "Properties", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__Resource": { "additionalProperties": false, "properties": { "Condition": { "$ref": "#/definitions/PassThroughProp" }, "Connectors": { "additionalProperties": { "$ref": "#/definitions/EmbeddedConnector" }, "title": "Connectors", "type": "object" }, "DeletionPolicy": { "$ref": "#/definitions/PassThroughProp" }, "DependsOn": { "$ref": "#/definitions/PassThroughProp" }, "IgnoreGlobals": { "anyOf": [ { "type": "string" }, { "items": { "type": "string" }, "type": "array" } ], "title": "Ignoreglobals" }, "Metadata": { "$ref": "#/definitions/PassThroughProp" }, "Properties": { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__Properties" }, "Type": { "enum": [ "AWS::Serverless::StateMachine" ], "title": "Type", "type": "string" }, "UpdateReplacePolicy": { "$ref": "#/definitions/PassThroughProp" } }, "required": [ "Type", "Properties" ], "title": "Resource", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ResourcePolicy": { "additionalProperties": false, "properties": { "AwsAccountBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to block\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountBlacklist", "type": "array" }, "AwsAccountWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The AWS accounts to allow\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List of String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "AwsAccountWhitelist", "type": "array" }, "CustomStatements": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "A list of custom resource policy statements to apply to this API\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "CustomStatements", "type": "array" }, "IntrinsicVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of virtual private clouds \\(VPCs\\) to block, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcBlacklist", "type": "array" }, "IntrinsicVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPCs to allow, where each VPC is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpcWhitelist", "type": "array" }, "IntrinsicVpceBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to block, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceBlacklist", "type": "array" }, "IntrinsicVpceWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The list of VPC endpoints to allow, where each VPC endpoint is specified as a reference such as a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) or the `Ref` [intrinsic function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html)\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IntrinsicVpceWhitelist", "type": "array" }, "IpRangeBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to block\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeBlacklist", "type": "array" }, "IpRangeWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The IP addresses or address ranges to allow\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "IpRangeWhitelist", "type": "array" }, "SourceVpcBlacklist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to block\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. For an example use of this property, see the Examples section at the bottom of this page\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcBlacklist", "type": "array" }, "SourceVpcWhitelist": { "items": { "anyOf": [ { "type": "string" }, { "type": "object" } ] }, "markdownDescription": "The source VPC or VPC endpoints to allow\\. Source VPC names must start with `\"vpc-\"` and source VPC endpoint names must start with `\"vpce-\"`\\. \n*Type*: List \n*Required*: No \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "SourceVpcWhitelist", "type": "array" } }, "title": "ResourcePolicy", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleEvent": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/ScheduleEventProperties" } ], "markdownDescription": "An object describing the properties of this event mapping\\. The set of properties must conform to the defined `Type`\\. \n*Type*: [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedulev2.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinecloudwatchevent.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventbridgerule.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineapi.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "Schedule" ], "markdownDescription": "The event type\\. \n*Valid values*: `Api`, `Schedule`, `ScheduleV2`, `CloudWatchEvent`, `EventBridgeRule` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ScheduleEvent", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleV2Event": { "additionalProperties": false, "properties": { "Properties": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleV2EventProperties" } ], "markdownDescription": "An object describing the properties of this event mapping\\. The set of properties must conform to the defined `Type`\\. \n*Type*: [Schedule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedule.html) \\| [ScheduleV2](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineschedulev2.html) \\| [CloudWatchEvent](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinecloudwatchevent.html) \\| [EventBridgeRule](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineeventbridgerule.html) \\| [Api](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachineapi.html) \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Properties" }, "Type": { "enum": [ "ScheduleV2" ], "markdownDescription": "The event type\\. \n*Valid values*: `Api`, `Schedule`, `ScheduleV2`, `CloudWatchEvent`, `EventBridgeRule` \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent\\.", "title": "Type", "type": "string" } }, "required": [ "Type", "Properties" ], "title": "ScheduleV2Event", "type": "object" }, "samtranslator__internal__schema_source__aws_serverless_statemachine__ScheduleV2EventProperties": { "additionalProperties": false, "properties": { "DeadLetterConfig": { "allOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__DeadLetterConfig" } ], "markdownDescription": "Configure the Amazon Simple Queue Service \\(Amazon SQS\\) queue where EventBridge sends events after a failed target invocation\\. Invocation can fail, for example, when sending an event to a Lambda function that doesn't exist, or when EventBridge has insufficient permissions to invoke the Lambda function\\. For more information, see [Configuring a dead\\-letter queue for EventBridge Scheduler](https://docs.aws.amazon.com/scheduler/latest/UserGuide/configuring-schedule-dlq.html) in the *EventBridge Scheduler User Guide*\\. \n*Type*: [DeadLetterConfig](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-statemachinescheduledeadletterconfig.html) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is similar to the [`DeadLetterConfig`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-deadletterconfig) property of the `AWS::Scheduler::Schedule` `Target` data type\\. The AWS SAM version of this property includes additional subproperties, in case you want AWS SAM to create the dead\\-letter queue for you\\.", "title": "DeadLetterConfig" }, "Description": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A description of the schedule\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Description`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-description) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "Description" }, "EndDate": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The date, in UTC, before which the schedule can invoke its target\\. Depending on the schedule's recurrence expression, invocations might stop on, or before, the EndDate you specify\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`EndDate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-enddate) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "EndDate" }, "FlexibleTimeWindow": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Allows configuration of a window within which a schedule can be invoked\\. \n*Type*: [FlexibleTimeWindow](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-flexibletimewindow) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`FlexibleTimeWindow`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler.html#cfn-scheduler-schedule-flexibletimewindow) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "FlexibleTimeWindow" }, "GroupName": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the schedule group to associate with this schedule\\. If not defined, the default group is used\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`GroupName`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-groupname) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "GroupName" }, "Input": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "Valid JSON text passed to the target\\. If you use this property, nothing from the event text itself is passed to the target\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Input`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-input) property of an `AWS::Scheduler::Schedule Target` resource\\.", "title": "Input" }, "KmsKeyArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN for a KMS Key that will be used to encrypt customer data\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`KmsKeyArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-kmskeyarn) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "KmsKeyArn" }, "Name": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The name of the schedule\\. If you don't specify a name, AWS SAM generates a name in the format `StateMachine-Logical-IDEvent-Source-Name` and uses that ID for the schedule name\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`Name`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-name) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "Name" }, "OmitName": { "title": "Omitname", "type": "boolean" }, "PermissionsBoundary": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the policy used to set the permissions boundary for the role\\. \nIf `PermissionsBoundary` is defined, AWS SAM will apply the same boundaries to the scheduler schedule's target IAM role\\.\n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`PermissionsBoundary`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iam-role.html#cfn-iam-role-permissionsboundary) property of an `AWS::IAM::Role` resource\\.", "title": "PermissionsBoundary" }, "RetryPolicy": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "A `RetryPolicy` object that includes information about the retry policy settings\\. \n*Type*: [RetryPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-retrypolicy) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RetryPolicy`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-retrypolicy) property of the `AWS::Scheduler::Schedule` `Target` data type\\.", "title": "RetryPolicy" }, "RoleArn": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The ARN of the IAM role that EventBridge Scheduler will use for the target when the schedule is invoked\\. \n*Type*: [RoleArn](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-rolearn) \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`RoleArn`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-scheduler-schedule-target.html#cfn-scheduler-schedule-target-rolearn) property of the `AWS::Scheduler::Schedule` `Target` data type\\.", "title": "RoleArn" }, "ScheduleExpression": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The scheduling expression that determines when and how often the schedule runs\\. \n*Type*: String \n*Required*: Yes \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpression`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-scheduleexpression) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "ScheduleExpression" }, "ScheduleExpressionTimezone": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The timezone in which the scheduling expression is evaluated\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`ScheduleExpressionTimezone`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-scheduleexpressiontimezone) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "ScheduleExpressionTimezone" }, "StartDate": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The date, in UTC, after which the schedule can begin invoking a target\\. Depending on the schedule's recurrence expression, invocations might occur on, or after, the StartDate you specify\\. \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`StartDate`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-startdate) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "StartDate" }, "State": { "allOf": [ { "$ref": "#/definitions/PassThroughProp" } ], "markdownDescription": "The state of the schedule\\. \n*Accepted values:* `DISABLED | ENABLED` \n*Type*: String \n*Required*: No \n*AWS CloudFormation compatibility*: This property is passed directly to the [`State`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-scheduler-schedule.html#cfn-scheduler-schedule-state) property of an `AWS::Scheduler::Schedule` resource\\.", "title": "State" } }, "title": "ScheduleV2EventProperties", "type": "object" } }, "properties": { "AWSTemplateFormatVersion": { "enum": [ "2010-09-09" ], "type": "string" }, "Conditions": { "additionalProperties": false, "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "object" } }, "type": "object" }, "Description": { "description": "Template description", "maxLength": 1024, "type": "string" }, "Globals": { "$ref": "#/definitions/__main____Globals" }, "Mappings": { "additionalProperties": false, "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "object" } }, "type": "object" }, "Metadata": { "type": "object" }, "Outputs": { "additionalProperties": false, "maxProperties": 60, "minProperties": 1, "patternProperties": { "^[a-zA-Z0-9]+$": { "type": "object" } }, "type": "object" }, "Parameters": { "additionalProperties": false, "maxProperties": 50, "patternProperties": { "^[a-zA-Z0-9]+$": { "$ref": "#/definitions/Parameter" } }, "type": "object" }, "Resources": { "additionalProperties": { "anyOf": [ { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_connector__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_function__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_simpletable__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_statemachine__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_layerversion__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_api__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_httpapi__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_application__Resource" }, { "$ref": "#/definitions/samtranslator__internal__schema_source__aws_serverless_graphqlapi__Resource" }, { "$ref": "#/definitions/AWS::ACMPCA::Certificate" }, { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthority" }, { "$ref": "#/definitions/AWS::ACMPCA::CertificateAuthorityActivation" }, { "$ref": "#/definitions/AWS::ACMPCA::Permission" }, { "$ref": "#/definitions/AWS::APS::RuleGroupsNamespace" }, { "$ref": "#/definitions/AWS::APS::Scraper" }, { "$ref": "#/definitions/AWS::APS::Workspace" }, { "$ref": "#/definitions/AWS::ARCZonalShift::ZonalAutoshiftConfiguration" }, { "$ref": "#/definitions/AWS::AccessAnalyzer::Analyzer" }, { "$ref": "#/definitions/AWS::AmazonMQ::Broker" }, { "$ref": "#/definitions/AWS::AmazonMQ::Configuration" }, { "$ref": "#/definitions/AWS::AmazonMQ::ConfigurationAssociation" }, { "$ref": "#/definitions/AWS::Amplify::App" }, { "$ref": "#/definitions/AWS::Amplify::Branch" }, { "$ref": "#/definitions/AWS::Amplify::Domain" }, { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Component" }, { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Form" }, { "$ref": "#/definitions/AWS::AmplifyUIBuilder::Theme" }, { "$ref": "#/definitions/AWS::ApiGateway::Account" }, { "$ref": "#/definitions/AWS::ApiGateway::ApiKey" }, { "$ref": "#/definitions/AWS::ApiGateway::Authorizer" }, { "$ref": "#/definitions/AWS::ApiGateway::BasePathMapping" }, { "$ref": "#/definitions/AWS::ApiGateway::ClientCertificate" }, { "$ref": "#/definitions/AWS::ApiGateway::Deployment" }, { "$ref": "#/definitions/AWS::ApiGateway::DocumentationPart" }, { "$ref": "#/definitions/AWS::ApiGateway::DocumentationVersion" }, { "$ref": "#/definitions/AWS::ApiGateway::DomainName" }, { "$ref": "#/definitions/AWS::ApiGateway::GatewayResponse" }, { "$ref": "#/definitions/AWS::ApiGateway::Method" }, { "$ref": "#/definitions/AWS::ApiGateway::Model" }, { "$ref": "#/definitions/AWS::ApiGateway::RequestValidator" }, { "$ref": "#/definitions/AWS::ApiGateway::Resource" }, { "$ref": "#/definitions/AWS::ApiGateway::RestApi" }, { "$ref": "#/definitions/AWS::ApiGateway::Stage" }, { "$ref": "#/definitions/AWS::ApiGateway::UsagePlan" }, { "$ref": "#/definitions/AWS::ApiGateway::UsagePlanKey" }, { "$ref": "#/definitions/AWS::ApiGateway::VpcLink" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Api" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiGatewayManagedOverrides" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::ApiMapping" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Authorizer" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Deployment" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::DomainName" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Integration" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::IntegrationResponse" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Model" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Route" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::RouteResponse" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::Stage" }, { "$ref": "#/definitions/AWS::ApiGatewayV2::VpcLink" }, { "$ref": "#/definitions/AWS::AppConfig::Application" }, { "$ref": "#/definitions/AWS::AppConfig::ConfigurationProfile" }, { "$ref": "#/definitions/AWS::AppConfig::Deployment" }, { "$ref": "#/definitions/AWS::AppConfig::DeploymentStrategy" }, { "$ref": "#/definitions/AWS::AppConfig::Environment" }, { "$ref": "#/definitions/AWS::AppConfig::Extension" }, { "$ref": "#/definitions/AWS::AppConfig::ExtensionAssociation" }, { "$ref": "#/definitions/AWS::AppConfig::HostedConfigurationVersion" }, { "$ref": "#/definitions/AWS::AppFlow::Connector" }, { "$ref": "#/definitions/AWS::AppFlow::ConnectorProfile" }, { "$ref": "#/definitions/AWS::AppFlow::Flow" }, { "$ref": "#/definitions/AWS::AppIntegrations::Application" }, { "$ref": "#/definitions/AWS::AppIntegrations::DataIntegration" }, { "$ref": "#/definitions/AWS::AppIntegrations::EventIntegration" }, { "$ref": "#/definitions/AWS::AppMesh::GatewayRoute" }, { "$ref": "#/definitions/AWS::AppMesh::Mesh" }, { "$ref": "#/definitions/AWS::AppMesh::Route" }, { "$ref": "#/definitions/AWS::AppMesh::VirtualGateway" }, { "$ref": "#/definitions/AWS::AppMesh::VirtualNode" }, { "$ref": "#/definitions/AWS::AppMesh::VirtualRouter" }, { "$ref": "#/definitions/AWS::AppMesh::VirtualService" }, { "$ref": "#/definitions/AWS::AppRunner::AutoScalingConfiguration" }, { "$ref": "#/definitions/AWS::AppRunner::ObservabilityConfiguration" }, { "$ref": "#/definitions/AWS::AppRunner::Service" }, { "$ref": "#/definitions/AWS::AppRunner::VpcConnector" }, { "$ref": "#/definitions/AWS::AppRunner::VpcIngressConnection" }, { "$ref": "#/definitions/AWS::AppStream::AppBlock" }, { "$ref": "#/definitions/AWS::AppStream::AppBlockBuilder" }, { "$ref": "#/definitions/AWS::AppStream::Application" }, { "$ref": "#/definitions/AWS::AppStream::ApplicationEntitlementAssociation" }, { "$ref": "#/definitions/AWS::AppStream::ApplicationFleetAssociation" }, { "$ref": "#/definitions/AWS::AppStream::DirectoryConfig" }, { "$ref": "#/definitions/AWS::AppStream::Entitlement" }, { "$ref": "#/definitions/AWS::AppStream::Fleet" }, { "$ref": "#/definitions/AWS::AppStream::ImageBuilder" }, { "$ref": "#/definitions/AWS::AppStream::Stack" }, { "$ref": "#/definitions/AWS::AppStream::StackFleetAssociation" }, { "$ref": "#/definitions/AWS::AppStream::StackUserAssociation" }, { "$ref": "#/definitions/AWS::AppStream::User" }, { "$ref": "#/definitions/AWS::AppSync::ApiCache" }, { "$ref": "#/definitions/AWS::AppSync::ApiKey" }, { "$ref": "#/definitions/AWS::AppSync::DataSource" }, { "$ref": "#/definitions/AWS::AppSync::DomainName" }, { "$ref": "#/definitions/AWS::AppSync::DomainNameApiAssociation" }, { "$ref": "#/definitions/AWS::AppSync::FunctionConfiguration" }, { "$ref": "#/definitions/AWS::AppSync::GraphQLApi" }, { "$ref": "#/definitions/AWS::AppSync::GraphQLSchema" }, { "$ref": "#/definitions/AWS::AppSync::Resolver" }, { "$ref": "#/definitions/AWS::AppSync::SourceApiAssociation" }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalableTarget" }, { "$ref": "#/definitions/AWS::ApplicationAutoScaling::ScalingPolicy" }, { "$ref": "#/definitions/AWS::ApplicationInsights::Application" }, { "$ref": "#/definitions/AWS::Athena::CapacityReservation" }, { "$ref": "#/definitions/AWS::Athena::DataCatalog" }, { "$ref": "#/definitions/AWS::Athena::NamedQuery" }, { "$ref": "#/definitions/AWS::Athena::PreparedStatement" }, { "$ref": "#/definitions/AWS::Athena::WorkGroup" }, { "$ref": "#/definitions/AWS::AuditManager::Assessment" }, { "$ref": "#/definitions/AWS::AutoScaling::AutoScalingGroup" }, { "$ref": "#/definitions/AWS::AutoScaling::LaunchConfiguration" }, { "$ref": "#/definitions/AWS::AutoScaling::LifecycleHook" }, { "$ref": "#/definitions/AWS::AutoScaling::ScalingPolicy" }, { "$ref": "#/definitions/AWS::AutoScaling::ScheduledAction" }, { "$ref": "#/definitions/AWS::AutoScaling::WarmPool" }, { "$ref": "#/definitions/AWS::AutoScalingPlans::ScalingPlan" }, { "$ref": "#/definitions/AWS::B2BI::Capability" }, { "$ref": "#/definitions/AWS::B2BI::Partnership" }, { "$ref": "#/definitions/AWS::B2BI::Profile" }, { "$ref": "#/definitions/AWS::B2BI::Transformer" }, { "$ref": "#/definitions/AWS::BCMDataExports::Export" }, { "$ref": "#/definitions/AWS::Backup::BackupPlan" }, { "$ref": "#/definitions/AWS::Backup::BackupSelection" }, { "$ref": "#/definitions/AWS::Backup::BackupVault" }, { "$ref": "#/definitions/AWS::Backup::Framework" }, { "$ref": "#/definitions/AWS::Backup::ReportPlan" }, { "$ref": "#/definitions/AWS::Backup::RestoreTestingPlan" }, { "$ref": "#/definitions/AWS::Backup::RestoreTestingSelection" }, { "$ref": "#/definitions/AWS::BackupGateway::Hypervisor" }, { "$ref": "#/definitions/AWS::Batch::ComputeEnvironment" }, { "$ref": "#/definitions/AWS::Batch::JobDefinition" }, { "$ref": "#/definitions/AWS::Batch::JobQueue" }, { "$ref": "#/definitions/AWS::Batch::SchedulingPolicy" }, { "$ref": "#/definitions/AWS::Bedrock::Agent" }, { "$ref": "#/definitions/AWS::Bedrock::AgentAlias" }, { "$ref": "#/definitions/AWS::Bedrock::DataSource" }, { "$ref": "#/definitions/AWS::Bedrock::Guardrail" }, { "$ref": "#/definitions/AWS::Bedrock::KnowledgeBase" }, { "$ref": "#/definitions/AWS::BillingConductor::BillingGroup" }, { "$ref": "#/definitions/AWS::BillingConductor::CustomLineItem" }, { "$ref": "#/definitions/AWS::BillingConductor::PricingPlan" }, { "$ref": "#/definitions/AWS::BillingConductor::PricingRule" }, { "$ref": "#/definitions/AWS::Budgets::Budget" }, { "$ref": "#/definitions/AWS::Budgets::BudgetsAction" }, { "$ref": "#/definitions/AWS::CE::AnomalyMonitor" }, { "$ref": "#/definitions/AWS::CE::AnomalySubscription" }, { "$ref": "#/definitions/AWS::CE::CostCategory" }, { "$ref": "#/definitions/AWS::CUR::ReportDefinition" }, { "$ref": "#/definitions/AWS::Cassandra::Keyspace" }, { "$ref": "#/definitions/AWS::Cassandra::Table" }, { "$ref": "#/definitions/AWS::CertificateManager::Account" }, { "$ref": "#/definitions/AWS::CertificateManager::Certificate" }, { "$ref": "#/definitions/AWS::Chatbot::MicrosoftTeamsChannelConfiguration" }, { "$ref": "#/definitions/AWS::Chatbot::SlackChannelConfiguration" }, { "$ref": "#/definitions/AWS::CleanRooms::AnalysisTemplate" }, { "$ref": "#/definitions/AWS::CleanRooms::Collaboration" }, { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTable" }, { "$ref": "#/definitions/AWS::CleanRooms::ConfiguredTableAssociation" }, { "$ref": "#/definitions/AWS::CleanRooms::Membership" }, { "$ref": "#/definitions/AWS::CleanRooms::PrivacyBudgetTemplate" }, { "$ref": "#/definitions/AWS::CleanRoomsML::TrainingDataset" }, { "$ref": "#/definitions/AWS::Cloud9::EnvironmentEC2" }, { "$ref": "#/definitions/AWS::CloudFormation::CustomResource" }, { "$ref": "#/definitions/AWS::CloudFormation::HookDefaultVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::HookTypeConfig" }, { "$ref": "#/definitions/AWS::CloudFormation::HookVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::Macro" }, { "$ref": "#/definitions/AWS::CloudFormation::ModuleDefaultVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::ModuleVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::PublicTypeVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::Publisher" }, { "$ref": "#/definitions/AWS::CloudFormation::ResourceDefaultVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::ResourceVersion" }, { "$ref": "#/definitions/AWS::CloudFormation::Stack" }, { "$ref": "#/definitions/AWS::CloudFormation::StackSet" }, { "$ref": "#/definitions/AWS::CloudFormation::TypeActivation" }, { "$ref": "#/definitions/AWS::CloudFormation::WaitCondition" }, { "$ref": "#/definitions/AWS::CloudFormation::WaitConditionHandle" }, { "$ref": "#/definitions/AWS::CloudFront::CachePolicy" }, { "$ref": "#/definitions/AWS::CloudFront::CloudFrontOriginAccessIdentity" }, { "$ref": "#/definitions/AWS::CloudFront::ContinuousDeploymentPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::Distribution" }, { "$ref": "#/definitions/AWS::CloudFront::Function" }, { "$ref": "#/definitions/AWS::CloudFront::KeyGroup" }, { "$ref": "#/definitions/AWS::CloudFront::KeyValueStore" }, { "$ref": "#/definitions/AWS::CloudFront::MonitoringSubscription" }, { "$ref": "#/definitions/AWS::CloudFront::OriginAccessControl" }, { "$ref": "#/definitions/AWS::CloudFront::OriginRequestPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::PublicKey" }, { "$ref": "#/definitions/AWS::CloudFront::RealtimeLogConfig" }, { "$ref": "#/definitions/AWS::CloudFront::ResponseHeadersPolicy" }, { "$ref": "#/definitions/AWS::CloudFront::StreamingDistribution" }, { "$ref": "#/definitions/AWS::CloudTrail::Channel" }, { "$ref": "#/definitions/AWS::CloudTrail::EventDataStore" }, { "$ref": "#/definitions/AWS::CloudTrail::ResourcePolicy" }, { "$ref": "#/definitions/AWS::CloudTrail::Trail" }, { "$ref": "#/definitions/AWS::CloudWatch::Alarm" }, { "$ref": "#/definitions/AWS::CloudWatch::AnomalyDetector" }, { "$ref": "#/definitions/AWS::CloudWatch::CompositeAlarm" }, { "$ref": "#/definitions/AWS::CloudWatch::Dashboard" }, { "$ref": "#/definitions/AWS::CloudWatch::InsightRule" }, { "$ref": "#/definitions/AWS::CloudWatch::MetricStream" }, { "$ref": "#/definitions/AWS::CodeArtifact::Domain" }, { "$ref": "#/definitions/AWS::CodeArtifact::PackageGroup" }, { "$ref": "#/definitions/AWS::CodeArtifact::Repository" }, { "$ref": "#/definitions/AWS::CodeBuild::Fleet" }, { "$ref": "#/definitions/AWS::CodeBuild::Project" }, { "$ref": "#/definitions/AWS::CodeBuild::ReportGroup" }, { "$ref": "#/definitions/AWS::CodeBuild::SourceCredential" }, { "$ref": "#/definitions/AWS::CodeCommit::Repository" }, { "$ref": "#/definitions/AWS::CodeConnections::Connection" }, { "$ref": "#/definitions/AWS::CodeDeploy::Application" }, { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentConfig" }, { "$ref": "#/definitions/AWS::CodeDeploy::DeploymentGroup" }, { "$ref": "#/definitions/AWS::CodeGuruProfiler::ProfilingGroup" }, { "$ref": "#/definitions/AWS::CodeGuruReviewer::RepositoryAssociation" }, { "$ref": "#/definitions/AWS::CodePipeline::CustomActionType" }, { "$ref": "#/definitions/AWS::CodePipeline::Pipeline" }, { "$ref": "#/definitions/AWS::CodePipeline::Webhook" }, { "$ref": "#/definitions/AWS::CodeStar::GitHubRepository" }, { "$ref": "#/definitions/AWS::CodeStarConnections::Connection" }, { "$ref": "#/definitions/AWS::CodeStarConnections::RepositoryLink" }, { "$ref": "#/definitions/AWS::CodeStarConnections::SyncConfiguration" }, { "$ref": "#/definitions/AWS::CodeStarNotifications::NotificationRule" }, { "$ref": "#/definitions/AWS::Cognito::IdentityPool" }, { "$ref": "#/definitions/AWS::Cognito::IdentityPoolPrincipalTag" }, { "$ref": "#/definitions/AWS::Cognito::IdentityPoolRoleAttachment" }, { "$ref": "#/definitions/AWS::Cognito::LogDeliveryConfiguration" }, { "$ref": "#/definitions/AWS::Cognito::UserPool" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolClient" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolDomain" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolGroup" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolIdentityProvider" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolResourceServer" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolRiskConfigurationAttachment" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolUICustomizationAttachment" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolUser" }, { "$ref": "#/definitions/AWS::Cognito::UserPoolUserToGroupAttachment" }, { "$ref": "#/definitions/AWS::Comprehend::DocumentClassifier" }, { "$ref": "#/definitions/AWS::Comprehend::Flywheel" }, { "$ref": "#/definitions/AWS::Config::AggregationAuthorization" }, { "$ref": "#/definitions/AWS::Config::ConfigRule" }, { "$ref": "#/definitions/AWS::Config::ConfigurationAggregator" }, { "$ref": "#/definitions/AWS::Config::ConfigurationRecorder" }, { "$ref": "#/definitions/AWS::Config::ConformancePack" }, { "$ref": "#/definitions/AWS::Config::DeliveryChannel" }, { "$ref": "#/definitions/AWS::Config::OrganizationConfigRule" }, { "$ref": "#/definitions/AWS::Config::OrganizationConformancePack" }, { "$ref": "#/definitions/AWS::Config::RemediationConfiguration" }, { "$ref": "#/definitions/AWS::Config::StoredQuery" }, { "$ref": "#/definitions/AWS::Connect::ApprovedOrigin" }, { "$ref": "#/definitions/AWS::Connect::ContactFlow" }, { "$ref": "#/definitions/AWS::Connect::ContactFlowModule" }, { "$ref": "#/definitions/AWS::Connect::EvaluationForm" }, { "$ref": "#/definitions/AWS::Connect::HoursOfOperation" }, { "$ref": "#/definitions/AWS::Connect::Instance" }, { "$ref": "#/definitions/AWS::Connect::InstanceStorageConfig" }, { "$ref": "#/definitions/AWS::Connect::IntegrationAssociation" }, { "$ref": "#/definitions/AWS::Connect::PhoneNumber" }, { "$ref": "#/definitions/AWS::Connect::PredefinedAttribute" }, { "$ref": "#/definitions/AWS::Connect::Prompt" }, { "$ref": "#/definitions/AWS::Connect::Queue" }, { "$ref": "#/definitions/AWS::Connect::QuickConnect" }, { "$ref": "#/definitions/AWS::Connect::RoutingProfile" }, { "$ref": "#/definitions/AWS::Connect::Rule" }, { "$ref": "#/definitions/AWS::Connect::SecurityKey" }, { "$ref": "#/definitions/AWS::Connect::SecurityProfile" }, { "$ref": "#/definitions/AWS::Connect::TaskTemplate" }, { "$ref": "#/definitions/AWS::Connect::TrafficDistributionGroup" }, { "$ref": "#/definitions/AWS::Connect::User" }, { "$ref": "#/definitions/AWS::Connect::UserHierarchyGroup" }, { "$ref": "#/definitions/AWS::Connect::View" }, { "$ref": "#/definitions/AWS::Connect::ViewVersion" }, { "$ref": "#/definitions/AWS::ConnectCampaigns::Campaign" }, { "$ref": "#/definitions/AWS::ControlTower::EnabledBaseline" }, { "$ref": "#/definitions/AWS::ControlTower::EnabledControl" }, { "$ref": "#/definitions/AWS::ControlTower::LandingZone" }, { "$ref": "#/definitions/AWS::CustomerProfiles::CalculatedAttributeDefinition" }, { "$ref": "#/definitions/AWS::CustomerProfiles::Domain" }, { "$ref": "#/definitions/AWS::CustomerProfiles::EventStream" }, { "$ref": "#/definitions/AWS::CustomerProfiles::Integration" }, { "$ref": "#/definitions/AWS::CustomerProfiles::ObjectType" }, { "$ref": "#/definitions/AWS::DAX::Cluster" }, { "$ref": "#/definitions/AWS::DAX::ParameterGroup" }, { "$ref": "#/definitions/AWS::DAX::SubnetGroup" }, { "$ref": "#/definitions/AWS::DLM::LifecyclePolicy" }, { "$ref": "#/definitions/AWS::DMS::Certificate" }, { "$ref": "#/definitions/AWS::DMS::DataProvider" }, { "$ref": "#/definitions/AWS::DMS::Endpoint" }, { "$ref": "#/definitions/AWS::DMS::EventSubscription" }, { "$ref": "#/definitions/AWS::DMS::InstanceProfile" }, { "$ref": "#/definitions/AWS::DMS::MigrationProject" }, { "$ref": "#/definitions/AWS::DMS::ReplicationConfig" }, { "$ref": "#/definitions/AWS::DMS::ReplicationInstance" }, { "$ref": "#/definitions/AWS::DMS::ReplicationSubnetGroup" }, { "$ref": "#/definitions/AWS::DMS::ReplicationTask" }, { "$ref": "#/definitions/AWS::DataBrew::Dataset" }, { "$ref": "#/definitions/AWS::DataBrew::Job" }, { "$ref": "#/definitions/AWS::DataBrew::Project" }, { "$ref": "#/definitions/AWS::DataBrew::Recipe" }, { "$ref": "#/definitions/AWS::DataBrew::Ruleset" }, { "$ref": "#/definitions/AWS::DataBrew::Schedule" }, { "$ref": "#/definitions/AWS::DataPipeline::Pipeline" }, { "$ref": "#/definitions/AWS::DataSync::Agent" }, { "$ref": "#/definitions/AWS::DataSync::LocationAzureBlob" }, { "$ref": "#/definitions/AWS::DataSync::LocationEFS" }, { "$ref": "#/definitions/AWS::DataSync::LocationFSxLustre" }, { "$ref": "#/definitions/AWS::DataSync::LocationFSxONTAP" }, { "$ref": "#/definitions/AWS::DataSync::LocationFSxOpenZFS" }, { "$ref": "#/definitions/AWS::DataSync::LocationFSxWindows" }, { "$ref": "#/definitions/AWS::DataSync::LocationHDFS" }, { "$ref": "#/definitions/AWS::DataSync::LocationNFS" }, { "$ref": "#/definitions/AWS::DataSync::LocationObjectStorage" }, { "$ref": "#/definitions/AWS::DataSync::LocationS3" }, { "$ref": "#/definitions/AWS::DataSync::LocationSMB" }, { "$ref": "#/definitions/AWS::DataSync::StorageSystem" }, { "$ref": "#/definitions/AWS::DataSync::Task" }, { "$ref": "#/definitions/AWS::DataZone::DataSource" }, { "$ref": "#/definitions/AWS::DataZone::Domain" }, { "$ref": "#/definitions/AWS::DataZone::Environment" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentBlueprintConfiguration" }, { "$ref": "#/definitions/AWS::DataZone::EnvironmentProfile" }, { "$ref": "#/definitions/AWS::DataZone::Project" }, { "$ref": "#/definitions/AWS::DataZone::SubscriptionTarget" }, { "$ref": "#/definitions/AWS::Deadline::Farm" }, { "$ref": "#/definitions/AWS::Deadline::Fleet" }, { "$ref": "#/definitions/AWS::Deadline::LicenseEndpoint" }, { "$ref": "#/definitions/AWS::Deadline::MeteredProduct" }, { "$ref": "#/definitions/AWS::Deadline::Queue" }, { "$ref": "#/definitions/AWS::Deadline::QueueEnvironment" }, { "$ref": "#/definitions/AWS::Deadline::QueueFleetAssociation" }, { "$ref": "#/definitions/AWS::Deadline::StorageProfile" }, { "$ref": "#/definitions/AWS::Detective::Graph" }, { "$ref": "#/definitions/AWS::Detective::MemberInvitation" }, { "$ref": "#/definitions/AWS::Detective::OrganizationAdmin" }, { "$ref": "#/definitions/AWS::DevOpsGuru::LogAnomalyDetectionIntegration" }, { "$ref": "#/definitions/AWS::DevOpsGuru::NotificationChannel" }, { "$ref": "#/definitions/AWS::DevOpsGuru::ResourceCollection" }, { "$ref": "#/definitions/AWS::DirectoryService::MicrosoftAD" }, { "$ref": "#/definitions/AWS::DirectoryService::SimpleAD" }, { "$ref": "#/definitions/AWS::DocDB::DBCluster" }, { "$ref": "#/definitions/AWS::DocDB::DBClusterParameterGroup" }, { "$ref": "#/definitions/AWS::DocDB::DBInstance" }, { "$ref": "#/definitions/AWS::DocDB::DBSubnetGroup" }, { "$ref": "#/definitions/AWS::DocDB::EventSubscription" }, { "$ref": "#/definitions/AWS::DocDBElastic::Cluster" }, { "$ref": "#/definitions/AWS::DynamoDB::GlobalTable" }, { "$ref": "#/definitions/AWS::DynamoDB::Table" }, { "$ref": "#/definitions/AWS::EC2::CapacityReservation" }, { "$ref": "#/definitions/AWS::EC2::CapacityReservationFleet" }, { "$ref": "#/definitions/AWS::EC2::CarrierGateway" }, { "$ref": "#/definitions/AWS::EC2::ClientVpnAuthorizationRule" }, { "$ref": "#/definitions/AWS::EC2::ClientVpnEndpoint" }, { "$ref": "#/definitions/AWS::EC2::ClientVpnRoute" }, { "$ref": "#/definitions/AWS::EC2::ClientVpnTargetNetworkAssociation" }, { "$ref": "#/definitions/AWS::EC2::CustomerGateway" }, { "$ref": "#/definitions/AWS::EC2::DHCPOptions" }, { "$ref": "#/definitions/AWS::EC2::EC2Fleet" }, { "$ref": "#/definitions/AWS::EC2::EIP" }, { "$ref": "#/definitions/AWS::EC2::EIPAssociation" }, { "$ref": "#/definitions/AWS::EC2::EgressOnlyInternetGateway" }, { "$ref": "#/definitions/AWS::EC2::EnclaveCertificateIamRoleAssociation" }, { "$ref": "#/definitions/AWS::EC2::FlowLog" }, { "$ref": "#/definitions/AWS::EC2::GatewayRouteTableAssociation" }, { "$ref": "#/definitions/AWS::EC2::Host" }, { "$ref": "#/definitions/AWS::EC2::IPAM" }, { "$ref": "#/definitions/AWS::EC2::IPAMAllocation" }, { "$ref": "#/definitions/AWS::EC2::IPAMPool" }, { "$ref": "#/definitions/AWS::EC2::IPAMPoolCidr" }, { "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscovery" }, { "$ref": "#/definitions/AWS::EC2::IPAMResourceDiscoveryAssociation" }, { "$ref": "#/definitions/AWS::EC2::IPAMScope" }, { "$ref": "#/definitions/AWS::EC2::Instance" }, { "$ref": "#/definitions/AWS::EC2::InstanceConnectEndpoint" }, { "$ref": "#/definitions/AWS::EC2::InternetGateway" }, { "$ref": "#/definitions/AWS::EC2::KeyPair" }, { "$ref": "#/definitions/AWS::EC2::LaunchTemplate" }, { "$ref": "#/definitions/AWS::EC2::LocalGatewayRoute" }, { "$ref": "#/definitions/AWS::EC2::LocalGatewayRouteTable" }, { "$ref": "#/definitions/AWS::EC2::LocalGatewayRouteTableVPCAssociation" }, { "$ref": "#/definitions/AWS::EC2::LocalGatewayRouteTableVirtualInterfaceGroupAssociation" }, { "$ref": "#/definitions/AWS::EC2::NatGateway" }, { "$ref": "#/definitions/AWS::EC2::NetworkAcl" }, { "$ref": "#/definitions/AWS::EC2::NetworkAclEntry" }, { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScope" }, { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAccessScopeAnalysis" }, { "$ref": "#/definitions/AWS::EC2::NetworkInsightsAnalysis" }, { "$ref": "#/definitions/AWS::EC2::NetworkInsightsPath" }, { "$ref": "#/definitions/AWS::EC2::NetworkInterface" }, { "$ref": "#/definitions/AWS::EC2::NetworkInterfaceAttachment" }, { "$ref": "#/definitions/AWS::EC2::NetworkInterfacePermission" }, { "$ref": "#/definitions/AWS::EC2::NetworkPerformanceMetricSubscription" }, { "$ref": "#/definitions/AWS::EC2::PlacementGroup" }, { "$ref": "#/definitions/AWS::EC2::PrefixList" }, { "$ref": "#/definitions/AWS::EC2::Route" }, { "$ref": "#/definitions/AWS::EC2::RouteTable" }, { "$ref": "#/definitions/AWS::EC2::SecurityGroup" }, { "$ref": "#/definitions/AWS::EC2::SecurityGroupEgress" }, { "$ref": "#/definitions/AWS::EC2::SecurityGroupIngress" }, { "$ref": "#/definitions/AWS::EC2::SnapshotBlockPublicAccess" }, { "$ref": "#/definitions/AWS::EC2::SpotFleet" }, { "$ref": "#/definitions/AWS::EC2::Subnet" }, { "$ref": "#/definitions/AWS::EC2::SubnetCidrBlock" }, { "$ref": "#/definitions/AWS::EC2::SubnetNetworkAclAssociation" }, { "$ref": "#/definitions/AWS::EC2::SubnetRouteTableAssociation" }, { "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilter" }, { "$ref": "#/definitions/AWS::EC2::TrafficMirrorFilterRule" }, { "$ref": "#/definitions/AWS::EC2::TrafficMirrorSession" }, { "$ref": "#/definitions/AWS::EC2::TrafficMirrorTarget" }, { "$ref": "#/definitions/AWS::EC2::TransitGateway" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayAttachment" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayConnect" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomain" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastDomainAssociation" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastGroupMember" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayMulticastGroupSource" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayPeeringAttachment" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayRoute" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayRouteTable" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayRouteTableAssociation" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayRouteTablePropagation" }, { "$ref": "#/definitions/AWS::EC2::TransitGatewayVpcAttachment" }, { "$ref": "#/definitions/AWS::EC2::VPC" }, { "$ref": "#/definitions/AWS::EC2::VPCCidrBlock" }, { "$ref": "#/definitions/AWS::EC2::VPCDHCPOptionsAssociation" }, { "$ref": "#/definitions/AWS::EC2::VPCEndpoint" }, { "$ref": "#/definitions/AWS::EC2::VPCEndpointConnectionNotification" }, { "$ref": "#/definitions/AWS::EC2::VPCEndpointService" }, { "$ref": "#/definitions/AWS::EC2::VPCEndpointServicePermissions" }, { "$ref": "#/definitions/AWS::EC2::VPCGatewayAttachment" }, { "$ref": "#/definitions/AWS::EC2::VPCPeeringConnection" }, { "$ref": "#/definitions/AWS::EC2::VPNConnection" }, { "$ref": "#/definitions/AWS::EC2::VPNConnectionRoute" }, { "$ref": "#/definitions/AWS::EC2::VPNGateway" }, { "$ref": "#/definitions/AWS::EC2::VPNGatewayRoutePropagation" }, { "$ref": "#/definitions/AWS::EC2::VerifiedAccessEndpoint" }, { "$ref": "#/definitions/AWS::EC2::VerifiedAccessGroup" }, { "$ref": "#/definitions/AWS::EC2::VerifiedAccessInstance" }, { "$ref": "#/definitions/AWS::EC2::VerifiedAccessTrustProvider" }, { "$ref": "#/definitions/AWS::EC2::Volume" }, { "$ref": "#/definitions/AWS::EC2::VolumeAttachment" }, { "$ref": "#/definitions/AWS::ECR::PublicRepository" }, { "$ref": "#/definitions/AWS::ECR::PullThroughCacheRule" }, { "$ref": "#/definitions/AWS::ECR::RegistryPolicy" }, { "$ref": "#/definitions/AWS::ECR::ReplicationConfiguration" }, { "$ref": "#/definitions/AWS::ECR::Repository" }, { "$ref": "#/definitions/AWS::ECR::RepositoryCreationTemplate" }, { "$ref": "#/definitions/AWS::ECS::CapacityProvider" }, { "$ref": "#/definitions/AWS::ECS::Cluster" }, { "$ref": "#/definitions/AWS::ECS::ClusterCapacityProviderAssociations" }, { "$ref": "#/definitions/AWS::ECS::PrimaryTaskSet" }, { "$ref": "#/definitions/AWS::ECS::Service" }, { "$ref": "#/definitions/AWS::ECS::TaskDefinition" }, { "$ref": "#/definitions/AWS::ECS::TaskSet" }, { "$ref": "#/definitions/AWS::EFS::AccessPoint" }, { "$ref": "#/definitions/AWS::EFS::FileSystem" }, { "$ref": "#/definitions/AWS::EFS::MountTarget" }, { "$ref": "#/definitions/AWS::EKS::AccessEntry" }, { "$ref": "#/definitions/AWS::EKS::Addon" }, { "$ref": "#/definitions/AWS::EKS::Cluster" }, { "$ref": "#/definitions/AWS::EKS::FargateProfile" }, { "$ref": "#/definitions/AWS::EKS::IdentityProviderConfig" }, { "$ref": "#/definitions/AWS::EKS::Nodegroup" }, { "$ref": "#/definitions/AWS::EKS::PodIdentityAssociation" }, { "$ref": "#/definitions/AWS::EMR::Cluster" }, { "$ref": "#/definitions/AWS::EMR::InstanceFleetConfig" }, { "$ref": "#/definitions/AWS::EMR::InstanceGroupConfig" }, { "$ref": "#/definitions/AWS::EMR::SecurityConfiguration" }, { "$ref": "#/definitions/AWS::EMR::Step" }, { "$ref": "#/definitions/AWS::EMR::Studio" }, { "$ref": "#/definitions/AWS::EMR::StudioSessionMapping" }, { "$ref": "#/definitions/AWS::EMR::WALWorkspace" }, { "$ref": "#/definitions/AWS::EMRContainers::VirtualCluster" }, { "$ref": "#/definitions/AWS::EMRServerless::Application" }, { "$ref": "#/definitions/AWS::ElastiCache::CacheCluster" }, { "$ref": "#/definitions/AWS::ElastiCache::GlobalReplicationGroup" }, { "$ref": "#/definitions/AWS::ElastiCache::ParameterGroup" }, { "$ref": "#/definitions/AWS::ElastiCache::ReplicationGroup" }, { "$ref": "#/definitions/AWS::ElastiCache::SecurityGroup" }, { "$ref": "#/definitions/AWS::ElastiCache::SecurityGroupIngress" }, { "$ref": "#/definitions/AWS::ElastiCache::ServerlessCache" }, { "$ref": "#/definitions/AWS::ElastiCache::SubnetGroup" }, { "$ref": "#/definitions/AWS::ElastiCache::User" }, { "$ref": "#/definitions/AWS::ElastiCache::UserGroup" }, { "$ref": "#/definitions/AWS::ElasticBeanstalk::Application" }, { "$ref": "#/definitions/AWS::ElasticBeanstalk::ApplicationVersion" }, { "$ref": "#/definitions/AWS::ElasticBeanstalk::ConfigurationTemplate" }, { "$ref": "#/definitions/AWS::ElasticBeanstalk::Environment" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancing::LoadBalancer" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::Listener" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerCertificate" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::ListenerRule" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::LoadBalancer" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TargetGroup" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStore" }, { "$ref": "#/definitions/AWS::ElasticLoadBalancingV2::TrustStoreRevocation" }, { "$ref": "#/definitions/AWS::Elasticsearch::Domain" }, { "$ref": "#/definitions/AWS::EntityResolution::IdMappingWorkflow" }, { "$ref": "#/definitions/AWS::EntityResolution::IdNamespace" }, { "$ref": "#/definitions/AWS::EntityResolution::MatchingWorkflow" }, { "$ref": "#/definitions/AWS::EntityResolution::PolicyStatement" }, { "$ref": "#/definitions/AWS::EntityResolution::SchemaMapping" }, { "$ref": "#/definitions/AWS::EventSchemas::Discoverer" }, { "$ref": "#/definitions/AWS::EventSchemas::Registry" }, { "$ref": "#/definitions/AWS::EventSchemas::RegistryPolicy" }, { "$ref": "#/definitions/AWS::EventSchemas::Schema" }, { "$ref": "#/definitions/AWS::Events::ApiDestination" }, { "$ref": "#/definitions/AWS::Events::Archive" }, { "$ref": "#/definitions/AWS::Events::Connection" }, { "$ref": "#/definitions/AWS::Events::Endpoint" }, { "$ref": "#/definitions/AWS::Events::EventBus" }, { "$ref": "#/definitions/AWS::Events::EventBusPolicy" }, { "$ref": "#/definitions/AWS::Events::Rule" }, { "$ref": "#/definitions/AWS::Evidently::Experiment" }, { "$ref": "#/definitions/AWS::Evidently::Feature" }, { "$ref": "#/definitions/AWS::Evidently::Launch" }, { "$ref": "#/definitions/AWS::Evidently::Project" }, { "$ref": "#/definitions/AWS::Evidently::Segment" }, { "$ref": "#/definitions/AWS::FIS::ExperimentTemplate" }, { "$ref": "#/definitions/AWS::FIS::TargetAccountConfiguration" }, { "$ref": "#/definitions/AWS::FMS::NotificationChannel" }, { "$ref": "#/definitions/AWS::FMS::Policy" }, { "$ref": "#/definitions/AWS::FMS::ResourceSet" }, { "$ref": "#/definitions/AWS::FSx::DataRepositoryAssociation" }, { "$ref": "#/definitions/AWS::FSx::FileSystem" }, { "$ref": "#/definitions/AWS::FSx::Snapshot" }, { "$ref": "#/definitions/AWS::FSx::StorageVirtualMachine" }, { "$ref": "#/definitions/AWS::FSx::Volume" }, { "$ref": "#/definitions/AWS::FinSpace::Environment" }, { "$ref": "#/definitions/AWS::Forecast::Dataset" }, { "$ref": "#/definitions/AWS::Forecast::DatasetGroup" }, { "$ref": "#/definitions/AWS::FraudDetector::Detector" }, { "$ref": "#/definitions/AWS::FraudDetector::EntityType" }, { "$ref": "#/definitions/AWS::FraudDetector::EventType" }, { "$ref": "#/definitions/AWS::FraudDetector::Label" }, { "$ref": "#/definitions/AWS::FraudDetector::List" }, { "$ref": "#/definitions/AWS::FraudDetector::Outcome" }, { "$ref": "#/definitions/AWS::FraudDetector::Variable" }, { "$ref": "#/definitions/AWS::GameLift::Alias" }, { "$ref": "#/definitions/AWS::GameLift::Build" }, { "$ref": "#/definitions/AWS::GameLift::ContainerGroupDefinition" }, { "$ref": "#/definitions/AWS::GameLift::Fleet" }, { "$ref": "#/definitions/AWS::GameLift::GameServerGroup" }, { "$ref": "#/definitions/AWS::GameLift::GameSessionQueue" }, { "$ref": "#/definitions/AWS::GameLift::Location" }, { "$ref": "#/definitions/AWS::GameLift::MatchmakingConfiguration" }, { "$ref": "#/definitions/AWS::GameLift::MatchmakingRuleSet" }, { "$ref": "#/definitions/AWS::GameLift::Script" }, { "$ref": "#/definitions/AWS::GlobalAccelerator::Accelerator" }, { "$ref": "#/definitions/AWS::GlobalAccelerator::CrossAccountAttachment" }, { "$ref": "#/definitions/AWS::GlobalAccelerator::EndpointGroup" }, { "$ref": "#/definitions/AWS::GlobalAccelerator::Listener" }, { "$ref": "#/definitions/AWS::Glue::Classifier" }, { "$ref": "#/definitions/AWS::Glue::Connection" }, { "$ref": "#/definitions/AWS::Glue::Crawler" }, { "$ref": "#/definitions/AWS::Glue::CustomEntityType" }, { "$ref": "#/definitions/AWS::Glue::DataCatalogEncryptionSettings" }, { "$ref": "#/definitions/AWS::Glue::DataQualityRuleset" }, { "$ref": "#/definitions/AWS::Glue::Database" }, { "$ref": "#/definitions/AWS::Glue::DevEndpoint" }, { "$ref": "#/definitions/AWS::Glue::Job" }, { "$ref": "#/definitions/AWS::Glue::MLTransform" }, { "$ref": "#/definitions/AWS::Glue::Partition" }, { "$ref": "#/definitions/AWS::Glue::Registry" }, { "$ref": "#/definitions/AWS::Glue::Schema" }, { "$ref": "#/definitions/AWS::Glue::SchemaVersion" }, { "$ref": "#/definitions/AWS::Glue::SchemaVersionMetadata" }, { "$ref": "#/definitions/AWS::Glue::SecurityConfiguration" }, { "$ref": "#/definitions/AWS::Glue::Table" }, { "$ref": "#/definitions/AWS::Glue::TableOptimizer" }, { "$ref": "#/definitions/AWS::Glue::Trigger" }, { "$ref": "#/definitions/AWS::Glue::Workflow" }, { "$ref": "#/definitions/AWS::Grafana::Workspace" }, { "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::ConnectorDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::CoreDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::CoreDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::DeviceDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::DeviceDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::FunctionDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::Group" }, { "$ref": "#/definitions/AWS::Greengrass::GroupVersion" }, { "$ref": "#/definitions/AWS::Greengrass::LoggerDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::LoggerDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::ResourceDefinitionVersion" }, { "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinition" }, { "$ref": "#/definitions/AWS::Greengrass::SubscriptionDefinitionVersion" }, { "$ref": "#/definitions/AWS::GreengrassV2::ComponentVersion" }, { "$ref": "#/definitions/AWS::GreengrassV2::Deployment" }, { "$ref": "#/definitions/AWS::GroundStation::Config" }, { "$ref": "#/definitions/AWS::GroundStation::DataflowEndpointGroup" }, { "$ref": "#/definitions/AWS::GroundStation::MissionProfile" }, { "$ref": "#/definitions/AWS::GuardDuty::Detector" }, { "$ref": "#/definitions/AWS::GuardDuty::Filter" }, { "$ref": "#/definitions/AWS::GuardDuty::IPSet" }, { "$ref": "#/definitions/AWS::GuardDuty::Master" }, { "$ref": "#/definitions/AWS::GuardDuty::Member" }, { "$ref": "#/definitions/AWS::GuardDuty::ThreatIntelSet" }, { "$ref": "#/definitions/AWS::HealthImaging::Datastore" }, { "$ref": "#/definitions/AWS::HealthLake::FHIRDatastore" }, { "$ref": "#/definitions/AWS::IAM::AccessKey" }, { "$ref": "#/definitions/AWS::IAM::Group" }, { "$ref": "#/definitions/AWS::IAM::GroupPolicy" }, { "$ref": "#/definitions/AWS::IAM::InstanceProfile" }, { "$ref": "#/definitions/AWS::IAM::ManagedPolicy" }, { "$ref": "#/definitions/AWS::IAM::OIDCProvider" }, { "$ref": "#/definitions/AWS::IAM::Policy" }, { "$ref": "#/definitions/AWS::IAM::Role" }, { "$ref": "#/definitions/AWS::IAM::RolePolicy" }, { "$ref": "#/definitions/AWS::IAM::SAMLProvider" }, { "$ref": "#/definitions/AWS::IAM::ServerCertificate" }, { "$ref": "#/definitions/AWS::IAM::ServiceLinkedRole" }, { "$ref": "#/definitions/AWS::IAM::User" }, { "$ref": "#/definitions/AWS::IAM::UserPolicy" }, { "$ref": "#/definitions/AWS::IAM::UserToGroupAddition" }, { "$ref": "#/definitions/AWS::IAM::VirtualMFADevice" }, { "$ref": "#/definitions/AWS::IVS::Channel" }, { "$ref": "#/definitions/AWS::IVS::EncoderConfiguration" }, { "$ref": "#/definitions/AWS::IVS::PlaybackKeyPair" }, { "$ref": "#/definitions/AWS::IVS::PlaybackRestrictionPolicy" }, { "$ref": "#/definitions/AWS::IVS::RecordingConfiguration" }, { "$ref": "#/definitions/AWS::IVS::Stage" }, { "$ref": "#/definitions/AWS::IVS::StorageConfiguration" }, { "$ref": "#/definitions/AWS::IVS::StreamKey" }, { "$ref": "#/definitions/AWS::IVSChat::LoggingConfiguration" }, { "$ref": "#/definitions/AWS::IVSChat::Room" }, { "$ref": "#/definitions/AWS::IdentityStore::Group" }, { "$ref": "#/definitions/AWS::IdentityStore::GroupMembership" }, { "$ref": "#/definitions/AWS::ImageBuilder::Component" }, { "$ref": "#/definitions/AWS::ImageBuilder::ContainerRecipe" }, { "$ref": "#/definitions/AWS::ImageBuilder::DistributionConfiguration" }, { "$ref": "#/definitions/AWS::ImageBuilder::Image" }, { "$ref": "#/definitions/AWS::ImageBuilder::ImagePipeline" }, { "$ref": "#/definitions/AWS::ImageBuilder::ImageRecipe" }, { "$ref": "#/definitions/AWS::ImageBuilder::InfrastructureConfiguration" }, { "$ref": "#/definitions/AWS::ImageBuilder::LifecyclePolicy" }, { "$ref": "#/definitions/AWS::ImageBuilder::Workflow" }, { "$ref": "#/definitions/AWS::Inspector::AssessmentTarget" }, { "$ref": "#/definitions/AWS::Inspector::AssessmentTemplate" }, { "$ref": "#/definitions/AWS::Inspector::ResourceGroup" }, { "$ref": "#/definitions/AWS::InspectorV2::CisScanConfiguration" }, { "$ref": "#/definitions/AWS::InspectorV2::Filter" }, { "$ref": "#/definitions/AWS::InternetMonitor::Monitor" }, { "$ref": "#/definitions/AWS::IoT1Click::Device" }, { "$ref": "#/definitions/AWS::IoT1Click::Placement" }, { "$ref": "#/definitions/AWS::IoT1Click::Project" }, { "$ref": "#/definitions/AWS::IoT::AccountAuditConfiguration" }, { "$ref": "#/definitions/AWS::IoT::Authorizer" }, { "$ref": "#/definitions/AWS::IoT::BillingGroup" }, { "$ref": "#/definitions/AWS::IoT::CACertificate" }, { "$ref": "#/definitions/AWS::IoT::Certificate" }, { "$ref": "#/definitions/AWS::IoT::CertificateProvider" }, { "$ref": "#/definitions/AWS::IoT::CustomMetric" }, { "$ref": "#/definitions/AWS::IoT::Dimension" }, { "$ref": "#/definitions/AWS::IoT::DomainConfiguration" }, { "$ref": "#/definitions/AWS::IoT::FleetMetric" }, { "$ref": "#/definitions/AWS::IoT::JobTemplate" }, { "$ref": "#/definitions/AWS::IoT::Logging" }, { "$ref": "#/definitions/AWS::IoT::MitigationAction" }, { "$ref": "#/definitions/AWS::IoT::Policy" }, { "$ref": "#/definitions/AWS::IoT::PolicyPrincipalAttachment" }, { "$ref": "#/definitions/AWS::IoT::ProvisioningTemplate" }, { "$ref": "#/definitions/AWS::IoT::ResourceSpecificLogging" }, { "$ref": "#/definitions/AWS::IoT::RoleAlias" }, { "$ref": "#/definitions/AWS::IoT::ScheduledAudit" }, { "$ref": "#/definitions/AWS::IoT::SecurityProfile" }, { "$ref": "#/definitions/AWS::IoT::SoftwarePackage" }, { "$ref": "#/definitions/AWS::IoT::SoftwarePackageVersion" }, { "$ref": "#/definitions/AWS::IoT::Thing" }, { "$ref": "#/definitions/AWS::IoT::ThingGroup" }, { "$ref": "#/definitions/AWS::IoT::ThingPrincipalAttachment" }, { "$ref": "#/definitions/AWS::IoT::ThingType" }, { "$ref": "#/definitions/AWS::IoT::TopicRule" }, { "$ref": "#/definitions/AWS::IoT::TopicRuleDestination" }, { "$ref": "#/definitions/AWS::IoTAnalytics::Channel" }, { "$ref": "#/definitions/AWS::IoTAnalytics::Dataset" }, { "$ref": "#/definitions/AWS::IoTAnalytics::Datastore" }, { "$ref": "#/definitions/AWS::IoTAnalytics::Pipeline" }, { "$ref": "#/definitions/AWS::IoTCoreDeviceAdvisor::SuiteDefinition" }, { "$ref": "#/definitions/AWS::IoTEvents::AlarmModel" }, { "$ref": "#/definitions/AWS::IoTEvents::DetectorModel" }, { "$ref": "#/definitions/AWS::IoTEvents::Input" }, { "$ref": "#/definitions/AWS::IoTFleetHub::Application" }, { "$ref": "#/definitions/AWS::IoTFleetWise::Campaign" }, { "$ref": "#/definitions/AWS::IoTFleetWise::DecoderManifest" }, { "$ref": "#/definitions/AWS::IoTFleetWise::Fleet" }, { "$ref": "#/definitions/AWS::IoTFleetWise::ModelManifest" }, { "$ref": "#/definitions/AWS::IoTFleetWise::SignalCatalog" }, { "$ref": "#/definitions/AWS::IoTFleetWise::Vehicle" }, { "$ref": "#/definitions/AWS::IoTSiteWise::AccessPolicy" }, { "$ref": "#/definitions/AWS::IoTSiteWise::Asset" }, { "$ref": "#/definitions/AWS::IoTSiteWise::AssetModel" }, { "$ref": "#/definitions/AWS::IoTSiteWise::Dashboard" }, { "$ref": "#/definitions/AWS::IoTSiteWise::Gateway" }, { "$ref": "#/definitions/AWS::IoTSiteWise::Portal" }, { "$ref": "#/definitions/AWS::IoTSiteWise::Project" }, { "$ref": "#/definitions/AWS::IoTThingsGraph::FlowTemplate" }, { "$ref": "#/definitions/AWS::IoTTwinMaker::ComponentType" }, { "$ref": "#/definitions/AWS::IoTTwinMaker::Entity" }, { "$ref": "#/definitions/AWS::IoTTwinMaker::Scene" }, { "$ref": "#/definitions/AWS::IoTTwinMaker::SyncJob" }, { "$ref": "#/definitions/AWS::IoTTwinMaker::Workspace" }, { "$ref": "#/definitions/AWS::IoTWireless::Destination" }, { "$ref": "#/definitions/AWS::IoTWireless::DeviceProfile" }, { "$ref": "#/definitions/AWS::IoTWireless::FuotaTask" }, { "$ref": "#/definitions/AWS::IoTWireless::MulticastGroup" }, { "$ref": "#/definitions/AWS::IoTWireless::NetworkAnalyzerConfiguration" }, { "$ref": "#/definitions/AWS::IoTWireless::PartnerAccount" }, { "$ref": "#/definitions/AWS::IoTWireless::ServiceProfile" }, { "$ref": "#/definitions/AWS::IoTWireless::TaskDefinition" }, { "$ref": "#/definitions/AWS::IoTWireless::WirelessDevice" }, { "$ref": "#/definitions/AWS::IoTWireless::WirelessDeviceImportTask" }, { "$ref": "#/definitions/AWS::IoTWireless::WirelessGateway" }, { "$ref": "#/definitions/AWS::KMS::Alias" }, { "$ref": "#/definitions/AWS::KMS::Key" }, { "$ref": "#/definitions/AWS::KMS::ReplicaKey" }, { "$ref": "#/definitions/AWS::KafkaConnect::Connector" }, { "$ref": "#/definitions/AWS::KafkaConnect::CustomPlugin" }, { "$ref": "#/definitions/AWS::KafkaConnect::WorkerConfiguration" }, { "$ref": "#/definitions/AWS::Kendra::DataSource" }, { "$ref": "#/definitions/AWS::Kendra::Faq" }, { "$ref": "#/definitions/AWS::Kendra::Index" }, { "$ref": "#/definitions/AWS::KendraRanking::ExecutionPlan" }, { "$ref": "#/definitions/AWS::Kinesis::Stream" }, { "$ref": "#/definitions/AWS::Kinesis::StreamConsumer" }, { "$ref": "#/definitions/AWS::KinesisAnalytics::Application" }, { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationOutput" }, { "$ref": "#/definitions/AWS::KinesisAnalytics::ApplicationReferenceDataSource" }, { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::Application" }, { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationCloudWatchLoggingOption" }, { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationOutput" }, { "$ref": "#/definitions/AWS::KinesisAnalyticsV2::ApplicationReferenceDataSource" }, { "$ref": "#/definitions/AWS::KinesisFirehose::DeliveryStream" }, { "$ref": "#/definitions/AWS::KinesisVideo::SignalingChannel" }, { "$ref": "#/definitions/AWS::KinesisVideo::Stream" }, { "$ref": "#/definitions/AWS::LakeFormation::DataCellsFilter" }, { "$ref": "#/definitions/AWS::LakeFormation::DataLakeSettings" }, { "$ref": "#/definitions/AWS::LakeFormation::Permissions" }, { "$ref": "#/definitions/AWS::LakeFormation::PrincipalPermissions" }, { "$ref": "#/definitions/AWS::LakeFormation::Resource" }, { "$ref": "#/definitions/AWS::LakeFormation::Tag" }, { "$ref": "#/definitions/AWS::LakeFormation::TagAssociation" }, { "$ref": "#/definitions/AWS::Lambda::Alias" }, { "$ref": "#/definitions/AWS::Lambda::CodeSigningConfig" }, { "$ref": "#/definitions/AWS::Lambda::EventInvokeConfig" }, { "$ref": "#/definitions/AWS::Lambda::EventSourceMapping" }, { "$ref": "#/definitions/AWS::Lambda::Function" }, { "$ref": "#/definitions/AWS::Lambda::LayerVersion" }, { "$ref": "#/definitions/AWS::Lambda::LayerVersionPermission" }, { "$ref": "#/definitions/AWS::Lambda::Permission" }, { "$ref": "#/definitions/AWS::Lambda::Url" }, { "$ref": "#/definitions/AWS::Lambda::Version" }, { "$ref": "#/definitions/AWS::Lex::Bot" }, { "$ref": "#/definitions/AWS::Lex::BotAlias" }, { "$ref": "#/definitions/AWS::Lex::BotVersion" }, { "$ref": "#/definitions/AWS::Lex::ResourcePolicy" }, { "$ref": "#/definitions/AWS::LicenseManager::Grant" }, { "$ref": "#/definitions/AWS::LicenseManager::License" }, { "$ref": "#/definitions/AWS::Lightsail::Alarm" }, { "$ref": "#/definitions/AWS::Lightsail::Bucket" }, { "$ref": "#/definitions/AWS::Lightsail::Certificate" }, { "$ref": "#/definitions/AWS::Lightsail::Container" }, { "$ref": "#/definitions/AWS::Lightsail::Database" }, { "$ref": "#/definitions/AWS::Lightsail::Disk" }, { "$ref": "#/definitions/AWS::Lightsail::Distribution" }, { "$ref": "#/definitions/AWS::Lightsail::Instance" }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancer" }, { "$ref": "#/definitions/AWS::Lightsail::LoadBalancerTlsCertificate" }, { "$ref": "#/definitions/AWS::Lightsail::StaticIp" }, { "$ref": "#/definitions/AWS::Location::APIKey" }, { "$ref": "#/definitions/AWS::Location::GeofenceCollection" }, { "$ref": "#/definitions/AWS::Location::Map" }, { "$ref": "#/definitions/AWS::Location::PlaceIndex" }, { "$ref": "#/definitions/AWS::Location::RouteCalculator" }, { "$ref": "#/definitions/AWS::Location::Tracker" }, { "$ref": "#/definitions/AWS::Location::TrackerConsumer" }, { "$ref": "#/definitions/AWS::Logs::AccountPolicy" }, { "$ref": "#/definitions/AWS::Logs::Delivery" }, { "$ref": "#/definitions/AWS::Logs::DeliveryDestination" }, { "$ref": "#/definitions/AWS::Logs::DeliverySource" }, { "$ref": "#/definitions/AWS::Logs::Destination" }, { "$ref": "#/definitions/AWS::Logs::LogAnomalyDetector" }, { "$ref": "#/definitions/AWS::Logs::LogGroup" }, { "$ref": "#/definitions/AWS::Logs::LogStream" }, { "$ref": "#/definitions/AWS::Logs::MetricFilter" }, { "$ref": "#/definitions/AWS::Logs::QueryDefinition" }, { "$ref": "#/definitions/AWS::Logs::ResourcePolicy" }, { "$ref": "#/definitions/AWS::Logs::SubscriptionFilter" }, { "$ref": "#/definitions/AWS::LookoutEquipment::InferenceScheduler" }, { "$ref": "#/definitions/AWS::LookoutMetrics::Alert" }, { "$ref": "#/definitions/AWS::LookoutMetrics::AnomalyDetector" }, { "$ref": "#/definitions/AWS::LookoutVision::Project" }, { "$ref": "#/definitions/AWS::M2::Application" }, { "$ref": "#/definitions/AWS::M2::Environment" }, { "$ref": "#/definitions/AWS::MSK::BatchScramSecret" }, { "$ref": "#/definitions/AWS::MSK::Cluster" }, { "$ref": "#/definitions/AWS::MSK::ClusterPolicy" }, { "$ref": "#/definitions/AWS::MSK::Configuration" }, { "$ref": "#/definitions/AWS::MSK::Replicator" }, { "$ref": "#/definitions/AWS::MSK::ServerlessCluster" }, { "$ref": "#/definitions/AWS::MSK::VpcConnection" }, { "$ref": "#/definitions/AWS::MWAA::Environment" }, { "$ref": "#/definitions/AWS::Macie::AllowList" }, { "$ref": "#/definitions/AWS::Macie::CustomDataIdentifier" }, { "$ref": "#/definitions/AWS::Macie::FindingsFilter" }, { "$ref": "#/definitions/AWS::Macie::Session" }, { "$ref": "#/definitions/AWS::ManagedBlockchain::Accessor" }, { "$ref": "#/definitions/AWS::ManagedBlockchain::Member" }, { "$ref": "#/definitions/AWS::ManagedBlockchain::Node" }, { "$ref": "#/definitions/AWS::MediaConnect::Bridge" }, { "$ref": "#/definitions/AWS::MediaConnect::BridgeOutput" }, { "$ref": "#/definitions/AWS::MediaConnect::BridgeSource" }, { "$ref": "#/definitions/AWS::MediaConnect::Flow" }, { "$ref": "#/definitions/AWS::MediaConnect::FlowEntitlement" }, { "$ref": "#/definitions/AWS::MediaConnect::FlowOutput" }, { "$ref": "#/definitions/AWS::MediaConnect::FlowSource" }, { "$ref": "#/definitions/AWS::MediaConnect::FlowVpcInterface" }, { "$ref": "#/definitions/AWS::MediaConnect::Gateway" }, { "$ref": "#/definitions/AWS::MediaConvert::JobTemplate" }, { "$ref": "#/definitions/AWS::MediaConvert::Preset" }, { "$ref": "#/definitions/AWS::MediaConvert::Queue" }, { "$ref": "#/definitions/AWS::MediaLive::Channel" }, { "$ref": "#/definitions/AWS::MediaLive::Input" }, { "$ref": "#/definitions/AWS::MediaLive::InputSecurityGroup" }, { "$ref": "#/definitions/AWS::MediaLive::Multiplex" }, { "$ref": "#/definitions/AWS::MediaLive::Multiplexprogram" }, { "$ref": "#/definitions/AWS::MediaPackage::Asset" }, { "$ref": "#/definitions/AWS::MediaPackage::Channel" }, { "$ref": "#/definitions/AWS::MediaPackage::OriginEndpoint" }, { "$ref": "#/definitions/AWS::MediaPackage::PackagingConfiguration" }, { "$ref": "#/definitions/AWS::MediaPackage::PackagingGroup" }, { "$ref": "#/definitions/AWS::MediaPackageV2::Channel" }, { "$ref": "#/definitions/AWS::MediaPackageV2::ChannelGroup" }, { "$ref": "#/definitions/AWS::MediaPackageV2::ChannelPolicy" }, { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpoint" }, { "$ref": "#/definitions/AWS::MediaPackageV2::OriginEndpointPolicy" }, { "$ref": "#/definitions/AWS::MediaStore::Container" }, { "$ref": "#/definitions/AWS::MediaTailor::Channel" }, { "$ref": "#/definitions/AWS::MediaTailor::ChannelPolicy" }, { "$ref": "#/definitions/AWS::MediaTailor::LiveSource" }, { "$ref": "#/definitions/AWS::MediaTailor::PlaybackConfiguration" }, { "$ref": "#/definitions/AWS::MediaTailor::SourceLocation" }, { "$ref": "#/definitions/AWS::MediaTailor::VodSource" }, { "$ref": "#/definitions/AWS::MemoryDB::ACL" }, { "$ref": "#/definitions/AWS::MemoryDB::Cluster" }, { "$ref": "#/definitions/AWS::MemoryDB::ParameterGroup" }, { "$ref": "#/definitions/AWS::MemoryDB::SubnetGroup" }, { "$ref": "#/definitions/AWS::MemoryDB::User" }, { "$ref": "#/definitions/AWS::Neptune::DBCluster" }, { "$ref": "#/definitions/AWS::Neptune::DBClusterParameterGroup" }, { "$ref": "#/definitions/AWS::Neptune::DBInstance" }, { "$ref": "#/definitions/AWS::Neptune::DBParameterGroup" }, { "$ref": "#/definitions/AWS::Neptune::DBSubnetGroup" }, { "$ref": "#/definitions/AWS::NeptuneGraph::Graph" }, { "$ref": "#/definitions/AWS::NeptuneGraph::PrivateGraphEndpoint" }, { "$ref": "#/definitions/AWS::NetworkFirewall::Firewall" }, { "$ref": "#/definitions/AWS::NetworkFirewall::FirewallPolicy" }, { "$ref": "#/definitions/AWS::NetworkFirewall::LoggingConfiguration" }, { "$ref": "#/definitions/AWS::NetworkFirewall::RuleGroup" }, { "$ref": "#/definitions/AWS::NetworkFirewall::TLSInspectionConfiguration" }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectAttachment" }, { "$ref": "#/definitions/AWS::NetworkManager::ConnectPeer" }, { "$ref": "#/definitions/AWS::NetworkManager::CoreNetwork" }, { "$ref": "#/definitions/AWS::NetworkManager::CustomerGatewayAssociation" }, { "$ref": "#/definitions/AWS::NetworkManager::Device" }, { "$ref": "#/definitions/AWS::NetworkManager::GlobalNetwork" }, { "$ref": "#/definitions/AWS::NetworkManager::Link" }, { "$ref": "#/definitions/AWS::NetworkManager::LinkAssociation" }, { "$ref": "#/definitions/AWS::NetworkManager::Site" }, { "$ref": "#/definitions/AWS::NetworkManager::SiteToSiteVpnAttachment" }, { "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayPeering" }, { "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRegistration" }, { "$ref": "#/definitions/AWS::NetworkManager::TransitGatewayRouteTableAttachment" }, { "$ref": "#/definitions/AWS::NetworkManager::VpcAttachment" }, { "$ref": "#/definitions/AWS::NimbleStudio::LaunchProfile" }, { "$ref": "#/definitions/AWS::NimbleStudio::StreamingImage" }, { "$ref": "#/definitions/AWS::NimbleStudio::Studio" }, { "$ref": "#/definitions/AWS::NimbleStudio::StudioComponent" }, { "$ref": "#/definitions/AWS::OSIS::Pipeline" }, { "$ref": "#/definitions/AWS::Oam::Link" }, { "$ref": "#/definitions/AWS::Oam::Sink" }, { "$ref": "#/definitions/AWS::Omics::AnnotationStore" }, { "$ref": "#/definitions/AWS::Omics::ReferenceStore" }, { "$ref": "#/definitions/AWS::Omics::RunGroup" }, { "$ref": "#/definitions/AWS::Omics::SequenceStore" }, { "$ref": "#/definitions/AWS::Omics::VariantStore" }, { "$ref": "#/definitions/AWS::Omics::Workflow" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::AccessPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::Collection" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::LifecyclePolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityConfig" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::SecurityPolicy" }, { "$ref": "#/definitions/AWS::OpenSearchServerless::VpcEndpoint" }, { "$ref": "#/definitions/AWS::OpenSearchService::Domain" }, { "$ref": "#/definitions/AWS::OpsWorks::App" }, { "$ref": "#/definitions/AWS::OpsWorks::ElasticLoadBalancerAttachment" }, { "$ref": "#/definitions/AWS::OpsWorks::Instance" }, { "$ref": "#/definitions/AWS::OpsWorks::Layer" }, { "$ref": "#/definitions/AWS::OpsWorks::Stack" }, { "$ref": "#/definitions/AWS::OpsWorks::UserProfile" }, { "$ref": "#/definitions/AWS::OpsWorks::Volume" }, { "$ref": "#/definitions/AWS::OpsWorksCM::Server" }, { "$ref": "#/definitions/AWS::Organizations::Account" }, { "$ref": "#/definitions/AWS::Organizations::Organization" }, { "$ref": "#/definitions/AWS::Organizations::OrganizationalUnit" }, { "$ref": "#/definitions/AWS::Organizations::Policy" }, { "$ref": "#/definitions/AWS::Organizations::ResourcePolicy" }, { "$ref": "#/definitions/AWS::PCAConnectorAD::Connector" }, { "$ref": "#/definitions/AWS::PCAConnectorAD::DirectoryRegistration" }, { "$ref": "#/definitions/AWS::PCAConnectorAD::ServicePrincipalName" }, { "$ref": "#/definitions/AWS::PCAConnectorAD::Template" }, { "$ref": "#/definitions/AWS::PCAConnectorAD::TemplateGroupAccessControlEntry" }, { "$ref": "#/definitions/AWS::Panorama::ApplicationInstance" }, { "$ref": "#/definitions/AWS::Panorama::Package" }, { "$ref": "#/definitions/AWS::Panorama::PackageVersion" }, { "$ref": "#/definitions/AWS::PaymentCryptography::Alias" }, { "$ref": "#/definitions/AWS::PaymentCryptography::Key" }, { "$ref": "#/definitions/AWS::Personalize::Dataset" }, { "$ref": "#/definitions/AWS::Personalize::DatasetGroup" }, { "$ref": "#/definitions/AWS::Personalize::Schema" }, { "$ref": "#/definitions/AWS::Personalize::Solution" }, { "$ref": "#/definitions/AWS::Pinpoint::ADMChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::APNSChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::APNSSandboxChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::APNSVoipChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::APNSVoipSandboxChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::App" }, { "$ref": "#/definitions/AWS::Pinpoint::ApplicationSettings" }, { "$ref": "#/definitions/AWS::Pinpoint::BaiduChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::Campaign" }, { "$ref": "#/definitions/AWS::Pinpoint::EmailChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::EmailTemplate" }, { "$ref": "#/definitions/AWS::Pinpoint::EventStream" }, { "$ref": "#/definitions/AWS::Pinpoint::GCMChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::InAppTemplate" }, { "$ref": "#/definitions/AWS::Pinpoint::PushTemplate" }, { "$ref": "#/definitions/AWS::Pinpoint::SMSChannel" }, { "$ref": "#/definitions/AWS::Pinpoint::Segment" }, { "$ref": "#/definitions/AWS::Pinpoint::SmsTemplate" }, { "$ref": "#/definitions/AWS::Pinpoint::VoiceChannel" }, { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSet" }, { "$ref": "#/definitions/AWS::PinpointEmail::ConfigurationSetEventDestination" }, { "$ref": "#/definitions/AWS::PinpointEmail::DedicatedIpPool" }, { "$ref": "#/definitions/AWS::PinpointEmail::Identity" }, { "$ref": "#/definitions/AWS::Pipes::Pipe" }, { "$ref": "#/definitions/AWS::Proton::EnvironmentAccountConnection" }, { "$ref": "#/definitions/AWS::Proton::EnvironmentTemplate" }, { "$ref": "#/definitions/AWS::Proton::ServiceTemplate" }, { "$ref": "#/definitions/AWS::QLDB::Ledger" }, { "$ref": "#/definitions/AWS::QLDB::Stream" }, { "$ref": "#/definitions/AWS::QuickSight::Analysis" }, { "$ref": "#/definitions/AWS::QuickSight::Dashboard" }, { "$ref": "#/definitions/AWS::QuickSight::DataSet" }, { "$ref": "#/definitions/AWS::QuickSight::DataSource" }, { "$ref": "#/definitions/AWS::QuickSight::RefreshSchedule" }, { "$ref": "#/definitions/AWS::QuickSight::Template" }, { "$ref": "#/definitions/AWS::QuickSight::Theme" }, { "$ref": "#/definitions/AWS::QuickSight::Topic" }, { "$ref": "#/definitions/AWS::QuickSight::VPCConnection" }, { "$ref": "#/definitions/AWS::RAM::Permission" }, { "$ref": "#/definitions/AWS::RAM::ResourceShare" }, { "$ref": "#/definitions/AWS::RDS::CustomDBEngineVersion" }, { "$ref": "#/definitions/AWS::RDS::DBCluster" }, { "$ref": "#/definitions/AWS::RDS::DBClusterParameterGroup" }, { "$ref": "#/definitions/AWS::RDS::DBInstance" }, { "$ref": "#/definitions/AWS::RDS::DBParameterGroup" }, { "$ref": "#/definitions/AWS::RDS::DBProxy" }, { "$ref": "#/definitions/AWS::RDS::DBProxyEndpoint" }, { "$ref": "#/definitions/AWS::RDS::DBProxyTargetGroup" }, { "$ref": "#/definitions/AWS::RDS::DBSecurityGroup" }, { "$ref": "#/definitions/AWS::RDS::DBSecurityGroupIngress" }, { "$ref": "#/definitions/AWS::RDS::DBSubnetGroup" }, { "$ref": "#/definitions/AWS::RDS::EventSubscription" }, { "$ref": "#/definitions/AWS::RDS::GlobalCluster" }, { "$ref": "#/definitions/AWS::RDS::Integration" }, { "$ref": "#/definitions/AWS::RDS::OptionGroup" }, { "$ref": "#/definitions/AWS::RUM::AppMonitor" }, { "$ref": "#/definitions/AWS::Redshift::Cluster" }, { "$ref": "#/definitions/AWS::Redshift::ClusterParameterGroup" }, { "$ref": "#/definitions/AWS::Redshift::ClusterSecurityGroup" }, { "$ref": "#/definitions/AWS::Redshift::ClusterSecurityGroupIngress" }, { "$ref": "#/definitions/AWS::Redshift::ClusterSubnetGroup" }, { "$ref": "#/definitions/AWS::Redshift::EndpointAccess" }, { "$ref": "#/definitions/AWS::Redshift::EndpointAuthorization" }, { "$ref": "#/definitions/AWS::Redshift::EventSubscription" }, { "$ref": "#/definitions/AWS::Redshift::ScheduledAction" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Namespace" }, { "$ref": "#/definitions/AWS::RedshiftServerless::Workgroup" }, { "$ref": "#/definitions/AWS::RefactorSpaces::Application" }, { "$ref": "#/definitions/AWS::RefactorSpaces::Environment" }, { "$ref": "#/definitions/AWS::RefactorSpaces::Route" }, { "$ref": "#/definitions/AWS::RefactorSpaces::Service" }, { "$ref": "#/definitions/AWS::Rekognition::Collection" }, { "$ref": "#/definitions/AWS::Rekognition::Project" }, { "$ref": "#/definitions/AWS::Rekognition::StreamProcessor" }, { "$ref": "#/definitions/AWS::ResilienceHub::App" }, { "$ref": "#/definitions/AWS::ResilienceHub::ResiliencyPolicy" }, { "$ref": "#/definitions/AWS::ResourceExplorer2::DefaultViewAssociation" }, { "$ref": "#/definitions/AWS::ResourceExplorer2::Index" }, { "$ref": "#/definitions/AWS::ResourceExplorer2::View" }, { "$ref": "#/definitions/AWS::ResourceGroups::Group" }, { "$ref": "#/definitions/AWS::RoboMaker::Fleet" }, { "$ref": "#/definitions/AWS::RoboMaker::Robot" }, { "$ref": "#/definitions/AWS::RoboMaker::RobotApplication" }, { "$ref": "#/definitions/AWS::RoboMaker::RobotApplicationVersion" }, { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplication" }, { "$ref": "#/definitions/AWS::RoboMaker::SimulationApplicationVersion" }, { "$ref": "#/definitions/AWS::RolesAnywhere::CRL" }, { "$ref": "#/definitions/AWS::RolesAnywhere::Profile" }, { "$ref": "#/definitions/AWS::RolesAnywhere::TrustAnchor" }, { "$ref": "#/definitions/AWS::Route53::CidrCollection" }, { "$ref": "#/definitions/AWS::Route53::DNSSEC" }, { "$ref": "#/definitions/AWS::Route53::HealthCheck" }, { "$ref": "#/definitions/AWS::Route53::HostedZone" }, { "$ref": "#/definitions/AWS::Route53::KeySigningKey" }, { "$ref": "#/definitions/AWS::Route53::RecordSet" }, { "$ref": "#/definitions/AWS::Route53::RecordSetGroup" }, { "$ref": "#/definitions/AWS::Route53Profiles::Profile" }, { "$ref": "#/definitions/AWS::Route53Profiles::ProfileAssociation" }, { "$ref": "#/definitions/AWS::Route53Profiles::ProfileResourceAssociation" }, { "$ref": "#/definitions/AWS::Route53RecoveryControl::Cluster" }, { "$ref": "#/definitions/AWS::Route53RecoveryControl::ControlPanel" }, { "$ref": "#/definitions/AWS::Route53RecoveryControl::RoutingControl" }, { "$ref": "#/definitions/AWS::Route53RecoveryControl::SafetyRule" }, { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::Cell" }, { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ReadinessCheck" }, { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::RecoveryGroup" }, { "$ref": "#/definitions/AWS::Route53RecoveryReadiness::ResourceSet" }, { "$ref": "#/definitions/AWS::Route53Resolver::FirewallDomainList" }, { "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroup" }, { "$ref": "#/definitions/AWS::Route53Resolver::FirewallRuleGroupAssociation" }, { "$ref": "#/definitions/AWS::Route53Resolver::OutpostResolver" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverConfig" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverDNSSECConfig" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverEndpoint" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverQueryLoggingConfig" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverRule" }, { "$ref": "#/definitions/AWS::Route53Resolver::ResolverRuleAssociation" }, { "$ref": "#/definitions/AWS::S3::AccessGrant" }, { "$ref": "#/definitions/AWS::S3::AccessGrantsInstance" }, { "$ref": "#/definitions/AWS::S3::AccessGrantsLocation" }, { "$ref": "#/definitions/AWS::S3::AccessPoint" }, { "$ref": "#/definitions/AWS::S3::Bucket" }, { "$ref": "#/definitions/AWS::S3::BucketPolicy" }, { "$ref": "#/definitions/AWS::S3::MultiRegionAccessPoint" }, { "$ref": "#/definitions/AWS::S3::MultiRegionAccessPointPolicy" }, { "$ref": "#/definitions/AWS::S3::StorageLens" }, { "$ref": "#/definitions/AWS::S3::StorageLensGroup" }, { "$ref": "#/definitions/AWS::S3Express::BucketPolicy" }, { "$ref": "#/definitions/AWS::S3Express::DirectoryBucket" }, { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPoint" }, { "$ref": "#/definitions/AWS::S3ObjectLambda::AccessPointPolicy" }, { "$ref": "#/definitions/AWS::S3Outposts::AccessPoint" }, { "$ref": "#/definitions/AWS::S3Outposts::Bucket" }, { "$ref": "#/definitions/AWS::S3Outposts::BucketPolicy" }, { "$ref": "#/definitions/AWS::S3Outposts::Endpoint" }, { "$ref": "#/definitions/AWS::SDB::Domain" }, { "$ref": "#/definitions/AWS::SES::ConfigurationSet" }, { "$ref": "#/definitions/AWS::SES::ConfigurationSetEventDestination" }, { "$ref": "#/definitions/AWS::SES::ContactList" }, { "$ref": "#/definitions/AWS::SES::DedicatedIpPool" }, { "$ref": "#/definitions/AWS::SES::EmailIdentity" }, { "$ref": "#/definitions/AWS::SES::ReceiptFilter" }, { "$ref": "#/definitions/AWS::SES::ReceiptRule" }, { "$ref": "#/definitions/AWS::SES::ReceiptRuleSet" }, { "$ref": "#/definitions/AWS::SES::Template" }, { "$ref": "#/definitions/AWS::SES::VdmAttributes" }, { "$ref": "#/definitions/AWS::SNS::Subscription" }, { "$ref": "#/definitions/AWS::SNS::Topic" }, { "$ref": "#/definitions/AWS::SNS::TopicInlinePolicy" }, { "$ref": "#/definitions/AWS::SNS::TopicPolicy" }, { "$ref": "#/definitions/AWS::SQS::Queue" }, { "$ref": "#/definitions/AWS::SQS::QueueInlinePolicy" }, { "$ref": "#/definitions/AWS::SQS::QueuePolicy" }, { "$ref": "#/definitions/AWS::SSM::Association" }, { "$ref": "#/definitions/AWS::SSM::Document" }, { "$ref": "#/definitions/AWS::SSM::MaintenanceWindow" }, { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTarget" }, { "$ref": "#/definitions/AWS::SSM::MaintenanceWindowTask" }, { "$ref": "#/definitions/AWS::SSM::Parameter" }, { "$ref": "#/definitions/AWS::SSM::PatchBaseline" }, { "$ref": "#/definitions/AWS::SSM::ResourceDataSync" }, { "$ref": "#/definitions/AWS::SSM::ResourcePolicy" }, { "$ref": "#/definitions/AWS::SSMContacts::Contact" }, { "$ref": "#/definitions/AWS::SSMContacts::ContactChannel" }, { "$ref": "#/definitions/AWS::SSMContacts::Plan" }, { "$ref": "#/definitions/AWS::SSMContacts::Rotation" }, { "$ref": "#/definitions/AWS::SSMIncidents::ReplicationSet" }, { "$ref": "#/definitions/AWS::SSMIncidents::ResponsePlan" }, { "$ref": "#/definitions/AWS::SSO::Assignment" }, { "$ref": "#/definitions/AWS::SSO::InstanceAccessControlAttributeConfiguration" }, { "$ref": "#/definitions/AWS::SSO::PermissionSet" }, { "$ref": "#/definitions/AWS::SageMaker::App" }, { "$ref": "#/definitions/AWS::SageMaker::AppImageConfig" }, { "$ref": "#/definitions/AWS::SageMaker::CodeRepository" }, { "$ref": "#/definitions/AWS::SageMaker::DataQualityJobDefinition" }, { "$ref": "#/definitions/AWS::SageMaker::Device" }, { "$ref": "#/definitions/AWS::SageMaker::DeviceFleet" }, { "$ref": "#/definitions/AWS::SageMaker::Domain" }, { "$ref": "#/definitions/AWS::SageMaker::Endpoint" }, { "$ref": "#/definitions/AWS::SageMaker::EndpointConfig" }, { "$ref": "#/definitions/AWS::SageMaker::FeatureGroup" }, { "$ref": "#/definitions/AWS::SageMaker::Image" }, { "$ref": "#/definitions/AWS::SageMaker::ImageVersion" }, { "$ref": "#/definitions/AWS::SageMaker::InferenceComponent" }, { "$ref": "#/definitions/AWS::SageMaker::InferenceExperiment" }, { "$ref": "#/definitions/AWS::SageMaker::Model" }, { "$ref": "#/definitions/AWS::SageMaker::ModelBiasJobDefinition" }, { "$ref": "#/definitions/AWS::SageMaker::ModelCard" }, { "$ref": "#/definitions/AWS::SageMaker::ModelExplainabilityJobDefinition" }, { "$ref": "#/definitions/AWS::SageMaker::ModelPackage" }, { "$ref": "#/definitions/AWS::SageMaker::ModelPackageGroup" }, { "$ref": "#/definitions/AWS::SageMaker::ModelQualityJobDefinition" }, { "$ref": "#/definitions/AWS::SageMaker::MonitoringSchedule" }, { "$ref": "#/definitions/AWS::SageMaker::NotebookInstance" }, { "$ref": "#/definitions/AWS::SageMaker::NotebookInstanceLifecycleConfig" }, { "$ref": "#/definitions/AWS::SageMaker::Pipeline" }, { "$ref": "#/definitions/AWS::SageMaker::Project" }, { "$ref": "#/definitions/AWS::SageMaker::Space" }, { "$ref": "#/definitions/AWS::SageMaker::UserProfile" }, { "$ref": "#/definitions/AWS::SageMaker::Workteam" }, { "$ref": "#/definitions/AWS::Scheduler::Schedule" }, { "$ref": "#/definitions/AWS::Scheduler::ScheduleGroup" }, { "$ref": "#/definitions/AWS::SecretsManager::ResourcePolicy" }, { "$ref": "#/definitions/AWS::SecretsManager::RotationSchedule" }, { "$ref": "#/definitions/AWS::SecretsManager::Secret" }, { "$ref": "#/definitions/AWS::SecretsManager::SecretTargetAttachment" }, { "$ref": "#/definitions/AWS::SecurityHub::AutomationRule" }, { "$ref": "#/definitions/AWS::SecurityHub::DelegatedAdmin" }, { "$ref": "#/definitions/AWS::SecurityHub::Hub" }, { "$ref": "#/definitions/AWS::SecurityHub::Insight" }, { "$ref": "#/definitions/AWS::SecurityHub::ProductSubscription" }, { "$ref": "#/definitions/AWS::SecurityHub::Standard" }, { "$ref": "#/definitions/AWS::SecurityLake::AwsLogSource" }, { "$ref": "#/definitions/AWS::SecurityLake::DataLake" }, { "$ref": "#/definitions/AWS::SecurityLake::Subscriber" }, { "$ref": "#/definitions/AWS::ServiceCatalog::AcceptedPortfolioShare" }, { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProduct" }, { "$ref": "#/definitions/AWS::ServiceCatalog::CloudFormationProvisionedProduct" }, { "$ref": "#/definitions/AWS::ServiceCatalog::LaunchNotificationConstraint" }, { "$ref": "#/definitions/AWS::ServiceCatalog::LaunchRoleConstraint" }, { "$ref": "#/definitions/AWS::ServiceCatalog::LaunchTemplateConstraint" }, { "$ref": "#/definitions/AWS::ServiceCatalog::Portfolio" }, { "$ref": "#/definitions/AWS::ServiceCatalog::PortfolioPrincipalAssociation" }, { "$ref": "#/definitions/AWS::ServiceCatalog::PortfolioProductAssociation" }, { "$ref": "#/definitions/AWS::ServiceCatalog::PortfolioShare" }, { "$ref": "#/definitions/AWS::ServiceCatalog::ResourceUpdateConstraint" }, { "$ref": "#/definitions/AWS::ServiceCatalog::ServiceAction" }, { "$ref": "#/definitions/AWS::ServiceCatalog::ServiceActionAssociation" }, { "$ref": "#/definitions/AWS::ServiceCatalog::StackSetConstraint" }, { "$ref": "#/definitions/AWS::ServiceCatalog::TagOption" }, { "$ref": "#/definitions/AWS::ServiceCatalog::TagOptionAssociation" }, { "$ref": "#/definitions/AWS::ServiceCatalogAppRegistry::Application" }, { "$ref": "#/definitions/AWS::ServiceCatalogAppRegistry::AttributeGroup" }, { "$ref": "#/definitions/AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation" }, { "$ref": "#/definitions/AWS::ServiceCatalogAppRegistry::ResourceAssociation" }, { "$ref": "#/definitions/AWS::ServiceDiscovery::HttpNamespace" }, { "$ref": "#/definitions/AWS::ServiceDiscovery::Instance" }, { "$ref": "#/definitions/AWS::ServiceDiscovery::PrivateDnsNamespace" }, { "$ref": "#/definitions/AWS::ServiceDiscovery::PublicDnsNamespace" }, { "$ref": "#/definitions/AWS::ServiceDiscovery::Service" }, { "$ref": "#/definitions/AWS::Shield::DRTAccess" }, { "$ref": "#/definitions/AWS::Shield::ProactiveEngagement" }, { "$ref": "#/definitions/AWS::Shield::Protection" }, { "$ref": "#/definitions/AWS::Shield::ProtectionGroup" }, { "$ref": "#/definitions/AWS::Signer::ProfilePermission" }, { "$ref": "#/definitions/AWS::Signer::SigningProfile" }, { "$ref": "#/definitions/AWS::SimSpaceWeaver::Simulation" }, { "$ref": "#/definitions/AWS::StepFunctions::Activity" }, { "$ref": "#/definitions/AWS::StepFunctions::StateMachine" }, { "$ref": "#/definitions/AWS::StepFunctions::StateMachineAlias" }, { "$ref": "#/definitions/AWS::StepFunctions::StateMachineVersion" }, { "$ref": "#/definitions/AWS::SupportApp::AccountAlias" }, { "$ref": "#/definitions/AWS::SupportApp::SlackChannelConfiguration" }, { "$ref": "#/definitions/AWS::SupportApp::SlackWorkspaceConfiguration" }, { "$ref": "#/definitions/AWS::Synthetics::Canary" }, { "$ref": "#/definitions/AWS::Synthetics::Group" }, { "$ref": "#/definitions/AWS::SystemsManagerSAP::Application" }, { "$ref": "#/definitions/AWS::Timestream::Database" }, { "$ref": "#/definitions/AWS::Timestream::InfluxDBInstance" }, { "$ref": "#/definitions/AWS::Timestream::ScheduledQuery" }, { "$ref": "#/definitions/AWS::Timestream::Table" }, { "$ref": "#/definitions/AWS::Transfer::Agreement" }, { "$ref": "#/definitions/AWS::Transfer::Certificate" }, { "$ref": "#/definitions/AWS::Transfer::Connector" }, { "$ref": "#/definitions/AWS::Transfer::Profile" }, { "$ref": "#/definitions/AWS::Transfer::Server" }, { "$ref": "#/definitions/AWS::Transfer::User" }, { "$ref": "#/definitions/AWS::Transfer::Workflow" }, { "$ref": "#/definitions/AWS::VerifiedPermissions::IdentitySource" }, { "$ref": "#/definitions/AWS::VerifiedPermissions::Policy" }, { "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyStore" }, { "$ref": "#/definitions/AWS::VerifiedPermissions::PolicyTemplate" }, { "$ref": "#/definitions/AWS::VoiceID::Domain" }, { "$ref": "#/definitions/AWS::VpcLattice::AccessLogSubscription" }, { "$ref": "#/definitions/AWS::VpcLattice::AuthPolicy" }, { "$ref": "#/definitions/AWS::VpcLattice::Listener" }, { "$ref": "#/definitions/AWS::VpcLattice::ResourcePolicy" }, { "$ref": "#/definitions/AWS::VpcLattice::Rule" }, { "$ref": "#/definitions/AWS::VpcLattice::Service" }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetwork" }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkServiceAssociation" }, { "$ref": "#/definitions/AWS::VpcLattice::ServiceNetworkVpcAssociation" }, { "$ref": "#/definitions/AWS::VpcLattice::TargetGroup" }, { "$ref": "#/definitions/AWS::WAF::ByteMatchSet" }, { "$ref": "#/definitions/AWS::WAF::IPSet" }, { "$ref": "#/definitions/AWS::WAF::Rule" }, { "$ref": "#/definitions/AWS::WAF::SizeConstraintSet" }, { "$ref": "#/definitions/AWS::WAF::SqlInjectionMatchSet" }, { "$ref": "#/definitions/AWS::WAF::WebACL" }, { "$ref": "#/definitions/AWS::WAF::XssMatchSet" }, { "$ref": "#/definitions/AWS::WAFRegional::ByteMatchSet" }, { "$ref": "#/definitions/AWS::WAFRegional::GeoMatchSet" }, { "$ref": "#/definitions/AWS::WAFRegional::IPSet" }, { "$ref": "#/definitions/AWS::WAFRegional::RateBasedRule" }, { "$ref": "#/definitions/AWS::WAFRegional::RegexPatternSet" }, { "$ref": "#/definitions/AWS::WAFRegional::Rule" }, { "$ref": "#/definitions/AWS::WAFRegional::SizeConstraintSet" }, { "$ref": "#/definitions/AWS::WAFRegional::SqlInjectionMatchSet" }, { "$ref": "#/definitions/AWS::WAFRegional::WebACL" }, { "$ref": "#/definitions/AWS::WAFRegional::WebACLAssociation" }, { "$ref": "#/definitions/AWS::WAFRegional::XssMatchSet" }, { "$ref": "#/definitions/AWS::WAFv2::IPSet" }, { "$ref": "#/definitions/AWS::WAFv2::LoggingConfiguration" }, { "$ref": "#/definitions/AWS::WAFv2::RegexPatternSet" }, { "$ref": "#/definitions/AWS::WAFv2::RuleGroup" }, { "$ref": "#/definitions/AWS::WAFv2::WebACL" }, { "$ref": "#/definitions/AWS::WAFv2::WebACLAssociation" }, { "$ref": "#/definitions/AWS::Wisdom::Assistant" }, { "$ref": "#/definitions/AWS::Wisdom::AssistantAssociation" }, { "$ref": "#/definitions/AWS::Wisdom::KnowledgeBase" }, { "$ref": "#/definitions/AWS::WorkSpaces::ConnectionAlias" }, { "$ref": "#/definitions/AWS::WorkSpaces::Workspace" }, { "$ref": "#/definitions/AWS::WorkSpacesThinClient::Environment" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::BrowserSettings" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IdentityProvider" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::IpAccessSettings" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::NetworkSettings" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::Portal" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::TrustStore" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserAccessLoggingSettings" }, { "$ref": "#/definitions/AWS::WorkSpacesWeb::UserSettings" }, { "$ref": "#/definitions/AWS::XRay::Group" }, { "$ref": "#/definitions/AWS::XRay::ResourcePolicy" }, { "$ref": "#/definitions/AWS::XRay::SamplingRule" }, { "$ref": "#/definitions/Alexa::ASK::Skill" }, { "$ref": "#/definitions/CustomResource" } ] }, "title": "Resources", "type": "object" }, "Transform": { "oneOf": [ { "type": [ "string" ] }, { "items": { "type": "string" }, "type": "array" } ] } }, "required": [ "Resources" ], "title": "Model", "type": "object" }